-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
APK signature check v1/v2 using the apksig library from Google #431
Conversation
@jpstotz looks good.
better to restructure it to:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some code improvements suggestions
The signature page is now localized as long as the text is not coming from the apksig library.
For APK files yes, for plain JAR files it makes sense to keep the certificate nodes.
Done.
JEditorPane does not have a color scheme system. Applying a font to JEditorPane does not have any effect.
Done
There is no general way to do so. I implemented it for the issue type |
@jpstotz thank you, looks great! |
@jpstotz I found a strange thing in your commit. You add google maven repository but it doesn't contain the version of apksig you used (2.3.0), and this version fetched from mavenCentral. The latest stable version from google repository is 3.3.0 (see here) and this version also work without any changes in code. |
@skylot That is typo. Originally I used a different library from the Google repo until I noticed that the signature verification functionality wasn't implemented in the library but in the apksig library which was a dependency of that library. When I changed to the apksig library I missed the fact that it is available in multiple repositories and took the wrong one. |
🎉 This PR is included in version 0.9.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Perform APK signature verification vor v1 and v2 signatures and show the result in a new tree node.
Also the errors and warnings generated by apksig library are shown in a simple HTML based view.