init: force keystore to PKCS12 format
Java 8 supports PKCS12, Java 9+ uses PKCS12 by default, which should have a .p12 file extension. `fdroid init` has always just added .jks which is the old default format. * https://docs.oracle.com/en/java/javase/12/tools/keytool.html#GUID-5990A2E4-78E3-47B7-AE75-6D1826259549__GUID-A8B9E662-C1C2-4A0E-9307-A8464F0E95D4 * https://openjdk.java.net/jeps/229
This commit is contained in:
parent
ad6985cb40
commit
8c1cf724e1
|
@ -134,7 +134,7 @@ default_config = {
|
||||||
'stats_to_carbon': False,
|
'stats_to_carbon': False,
|
||||||
'repo_maxage': 0,
|
'repo_maxage': 0,
|
||||||
'build_server_always': False,
|
'build_server_always': False,
|
||||||
'keystore': 'keystore.jks',
|
'keystore': 'keystore.p12',
|
||||||
'smartcardoptions': [],
|
'smartcardoptions': [],
|
||||||
'char_limits': {
|
'char_limits': {
|
||||||
'author': 256,
|
'author': 256,
|
||||||
|
@ -3425,6 +3425,7 @@ def genkeystore(localconfig):
|
||||||
'-keyalg', 'RSA', '-keysize', '4096',
|
'-keyalg', 'RSA', '-keysize', '4096',
|
||||||
'-sigalg', 'SHA256withRSA',
|
'-sigalg', 'SHA256withRSA',
|
||||||
'-validity', '10000',
|
'-validity', '10000',
|
||||||
|
'-storetype', 'pkcs12',
|
||||||
'-storepass:env', 'FDROID_KEY_STORE_PASS',
|
'-storepass:env', 'FDROID_KEY_STORE_PASS',
|
||||||
'-dname', localconfig['keydname'],
|
'-dname', localconfig['keydname'],
|
||||||
'-J-Duser.language=en']
|
'-J-Duser.language=en']
|
||||||
|
|
|
@ -3,10 +3,10 @@
|
||||||
#
|
#
|
||||||
# command which created the keystore used in this test case:
|
# command which created the keystore used in this test case:
|
||||||
#
|
#
|
||||||
# $ for ALIAS in 'repokey a163ec9b d2d51ff2 dc3b169e 78688a0f'; \
|
# $ for ALIAS in repokey a163ec9b d2d51ff2 dc3b169e 78688a0f; \
|
||||||
# do keytool -genkey -keystore dummy-keystore.jks \
|
# do keytool -genkey -keystore dummy-keystore.jks \
|
||||||
# -alias $ALIAS -keyalg 'RSA' -keysize '2048' \
|
# -alias $ALIAS -keyalg 'RSA' -keysize '2048' \
|
||||||
# -validity '10000' -storepass 123456 \
|
# -validity '10000' -storepass 123456 -storetype jks \
|
||||||
# -keypass 123456 -dname 'CN=test, OU=F-Droid'; done
|
# -keypass 123456 -dname 'CN=test, OU=F-Droid'; done
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
|
@ -1,15 +1,5 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
#
|
|
||||||
# command which created the keystore used in this test case:
|
|
||||||
#
|
|
||||||
# $ for ALIAS in 'repokey a163ec9b d2d51ff2 dc3b169e 78688a0f'; \
|
|
||||||
# do keytool -genkey -keystore dummy-keystore.jks \
|
|
||||||
# -alias $ALIAS -keyalg 'RSA' -keysize '2048' \
|
|
||||||
# -validity '10000' -storepass 123456 \
|
|
||||||
# -keypass 123456 -dname 'CN=test, OU=F-Droid'; done
|
|
||||||
#
|
|
||||||
|
|
||||||
import inspect
|
import inspect
|
||||||
import logging
|
import logging
|
||||||
import optparse
|
import optparse
|
||||||
|
|
|
@ -778,7 +778,7 @@ $fdroid server update --local-copy-dir=$LOCALCOPYDIR
|
||||||
# check that --android-home fails when dir does not exist or is not a dir
|
# check that --android-home fails when dir does not exist or is not a dir
|
||||||
|
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
set +e
|
set +e
|
||||||
$fdroid init --keystore $KEYSTORE --android-home /opt/fakeandroidhome
|
$fdroid init --keystore $KEYSTORE --android-home /opt/fakeandroidhome
|
||||||
|
@ -805,7 +805,7 @@ echo_header "check that fake android home passes 'fdroid init'"
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
FAKE_ANDROID_HOME=`create_test_dir`
|
FAKE_ANDROID_HOME=`create_test_dir`
|
||||||
create_fake_android_home $FAKE_ANDROID_HOME
|
create_fake_android_home $FAKE_ANDROID_HOME
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
||||||
|
|
||||||
|
@ -820,7 +820,7 @@ else
|
||||||
FAKE_ANDROID_HOME=`create_test_dir`
|
FAKE_ANDROID_HOME=`create_test_dir`
|
||||||
create_fake_android_home $FAKE_ANDROID_HOME
|
create_fake_android_home $FAKE_ANDROID_HOME
|
||||||
rm -f $FAKE_ANDROID_HOME/build-tools/*/aapt
|
rm -f $FAKE_ANDROID_HOME/build-tools/*/aapt
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
set +e
|
set +e
|
||||||
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
||||||
|
@ -835,7 +835,7 @@ echo_header "check that --android-home overrides ANDROID_HOME"
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
FAKE_ANDROID_HOME=`create_test_dir`
|
FAKE_ANDROID_HOME=`create_test_dir`
|
||||||
create_fake_android_home $FAKE_ANDROID_HOME
|
create_fake_android_home $FAKE_ANDROID_HOME
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
|
||||||
set +e
|
set +e
|
||||||
|
@ -859,7 +859,7 @@ else
|
||||||
echo_header "setup a new repo from scratch with keystore and android-home set on cmd line"
|
echo_header "setup a new repo from scratch with keystore and android-home set on cmd line"
|
||||||
|
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
FAKE_ANDROID_HOME=`create_test_dir`
|
FAKE_ANDROID_HOME=`create_test_dir`
|
||||||
create_fake_android_home $FAKE_ANDROID_HOME
|
create_fake_android_home $FAKE_ANDROID_HOME
|
||||||
STORED_ANDROID_HOME=$ANDROID_HOME
|
STORED_ANDROID_HOME=$ANDROID_HOME
|
||||||
|
@ -916,7 +916,7 @@ grep -F '<application id=' repo/index.xml > /dev/null
|
||||||
echo_header "setup a new repo from scratch and generate a keystore"
|
echo_header "setup a new repo from scratch and generate a keystore"
|
||||||
|
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
$fdroid init --keystore $KEYSTORE
|
$fdroid init --keystore $KEYSTORE
|
||||||
test -e $KEYSTORE
|
test -e $KEYSTORE
|
||||||
|
@ -935,7 +935,7 @@ grep -F '<application id=' repo/index.xml > /dev/null
|
||||||
echo_header "setup a new repo manually and generate a keystore"
|
echo_header "setup a new repo manually and generate a keystore"
|
||||||
|
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
|
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
|
||||||
! test -e $KEYSTORE
|
! test -e $KEYSTORE
|
||||||
|
@ -965,7 +965,7 @@ grep -F '<application id=' repo/index.xml > /dev/null
|
||||||
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"
|
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"
|
||||||
|
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
$fdroid init --keystore $KEYSTORE
|
$fdroid init --keystore $KEYSTORE
|
||||||
test -e $KEYSTORE
|
test -e $KEYSTORE
|
||||||
|
@ -1001,7 +1001,7 @@ test ! -e NONE
|
||||||
echo_header "setup a new repo with no keystore, add APK, and update"
|
echo_header "setup a new repo with no keystore, add APK, and update"
|
||||||
|
|
||||||
REPOROOT=`create_test_dir`
|
REPOROOT=`create_test_dir`
|
||||||
KEYSTORE=$REPOROOT/keystore.jks
|
KEYSTORE=$REPOROOT/keystore.p12
|
||||||
cd $REPOROOT
|
cd $REPOROOT
|
||||||
touch fdroid-icon.png
|
touch fdroid-icon.png
|
||||||
mkdir repo
|
mkdir repo
|
||||||
|
@ -1167,7 +1167,7 @@ echo_header "sign binary repo in offline box, then publishing from online box"
|
||||||
|
|
||||||
if have_git_2_3; then
|
if have_git_2_3; then
|
||||||
OFFLINE_ROOT=`create_test_dir`
|
OFFLINE_ROOT=`create_test_dir`
|
||||||
KEYSTORE=$WORKSPACE/tests/keystore.jks
|
KEYSTORE=$WORKSPACE/tests/keystore.p12
|
||||||
LOCAL_COPY_DIR=`create_test_dir`/fdroid
|
LOCAL_COPY_DIR=`create_test_dir`/fdroid
|
||||||
mkdir $LOCAL_COPY_DIR
|
mkdir $LOCAL_COPY_DIR
|
||||||
ONLINE_ROOT=`create_test_dir`
|
ONLINE_ROOT=`create_test_dir`
|
||||||
|
|
Loading…
Reference in New Issue