titanium-sdk icon indicating copy to clipboard operation
titanium-sdk copied to clipboard

Published 20 hours ago • verified publisher icon tidev

feat(android): enable Signature Scheme v3

Open m1ga opened this issue 8 months ago • 5 comments

https://source.android.com/docs/security/features/apksigning/v3

Android 9 supports APK key rotation, which gives apps the ability to change their signing key as part of an APK update. To make rotation practical, APKs must indicate levels of trust between the new and old signing key. To support key rotation, we updated the APK signature scheme from v2 to v3 to allow the new and old keys to be used. V3 adds information about the supported SDK versions and a proof-of-rotation struct to the APK signing block.

Test

  • build a store APK
  • run [path to sdk]/build-tools/33.0.1/apksigner verify --verbose output.apk and check for Verified using v3 scheme (APK Signature Scheme v3): true

Note

I have no knowledge about the Signature Schemes and if we lose support for Android < 9 with this. It says it's the same block format as v2 so it might still work. Just putting this out there if needed and someone has more infos about it.

m1ga avatar Oct 24 '23 13:10 m1ga