android-platform-tools-apksig 31.0.2-1ubuntu1 source package in Ubuntu

Changelog

android-platform-tools-apksig (31.0.2-1ubuntu1) noble; urgency=medium

  * d/p/update-failure-reason: update test assertion due to
    java.security implementation changes (LP: #2056087).

 -- Vladimir Petko <email address hidden>  Wed, 06 Mar 2024 13:43:53 +1300

Upload details

Uploaded by:
Vladimir Petko
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Noble release universe misc

Builds

Noble: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
android-platform-tools-apksig_31.0.2.orig.tar.gz 2.9 MiB 80372fe8211916a5c8fa97f08edae8bd8d11c345ff8f7ac94a682503f33d6aa6
android-platform-tools-apksig_31.0.2-1ubuntu1.debian.tar.xz 12.2 KiB 91beae9f22987aa2ba21092f9bdafdd748ff2d827d5af2ed003e4d7bffc193ad
android-platform-tools-apksig_31.0.2-1ubuntu1.dsc 2.3 KiB 3f7db4926369053cb8c753056d41f71f8049a5cdddcb31b1a69ee74c283162b6

View changes file

Binary packages built by this source

apksigner: command line tool to sign and verify Android APKs

 apksig is a project which aims to simplify APK signing and checking
 whether APK's signatures should verify on Android. apksig supports
 JAR signing (used by Android since day one) and APK Signature Scheme
 v2 (supported since Android Nougat, API Level 24).
 .
 The key feature of apksig is that it knows about differences in APK
 signature verification logic between different versions of the
 Android platform. apksig can thus check whether a signed APK is
 expected to verify on all Android platform versions supported by the
 APK. When signing an APK, apksig will choose the most appropriate
 cryptographic algorithms based on the Android platform versions
 supported by the APK being signed.
 .
 apksigner command-line tool offers two operations:
 .
  * sign the provided APK so that it verifies on all Android platforms
 supported by the APK. Run apksigner sign for usage information.
 .
  * check whether the provided APK's signatures are expected to verify
 on all Android platforms supported by the APK. Run apksigner verify
 for usage information.
 .
 The tool determines the range of Android platform versions (API
 Levels) supported by the APK by inspecting the APK's
 AndroidManifest.xml. This behavior can be overridden by specifying
 the range of platform versions on the command-line.

libapksig-java: library to sign and verify Android APKs

 apksig is a project which aims to simplify APK signing and checking
 whether APK's signatures should verify on Android. apksig supports
 JAR signing (used by Android since day one) and APK Signature Scheme
 v2 (supported since Android Nougat, API Level 24).
 .
 The key feature of apksig is that it knows about differences in APK
 signature verification logic between different versions of the
 Android platform. apksig can thus check whether a signed APK is
 expected to verify on all Android platform versions supported by the
 APK. When signing an APK, apksig will choose the most appropriate
 cryptographic algorithms based on the Android platform versions
 supported by the APK being signed.
 .
 apksig library offers three primitives:
 .
  * ApkSigner which signs the provided APK so that it verifies on all
 Android platform versions supported by the APK. The range of platform
 versions can be customized if necessary.
 .
  * ApkVerifier which checks whether the provided APK is expected to
 verify on all Android platform versions supported by the APK. The
 range of platform versions can be customized if necessary.
 .
  * (Default)ApkSignerEngine which abstracts away signing an APK from
 parsing and building an APK file. This is useful in optimized APK
 building pipelines, such as in Android Plugin for Gradle, which need
 to perform signing while building an APK, instead of after. For
 simpler use cases where the APK to be signed is available upfront,
 the ApkSigner above is easier to use.
 .
 NOTE: Some public classes of the library are in packages having the
 word “internal” in their name. These are not public API of the
 library. Do not use *.internal.* classes directly.