New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do we need to sign APEX files during the build? #646

Open

petefoth opened this issue Jun 26, 2024 · 0 comments

Contributor

petefoth commented Jun 26, 2024 •

edited

Loading

We don't currently sign APEX files during the build. I don't know

What the implications are of not signing them
Whether we need to add code to
a. generate the apk-specific keys
b. sign the APEXes during the build

Background

APEX files are used in OTA updates ¹
LOS Wiki describes how to
- generate APEX keys ²
- using the keys when generating and signing target files ³. Some of the apks are signed using the release key, some use the newly generated apk-specific keys
The /e/OS Docker image
- does not generate apk-specific keys when generating signing keys ⁴
- signs each apk with the apk-specific key if the key files exist ⁵ before calling ota_from_target_files

The text was updated successfully, but these errors were encountered:

petefoth changed the title ~~We need to do more when signing builds~~ Do we need to sign APEX files

petefoth changed the title ~~Do we need to sign APEX files~~ Do we need to sign APEX files during the build?

petefoth mentioned this issue

[Feature Request] Signing Key size configurable by ENV #692

Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment