Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: JAR files signed with the MD5 algorithm as unsigned (godot 3) #18627

Merged
merged 1 commit into from
May 8, 2018
Merged

Fix: JAR files signed with the MD5 algorithm as unsigned (godot 3) #18627

merged 1 commit into from
May 8, 2018

Conversation

RameshRavone
Copy link
Contributor

@RameshRavone RameshRavone commented May 5, 2018
edited by mhilbrunner
Loading

Bugsquad edit: Fixes #8758

@RameshRavone RameshRavone changed the title Fix: JAR files signed with the MD5 algorithm as unsigned Fix: JAR files signed with the MD5 algorithm as unsigned (godot 3) May 5, 2018
@mhilbrunner
Copy link
Member

Context: Starting in April (2017), if a JAR file is signed with MD5, Oracle will treat it as unsigned (https://www.infoworld.com/article/3159186/security/oracle-to-java-devs-stop-signing-jar-files-with-md5.html)

@mhilbrunner mhilbrunner added this to the 3.1 milestone May 5, 2018
@mhilbrunner
Copy link
Member

It seems SHA-1 is going to be deprecated too and this should use SHA256withRSA? (https://stackoverflow.com/questions/41878258/java-9-deprecating-sha1-certificates-or-another-issue-at-work)

@mhilbrunner mhilbrunner mentioned this pull request May 5, 2018
Merged
@reduz
Copy link
Member

reduz commented May 7, 2018

What's the status of this?

@volzhs
Copy link
Contributor

volzhs commented May 7, 2018

I can see it's updated to use SHA256 now.

@RameshRavone
Copy link
Contributor Author

Sorry, guys I been having problems with the apk installation because of a file named x2Icon.png, renamed it to Iconx2.png now everything works.

@mhilbrunner
Copy link
Member

Thank you!

@mhilbrunner mhilbrunner merged commit c32b24d into godotengine:master May 8, 2018
@aaronfranke
Copy link
Member

aaronfranke commented May 8, 2018
edited
Loading

This should probably be cherrypicked, since otherwise 3.0.x Android export would lack proper signage.

@volzhs
Copy link
Contributor

volzhs commented May 8, 2018

should it be cherrypicked on 2.1 branch also?

@vnen vnen added the cherrypick label May 8, 2018
@mhilbrunner
Copy link
Member

Yeah, this should be cherrypicked for 3.0.x

@volzhs There is #18626 for 2.1. See comment there.

@akien-mga
Copy link
Member

Cherry-picked into 3.0.3.

@akien-mga akien-mga mentioned this pull request Sep 3, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug platform:android
Projects
None yet
Milestone
3.1
Development

Successfully merging this pull request may close these issues.
7 participants
@RameshRavone @mhilbrunner @reduz @volzhs @aaronfranke @akien-mga @vnen