60 lines
1.6 KiB
Bash
Executable File
60 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# =============================================================================
|
|
# Verify APK Signature
|
|
# =============================================================================
|
|
# This script verifies that an APK is properly signed and displays
|
|
# certificate information
|
|
#
|
|
# Usage:
|
|
# ./verify-apk-signature.sh <apk_path>
|
|
#
|
|
# Arguments:
|
|
# apk_path - Path to the APK file to verify
|
|
# =============================================================================
|
|
|
|
set -e
|
|
|
|
APK_PATH="$1"
|
|
|
|
if [ -z "$APK_PATH" ]; then
|
|
echo "❌ Error: Missing APK path"
|
|
echo "Usage: $0 <apk_path>"
|
|
exit 1
|
|
fi
|
|
|
|
if [ ! -f "$APK_PATH" ]; then
|
|
echo "❌ APK not found at: $APK_PATH"
|
|
exit 1
|
|
fi
|
|
|
|
echo "🔍 Verifying APK signature..."
|
|
|
|
# Check if APK is signed
|
|
if jarsigner -verify -verbose "$APK_PATH" 2>&1 | grep -q "jar verified"; then
|
|
echo "✅ APK is properly signed!"
|
|
|
|
# Extract certificate details
|
|
echo ""
|
|
echo "📜 Certificate Details:"
|
|
jarsigner -verify -verbose -certs "$APK_PATH" 2>&1 | grep -A 3 "X.509" || true
|
|
|
|
# Get signer info
|
|
echo ""
|
|
echo "🔑 Signer Information:"
|
|
keytool -printcert -jarfile "$APK_PATH" | head -n 15
|
|
|
|
else
|
|
echo "⚠️ WARNING: APK signature verification failed or APK is unsigned!"
|
|
echo ""
|
|
echo "This may happen if:"
|
|
echo " 1. GitHub Secrets are not configured for this environment"
|
|
echo " 2. Keystore credentials are incorrect"
|
|
echo " 3. Build configuration didn't apply signing"
|
|
echo ""
|
|
echo "See: docs/RELEASE/APK_SIGNING_SETUP.md for setup instructions"
|
|
|
|
# Don't fail the build, just warn
|
|
# exit 1
|
|
fi
|