Skip to content

pserwylo/JarVerifier

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
extern
extern
 
 
jarverifier
jarverifier
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradle.properties
gradle.properties
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

This is a toy app which is used to investigate a bug on Android 5.0 whereby signature verification fails when using a security provider other than the one bundled with Android.

The specific bug was first identified in F-Droid, where we were using the SpongyCastle library (a fork of BouncyCastle, but in a different namespace). It was used for the purpose of signing Jar files, however in the process of registering it as a security provider, it broke Jar verification for the .jar files downloaded by F-Droid too (for managing the index of available apps).

About

(Pointless) Android app for downloading and verifying .jar files

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages