Bug Issue: Problems when signing android games


Pages: 1

Justin

  • Master Stencyler
  • *
August 21, 2020, 11:22:09 am
The certificate we generate now is a 2048-bit RSA. This meets the requirements for both signing keys, and "upload keys" with Google Play Signing. (See the "Upload key restrictions" section of Use app signing by Google Play.)

Where things get messy is when a user has a published app on Google Play, and the existing certificate is not a 2048-bit RSA.

When publishing an APK, the suggested signature digest algorithm is determined by the minimum API level. (See: V1SchemeSigner.java.)

Note: SHA1 is too weak for 2048-bit signatures, so we need to use SHA256. Otherwise you'd wind up with an error like this.

Code: [Select]
Caused by: java.io.IOException: Failed to generate v1 signature
Caused by: java.security.InvalidKeyException: Failed to sign using signer "CERT"
Caused by: java.security.InvalidKeyException: Failed to sign using SHA1withDSA
Caused by: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size

  • RSA with minimum SDK < 18 --> SHA1
  • RSA with minimum SDK >= 18 --> SHA256
  • DSA with minimum SDK < 21 --> SHA1
  • DSA with minimum SDK >= 21 --> SHA256
  • ECDSA with minimum SDK < 18 --> Unsupported
  • ECDSA with minimum SDK >= 18 --> SHA256

When publishing an AAB, the same code is run, except it's initially primed with an explicit minimum api level (18) different from whatever is set by the developer. (See: FinalizeBundleTask.kt).

Perhaps this is a limitation of the AAB format. Maybe it's just an oversight in the gradle code. But what does this mean?

- If you have a new game, you can just make a new certificate and none of this matters.
- If you have an already published game with a certificate that's not 2048-bit RSA, but you're just publishing an APK (maybe for a different android store?) then we just need to make sure you have the correct minimum API level set, so it chooses SHA256.
- If you want to publish an AAB and use app signing by Google Play, and your certificate's not 2048-bit RSA, you need to follow the instructions in the "Create an upload key" section.
« Last Edit: August 21, 2020, 11:34:27 am by Justin »


Justin

  • Master Stencyler
  • *
August 21, 2020, 11:35:57 am
All that being said, we should detect when things are going to go wrong, and guide the user through the process of creating an upload key if needed.


Issue updated by Justin - August 24, 2020, 09:42:37 pm
  • Tags added: 4.1.0


Pages: 1

Details

  • Reported
    August 21, 2020, 11:22:09 am
  • Updated
    August 24, 2020, 09:42:37 pm

  • View Status
    Public
  • Type
    Bug
  • Status
    New
  • Priority
    Normal
  • Version
    (none)
  • Fixed in
    (none)
  • Assigned to
    (none)
  • Category
    Compiling/Testing Games

Tags