diff options
Diffstat (limited to 'src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java')
-rw-r--r-- | src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java b/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java index cab2a47..04260d5 100644 --- a/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java +++ b/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java @@ -74,7 +74,8 @@ public abstract class V3SchemeSigner { * Signature Scheme v3 */ public static List<SignatureAlgorithm> getSuggestedSignatureAlgorithms(PublicKey signingKey, - int minSdkVersion, boolean verityEnabled) throws InvalidKeyException { + int minSdkVersion, boolean verityEnabled, boolean deterministicDsaSigning) + throws InvalidKeyException { String keyAlgorithm = signingKey.getAlgorithm(); if ("RSA".equalsIgnoreCase(keyAlgorithm)) { // Use RSASSA-PKCS1-v1_5 signature scheme instead of RSASSA-PSS to guarantee @@ -99,7 +100,10 @@ public abstract class V3SchemeSigner { } else if ("DSA".equalsIgnoreCase(keyAlgorithm)) { // DSA is supported only with SHA-256. List<SignatureAlgorithm> algorithms = new ArrayList<>(); - algorithms.add(SignatureAlgorithm.DSA_WITH_SHA256); + algorithms.add( + deterministicDsaSigning ? + SignatureAlgorithm.DETDSA_WITH_SHA256 : + SignatureAlgorithm.DSA_WITH_SHA256); if (verityEnabled) { algorithms.add(SignatureAlgorithm.VERITY_DSA_WITH_SHA256); } |