aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java')
-rw-r--r--src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java b/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java
index cab2a47..04260d5 100644
--- a/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java
+++ b/src/main/java/com/android/apksig/internal/apk/v3/V3SchemeSigner.java
@@ -74,7 +74,8 @@ public abstract class V3SchemeSigner {
* Signature Scheme v3
*/
public static List<SignatureAlgorithm> getSuggestedSignatureAlgorithms(PublicKey signingKey,
- int minSdkVersion, boolean verityEnabled) throws InvalidKeyException {
+ int minSdkVersion, boolean verityEnabled, boolean deterministicDsaSigning)
+ throws InvalidKeyException {
String keyAlgorithm = signingKey.getAlgorithm();
if ("RSA".equalsIgnoreCase(keyAlgorithm)) {
// Use RSASSA-PKCS1-v1_5 signature scheme instead of RSASSA-PSS to guarantee
@@ -99,7 +100,10 @@ public abstract class V3SchemeSigner {
} else if ("DSA".equalsIgnoreCase(keyAlgorithm)) {
// DSA is supported only with SHA-256.
List<SignatureAlgorithm> algorithms = new ArrayList<>();
- algorithms.add(SignatureAlgorithm.DSA_WITH_SHA256);
+ algorithms.add(
+ deterministicDsaSigning ?
+ SignatureAlgorithm.DETDSA_WITH_SHA256 :
+ SignatureAlgorithm.DSA_WITH_SHA256);
if (verityEnabled) {
algorithms.add(SignatureAlgorithm.VERITY_DSA_WITH_SHA256);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-13 08:48:56 +0000