|
PROFESSIONAL NEWSGROUPS WINDEV, WEBDEV and WINDEV Mobile |
| | | | | |
changing SHA-1 digest from Android app |
Started by grangulo7, Apr., 01 2018 2:23 AM - 5 replies |
| |
| | | |
|
| |
Posted on April, 01 2018 - 2:23 AM |
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?.
I have try to make keystores with that length of a key but i always get the error:
-digestalg SHA1 -sigalg SHA1withDSA "test.apk" test Error returned: jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size
When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ?
i just think it would be nice to be able to sign the apps with a higher key strength
Thanks for any help |
| |
| |
| | | |
|
| | |
| |
Posted on August, 19 2024 - 8:12 PM |
For anyone having this issue in the future, you may use RSA instead of SHA1 or DSA to get more than 1024 bits. Here's an example:
-genkey -keystore "{keystore}" -storepass {storepass} -alias {alias} -keypass {keypass} -dname cn="{dname}",o="{dname}" -validity 1234 -keyalg RSA -sigalg SHA256withRSA -keysize 2048
This is very important to keep in mind for signing any apps for Google Play, as I had to figure out the hard way.
Hope this helps. |
| |
| |
| | | |
|
| | |
| |
Posted on September, 25 2024 - 12:34 PM |
Hello,
In Windev Mobile, the default signing algorithm uses SHA-1, which is indeed limited in terms of security strength, especially when it comes to using keys longer than 1024 bits. To address your concerns about using a 2048-bit key for signing your applications, here are some potential approaches:
Update Signing Algorithm: Check if there's an option in Windev Mobile to configure the signing algorithm or the digest algorithm. Some development environments allow you to choose more secure algorithms like SHA-256.
Use Java Keytool: When creating your keystore with a 2048-bit key, ensure you specify a more secure algorithm in your keytool command. For example, try using -sigalg SHA256withRSA instead of SHA-1. keytool -genkeypair -alias yourAlias -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore yourKeystore.jks Sign the APK Externally: After building your application with Windev Mobile, consider signing it manually using the jarsigner tool from the JDK. Make sure to specify the proper digest and signature algorithm. jarsigner -digestalg SHA-256 -sigalg SHA256withRSA -keystore yourKeystore.jks yourApp.apk yourAlias Check for Updates: Make sure your Windev Mobile version is up to date. Sometimes https://www.publix-passport.com newer versions provide enhanced security features and options for signing.
Consult Documentation: Look into Windev Mobile’s official documentation or support forums to see if there are specific guidelines or updates regarding app signing and security practices.
hope that helps!Message modified, September, 25 2024 - 12:34 PM |
| |
| |
| | | |
|
| | |
| |
Registered member 1 message |
|
Posted on October, 06 2024 - 3:40 PM |
Rogelio escribió:
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?. I have try to make keystores with that length of a key but i always get the error: -digestalg SHA1 -sigalg SHA1withDSA "test.apk" test Error returned: jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ? i just think it would be nice to be able to sign the apps with a higher key strength Thanks for any help https://emilyandblair.com/funny-rainy-day-quotes/
It seems like you're running into issues with the SHA-1 algorithm's limitation when trying to sign your Windev Mobile app with a 2048-bit key. SHA-1 is indeed outdated and not recommended for stronger key lengths like 2048-bit. Instead, you should switch to a more secure digest algorithm like SHA-256.
Here's what you can try:
Create a new keystore with a 2048-bit key using SHA-256: yaml Copy code keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore yourkeystore.keystore When signing the APK, use the following: Copy code jarsigner -keystore yourkeystore.keystore -digestalg SHA-256 -sigalg SHA256withRSA test.apk youralias This should allow you to sign the APK with a 2048-bit key without running into the SHA-1 limitation. Let me know if this helps! |
| |
| |
| | | |
|
| | |
| |
Posted on October, 29 2024 - 6:44 AM |
halla01 escribío:
Rogelio escribió: Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?. I have try to make keystores with that length of a key but i always get the error: -digestalg SHA1 -sigalg SHA1withDSA "test.apk" test Error returned: jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ? i just think it would be nice to be able to sign the apps with a higher key strength Thanks for any help https://emilyandblair.com/funny-rainy-day-quotes/It seems like you're running into issues with the SHA-1 algorithm's limitation when trying to sign your Windev Mobile app with a 2048-bit key. SHA-1 is indeed outdated and not recommended for stronger key lengths like 2048-bit. Instead, you should switch to a more secure digest algorithm like SHA-256. Here's what you can try: Create a new keystore with a 2048-bit key using SHA-256: yaml Copy code keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore yourkeystore.keystore When signing the APK, use the following: Copy code jarsigner -keystore yourkeystore.keystore -digestalg SHA-256 -sigalg SHA256withRSA test.apk youralias This should allow you to sign the APK with a 2048-bit key without running into the SHA-1 limitation. Let me know if this helps! https://compassmobile-dollartree.pro/
Yes you provide est solution. It works. |
| |
| |
| | | |
|
| | |
| |
Registered member 1 message |
|
Posted on October, 29 2024 - 8:00 AM |
Rogelio a écrit :
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?. I have try to make keystores with that length of a key but i always get the error: -digestalg SHA1 -sigalg SHA1withDSA "test.apk" test Error returned: jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ? https://compassmobile-dollartree.pro/i just think it would be nice to be able to sign the apps with a higher key strength Thanks for any help
To sign a WinDev Mobile app with a 2048-bit key, you’ll need to switch from SHA-1 to SHA-256 or higher since SHA-1 doesn’t support keys over 1024 bits. Create a keystore with -digestalg SHA-256 -sigalg SHA256withRSA to bypass the SHA-1 limitation.Message modified, October, 29 2024 - 8:02 AM |
| |
| |
| | | |
|
| | | | |
| | |
| | |
| |
|
|
|