PC SOFT

GRUPOS DE DISCUSSÃO PROFISSIONAL
WINDEVWEBDEV e WINDEV Mobile

Inicio → WINDEV Mobile 2024 → changing SHA-1 digest from Android app
changing SHA-1 digest from Android app
Iniciado por grangulo7, abr., 01 2018 2:23 AM - 5 respostas
Publicado em abril, 01 2018 - 2:23 AM
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?.

I have try to make keystores with that length of a key but i always get the error:

-digestalg SHA1 -sigalg SHA1withDSA "test.apk" test
Error returned:
jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size

When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ?

i just think it would be nice to be able to sign the apps with a higher key strength

Thanks for any help
Publicado em agosto, 19 2024 - 8:12 PM
For anyone having this issue in the future, you may use RSA instead of SHA1 or DSA to get more than 1024 bits. Here's an example:

-genkey -keystore "{keystore}" -storepass {storepass} -alias {alias} -keypass {keypass} -dname cn="{dname}",o="{dname}" -validity 1234 -keyalg RSA -sigalg SHA256withRSA -keysize 2048

This is very important to keep in mind for signing any apps for Google Play, as I had to figure out the hard way.

Hope this helps.
Publicado em setembro, 25 2024 - 12:34 PM
Hello,

In Windev Mobile, the default signing algorithm uses SHA-1, which is indeed limited in terms of security strength, especially when it comes to using keys longer than 1024 bits. To address your concerns about using a 2048-bit key for signing your applications, here are some potential approaches:

Update Signing Algorithm: Check if there's an option in Windev Mobile to configure the signing algorithm or the digest algorithm. Some development environments allow you to choose more secure algorithms like SHA-256.

Use Java Keytool: When creating your keystore with a 2048-bit key, ensure you specify a more secure algorithm in your keytool command. For example, try using -sigalg SHA256withRSA instead of SHA-1. keytool -genkeypair -alias yourAlias -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore yourKeystore.jks
Sign the APK Externally: After building your application with Windev Mobile, consider signing it manually using the jarsigner tool from the JDK. Make sure to specify the proper digest and signature algorithm. jarsigner -digestalg SHA-256 -sigalg SHA256withRSA -keystore yourKeystore.jks yourApp.apk yourAlias
Check for Updates: Make sure your Windev Mobile version is up to date. Sometimes https://www.publix-passport.com newer versions provide enhanced security features and options for signing.

Consult Documentation: Look into Windev Mobile’s official documentation or support forums to see if there are specific guidelines or updates regarding app signing and security practices.

hope that helps!
Mensagem modificada, setembro, 25 2024 - 12:34 PM
Membro registado
1 mensagem
Publicado em outubro, 06 2024 - 3:40 PM
Rogelio escribió:
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?.

I have try to make keystores with that length of a key but i always get the error:

-digestalg SHA1 -sigalg SHA1withDSA "test.apk" test
Error returned:
jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size

When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ?

i just think it would be nice to be able to sign the apps with a higher key strength

Thanks for any help https://emilyandblair.com/funny-rainy-day-quotes/


It seems like you're running into issues with the SHA-1 algorithm's limitation when trying to sign your Windev Mobile app with a 2048-bit key. SHA-1 is indeed outdated and not recommended for stronger key lengths like 2048-bit. Instead, you should switch to a more secure digest algorithm like SHA-256.

Here's what you can try:

Create a new keystore with a 2048-bit key using SHA-256:
yaml
Copy code
keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore yourkeystore.keystore
When signing the APK, use the following:
Copy code
jarsigner -keystore yourkeystore.keystore -digestalg SHA-256 -sigalg SHA256withRSA test.apk youralias
This should allow you to sign the APK with a 2048-bit key without running into the SHA-1 limitation. Let me know if this helps!
Publicado em outubro, 29 2024 - 6:44 AM
halla01 escribío:
Rogelio escribió:
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?.

I have try to make keystores with that length of a key but i always get the error:

-digestalg SHA1 -sigalg SHA1withDSA "test.apk" test
Error returned:
jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size

When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ?

i just think it would be nice to be able to sign the apps with a higher key strength

Thanks for any help https://emilyandblair.com/funny-rainy-day-quotes/

It seems like you're running into issues with the SHA-1 algorithm's limitation when trying to sign your Windev Mobile app with a 2048-bit key. SHA-1 is indeed outdated and not recommended for stronger key lengths like 2048-bit. Instead, you should switch to a more secure digest algorithm like SHA-256.

Here's what you can try:

Create a new keystore with a 2048-bit key using SHA-256:
yaml
Copy code
keytool -genkeypair -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -keystore yourkeystore.keystore
When signing the APK, use the following:
Copy code
jarsigner -keystore yourkeystore.keystore -digestalg SHA-256 -sigalg SHA256withRSA test.apk youralias
This should allow you to sign the APK with a 2048-bit key without running into the SHA-1 limitation. Let me know if this helps! https://compassmobile-dollartree.pro/


Yes you provide est solution. It works.
Membro registado
1 mensagem
Publicado em outubro, 29 2024 - 8:00 AM
Rogelio a écrit :
Has anyone a idea if its possible to change the digest that is using windev mobile to sign the application ?, the reason for my question is that by default windev uses SHA-1 Digest on the application, and that only supports 1024 Bits key signing. Amyone know if its possible to sign a windev mobile with a 2048 bit key ?.

I have try to make keystores with that length of a key but i always get the error:

-digestalg SHA1 -sigalg SHA1withDSA "test.apk" test
Error returned:
jarsigner error: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size

When i use a 1024 bit key it works fine and no problem is encountered, anyone has come across this before ?
https://compassmobile-dollartree.pro/
i just think it would be nice to be able to sign the apps with a higher key strength

Thanks for any help


To sign a WinDev Mobile app with a 2048-bit key, you’ll need to switch from SHA-1 to SHA-256 or higher since SHA-1 doesn’t support keys over 1024 bits. Create a keystore with -digestalg SHA-256 -sigalg SHA256withRSA to bypass the SHA-1 limitation.
Mensagem modificada, outubro, 29 2024 - 8:02 AM