It appears that we're signing everything with minSDK 18 regardless of key type. It'd be good to add unit or integration tests or both to verify the min SDK we sign with based on key type
|
case *ecdsa.PrivateKey: |
|
// ecdsa is only supported in sdk 18 and higher |
|
s.minSdkVersion = "18" |
|
log.Printf("apk2: setting min android sdk version to 18 as required to sign with ecdsa") |
|
default: |
|
log.Printf("apk2: setting min android sdk version to 9") |
|
s.minSdkVersion = "9" |
|
} |
Possible changes:
It appears that we're signing everything with minSDK 18 regardless of key type. It'd be good to add unit or integration tests or both to verify the min SDK we sign with based on key type
autograph/signer/apk2/apk2.go
Lines 80 to 87 in 019e766
Possible changes:
apk_cert_with_ecdsa_sha256configapt -y install -t buster-backports aaptto the Dockerfile and check SDK versionsaapt list -a | grep -i sdk