diff --git a/Dockerfile b/Dockerfile index 04ef9f4..99189c4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ -FROM gradle:5.6.4-jdk8 +FROM gradle:6.1.1-jdk8 ENV ANDROID_SDK_URL https://dl.google.com/android/repository/sdk-tools-linux-3859397.zip +ENV ANDROID_SDK_CHECKSUM 444e22ce8ca0f67353bda4b85175ed3731cae3ffa695ca18119cbacef1c1bea0 ENV ANDROID_BUILD_TOOLS_VERSION 29.0.3 ENV ANDROID_HOME /usr/local/android-sdk-linux ENV ANDROID_VERSION 29 @@ -9,6 +10,7 @@ ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/platform-tools RUN mkdir "$ANDROID_HOME" .android && \ cd "$ANDROID_HOME" && \ curl -o sdk.zip $ANDROID_SDK_URL && \ + echo "${ANDROID_SDK_CHECKSUM} sdk.zip" | sha256sum -c - && \ unzip sdk.zip && \ rm sdk.zip diff --git a/REPRODUCIBLE_BUILDS.md b/REPRODUCIBLE_BUILDS.md index 00bf5ef..dc08153 100644 --- a/REPRODUCIBLE_BUILDS.md +++ b/REPRODUCIBLE_BUILDS.md @@ -1,6 +1,6 @@ # Reproducible Builds -Note: reproducible builds work starting version 1.0.44 +Note: reproducible builds work starting version 1.0.45 ## Install Docker @@ -34,8 +34,8 @@ git checkout v1.0.44 ```shell cd ~/peertube-android docker build -t thorium-builder . -docker run --rm -v ~/peertube-android:/home/peertube-android -w /home/peertube-android thorium-builder gradle assembleProdRelease -PkeystorePassword=securePassword -PkeyAliasPassword=securePassword -PkeystoreFile=build.keystore -PbuildTimestamp=1593942384524 -cp app/build/outputs/apk/prod/release/app-prod-release.apk thorium-built.apk +docker run --rm -v ~/Private/peertube:/home/peertube -w /home/peertube thorium-builder gradle assembleRelease -PkeystorePassword=securePassword -PkeyAliasPassword=securePassword -PkeystoreFile=build.keystore -PbuildTimestamp=1593973044091 +cp app/build/outputs/apk/release/app-release-unsigned.apk thorium-built.apk ``` ## Extract the Play Store APK from your phone @@ -46,7 +46,8 @@ cp app/build/outputs/apk/prod/release/app-prod-release.apk thorium-built.apk ```shell cd ~/peertube-android -adb pull `adb shell pm path net.schueller.peertube | cut -d':' -f2` thorium-store.apk +adb shell pm path net.schueller.peertube +adb pull /data/app/net.schueller.peertube-mCeISw_AujlMBHyPfVhdSg==/base.apk thorium-store.apk ``` ## Compare the two files @@ -56,6 +57,6 @@ adb pull `adb shell pm path net.schueller.peertube | cut -d':' -f2` thorium-stor ```shell cd ~/peertube-android -python apkdiff.py thorium-built.apk thorium-store.apk +./apkdiff.py thorium-built.apk thorium-store.apk ``` diff --git a/apkdiff.py b/apkdiff.py new file mode 100755 index 0000000..13df537 --- /dev/null +++ b/apkdiff.py @@ -0,0 +1,66 @@ +#!/usr/bin/env python +# Taken from https://github.com/DrKLO/Telegram/blob/master/apkdiff.py on June 4th, 2020 + +import sys +from zipfile import ZipFile + +def compareFiles(first, second): + while True: + firstBytes = first.read(4096); + secondBytes = second.read(4096); + if firstBytes != secondBytes: + return False + + if firstBytes == b"": + break + + return True + +def compare(first, second): + FILES_TO_IGNORE = ["META-INF/MANIFEST.MF", "META-INF/CERT.RSA", "META-INF/CERT.SF"] + + firstZip = ZipFile(first, 'r') + secondZip = ZipFile(second, 'r') + + firstList = list(filter(lambda firstInfo: firstInfo.filename not in FILES_TO_IGNORE, firstZip.infolist())) + secondList = list(filter(lambda secondInfo: secondInfo.filename not in FILES_TO_IGNORE, secondZip.infolist())) + + if len(firstList) != len(secondList): + print("APKs has different amount of files (%d != %d)" % (len(firstList), len(secondList))) + return False + + for firstInfo in firstList: + found = False + for secondInfo in secondList: + if firstInfo.filename == secondInfo.filename: + found = True + firstFile = firstZip.open(firstInfo, 'r') + secondFile = secondZip.open(secondInfo, 'r') + + if compareFiles(firstFile, secondFile) != True: + print("APK file %s does not match" % firstInfo.filename) + return False + + secondList.remove(secondInfo) + break + + if found == False: + print("file %s not found in second APK" % firstInfo.filename) + return False + + if len(secondList) != 0: + for secondInfo in secondList: + print("file %s not found in first APK" % secondInfo.filename) + return False + + return True + +if __name__ == '__main__': + if len(sys.argv) != 3: + print("Usage: apkdiff ") + sys.exit(1) + + if sys.argv[1] == sys.argv[2] or compare(sys.argv[1], sys.argv[2]) == True: + print("APKs are the same!") + else: + print("APKs are different!") \ No newline at end of file diff --git a/gradlew b/gradlew old mode 100644 new mode 100755