What is the difference between the Java 1.6 and 1.7 jarsigner

Question

Just noted that you can´t sign Android APKs with the Java 1.7 jarsigner. So I wonder why this is and what is the difference between the 1.6 and 1.7 signer?

Answer 1

This is because the default digest algorithm for Java 1.7 is SHA-256 while for Java 1.6 it's SHA1withDSA.

Java 1.6 Jarsigner docs

Java 1.7 Jarsigner docs

Answer 2

Yes you CAN use 1.7!

It is very tricky to find info on the usage with 1.7, but once found it is reasonable simple:

For keytool include

-sigalg SHA1withDSA -keyalg DSA -keysize 1024

For jarsigner include

-sigalg SHA1withDSA -digestalg SHA1

(1024 is the maximum and works, less might do the trick)