Android APK signature Summary

 

Android signatures mainly use keytool and jarsigner to create APK files.

The signature of the android program and Symbian can both be self-signed (self-signed). However, in the early stage of the certificate on the Android platform, programs uploaded through the ADB interface during normal development will be automatically signed for programs with the debug permission. Signature verification is required when you upload a program to the Android Market.

 

Android signed Creation Method

First, users who did not install JDK during Android development download JDK http: // JDK from the official website of sun.

 

Detailed signature steps:

 

Step 1

C:/program files/Java/jdk1.6.0 _ 10/bin> keytool-genkey-alias Wendy. keystore
-Keyalg RSA-validity 20000-keystore Wendy. keystore
Enter the keystore password: [do not display the password]
Enter the new password again: [do not display the password]
What is your first name and last name?
[UNKNOWN]: Wendy

What is the name of your organization?
[UNKNOWN]: Home

What is your organization name?
[UNKNOWN]: Home
What is the name of your city or region?
[UNKNOWN]: New York
What is the name of your state or province?
[UNKNOWN]: New York
What is the two-letter country code for this unit?
[UNKNOWN]: CN
CN = Wendy, ou = home, O = home, L = New York, St
= New York, c = cn?
[No]: Y

Enter the <Wendy. keystore> master password
(If the password is the same as the keystore password, press Enter ):

Here, the parameter-validity indicates the number of days valid for the certificate. Here we write a maximum of 20000 days. There is also no echo when entering the password, just enter it. Generally, we recommend that you use 20 bits in the number of digits, and remember to use them later.

 

Next, we will sign the APK file.

Step 2

Execute the following statement jarsigner-verbose-keystore Wendy. keystore-signedjar wendy_signed.apk wendy.apk Wendy. keystore: the APK execution file signed by Android. The password entered below is the same as that entered in keytool,

 

Article http://code.google.com/android/devel/sign-publish.html.

The keytool parameters and jarsigner parameters are attached:

Keytool usage:

-Certreq [-V] [-protected]
[-Alias <alias>] [-sigalg <sigalg>]
[-File <csr_file>] [-keypass <keystore password>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Changealias [-V] [-protected]-alias <alias>-destalias <target alias>
[-Keypass <keystore password>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Delete [-V] [-protected]-alias <alias>
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Exportcert [-V] [-RFC] [-protected]
[-Alias <alias>] [-file <authentication File>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Genkeypair [-V] [-protected]
[-Alias <alias>]
[-Keyalg <keyalg>] [-keysize <key size>]
[-Sigalg <sigalg>] [-dname <dname>]
[-Validity <valdays>] [-keypass <keystore password>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Genseckey [-V] [-protected]
[-Alias <alias>] [-keypass <keystore password>]
[-Keyalg <keyalg>] [-keysize <key size>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Help

-Importcert [-V] [-noprompt] [-trustcacerts] [-protected]
[-Alias <alias>]
[-File <authentication File>] [-keypass <keystore password>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Importkeystore [-v]
[-Srckeystore <source keystore>] [-destkeystore <target keystore>]
[-Srcstoretype <source storage type>] [-deststoretype <target storage type>]
[-Srcstorepass <source repository password>] [-deststorepass <target repository password>]
[-Srcprotected] [-destprotected]
[-Srcprovidername <source provider name>]
[-Destprovidername <target provider name>]
[-Srcalias <source alias> [-destalias <target alias>]
[-Srckeypass <source keystore password>] [-destkeypass <target keystore password>]
[-Noprompt]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Keypasswd [-V] [-alias <alias>]
[-Keypass <old keystore password>] [-New <New keystore password>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-List [-v |-RFC] [-protected]
[-Alias <alias>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

-Printcert [-V] [-file <authentication File>]

-Storepasswd [-V] [-New <new repository password>]
[-Keystore <keystore>] [-storepass <keystore password>]
[-Storetype <storage type>] [-providername <Name>]
[-Providerclass <provider Class Name> [-providerarg <parameter>]...
[-Providerpath <path list>]

 

Jarsigner usage: [Option] JAR file alias
Jarsigner-verify [Option] JAR File

[-Keystore <URL>] keystore location
[-Storepass <password>] password used for keystore integrity
[-Storetype <type>] keystore type
[-Keypass <password>] private key password (if different)
[-Sigfile <File>]. SF/. DSA file name
[-Signedjar <File>] Name of the signed JAR File
[-Digestalg <algorithm>] Name of the digest algorithm
[-Sigalg <algorithm>] signature algorithm name
[-Verify] Verify the signed JAR File
[-Verbose] Output details during signature/Verification
[-Certs] outputs details and displays the certificate during verification
[-TSA <URL>] Location of the timestamp Mechanism
[-Tsacert <alias>] Public Key Certificate of the time stamp organization
[-Altsigner <class>] Class Name of the alternative signature mechanism
[-Altsignerpath <path list>] Location of the alternative signature mechanism
[-Internalsf] contains the. SF file in the signature block.
[-Sectionsonly] does not calculate the hash of the entire list
[-Protected] keystore protected authentication path
[-Providername <Name>] provider name
[-Providerclass <class> name of the encryption service provider
[-Providerarg <parameter>]... main class file and constructor Parameters

 

 

 

Supplement:

 

To finally release your android program, you must sign the APK file. Here, the APK and jar signatures are the same. They are completed using the jarsigner tool of Sun JDK. However, when executed, a prompt is displayed: jarsigner: unable to sign the jar: java.util.zip. zipexception: Invalid entry compressed size (expected xxx But got XXX bytes) Prompt,

These problems are mainly caused by resource files. for Android development, check the files in the res folder one by one. This problem can be solved by upgrading the JDK and JRE versions of the system.