How to sign Android applications

The Android system requires that all programs be installed with digital signatures. If no digital signature is available, the system will not install and run this program. Whether it's a simulator or a real mobile phone. Therefore, before running the debugging program on a device or simulator, you must set a digital signature for the application.

All programs must be signed. If no program is signed, the system cannot install it.

You can use self-signed certificates to sign applications without authorization creden. The system only tests the validity period of the signature certificate during installation. If the application signature expires after installation, the application can still be enabled normally. Standard tools available-Keytool and Jarsigner-Generate a secret to sign the. APK file of the application.

The Android SDK tool can sign the application during debugging. Both the ADT plug-in and the Ant compilation tool provide two signature modes: debug mode and release mode.

In debug mode, the compilation tool uses the general program Keytool in JDK to create the secret lock and key through known methods and passwords. For each compilation, the tool uses the debugpassword to sign for the .apk file of the application. Because the password is known, the tool

You do not need to enter the password lock and key at each compilation.

When the application is ready for release after debugging, You can compile it in release mode. In the releasemode, the editing tool does not sign the .apk file. Secret uses keytoolto generate a secret and a secret, and then uses jarsignertool in JDK to sign the .apk file.

Basic signature settings

First, SetJAVA_HOMEThe environment variable tells the SDK how to find the Keytool, or you can add the jdk path of the Keytool to the path variable of the Windows system environment variable.

When releasing the release version, right-click your project from the Package version and selectAndroid Tools, Export Application Package. You can also click the "Exporting the unsigned. apk" connection on the overview page to export the unsigned apk file. After saving the .apk file, use Jarsigner and its own key to sign the apk file. If there is no key, you can use Keystore to create the key and password lock. If you already have a secret, such as a public secret, you can sign the .apk file.

You can also write the complete step above asBatFile, so you only need to run thisBaT. The following provides a completeBatFile example:

@ Rem android signature program // annotation command

@ Rem echo is the display command format:Echo [{on | off}] [message]

@ Echo ************************************** ********************

@ Rem FILE command format: if exist path + file name command

@If exist d: sign/MyFirstApp. keystore goto sign

@ Echo: create a signature fileMyFirstApp. keystore

@ Rem keytool Command Format:-genkey generates the signature-alias-keyalg encryption algorithm-validity valid days-keystore production signature file name

Keytool-genkey-alias MyFirstApp. keystore-keyalg RSA-validity 40000-keystore MyFirstApp. keystore

@ Echo:

@ Rem jarsigner Command Format:-verbose output details-keystore location-file keystore file to be signed for the file to be generated by signedjar

Jarsigner-verbose-keystore MyFirstApp. keystore-signedjar MyFirstApp_signed.apk MyFirstApp.apk MyFirstApp. keystore

@ Goto over

: Sign

@ Echo:

Jarsigner-verbose-keystore MyFirstApp. keystore-signedjar MyFirstApp_signed.apk MyFirstApp.apk MyFirstApp. keystore

: Over

@ Echo ******************** MyFirstApp.apk signature completed *************** ********

Pause

The above is a complete bat file signed for the application. When running this bat file, you also need to follow the steps prompted on the screen to enter some necessary information. The last signed file generated is:MyFirstApp_signed.apk.

After the signature is complete, it is best to compress the file and use zipalign in the tools folder in the Android SDK installation path to compress it. Take this file as an example and you can also write it as a bat file, example:

 
 

  
  
D:\soft\android-sdk-windows\tools\zipalign -f -v 4 MyFirstApp_signed.apk MyFirstApp_zip.apk  
  
  
D:\soft\android-sdk-windows\tools\zipalign -c -v 4 MyFirstApp_zip.apk 
 
 

Pause <

The aboveD: \ soft \ android-sdk-windowsUse your actual Android SDK installation path instead.

Follow the steps above and click "Zip". Copy the last file (such as the myfirstapp_zip.apk file in the example) to your mobile phone and you will be able to install and run it normally.

Android program Signature

Android Trojan: security is a free price

Improve the speed of the Android user experience Trilogy

Security considerations: List of Android Trojan applications