Android Development: "Gradle Recipes for Android" read notes (translation) 2.6--sign release apk

Problem:

To publish the APK to the Google market, you need to sign the APK digitally.

Solution:

You can use the Java keytoll command to create a certificate and use it in the Signingconfigs block of the Gradle configuration file.

Discuss:

All apk must be signed before being released. By default, Android uses a known key to sign the APK that is being tested. You can see it using the Java keytool command line.

The debug key is stored in a directory called. Android under the home directory. The default name of the key is Debug.keysore, and there is an Android password.

Enter CD ~/.android/at the command line , and then enter keytool-list-keystore debug.keystore, the default password for Android, to see the key information:

The key type is JKs (Java KeyStore, public key, and private key). Java supports another type called Jceks (Java Cryptography Extensions KeyStore), which is used for shared keys, but not for Android apps.

This key has a certificate named Androiddebugkey that is used to sign the test apk.

PS: To reset the test key, just delete the debug.keystore and regenerate it the next time you deploy the app.

You may not post an unsigned app. This can also be used with Keytool. As follows:

Keytool-genkey-v-keystore myapp.keystore-alias my_alias    -keyalg rsa-keysize 2048-validity 10000 (all on one  Line) Enter keystore password:  (probably shouldn ' t use the "password") re-enter new password:    (But if you did, type It again) What's your first and last name?  [Unknown]:  Ken Kousenwhat is the name of the Your organizational unit?  [Unknown]:what is the name of your organization?  [Unknown]:  Kousen IT, Inc.what is the name of the your city or Locality?  [Unknown]:  Marlboroughwhat is the name of your state or province? [Unknown]:  Ctwhat is the Two-letter country code for this unit?  [Unknown]:  usis cn=ken Kousen, Ou=unknown, o= "Kousen IT, Inc.", L=marlborough,  st=ct, c=us correct?  [No]:  Yes

Generating 2,048 bit RSA key pair and self-signed certificate (SHA256WITHRSA) with a validity of "Days  for:cn=k" En Kousen, Ou=unknown,  o= "Kousen IT, Inc.", L=marlborough, ST=CT, C=us

Enter key password for <my_alias>        (RETURN if same as KeyStore password):

[Storing Myapp.keystore]

You can use the Jarsigner and zipalign tools to sign the APK, but using Gradle is easier. Such as:

You may not want to tell the password hard-coded to the build file, you can put them in the Gradle.properties file or set it on the command line.

In the DSL document, the Signingconfigs block is delegated to the Signingconfig class, which has four commonly used properties:

Keyalias: This value is used when Keytool signs a specific key

Keypassword: The password of the key used in the signing process

StoreFile: Disk file containing keys and certificates generated by Keytool

Storepassword: Password used by the key itself

There is also a Storetype property setting algorithm (default is JKS), but it is seldom used.

In order for these configurations to take effect, add the Signingconfig property under Releas, as follows:

When you run the Assemblerelease task, a release version of the APK is generated in the app/build/outputs/apk directory.

There is an important note that you must keep the key, otherwise you will not be able to publish any updates to the app because all versions must use the same signature.

Put the keystore in a safe place. This is not done for encryption purposes. It is for completeness (make sure the APK is not modified) and non-repudiation (make sure you are the one who can sign it). If someone else gets your keystore, they can sign another app in your name.

Android Development: "Gradle Recipes for Android" read notes (translation) 2.6--sign release apk