Android from zero-line Signature packaging, android signature Packaging

Android from zero-line Signature packaging, android signature Packaging
Reprinted please indicate the source: http://blog.csdn.net/crazy1235/article/details/46289803Signature IntroductionWhat is a signature?

In real life, the signature is equivalent to the signature and seal on the contract. It takes effect only after the signature is signed. If there is no signature, there will be no objects in the "contract", and there will be no legal force.

Why signature?

The Android system requires that each application must be digitally signed before it can be installed in the system. That is to say, an app without a signature cannot be installed on your android machine.
Android uses digital signatures to mark the relationship between applications and developers. It is a way to authenticate applications.
To put it bluntly, it is to mark the ownership of an APP and distinguish the APP.

Benefits of signature:

• Program upgrade brings convenience.
  OnlySame signature and same package nameTo overwrite the installation.
• Modular applications.
  The android system allows a program with the same digital signature to run in a process. The android program regards them as the same program. Therefore, the program can be developed in different modules, you only need to download the corresponding module as needed.
• Data sharing
  Android provides a digital certificate-based permission granting mechanism for applications to share data with programs with the same signature.

(For the last two benefits, I have not come into use for the moment .)

How to pack signatures

You can sign an APK in either of the following ways:1. Use the graphical interface signature package provided by ADT,2. Use the DOS command to sign and Package.

The first thing to note is that we generally debug programs using debug signatures (debug. keystore ).

When developing applicationsMulti-person collaborationThe debug signature of each machine is different. Therefore, after submitting a program you write, your colleagues cannot run normally after updating it. For example, the Code logic of Baidu map is closely related to the signature. Using the debug signature will cause some code to only run on your own machine, which is too LOW.

ThereforeRelease Signature.
When the apk version is finally released, the release version signature is used, that is, the official version signature.

Next, I will explain the two methods myself:

Graphical interface signature Packaging

Right-click the project and you will see: Android Tools

Export Signed Application Package
Indicates exporting the signed apk file.
Export Unsigned Application Package
Indicates exporting an apk file without a signature.

We select the first item, and then next,

In this case, you can choose to use an existing keystore or create a own keystore.
We choose to create one:

After next,

In this interface, you need to enter some signature information, such as the alias, signature password, term of use, and organization information.

The next step is to generate the signed apk file.

After a series of steps above, a signed apk file is packaged.

You can use the generated signature to package the latest version.

After next, if your signature file Password is correct, the alias you set will be automatically listed:

Enter your signature password. Next, click Next.

Sign and package using commands

Before using the command to generate a signature for packaging, let's take a look at the information contained in debug. kestore.
Run the following command to view the signature information:

keystool -list -v -keystore debug.keystore

The password for the debug signature is:Android

You can see the information contained in debug. keystore, which basically corresponds to the information entered in the signature creation on the graphical interface.

Two tools are required for signing and packaging the project:Keytool,Jarsigner.

• Keytool: Used to generate a digital signature.
  Keytool can be used not only to view signature information, but also to generate a signature, which is located in the bin directory of jdk.

The signature Generation Command is as follows:

keytool -genkey -v -keystore xxx.keystore -alias xxx -keyalg RSA -validity xxx

After executing this command, you will be prompted to enter some information:

• Jarsigner: Use the signature to sign the apk file. This tool is also located in the bin directory of jdk.
  Using commands to compile an apk file is cumbersome and not worth the candle. We use a graphical interface to package an apk without signature.

Use the following command to sign the apk:

jarsigner -verbose -keystore xxx.keystore -signedjar xxx.apk xxx.apk xxx

After executing this command, wait a moment and you will be prompted that the package is successful.

During the study of signature packaging, I can see on the Internet that another step is to useZipalignCommand to optimize the apk.

zipalign -v 4 xxx.apk xxx_aligned.apk

The imperative idea is to optimize xxx.apkinto xxx_aligned.apk. When the project is relatively large, the command is obvious, and the project optimization effect is not obvious.

This command is interpreted as follows (Network):

Zipalign can align uncompressed data of the apk file on the four-byte boundary, so that the android system can use the mmap () function to read the file, you can obtain high performance when reading resource files.

Summary

• The apk with the same package structure with different signatures cannot be overwritten for installation. When you install the apk on your mobile phone, a message indicating a signature conflict is displayed. When running on eclipse and other development tools, the following prompt will be prompted:

-An unsigned apk cannot be installed on a mobile phone. AfterExport Unsigned Application PackageAfter the steps, eclipse will prompt you:Before releasing a program, you must sign the program..

This blog ends here ~~
Thank you for your support! If any error occurs, point out ~~
Thank you ~