Several ways to sign a system for a third-party apk

----------------------------------------------------------------------------

This article is used only as a learning exchange
Please be sure to indicate the original address if reproduced or quoted:
http://blog.csdn.net/luzhenrong45/article/details/47733053
or contact [email protected]
Thank you!

----------------------------------------------------------------------------

Note: This article assumes that you are an already owned Android system source code, and the Android source code has a certain understanding.

Sometimes there are some problems with the apk signature that cause the installation to fail.
Scenario One:

There is a third-party apk(with system privileges)that cannot be installed on our own Android machine , prompting the following error, causing the installation to fail.

    

this is because the vendor-supplied APK is signed with their signature tool, and our adesk is based on our own system signature tool.   The vendor APK is installed on our Adesk, and Android detects that the system signature is inconsistent, and the Android system prevents it from being installed due to security considerations.

Workaround: Use your Android signature tool to re-sign the apk .

(1) The Android signature file is stored in the build/target/product/security/directory of the system source code.

The directory is media.pk8, Media.x509.pem, Platform.pk8, Platform.x509.pem, Shared.pk8, Shared.x509.pem, TESTKEY.PK8, TESTKEY.X509.PEM, such as signature files, different signature files, corresponding to different permissions. The default Android signature file is Testkey.pk8, Testkey.x509.pem.

(2) Android comes with the signature tool for Signapk.jar, can be found in the source code compiled directory out, the specific path is: Out/host/linux-x86/framework/signapk.jar apk with system permissions, The re-signing should be signed with the platform signature file.

Signature method: Place the signature file platform.pk8, Platform.x509.pem, Signature tool Signapk.jar, and the APK (assuming old.apk) that need to be signed into the same directory to open the Linux terminal (Windows CMD), enter the directory and re-sign:

java-jar signapk.jar platform.x509.pem platform.pk8 old.apk new.apk

The regenerated new.apk can be installed on our adesk thin client.

    

     Scenario Two: The supplier has provided the APK source code, also has the system authority, when we import the APK source code into Eclipse, uses the Run as--and the Android application to compile installs the APK , Eclise also prompts the error message for scenario one, for the same reason. We can also re-sign the eclipse-generated apk as per scenario one and install it on our device. However, sometimes we will often modify the APK source code for debugging verification, if each time the APK is taken out for re-signing, and then install, it is really troublesome. eclipse is supported by using its own system signing tool for the APK package signature. using this method, you can quickly and easily sign the APK system and install it on our Android device. Here's how it's done:

Step one: Also take the source directory build\target\product\security directory platform.pk8 PLATFORM.X509.PEM placed in a directory

Step Two: Enter the directory to generate SHARED.PRIV.PEM

OpenSSL pkcs8-in platform.pk8-inform der-outform pem-out shared.priv.pem-nocrypt

Step three: Generate PKCS12

OpenSSL pkcs12-export-in platform.x509.pem-inkey shared.priv.pem-out shared.pk12-name Androiddebugkey

Enter Export Password:
Verifying-enter Export Password:

You will be prompted to enter a password, the default password is Android, as the key you made, enter the corresponding password.

Step four: Generate Debug.keystore,eclipse need to use this keystore.
keytool-importkeystore-deststorepass android-destkeypass android-destkeystore Debug.keystore- Srckeystore shared.pk12-srcstoretype pkcs12-srcstorepass android-alias androiddebugkey

Step five:   windows/preferences/android/build   Set" Custom Debug KeyStore " For the debug.keystore that you just built in step four, you can install the debug apk directly from the run. This way, you don't have to use Signapk.jar, such as Java-jar Signapk.jar PLATFORM.X509.PEM PLATFORM.PK8 *.apk **.apk was signed.

Note: Scenario Two can also directly put the APK source in a style= "margin:0" px padding:0px; Word-break:break-all "> , Need to write android.mk, join LOCAL_ CERTIFICATE: = Platform ,

The APK can be compiled directly using MM, and the compiled apk will also be installed on our own Android device.

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Several ways to sign a system for a third-party apk