How to sign Android app with system signature? - McMap

About

How to sign Android app with system signature?

Asked 3/9, 2010 at 11:2 Answered 23/2, 2014 at 12:55

M

2

79

I've downloaded and compiled Android 2.1 version with signed-google_ion-ota-14721.zip image for my HTC phone. The compile completed successfully and so the system image flash. How can I sign my own Android application with the system signature?

Can someone describe the whole process for signing a user application with system signature as I am completely new to the signing process.

Maw answered 3/9, 2010 at 11:2 Comment(0)

M

124

Finally I managed to discover a way to sign my application with the platform signature. You need to use keys located in <root-of-android-source-tree>/build/target/product/security/ and add android:sharedUserId="android.uid.system" in your AndroidManifest.xml file.

Details from this google groups thread:

On top of signing Android 1.6 for Dream with certificates generated by myself, I've also managed to sign my app with the platform certificate and run it with the system sharedUserId. These are the steps I took:
Build and flash to your Dream your own Android using https://web.archive.org/web/20081211205758/http://source.android.com:80/documentation/building-for-dream. Use the mkkey.sh script on https://web.archive.org/web/20091213215940/http://pdk.android.com/online-pdk/guide/release_keys.html to create new certificates, including x509 certificates before you do 'make'.

In the AndroidManifest.xml of your application: under the <manifest> element, add the attribute android:sharedUserId="android.uid.system".

Export an unsigned version of your Android application using Eclipse: right-click on the project >> Android Tools >> Export Unsigned Application Package.
Use <root-of-android-source-tree>/out/host/<your-host>/framework/signapk.jar to sign your app using platform.x509.pem and platform.pk8 in <root-of-android-source-tree>/build/target/product/security generated earlier:
java -jar signapk.jar platform.x509.pem platform.pk8 YourApp-unsigned.apk YourApp-signed.apk.
Install the app to your device:
adb install YourApp-signed.apk
Run your app

Use adb shell ps to confirm that your app is running as system.

Maw answered 6/9, 2010 at 13:2 Comment(15)

You can accept your own answer to signalize that you've found a solution for this problem. ;) – Klehm 6/9, 2010 at 13:11

But /build/target/product/security/ where i can get this path ?? – Westlund 15/5, 2012 at 7:0

@user1155908: it is in android os source code. You have to download Android Open Source Project (AOSP): source.android.com/source/downloading.html – Kilan 26/9, 2012 at 19:42

github.com/plattypus/Android-4.0.1_r1.0/tree/master/build/… Do we have the password for it? – Ynez 30/8, 2013 at 11:11

@Ynez The password is "android". See also this answer on alternative ways to sign an APK. – Ledford 23/11, 2013 at 22:55

Is this method still working ? The release keys link seems to be broken ! – Yetah 21/1, 2016 at 7:19

Can someone please update the answer with working links and explanation more in depth? I am new to the signing process. – Wholewheat 7/7, 2016 at 17:7

would that work with a stock Android installed from over-the-air update? From android official link, it sounds like they use the keys in the public repo. – Indonesia 11/10, 2016 at 22:15

do we need to use signapk.jar located in the source tree of my current device or i can use any available signapk.jar file (probably of some other device)? – Godavari 24/11, 2016 at 13:16

error is coming while installing ..INSTALL_FAILED_SHARED_USER_INCOMPATIBLE – Rosin 20/2, 2017 at 6:50

It worked for me. I have found the android source code here. Instead of installing it, you can also put it at the /system/app directory and reboot device to have it available to use. – Gussi 3/5, 2017 at 19:56

Hi, I have sign my application with the certificates in android source code. But I didn't find SignApk.jar file in that source. So, I downloaded explicitly from git and Sign my Apk. But, while installing the application I am getting this error: INSTALL_FAILED_SHARED_USER_INCOMPATIBLE. Can Someone help please... – Trstram 25/5, 2017 at 7:19

Do we need any runtime installed on linux or windows to run this command. the above command gives me error Failed to load any of the given libraries: [conscrypt_openjdk_jni windows-x86_64, conscrypt_openjdk_jni] – Seedman 17/7, 2019 at 10:59

While this method was working perfectly for Android 7.1 somehow it doesn't work for Android 9 - APK get unsigned. – Remarque 10/9, 2019 at 16:3

After doing all steps, still can not access ports below 1024. – Anniceannie 27/12, 2020 at 11:31

B

10

The procedure works fine I have tried it. So long as you don’t forget to run zipalign after signing as the signing processes leaves the APK unaligned and it will NOT install. You will need to install the aligned APK.

zipalign -fv 4 YourApplication-signed.apk YourApplication-aligned.apk

Basinet answered 23/2, 2014 at 12:55 Comment(0)

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.