Automatically sign an apk with the Android test certificate. The public and private keys are embedded within the jar.
java -jar sign.jar my.apk
my.s.apk
is created next to my.apk
java -jar sign.jar my.apk --override
my.apk
is replaced with a signed version
Verify signature.
jarsigner -verify my.s.apk
Removed "Created-By", "1.0 (Android SignApk)"
from upstream SignApk.
./build.sh
or mvn package
Released under the Apache 2.0 License (the same as Android's SignApk.java).
https://github.com/android/platform_build/blob/master/tools/signapk/SignApk.java
http://androidxref.com/4.1.1/xref/build/tools/signapk/
http://androidxref.com/4.1.1/xref/build/tools/signapk/test/run
http://androidxref.com/4.1.1/xref/cts/tests/assets/otacerts.zip
http://androidxref.com/4.1.1/xref/external/quake/tools/packagesharedlib#11
http://androidxref.com/4.1.1/raw/build/target/product/security/testkey.pk8
http://androidxref.com/4.1.1/xref/build/target/product/security/
The following commands are equivalent.
java -jar sign.jar my.apk
java -classpath sign.jar orig.SignApk testkey.x509.pem testkey.pk8 my.apk my.s.apk
java -jar SignApk.jar testkey.x509.pem testkey.pk8 my.apk my.s.apk
ApkSign by Panxiaobo. dex2jar's ApkSign has many dependencies and does not fit into one source file. While the name ApkSign
is similar to apks
, no source from dex2jar is used in this project.
Tiny Sign by Panxiaobo. Simple jar signing that can run on Android.