Hi,
Does anyone know if it possible to extract an APK's signature and how?
I have noticed all CERT.RSA files in APK's signed with the same key are very similar, apart from the last few bytes, so i am thinking there must be a way.
Ne0
Related
OK I have been trying to create a signed zip that contains an apk. So I assume I must sign the apk then zipalign it then make the zip, sign it and zipalign the zip file. When I do this i get a Verification error when I try to flash it.
Steps I do are;
1 create the folder structure
2 create the apk using apkbuilder
3 sign the apk with jarsigner
4 zipalign the apk
5 zip up the whole update
6 sign the zip with jarsigner
7 zipalign the zip
try to flash it and it fails.
I am using windows xp and a version of zip that doesn't add the directories.
Questions are.
Is this correct way to do this?
What tools should I be using. I have looked across xda and tried some suggestions but I cannot make the signed zip flash?
Help?
maybe this can help:
http://forum.xda-developers.com/showthread.php?t=471634
edit: also try this:http://forum.ppcgeeks.com/showthread.php?t=126517
heres my method
http://forum.xda-developers.com/showthread.php?t=732957
Hey all,
I was wondering whats the process to modify the stock multi-touch keyboard for the Droid 2? I was able to do it with the multi-touch keyboard that Punk.Kaos ported to the Eris, using some Windows batch files for extracting the apk source, compiling, signing, etc. I just can't remember for the life of me what that little program was called. Any ideas?
Thanks!
it would be nice since the space bar is soooo small i keep pressing . instead of space 70% of the times
Alright, I was able to get the program I was thinking of, it is called APK Manager. But the keyboard is a odex file... Which I don't know how to extract the XML files from... Yet.
I'd de-odex before you try to extract. It will be a lot easier. There's the method I used here.
What exactly is de-odex'ing? How will it affect my phone?
Deodexing just means that all of the stray .odex files will be put back into the correct .apk files this is done mostly for theme purposes in order to edit the services.jar file which has to be de-odexed before it can be edited. It won't corrupt anything if you do it right nothing should change on the outside the phone devs leave the .odex files out for loading reasons but nothing significant should change but you might experience a slightly slower boot up process but like I said nothing significant. Most ROM's now are de-odexed though.
So I deodexed my phone so I could work on the LatinIME.apk package. Using the APK-Manager for Linux, I was able to (0) pull the APK from my phone. Then I (9) decompiled the APK, edited the XML files as I wanted.
Now, from here I'm not entirely sure which direction to take. I tried running (13) Compile APK / Sign APK / Install APK, but I got an error saying something on how the signatures didn't match up. Then I tried running (3) ZIP APK (5) Zipalign APK then (8) ADB push, but now I don't even have the keyboard on my phone anymore.
How can I go about doing the correct way to compile my modified code and install it on my phone?
Here are the options I can do, if you're not familiar with APK Manager:
Code:
------------------Simple Tasks Such As Image Editing----------------------
0 Adb pull
1 Extract apk
2 Optimize images inside (Only if "Extract Apk" was selected)
3 Zip apk
4 Sign apk (Dont do this if its a system apk)
5 Zipalign apk (Do once apk is created/signed)
6 Install apk (Dont do this if system apk, do adb push)
7 Zip / Sign / Install apk (All in one step)
8 Adb push (Only for system apk)
-----------------Advanced Tasks Such As Code Editing-----------------------
9 Decompile apk
10 Compile apk
11 Sign apk
12 Install apk
13 Compile apk / Sign apk / Install apk (All in one step)
---------------------------------------------------------------------------
14 Batch Optimize Apk (inside place-apk-here-to-batch-optimize only)
15 Sign an apk (inside place-apk-here-for-signing folder only)
16 Batch optimize ogg files (inside place-ogg-here only)
17 Quit
****************************************************************************
Anyone? I would love to get my stock keyboard back!
Sent from my DROID2 using XDA App
How i can Repack an APK, actually i take a look into my framework-res.apk y just rename to framework-res.zip and unpack as almost all know, i can then replace my drawable png but after this what should i do? to push it using adb (not recovery) do i need sign this apk??? can i use ZipSigner in case i need? or just push?
And last question: i want to create more stats for my battery:now the Atrix has:
stat_sys_battery_40.png
stat_sys_battery_50.png
....
and so on 10 in 10 i want to make 1 by one (of course i need make the png) but its just posible make this?
stat_sys_battery_41.png
stat_sys_battery_42.png
stat_sys_battery_43.png
....
stat_sys_battery_100.png
Thanks a lot
Bump please
.......................................................
Sent from my loved atrix ;D
I think even if you create the stats files, the system won't pick them up. The Gingerblur ROM has them all in 1% increases, but only the 20% increments are shown, plus of course 15% and 10%.
To answer your question: in order to do this, you need to add the changed files the the framework-res.apk zip file WITHOUT unzipping it (drag and drop is your friend). The apk file is signed, and unless you know how to sign it (I don't), you cannot simply re-zip it. I changed the connectivity icons myself, see this post: http://forum.xda-developers.com/showpost.php?p=12404672&postcount=2136
You can change the framework-res.apk file live, but be warned - that may mess up your blur stuff.
*edit* use 7zip, you can open the archive directly, no need to rename
Hi,
I use apktool and have a problem.
I sucessful decompile apk and get direcrory with app name.
When compile this directory (without change) I get apk file.
But apk file cannot install on phone!
What I do wrong?
I just decompile and compile without change and apk cannot install...
Help..
atlantisu21 said:
Hi,
I use apktool and have a problem.
I sucessful decompile apk and get direcrory with app name.
When compile this directory (without change) I get apk file.
But apk file cannot install on phone!
What I do wrong?
I just decompile and compile without change and apk cannot install...
Help..
Click to expand...
Click to collapse
What apk is it?
Some .apk's just will not install. I had an apk that compiled 1MB smaller, without change. Its not a perfect system.
Name is not important, but original file size is 1,376 MB
and compiled file size now is 1,372 MB
Where is 4KB?
Well I only asked the name incase it was one I myself had issues with or someone else had.
Now I just think you're doing something suspicious by answering.like that
4KB not as bad as 1MB. But you're still losing size which will be why it won't install.
Can't help any more than that I'm afraid. Except to say I have seen the issue before and never resolved it
Sent from my HTC Desire using Tapatalk
Suspicious
I tried more apk without sucess..beacause I dont tell a name.
Actual apk is BeoGSP-6.apk and there I lost 18KB...
I dont understand this compiler!?
Is there any another compiler with more working chance?
Can I export resource to Eclipse and make apk from here?
There is also APK manager. its pretty similar as far as I can tell.
There's APK Manager or APK Multi Tool which I use and both do the job quite well. I need APK Multi to decompile ICS or newer APK's and I use APK Manager 4.9 to decompile the APK's from the oxygen ROM.
If it decompiles and recompiles without errors then the only thing you might need to do is sign the APK. It won't install if it's a non-system APK and you haven't signed it.
APK Manager 4.9 option 16 signs the APK's so I just use that and if there're no errors it will sign and install fine.
Thanx! Works with APK Manager. This is a great thing!
I signed apk and now work
What does Signing apk mean ?
Also How to make multiple apk into zip folder ?
Look in the META-INF folder of any market app; that's what it's about.
SHA-1 hashes of every file in the .zip (.apk) except one plus the corresponding public key of the signer.
It's meant for integrity and non-repudiation checks of the content - except in the case where a private/public key pair is used where the private key has been widely disclosed. In that case, you only get message integrity checks. I mention this because it has been the custom of ROM developers to sign with the Google "test key" that everyone knows.
A Java ".jar" file and an Android ".apk" file are more or less just zip files - the signing technology is identical... for instance, one way of doing the signing is with the Java tool "jarsigner"
You can put whatever you want inside a zip file, and you can sign whatever zip file you want. Nothing prevents you from putting 100 signed .apk files inside a .zip file and then signing that. Don't know why you would want to do that, but there you go.
Google search is your friend, friend.