OK I have been trying to create a signed zip that contains an apk. So I assume I must sign the apk then zipalign it then make the zip, sign it and zipalign the zip file. When I do this i get a Verification error when I try to flash it.
Steps I do are;
1 create the folder structure
2 create the apk using apkbuilder
3 sign the apk with jarsigner
4 zipalign the apk
5 zip up the whole update
6 sign the zip with jarsigner
7 zipalign the zip
try to flash it and it fails.
I am using windows xp and a version of zip that doesn't add the directories.
Questions are.
Is this correct way to do this?
What tools should I be using. I have looked across xda and tried some suggestions but I cannot make the signed zip flash?
Help?
maybe this can help:
http://forum.xda-developers.com/showthread.php?t=471634
edit: also try this:http://forum.ppcgeeks.com/showthread.php?t=126517
heres my method
http://forum.xda-developers.com/showthread.php?t=732957
Hi I downloaded this android peeing on Apple logo bootscreen, it installed well so I got too excited and wanted to put tux hammering the Windows logo before android pee on the Apple, I made all 70 png's but did not touch anything either than creating the images. I then zipped them according to the original names but when I flash it I get ..... E: wrong digest, system/media/bootanimation.zip
I have tried several times but no luck, yet the original one would easy install. Help guys
Sent from my HTC Hero VillainRom 12, flykernel11 using XDA App
any idea someone
You probably need to sign the update zip, possibly change the install/flash location. Upload what you have in a zip and I'll make one for ya
Edit: and explain what I did
kyouko said:
You probably need to sign the update zip, possibly change the install/flash location. Upload what you have in a zip and I'll make one for ya
Edit: and explain what I did
Click to expand...
Click to collapse
Too bad everyone doesn't do that.
I have decided to change the part1 folder images with custom ones, I will upload the whole zip later so when you help me I won't have to re edit it again, thanx for your replies
Apologies as this is long overdue. Finally had some free time this weekend
Attached are both the working bootscreen AND the original for those who want to see what was changed between the two.
Edit: added the non-signed bootscreen.zip for reference as well. Never know who may want to look at it.
Setup
Extracted the zip (original_doesntflash.zip) into its own directory
Created the META-INF folder
Deleted the CERT.RSA, CERT.SF, and MANIFEST.MF files
Created the "com" folder inside META-INF
Inside the "com" folder I created another folder named "google"
Inside "google" create a folder named "android" <- forgot about this step
Inside there I placed the "update-script" (if you want to know how to make one of these by hand refer to my post HERE)
Added both folders (META-INF and system) to a zip - in this case named it "bootscreen.zip"
Signing The Zip
I'm running linux currently so I do it slightly different, but I'm assuming the majority of you guys and gals are windows users. If that's the case follow these directions:
Go HERE and download AvaboxV2
Extract the AvaboxV2.zip where you want it. Personally I'd made a separate AvaboxV2 folder in my AndroidSDK dir. But the desktop still will work
Copy the newly created zip (bootscreen.zip) into the "Auto-Sign" folder found in AvaboxV2
As per the README.txt:
Start a cmd prompt AS ADMINISTRATOR (not really needed if running Win7)
cd <to the directory of the Auto-Sign folder> [Example: cd C:\AndroidSDK\AvaboxV2\Auto-sign]
java -jar signapk.jar testkey.x509.pem testkey.pk8 bootscreen.zip bootscreen_signed.zip <- same command as used in linux, at least for me
Press enter...wait...wait...done
Congratulations you now have a working/flashable bootscreen zip
thanks mate I will download it today, thanks for the tutorial man its highly appreciative, thanks a lot
kyouko said:
Apologies as this is long overdue. Finally had some free time this weekend
Attached are both the working bootscreen AND the original for those who want to see what was changed between the two.
Edit: added the non-signed bootscreen.zip for reference as well. Never know who may want to look at it.
Setup
Extracted the zip (original_doesntflash.zip) into its own directory
Created the META-INF folder
Deleted the CERT.RSA, CERT.SF, and MANIFEST.MF files
Created the "com" folder inside META-INF
Inside the "com" folder I created another folder named "google"
Inside there I placed the "update-script" (if you want to know how to make one of these by hand refer to my post HERE)
Added both folders (META-INF and system) to a zip - in this case named it "bootscreen.zip"
Signing The Zip
I'm running linux currently so I do it slightly different, but I'm assuming the majority of you guys and gals are windows users. If that's the case follow these directions:
Go HERE and download AvaboxV2
Extract the AvaboxV2.zip where you want it. Personally I'd made a separate AvaboxV2 folder in my AndroidSDK dir. But the desktop still will work
Copy the newly created zip (bootscreen.zip) into the "Auto-Sign" folder found in AvaboxV2
As per the README.txt:
Start a cmd prompt AS ADMINISTRATOR (not really needed if running Win7)
cd <to the directory of the Auto-Sign folder> [Example: cd C:\AndroidSDK\AvaboxV2\Auto-sign]
java -jar signapk.jar testkey.x509.pem testkey.pk8 bootscreen.zip bootscreen_signed.zip <- same command as used in linux, at least for me
Press enter...wait...wait...done
Congratulations you now have a working/flashable bootscreen zip
Click to expand...
Click to collapse
I got an error when flashing the signed zip I got no update file found
elliotn said:
I got an error when flashing the signed zip I got no update file found
Click to expand...
Click to collapse
LOL uhh, I'll take a look at it and test it out... and edit my previous post with w/e I did wrong
Forgot to add the ''android'' folder in the zip. Fixed and should work now
I'm looking for a guide which tells how to make a own custom ROM from another one
I mean:
1. How to add/replace/remove apps in /system/app/?
1. a) Do they need to have special permission?
2. How to replace boot screen?
3. How to add custom kernel?
4. How to add Desire lockscreen/flip clock?
5. How to add transparent notofication area?
6. How to add Power menu?
I've been serching forum, but didn't find such tutorial. Would be very thanful to get this knowledge.
I think that will be very useful for maaaany android maniacs
1. Simple delete/copy apks in .zip file using 7-Zip or any other.
2. I belive you need to put bootanimation.zip in /data/local/ folder.
3. Idk
4. For Desire lockscreen you need edited HtcLockScreen.apk; for flip clock - HtcClockWidget.apk
5. Edited /system/framework-res.apk or /system/framework/com.htc.resources.apk. I'm not sure
6. You need edited /system/framework/android.policy.jar
69. Resign your zip file using Auto Sign
Attachment doesn't load, but I know about resigning ROM after everything is done
Ad. 1. As I thought, but do the need special permissions? And I also wonder one thing. Are they installed while flashing? Cuz they need to be in system registry, I think...
I have found this: http://wiki.android.com.pl/wiki/Kon...iana_instalowanych_aplikacji_razem_z_systemem
No any permissions etc.
Found this, too. Thanks.
to add a custom kernel you have to unpack the boot image and edit the ramdisk manually, although i think there is an option in dsixda's kitchen to unpack and repack the boot.img
I've got two more questions:
1. When signing, three files are created in folder META-INF: CERT.RSA, CERT.SF, MANIFEST.SF. But in other packages I see also com/google/android/update-script in META-INF. How to make it? Is it necessary?
2. If I want to make only flashable update file which changes one app or another file, eg. framework-res.apk, I have to create folder structure: system/framework/framework-res.apk, add it to zip archive (no compression?) and sing using Auto-sing. Am I right?
Edit:
Found nice guide there: update-script syntax
tomekk_nt said:
I've got two more questions:
1. When signing, three files are created in folder META-INF: CERT.RSA, CERT.SF, MANIFEST.SF. But in other packages I see also com/google/android/update-script in META-INF. How to make it? Is it necessary?
2. If I want to make only flashable update file which changes one app or another file, eg. framework-res.apk, I have to create folder structure: system/framework/framework-res.apk, add it to zip archive (no compression?) and sing using Auto-sing. Am I right?
Click to expand...
Click to collapse
The most important part of a recovery update zip is the update script. It will tell the recovery what to do. If you want an example of a basic update package, which replaces one file in the /system/framework (although a different one) can found here. Open this and read the META-INF/com/google/android/updater-script (or whatever its called). The syntax is pretty straight forward and I think its easiest to learn from the examples of updater scripts found here on XDA. For the simple case, of only replacing/adding files to the /system partition you can leave the updater script from the above example as is and only change the files under the /system directory in the zip.
Note, that the above example uses the newer upader-script (I hope I am writing this correctly, I am writing from memory) which also has a binary file in the same directory. Some update zips use the older "update-script" lone text script. For these kind of scripts, you can find a guide here.
Personally, I use RA recovery, and for this recovery you need to sign the update zips (last thing you do of course). At least for RA recovery, both the older "update-script" and the newer "updater-script" work fine, so its up to your personal preference which do you prefer.
Thanks. Found a guide you mentioned a couple of minutes ago and read it.
The more I know, the more questions it brings So one more thing. If I'd like to use the newer version of syntax: "updater-script", I need also to put this binary file in this folder. But I create/edit only "updater-script", binary file is the same for all packages, or do I need to edit it, too?
I built a kernel tool long time ago, very easy to use (only for linux)
1: unzip the file, place it where you want it eg your desktop
2: place boot.img in the working directory
3: double-click the menu icon or launch from terminal
4: it creates a new directory named BOOT-EXTRACT,edit what you want in there or change the kernel etc.. and repack it again via the kernel tool
see screenshot. here for those how want the tool >>> http://www.elelinux.se/tools/kernel_tool.zip
Edit: Only for Hero
tomekk_nt said:
Thanks. Found a guide you mentioned a couple of minutes ago and read it.
The more I know, the more questions it brings So one more thing. If I'd like to use the newer version of syntax: "updater-script", I need also to put this binary file in this folder. But I create/edit only "updater-script", binary file is the same for all packages, or do I need to edit it, too?
Click to expand...
Click to collapse
Only the updater-script. The binary is a replacement of the script-interpreter I think, but thats just an assumption.
elelinux said:
I built a kernel tool long time ago, very easy to use (only for linux)
Click to expand...
Click to collapse
And that's a good reason to install newest Ubuntu Thanks!
riemervdzee said:
Only the updater-script. The binary is a replacement of the script-interpreter I think, but thats just an assumption.
Click to expand...
Click to collapse
That's mine assuption, too, but would like to know it for 100%
Edit: I see you use it in your kernel update package. So you write only updater-script and place also update-binary next to it?
LOL, you've got help from every well known hero dev on xda, I'm sure you'll have all the info you need now to start building rom's. Good Luck!
Found an app called Easy Flashable zip Builder on this thread. Will test it soon.
tomekk_nt said:
Found an app called Easy Flashable zip Builder on this thread. Will test it soon.
Click to expand...
Click to collapse
But it is for MS Windows, or saw I wrong ? I have also built a tool to javasign files,but should probably write a manual first,it is easy to use but some dependencies maybe not so easy for a beginner with Linux.
tomekk_nt said:
That's mine assuption, too, but would like to know it for 100%
Edit: I see you use it in your kernel update package. So you write only updater-script and place also update-binary next to it?
Click to expand...
Click to collapse
Correcto
May be this not a right place to ask, but I have this problem with recompiling an apk with apkmanager.
I'm trying to mod settings.apk and had done few modding in strings.xml. Since I have edited an xml I delete the resources.arsc file from the keep folder and also sign it after recombiling. But when I install the apk in my phone it never opens and force closes.
I've tried again by not deleting that file but that time no modifications where shown, And the next time, I didn't sign it and tried again to install the unsigned apk. But that too fails.
Anyone know why this happn?
Before modifying the APKManager, make sure the framework-res.apk and twframework.apk been set, and don't forget to delete the file resource.arsc and the file you have modified, then enter at apkmanager windows, don't forget to rename Unsigned to system file that you modified
ZIP Signer for Windows.
Requirment :
JDK or JRE must be installed in your system.
Steps to use :
- Download and Extract Zip_Signer
- Place zip file you want to sign in the Zip_Signer folder.
- Run Zip_Signer.exe
- Enter the name of zip file without extension like (.zip) and hit enter.
- wait for moment and done.
- check signed folder to get your signed zip..
If you like this please hit thanks button and I appreciate.
sorry for noob-questions:
what is the sense of the signer?
moonryder said:
sorry for noob-questions:
what is the sense of the signer?
Click to expand...
Click to collapse
some recovery does not accept unsigned zip like rom or other flashable zip. If you get "Signature Verification fail" error during flashing you need to sign the zip.
You can give as information works and what this file installation method.
Help other community members. @bhavik9243
bhavik9243 said:
ZIP Signer for Windows.
Requirment :
JDK or JRE must be installed in your system.
Steps to use :
- Download and Extract Zip_Signer
- Place zip file you want to sign in the Zip_Signer folder.
- Run Zip_Signer.exe
- Enter the name of zip file without extension like (.zip) and hit enter.
- wait for moment and done.
- check signed folder to get your signed zip..
If you like this please hit thanks button and I appreciate.
Click to expand...
Click to collapse
I checked this with I337 AT&T NC1 kernel ZIP. I signed it as mentioned in read me.txt and tried to flash a cellphone. The messages were "Failed to verify whole file signature" and "Signature verification failed". As I suppose testkey.pk8 and testkey.x509.pem are not good to sign this ZIP.
Any suggestions please?
Hi bro! Help me with these questions, please!
This program in the APK version, is now in v3.4, in my case when I use it or when I sign a file, the output folder creates an equal file with a name changed to name-SIGNED.xxx but for the size that It has not seem to be the same signed file, the original weighs, for example 16MB. And the signed copy weighs 1.63 KB. Something is wrong?
1. Zip Signed for Windows has any final version superior to yours posted here?
2. Is the Android APK version of ZipSigned legit? Are they created by the same person or are they other creators? Which do you recommend?
3. We have Firmware DUMPs extracted from BLU brand terminals, but some of them ask us that the Scatter files (DUMPs in Scatter format) must be signed and gives us an error in the installation ("Failed verifications Signed"), you can help us and explain to us which files should be signed inside the folder with all the scatter files? Can you tell us if this program can sign files with the extensions .IMG or .BIN for example?
Capture: https://prntscr.com/qost19