Results 1 to 6 of 6
April 14th, 2012, 02:45 PM #1
Packing and repacking an APK file
I'm creating a software that will guide the user through a few steps, to publish an android application (APK file).
The way I am doing this, is that the APK file is already compiled, and all I need to do is replace an XML file in the package, and that will change the behaviour of the application. My big problem now, is that unpacking the apk file, and doing any tiny text edit, and then packing it again, breaks the signature and prevents the application from running on any device, giving a message that the signature is incorrect.
How can I solve this? I want to safely open the APK, write something in a text file, and close it again. Note that this operation will be done on the user's computer (after he purchases our application) so we're look for a command-line tool with no special requirements like JDK.
April 14th, 2012, 10:42 PM #2
April 15th, 2012, 06:53 AM #3
So you mean customly develop this signature?
April 15th, 2012, 07:33 AM #4
Kind of. It's not really custom, though, because it's deterministic based on the content of the file. Rather, you'd just be running SHA-1 yourself.
I don't think you really have a way around it if you're going to be modifying a constituent file of the APK given that devices are built to verify the digest.
April 15th, 2012, 12:16 PM #5Ok I reached the best "tested" solution - I'm posting it here to save other developers hours of googling. The only downside is that I will require the customer to install JDK on his machine, unfortunately. The reason is because I did not find any apk-signing tool that works purely on windows, without relying on JDK.I have my android application created using Air, so this makes things easy for me - all of the air files are treated as resource assets. So have your APK archive file ready.Once you have your modifications ready, put them inside a temporary folder named "assets". You will use the 7-zip command line tool (free: http://sourceforge.net/projects/sevenzip/) to update the contents of your apk. To have it working with your apk you will have to rename your apk's extension to zip - don't worry, you'll change it back later.Now from a .bat file (or directly in the command prompt) from the location containing both your apk file (zip extensioned) and your assets folder, you'll call: 7za u APK-file.zip assetsNow your apk file is updated. Rename it back to .apk extensionNow you'll use the signAPK tool from here http://www.mediafire.com/?hhxkgni8kp4nlgv and note that this is the only step requiring JDK installed. It also assumes that you have your key files ready (replace the dummy ones included in the package). Extract the file contents and call: java -jar signapk.jar key.x509.pem key.pk8 [android_app].apk [signed_android_app].apkAt the very end, you may find your signed apk file size drammatically increased. So you need to use the android's zipAlign tool, you will be calling the command: zipAlign -c 4 [signed_android_app].apkAnd voila! That's the route I'm taking.
July 30th, 2012, 07:08 AM #61Registered User
I have the same problem with extracting an apk file..but I'm sorry I can not understand what you explain above..I have a problem with replacing an image in the extracted apk file.Always the Replaceable image is same file format,but little variation in size.
PLEASE give me a understandable solution for this.I is a grate help for me..!!!