The forums have permanently moved to This forum will be kept around in read-only mode for archival purposes. To learn how to continue using your existing account on the new forums, check out this thread.

Results 1 to 6 of 6

Thread: Packing and repacking an APK file

  1. #1

    Packing and repacking an APK file

    I'm creating a software that will guide the user through a few steps, to publish an android application (APK file).

    The way I am doing this, is that the APK file is already compiled, and all I need to do is replace an XML file in the package, and that will change the behaviour of the application. My big problem now, is that unpacking the apk file, and doing any tiny text edit, and then packing it again, breaks the signature and prevents the application from running on any device, giving a message that the signature is incorrect.

    How can I solve this? I want to safely open the APK, write something in a text file, and close it again. Note that this operation will be done on the user's computer (after he purchases our application) so we're look for a command-line tool with no special requirements like JDK.

    Any help?

  2. #2
    A quick Google search suggests that the "signature" is the SHA-1 digest of the file. You can certainly find a Java SHA-1 algorithm.

  3. #3
    So you mean customly develop this signature?

  4. #4
    Kind of. It's not really custom, though, because it's deterministic based on the content of the file. Rather, you'd just be running SHA-1 yourself.

    I don't think you really have a way around it if you're going to be modifying a constituent file of the APK given that devices are built to verify the digest.

  5. #5
    Ok I reached the best "tested" solution - I'm posting it here to save other developers hours of googling. The only downside is that I will require the customer to install JDK on his machine, unfortunately. The reason is because I did not find any apk-signing tool that works purely on windows, without relying on JDK.I have my android application created using Air, so this makes things easy for me - all of the air files are treated as resource assets. So have your APK archive file ready.Once you have your modifications ready, put them inside a temporary folder named "assets". You will use the 7-zip command line tool (free: to update the contents of your apk. To have it working with your apk you will have to rename your apk's extension to zip - don't worry, you'll change it back later.Now from a .bat file (or directly in the command prompt) from the location containing both your apk file (zip extensioned) and your assets folder, you'll call: 7za u assetsNow your apk file is updated. Rename it back to .apk extensionNow you'll use the signAPK tool from here and note that this is the only step requiring JDK installed. It also assumes that you have your key files ready (replace the dummy ones included in the package). Extract the file contents and call: java -jar signapk.jar key.x509.pem key.pk8 [android_app].apk [signed_android_app].apkAt the very end, you may find your signed apk file size drammatically increased. So you need to use the android's zipAlign tool, you will be calling the command: zipAlign -c 4 [signed_android_app].apkAnd voila! That's the route I'm taking.

  6. #6
    I have the same problem with extracting an apk file..but I'm sorry I can not understand what you explain above..I have a problem with replacing an image in the extracted apk file.Always the Replaceable image is same file format,but little variation in size.
    PLEASE give me a understandable solution for this.I is a grate help for me..!!!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Home About Meet the Moderators Advertise

 Link to Us


Copyright 1999 - 2012