apksigner | lightweight APK signing tool that can be run on Android | Emulator library

 by   fornwall Java Version: v0.7 License: No License

kandi X-RAY | apksigner Summary

kandi X-RAY | apksigner Summary

apksigner is a Java library typically used in Utilities, Emulator applications. apksigner has no bugs, it has no vulnerabilities, it has build file available and it has high support. You can download it from GitHub.

It is available as a package in [Termux] which can be installed with pkg install apksigner.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              apksigner has a highly active ecosystem.
              It has 80 star(s) with 30 fork(s). There are 10 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 4 open issues and 2 have been closed. There are no pull requests.
              OutlinedDot
              It has a negative sentiment in the developer community.
              The latest version of apksigner is v0.7

            kandi-Quality Quality

              apksigner has 0 bugs and 0 code smells.

            kandi-Security Security

              apksigner has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              apksigner code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              apksigner does not have a standard license declared.
              Check the repository for any license declaration and review the terms closely.
              OutlinedDot
              Without a license, all rights are reserved, and you cannot use the library in your applications.

            kandi-Reuse Reuse

              apksigner releases are available to install and integrate.
              Build file is available. You can build the component from source.
              apksigner saves you 725 person hours of effort in developing the same functionality from scratch.
              It has 1674 lines of code, 128 functions and 18 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed apksigner and discovered the below as its top functions. This is intended to give you an instant insight into apksigner implemented functionality, and help decide if they suit your requirements.
            • Reads a central end entry from a ZIP file
            • Read an int
            • Read a length string from the stream
            • Read a short
            • Main entry point for testing
            • Signs a zip file using the given public key and signature block template
            • Write a local entry
            • Adds the SHA1 to the manifest
            • Persist the engine to the specified output stream
            • Converts a password array to a byte array
            • Writes a certificate
            • Sets the encoded key
            • Encrypt a key using the passwd
            • Set a new key
            • Encrypt a key using the passwd
            • Closes the file
            • Writes the information in the ZIP file
            • Loads a keystore from an input stream
            • Read a certificate
            • Returns the data for this entry
            • Returns an input stream for this entry
            • Returns the key associated with the specified alias
            • Decrypt a private key
            • Get the time in milliseconds
            • Sets an alias for an alias
            • Read a byte
            • Returns the certificate associated with the specified alias
            Get all kandi verified functions for this library.

            apksigner Key Features

            No Key Features are available at this moment for apksigner.

            apksigner Examples and Code Snippets

            No Code Snippets are available at this moment for apksigner.

            Community Discussions

            QUESTION

            Android: Signing APK with ApkSigner with multi certificate
            Asked 2021-May-12 at 15:33

            Problem is my app apk is signed with sha1 signer #1 and sha1 signer #2 using jarsigner. meaning multisigned using both first-release-key.jks and second-release-key.jks which i believe now is wrong. Apk shows both certs. Now trying to sign apk with apksigner using sha2 signer #1 and then sha2 signer #2 is failing.

            https://developer.android.com/studio/command-line/apksigner

            Usually, you sign an APK using only one signer. In the event that you need to sign an APK using multiple signers, use the --next-signer option to separate the set of general options to apply to each signer:

            ...

            ANSWER

            Answered 2021-Apr-19 at 21:13

            Try with the flag --v3-signing-enabled=false.

            As mentioned in the error message, v3 signing does not support signing with multiple keys so I suspect that disabling it would fix this error.

            Note that v3 signing is an extension of v2 signing that supports key rotation, so you're not losing in security (well, besides key rotation which you may never be able to use).

            Source https://stackoverflow.com/questions/67054983

            QUESTION

            How can one check the signature of a apk bundle (e.g from apkmirror)?
            Asked 2021-May-01 at 14:52

            I know how to check signatures of apk files, but cannot figure out how to check the trustworthyness of app bundles (apkm). Does anyone have a hint for me?

            When e.g. checking the signature of a google camera bundle from apkmirror, it shows that the bundle is signed by apkmirror and not - as expected - by google.

            I figured out that I can simply extract the apk files in the bundle and verify their signature (then I get a google signature, as intended). This does not work for all apks though: The "base.apk" does not have a signature. Is there a reason for this? Is the signature for the base.apk maybe included in the other signatures somehow?

            Edit: After reading Pierres answer I figured out that the base.apk indeed is also signed. The problem in my case was that the apksigner version in ubuntu 18.04 is outdated and does not support the used signature format.

            ...

            ANSWER

            Answered 2021-May-01 at 09:16

            All APKs should have a signature, including the base. Make sure you use apksigner and not jarsigner.

            There is no way to check who it was signed by. The certificate has some information but it can easily be spoofed so it's not reliable.

            You have to trust the source you're downloading the APKs from basically and the best way is usually to ask the developers where they publish their app and download it from there. For Google apps, that's the Play Store.

            If you know the certificate the app should be signed with, you can also compare the certificate from the signature with the one you expect.

            Source https://stackoverflow.com/questions/67323982

            QUESTION

            Azure Pipeline Xamarin Android You uploaded an APK that is not zip aligned. You will need to run a zip align tool on your APK and upload it again
            Asked 2021-Apr-15 at 14:07

            I am trying to set up a build pipeline for the Xamarin Android app using AzureDevops Pipeline.

            The step that is causing my hair to go thin and grey is Signing and Zipaligning.

            For signing, I have created a self-signed key using:

            keytool -genkeypair -v -keystore keystore.keystore -alias keyAlias -keyalg RSA -keysize 2048 -validity 10000

            Then I have added keystore.keystore to azureDevOps secure files location and enabled it for all pipelines

            I then set the signing step in the following way:

            ...

            ANSWER

            Answered 2021-Apr-15 at 14:07

            The cause was a lack of internal mental capacity as usual. I didn't set the output dir. After changing apkFiles: '**/*.apk' to apkFiles: '$(outputDirectory)/*.apk' it all worked.

            Source https://stackoverflow.com/questions/67107395

            QUESTION

            cordova build --> both debug and release builds are working. But when I do `zipalign` it fails to install on my device
            Asked 2021-Apr-03 at 17:09

            I have created an application using angular and processed it using Cordova.

            Now, when I use cordova build android or cordova build --release android I get the desired result i.e. the app is running on my device, even after signing it (with my.keystore) using the below

            ...

            ANSWER

            Answered 2021-Apr-03 at 17:09

            If you have landed here .. my issue was resolved importing the project to Android studio and generating build from there.

            check the referenced question --> Error while trying to upload APK to Google Play

            Source https://stackoverflow.com/questions/66897831

            QUESTION

            Create ionic 3 app with Target SDK version 30 getting error in google play console
            Asked 2021-Mar-31 at 06:50

            I am create my app in ionic v3 with Target SDK version 30 when i am upload my apk on google play console i am getting error "You uploaded an APK with an invalid signature (learn more about signing). Error from apksigner: ERROR: MIN_SIG_SCHEME_FOR_TARGET_SDK_NOT_MET: Target SDK version 30 requires a minimum of signature scheme v2; the APK is not signed with this or a later signature scheme"

            When i am making apk with Target SDK version 29 and upload on google play console its upload without any error

            i don't no whay google give me an error

            create sign in apk proccess are same in Target SDK version 30 or Target SDK version 29 same keystore and all command are same for create sign apk

            My command are ionic cordova build --release android

            jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore myappname.keystore app-release-unsigned.apk myapp

            zipalign -v 4 app-release-unsigned.apk myappname.apk

            Please Check what is wrong on about command and let me know it's argent my client are waiting a Target SDK version 30

            ...

            ANSWER

            Answered 2021-Mar-31 at 06:50

            Solution

            i am use this solution for ionic app only using cmd

            After zipalign command success apply this command for conver sign apk with signature scheme v2

            apksigner sign --v2-signing-enabled false --ks keystore name.keystore signapkname.apk

            apksigner sign --ks keystore name.keystore signapkname.apk

            apksigner sign --ks keystore name.keystore --ks-key-alias aliasname BuildingManagement.apk

            keytool -printcert -jarfile signapkname.apk

            apksigner verify -v --print-certs signapkname.apk

            apksigner verify -v signapkname.apk

            Source https://stackoverflow.com/questions/66775833

            QUESTION

            Error: discrepancies between JRE/JDK version and class file version
            Asked 2021-Mar-07 at 03:08

            I am trying to test an apk file using Eclipse, Java, Selenium, Cucumber, and Appium.

            In Windows Environment Variables, under System Variables, I have the value of JAVA_HOME set to "C:\Program Files\Java\jdk-15.0.2".

            In Eclipse, I'm using the latest JDK 15.0.2 in my run configuration. When I execute a cucumber test, I get the following error:

            C:\Users\x\AppData\Local\Programs\Appium\resources\app\node_modules\appium\node_modules\appium-uiautomator2-server\apks\appium-uiautomator2-server-v4.17.4.apk'. Original error: java.lang.UnsupportedClassVersionError: com/android/apksigner/ApkSignerTool has been compiled by a more recent version of the Java Runtime (class file version 53.0), this version of the Java Runtime only recognizes class file versions up to 52.0

            I'm using the latest version of JDK so why am I getting this error and how can I resolve it?

            ...

            ANSWER

            Answered 2021-Mar-07 at 00:35

            List of Java class file format major version numbers? shows which jdk versions use which class file versions. If you are indeed using java 15, then your jdk should recognize class files up to 59. But your error message indicates that it only recognized versions up to 52, which suggests that you're actually using java 8.

            Source https://stackoverflow.com/questions/66512087

            QUESTION

            apksigner --v4-no-merkle-tree option does not exist
            Asked 2021-Mar-04 at 20:53

            The Android developer documentation explained that there is an option --v4-no-merkle-tree but the option does not exist. I'm doing this way to sign via CMD

            ...

            ANSWER

            Answered 2021-Mar-04 at 20:53

            This is a documentation error. The flag does not exist nor has ever existed.

            Edit: Now removed from documentation.

            Source https://stackoverflow.com/questions/66460734

            QUESTION

            Migrating from jarsigner to apksigner
            Asked 2021-Mar-04 at 20:00

            We are currently signing our Android apps using jarsigner but we want to migrate to using apksigner so we can take advantage of it's additional benefits such as the v2 signing algorithm.

            Are there any considerations we need to factor into this migration or is it as simple as changing which tool we are using? Our main concern is obviously to avoid any complications when pushing updated apps to the Play Store.

            ...

            ANSWER

            Answered 2021-Mar-04 at 20:00

            This should be a simple switch without complications.

            Source https://stackoverflow.com/questions/66335689

            QUESTION

            Determine build tools version from APK file
            Asked 2021-Feb-28 at 11:53

            Is it possible given a released APK file to know the Android build tools version used, especially with utilities like zipalign and apksigner that has been applied to the APK file?

            ...

            ANSWER

            Answered 2021-Feb-28 at 05:50

            You should run different commands to get some information:

            1: \build-tools\version\aapt dump badging your_app.apk

            this command gives you some information about sdkVersion, versionCode compileSdkVersion and etc.

            2: \build-tools\version\zipalign -c -v 4 your_app.apk

            this command at the end of outputs verifies that your_app is zipaligned or not.

            3: \bin\jarsinger -verify -verbose -certs your_app.apk

            In the output of this command you'll find CN tag. It shows that your apk is signed with your keysign or it is debug version.

            Source https://stackoverflow.com/questions/66405463

            QUESTION

            Azure DevOps: Populating secure file references with job matrix variables
            Asked 2021-Feb-17 at 07:19

            For context, I am trying to use an Azure build pipeline to build multiple flavors of an Android app. Each flavor has its own separate signing keystore, and all of those keystores are stored in my 'secure files' in the library.

            However, when I try to dereference the $(Keystore) variable during the 'android signing' task, it doesn't seem to recognize that that is a variable that exists, and tries instead to locate a file called '$(Keystore)'

            Am I doing something wrong here? This seems like it should work.

            A sanitized example looks like this:

            ...

            ANSWER

            Answered 2021-Feb-16 at 21:11

            You're missing the step to download the Secure File. Unlike variable groups, you need to explicitly download them to have access via the secure file name.

            You'll want to add something similar to the example task below to your steps to pull the secure file. Then, you'll access your secure file via NAME_PARAMETER.secureFilePath:

            Source https://stackoverflow.com/questions/66231033

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install apksigner

            You can download it from GitHub.
            You can use apksigner like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the apksigner component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/fornwall/apksigner.git

          • CLI

            gh repo clone fornwall/apksigner

          • sshUrl

            git@github.com:fornwall/apksigner.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Emulator Libraries

            yuzu

            by yuzu-emu

            rpcs3

            by RPCS3

            Ryujinx

            by Ryujinx

            ruffle

            by ruffle-rs

            1on1-questions

            by VGraupera

            Try Top Libraries by fornwall

            rust-script

            by fornwallRust

            jelf

            by fornwallJava

            advent-of-code

            by fornwallRust

            eclipsescript

            by fornwallJava

            eclipsecoder

            by fornwallJava