Automatic system signature based on gradle+shell

Keywords: Android Gradle shell Mac

Preface

Sometimes our application needs system-level privileges to implement some functions (such as silent installation), at this time we need to sign the application, package the APK for routine operations, decompress the apk, delete CERT.RSA and META-INF.
CERT.SF, then compressed, signed with the system signature tool, a meal may be 10 minutes after the operation, it is too cumbersome, so we made some simplifications, using gradle+shell to help us achieve automation.

Get ready

  1. android studio
  2. System Signature Files (signapk.jar, platform.x509.pem, platform.pk8)
  3. If it's a mac system, you also need the file libconscrypt_openjdk_jni.dylib
  4. platform.x509.pem and platform.pk8 are signatures of the corresponding systems. Different manufacturers may have different signatures.
    Signature file, here is the original signature file of Google.
  5. The file is in Baidu Disk
    Extraction code: 32wm
  6. In this paper, mac system as an example, windows in line with this idea, is similar.

Writing System Signature Script

#decompression
unzip -q app-release.apk -d ./release
#Delete cert
rm -f ./release/META-INF/CERT.RSA
rm -f ./release/META-INF/CERT.SF
#compress
cd ./release
for file in $(ls)
do
zip -r -q app-release-tmp.apk -xi $file;
done
mv app-release-tmp.apk ../
cd ..
#System Signature
java -jar signapk.jar platform.x509.pem platform.pk8 app-release-tmp.apk app-sign.apk
#Clean up temporary documents
rm -f app-release-tmp.apk
rm -rf ./release

Save it as sign.sh, in the same directory as signapk.jar, platform.x509.pem, platform.pk8, libconscrypt_openjdk_jni.dylib, and I'm putting it in the project.
app/release/sign/directory

Writing Signature Scripts for Packaging and Calling Systems

#Take care to configure the path
#home shell s place absolute paths
#debugDir assembleDebug output path
#Release Dir assemble Release output path
#signDir System Signature File Path

home=/Volumes/Samsung_T5/android/Demo/
debugDir=$home/app/build/outputs/apk/debug/
releaseDir=$home/app/build/outputs/apk/release/
signDir=$home/app/release/sign/

#Enter the working directory
cd $home
#Create the signed output directory $home/out
if [ ! -d out ];then
        echo "create directory out..."
        mkdir out
        echo "create directory out success"
fi

#Play release package
echo "assembleRelease..."
./gradlew assembleRelease
echo "assembleRelease success"
#Move the release package to the system signature directory
mv -f $releaseDir/app-release.apk $signDir/app-release.apk
echo "system sign apk..."
#Enter the system signature directory and execute the system signature
cd $signDir
./sign.sh
#Move the signed package to $home/out and rename it with time
cd $home
mv $quanyuyueSignDir/app-sign.apk ./out/app-sign-`date +%Y%m%d%H%M`.apk
echo "sign success"

Save the code above as package.sh and put it in the project directory, mine is in the $home directory.

ps: app/build.gradle also needs to be configured to make release packages

android {
        ...
        //Configuration signature file
        signingConfigs {
            release {
                storeFile file("Your signature file")
                storePassword "Your password"
                keyAlias "Your keyAlias"
                keyPassword "Your keyPassword"
            }
        }
        buildTypes {
            release {
                signingConfigs.release
                ...
            }
        }

Write task call package.sh script

Enter in app/build.gradle

task getPackage(type: Exec) {
        executable "sh"
        args "-c", "../packge.sh"
}

In this way, we only need to execute the task, and then we can get the apk of the system signature.

More articles, everywhere Personal Blog

Posted by Mardoxx on Fri, 09 Aug 2019 05:14:54 -0700

Hot Keywords

©2024 Programmer Group