如何解决“These packages should not be signed with a well known key”问题

    如果你在做CTS测试时出现此问题:
junit.framework.AssertionFailedError: These packages should not be signed with a well known key: [xxx.xxx.xxx.xxx] at android.security.cts.PackageSignatureTest.testPackageSignatures(PackageSignatureTest.java:62)

会令你感到莫名其妙。这个问题一般是由于使用android提供的缺省私钥对apk包进行签名,导致CTS测试失败。

    很多开发者不使用自己的key签名而是使用android提供的缺省私钥对apk包进行签名。只要打开apk包下的META-INF\CERT.RSA查看其中是否有 [email protected]或者通过命令jarsigner -verify -certs -verbose xxx.apk查看就知道是否是使用了缺省私钥对包进行了签名。注:jarsigner是JDK命令。
    相关的CTS junit的源码如下

security/src/anroid/security/cts/PackageSignatureTest.java

        for (PackageInfo packageInfo : allPackageInfos) {
                String packageName = packageInfo.packageName;
                if (packageName != null && ! isWhitelistedPackage(packageName)) {
                        for (Signature signature : packageInfo.signatures) {

             // android的缺省签名是wellKnownSignatures所有一旦你的包使用它签名一定会被列为badPackages
             if (wellKnownSignatures.contains(signature)) {
                 badPackages.add(packageInfo.packageName);

             }
                        }
                }
        }

        assertTrue("These packages should not be signed with a well known key: " + badPackages,  badPackages.isEmpty());

你可能感兴趣的:(package)