[Android]使用platform密钥来给apk文件签名的命令

1.使用platform密钥对apk进行签名

 

1.1.进入<Android_Source_Path>/build/target/product/security,找到【platform.pk8】和【platform.x509.pem】系统密钥。
1.2.进入<Android_Source_Path>/build/tools/signapk找到SignApk.java，运行javac编译成SignApk.class
1.3.执行命令java com.android.signapk.SignApk platform.x509.pem platform.pk8 input.apk output.apk

至此，完成。

备注 by Ray.

你直接在cmd方式下执行：
set path=c:\Java\jdk1.5.0_02\bin
set classpath=C:\Java\jdk1.5.0_02\lib\tools.jar;C:\Java\jdk1.5.0_02\lib\dt.jar;C:\Java\jdk1.5.0_02\bin

3.签名工具
signapk.ar
platform.pk8
platform.x509.pem
签名方法：
win系统-cmd命令行（必须安装jdk环境）：java -jar signapk.jar platform.x509.pem platform.pk8 未签名.apk 签名以后的.apk
linux系统-终端（必须安装jdk环境）：java -jar signapk.jar platform.x509.pem platform.pk8 未签名.apk 签名以后的.apk

 

2. 对1的补充：

<Android_Source_Path>/build/target/product/security下有多对密钥，详细如下：

The following commands were used to generate the test key pairs:

  development/tools/make_key testkey  '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
  development/tools/make_key platform '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
  development/tools/make_key shared   '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
  development/tools/make_key media    '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'

The following standard test keys are currently included:

testkey -- a generic key for packages that do not otherwise specify a key.
platform -- a test key for packages that are part of the core platform.
shared -- a test key for things that are shared in the home/contacts process.
media -- a test key for packages that are part of the media/download system.

These test keys are used strictly in development, and should never be assumed
to convey any sort of validity.  When $BUILD_SECURE=true, the code should not
honor these keys in any context.


signing using the openssl commandline (for boot/system images)
--------------------------------------------------------------

1. convert pk8 format key to pem format
   % openssl pkcs8 -inform DER -nocrypt -in testkey.pk8 -out testkey.pem

2. create a signature using the pem format key
   % openssl dgst -binary -sha1 -sign testkey.pem FILE > FILE.sig

extracting public keys for embedding
------------------------------------
it's a Java tool
but it generates C code
take a look at commands/recovery/Android.mk
you'll see it running $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar

 

 

3.对3的补充：

在运行第三步的命令前，请在你当前的工作目录下新建如下结构的文件夹:com.android.signapk，然后将第二步编译生成的SignApk放入该目录下。或者也可以将SignApk.java的package声明删除后再运行javac编译。

 

命令java com.android.signapk.SignApk platform.x509.pem platform.pk8 input.apk output.apk

不单可以对apk文件进行重签名，也可以对所有的zip文件进行重签名，包括ROM文件。