Introducing Voices of XDA: Have Your Ideas Heard

By far the greatest assets we have at XDA-Developers are you, the developers, the eager … more

Unofficial Xposed For Lollipop Touchwiz With Flashable Zip

XDA Recognized Developer arter97 has released an unofficial build … more

YotaPhone 2 Pre-Order, Xperia Z1 Price Cut – XDA TV

Android Wear 5.1.1 OTA downloads are now available. That and much more news is … more

[FTF] Sony Xperia Z Lollipop Release

Sony rolled out a Lollipop update for Xperia Z just yesterday. If you still haven’t gotten … more
Post Reply Subscribe to Thread Email Thread

Re-signing the system

11th February 2015, 10:01 AM |#31  
Thanks Meter: 38
Lightbulb [Q] Resigning revisited, re-simplified
Thank you for this very interesting thread and discussion. I've simplified the problem for myself a little. Namely:
  1. I'm patching the APKs before they're even installed. At that time there's no /data/system/packages.xml (in fact there's no /data anything), so the whole endeavour to fix the metadata there is moot. I just let Android create it with whatever values it is happy with.
  2. I sign all the APKs with the same key. I guess it's probably not a great idea security-wise but then so is running Android 2.1 in 2015 in the first place, so if it's just this, I find the associated "risks" acceptable.
  3. I use the Android debug testkey.{pk8,x509.pem} so that I don't need to bother creating my own keys.
So far it appears to work and the logcat seems clean but I didn't debug it extensively. I'd appreciate some feedback on the above. Are there any caveats I have failed to notice so far?

Plus two minor questions:
  • What is this JDK7 "bug" thing? Is it about JDK7 using SHA256withRSA by default, or is there something else?
  • Perhaps not too important in terms of advancing the topic but why does everyone here seem to use Jarsigner and not SignApk?
Comments are appreciated.
14th February 2015, 01:30 AM |#32  
Renate NST's Avatar
OP Recognized Contributor / Recognized Developer
Thanks Meter: 860
Originally Posted by Aqq123

What is this JDK7 "bug" thing? Is it about JDK7 using SHA256withRSA by default, or is there something else?

I believe that the real problem was in the dx.bat conversion of JVM 7 code to Dalvik code.
It appears that the current build tools can now do that without a problem.
Newer Android can accept signing with SHA256.
Older versions still can only use SHA1.
I don't know where the dividing line between old and new is.
The Following User Says Thank You to Renate NST For This Useful Post: [ View ]
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Top Threads in Nook Touch Android Development by ThreadRank