A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
Home Page: https://favr.dev/opensource/uber-apk-signer
License: Apache License 2.0
This is apk http://www45.zippyshare.com/v/B8jwSOrZ/file.html. I can install it fine but when run with -y verifyOnly, i get this error.
- zipalign verified
- signature VERIFY FAILED (Unknown Heroes_v1.0.1.apk)
ERROR: JAR signer UNKNOWNH.RSA: Failed to verify JAR signature META-INF/UNKNOWNH.RSA against META-INF/UNKNOWNH.SF: java.security.SignatureException: Algorithm constraints check failed on disabled algorithm: MD5.
pom.xml contains the system dependency
<dependency>
<groupId>com.android</groupId>
<artifactId>apksigner</artifactId>
<version>1.0</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/main/resources/lib/apksigner_33_0_2.jar</systemPath>
</dependency>
which makes building uber-apk-signer unnecessary complicated. Google releases the library version of apksigner in it's maven repository: https://mvnrepository.com/artifact/com.android.tools.build/apksig?repo=google
So you only have to add
<repositories>
<repository>
<id>Google</id>
<name>Google</name>
<url>https://maven.google.com/</url>
</repository>
</repositories>
and then use the dependency
<dependency>
<groupId>com.android.tools.build</groupId>
<artifactId>apksig</artifactId>
<version>8.0.2</version>
</dependency>
You can then directly com.android.apksig.ApkSigner and com.android.apksig.ApkVerifier within your code.
I see in original apksigner, it has support sign apk with these 2 files. Can you add support for it please?
G'day @patrickfav, sorry to bother you mate, but I've been coming across this issue for a while now, and I've only just managed to figure why the problem was arising today.
a problem I've noticed is that when the user installs zipalign from the Command Line using package management tools such as apt or pacman, the external zipalign package in the users PATH, and the embed zipalign version that comes with Uber APK Signer, seems to conflict with each other, resulting in the error below
Error: Command failed: java -jar "/home/kali/AhMyth/AhMyth-Server/app/app/Factory/sign.jar" -a "/home/kali/AhMyth/Output/Ahmyth.apk"
Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true
could not execute zipalign
Run with '--debug' parameter to get additional information.
removing the zipalign package installed from the Command Line allows the signer to run it's embedded version of zipalign which fixes the problem, However if a path to a zipalign executable is not explicitly specified, then it should use the package version installed via the Command Line if it's available (which it should since it's automatically added to the users PATH variable at installation time), otherwise it should fall back to the embedded version if the PATH check for zipalign returns null according to the screenshot below (correct me if I'm wrong).
However both the external zipalign package and the embedded zipalign conflict with each other regardless of the external version being declared in the PATH variable
The Uber APK Signer version I'm utilising is v1.2.1
Just tested the same scenario with a 32bit Kali Linux VM and the same problem happened for some reason, external zipalign conflicts with embedded zipalign unless external package is removed.
It seems there are some breaking changes which require tests or impl to be fixed:
testSignMultipleApksMultipleCustomCert:
SIGN
file: C:\Users\PatrickF\AppData\Local\Temp\junit3402138880305259016\signer-test\apks\app-first-release-unsigned.apk (0.03 MiB)
checksum: b0c0a077b3c588178e5eb0e4cd168ba2afdfbc930d5b439c868eb1a174fd40b (sha256)
java.lang.IllegalStateException: Only accepting one signer config for V4 Signature.
at com.android.apksig.DefaultApkSignerEngine.createV4SignerConfig(DefaultApkSignerEngine.java:370)
at com.android.apksig.DefaultApkSignerEngine.signV4(DefaultApkSignerEngine.java:914)
at com.android.apksig.ApkSigner.sign(ApkSigner.java:582)
testResign:
junit.framework.AssertionFailedError:
Expected :1
Actual :2
Have this problem on java -jar uber-apk-signer.jar --apks /myAPKpath
SIGN
file: D:\work\android\rebuild\tsxk_shiguanghb_online_4149_220721\dist\tsxk_220721.apk (2160.73 MiB)
checksum: e67c8bad5b9263816b91ab55fcada97ab65b3203498e5782ea63a9c14f1041c3 (sha256)
**here is error report-------->
error:Error:java.lang.RuntimeException:
com.android.ide.common.signing.KeytoolException: Failed to read key palash from store "D:\MyApplication3\.idea\workspace.xml": Invalid keystore format
second error:Error:com.android.ide.common.signing.KeytoolException: Failed to read key palash from store "D:\MyApplication3\.idea\workspace.xml": Invalid keystore format
third error:Error:java.io.IOException: Invalid keystore format
how to solve this three errors??????**
here is gradle console message----------->
FAILURE: Build failed with an exception.
com.android.ide.common.signing.KeytoolException: Failed to read key palash from store "D:\MyApplication3.idea\workspace.xml": Invalid keystore format
Try:
Run with --info or --debug option to get more log output.
Exception is:
org.gradle.api.tasks.TaskExecutionException: Execution failed for task ':app:packageRelease'.
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeActions(ExecuteActionsTaskExecuter.java:69)
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.execute(ExecuteActionsTaskExecuter.java:46)
at org.gradle.api.internal.tasks.execution.PostExecutionAnalysisTaskExecuter.execute(PostExecutionAnalysisTaskExecuter.java:35)
at org.gradle.api.internal.tasks.execution.SkipUpToDateTaskExecuter.execute(SkipUpToDateTaskExecuter.java:66)
at org.gradle.api.internal.tasks.execution.ValidatingTaskExecuter.execute(ValidatingTaskExecuter.java:58)
at org.gradle.api.internal.tasks.execution.SkipEmptySourceFilesTaskExecuter.execute(SkipEmptySourceFilesTaskExecuter.java:52)
at org.gradle.api.internal.tasks.execution.SkipTaskWithNoActionsExecuter.execute(SkipTaskWithNoActionsExecuter.java:52)
at org.gradle.api.internal.tasks.execution.SkipOnlyIfTaskExecuter.execute(SkipOnlyIfTaskExecuter.java:53)
at org.gradle.api.internal.tasks.execution.ExecuteAtMostOnceTaskExecuter.execute(ExecuteAtMostOnceTaskExecuter.java:43)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker.execute(DefaultTaskGraphExecuter.java:203)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter$EventFiringTaskWorker.execute(DefaultTaskGraphExecuter.java:185)
at org.gradle.execution.taskgraph.AbstractTaskPlanExecutor$TaskExecutorWorker.processTask(AbstractTaskPlanExecutor.java:66)
at org.gradle.execution.taskgraph.AbstractTaskPlanExecutor$TaskExecutorWorker.run(AbstractTaskPlanExecutor.java:50)
at org.gradle.execution.taskgraph.DefaultTaskPlanExecutor.process(DefaultTaskPlanExecutor.java:25)
at org.gradle.execution.taskgraph.DefaultTaskGraphExecuter.execute(DefaultTaskGraphExecuter.java:110)
at org.gradle.execution.SelectedTaskExecutionAction.execute(SelectedTaskExecutionAction.java:37)
at org.gradle.execution.DefaultBuildExecuter.execute(DefaultBuildExecuter.java:37)
at org.gradle.execution.DefaultBuildExecuter.access$000(DefaultBuildExecuter.java:23)
at org.gradle.execution.DefaultBuildExecuter$1.proceed(DefaultBuildExecuter.java:43)
at org.gradle.execution.DryRunBuildExecutionAction.execute(DryRunBuildExecutionAction.java:32)
at org.gradle.execution.DefaultBuildExecuter.execute(DefaultBuildExecuter.java:37)
at org.gradle.execution.DefaultBuildExecuter.execute(DefaultBuildExecuter.java:30)
at org.gradle.initialization.DefaultGradleLauncher$4.run(DefaultGradleLauncher.java:153)
at org.gradle.internal.Factories$1.create(Factories.java:22)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:91)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:53)
at org.gradle.initialization.DefaultGradleLauncher.doBuildStages(DefaultGradleLauncher.java:150)
at org.gradle.initialization.DefaultGradleLauncher.access$200(DefaultGradleLauncher.java:32)
at org.gradle.initialization.DefaultGradleLauncher$1.create(DefaultGradleLauncher.java:98)
at org.gradle.initialization.DefaultGradleLauncher$1.create(DefaultGradleLauncher.java:92)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:91)
at org.gradle.internal.progress.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:63)
at org.gradle.initialization.DefaultGradleLauncher.doBuild(DefaultGradleLauncher.java:92)
at org.gradle.initialization.DefaultGradleLauncher.run(DefaultGradleLauncher.java:83)
at org.gradle.launcher.exec.InProcessBuildActionExecuter$DefaultBuildController.run(InProcessBuildActionExecuter.java:99)
at org.gradle.tooling.internal.provider.runner.BuildModelActionRunner.run(BuildModelActionRunner.java:46)
at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
at org.gradle.tooling.internal.provider.runner.SubscribableBuildActionRunner.run(SubscribableBuildActionRunner.java:58)
at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:48)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:30)
at org.gradle.launcher.exec.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:81)
at org.gradle.launcher.exec.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:46)
at org.gradle.launcher.daemon.server.exec.ExecuteBuild.doBuild(ExecuteBuild.java:52)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:36)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.WatchForDisconnection.execute(WatchForDisconnection.java:37)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.ResetDeprecationLogger.execute(ResetDeprecationLogger.java:26)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.RequestStopIfSingleUsedDaemon.execute(RequestStopIfSingleUsedDaemon.java:34)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.call(ForwardClientInput.java:74)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.call(ForwardClientInput.java:72)
at org.gradle.util.Swapper.swap(Swapper.java:38)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput.execute(ForwardClientInput.java:72)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.health.DaemonHealthTracker.execute(DaemonHealthTracker.java:47)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.LogToClient.doBuild(LogToClient.java:60)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:36)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.EstablishBuildEnvironment.doBuild(EstablishBuildEnvironment.java:72)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:36)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.health.HintGCAfterBuild.execute(HintGCAfterBuild.java:41)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:120)
at org.gradle.launcher.daemon.server.exec.StartBuildOrRespondWithBusy$1.run(StartBuildOrRespondWithBusy.java:50)
at org.gradle.launcher.daemon.server.DaemonStateCoordinator$1.run(DaemonStateCoordinator.java:237)
at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:54)
at org.gradle.internal.concurrent.StoppableExecutorImpl$1.run(StoppableExecutorImpl.java:40)
Caused by: java.lang.RuntimeException: com.android.ide.common.signing.KeytoolException: Failed to read key palash from store "D:\MyApplication3.idea\workspace.xml": Invalid keystore format
at com.android.build.gradle.tasks.PackageAndroidArtifact.doTask(PackageAndroidArtifact.java:469)
at com.android.build.gradle.tasks.PackageAndroidArtifact.doFullTaskAction(PackageAndroidArtifact.java:321)
at com.android.build.gradle.tasks.PackageApplication.doFullTaskAction(PackageApplication.java:75)
at com.android.build.gradle.internal.tasks.IncrementalTask.taskAction(IncrementalTask.java:88)
at org.gradle.internal.reflect.JavaMethod.invoke(JavaMethod.java:75)
at org.gradle.api.internal.project.taskfactory.AnnotationProcessingTaskFactory$IncrementalTaskAction.doExecute(AnnotationProcessingTaskFactory.java:245)
at org.gradle.api.internal.project.taskfactory.AnnotationProcessingTaskFactory$StandardTaskAction.execute(AnnotationProcessingTaskFactory.java:221)
at org.gradle.api.internal.project.taskfactory.AnnotationProcessingTaskFactory$IncrementalTaskAction.execute(AnnotationProcessingTaskFactory.java:232)
at org.gradle.api.internal.project.taskfactory.AnnotationProcessingTaskFactory$StandardTaskAction.execute(AnnotationProcessingTaskFactory.java:210)
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeAction(ExecuteActionsTaskExecuter.java:80)
at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.executeActions(ExecuteActionsTaskExecuter.java:61)
... 70 more
Caused by: com.android.ide.common.signing.KeytoolException: Failed to read key palash from store "D:\MyApplication3.idea\workspace.xml": Invalid keystore format
at com.android.ide.common.signing.KeystoreHelper.getCertificateInfo(KeystoreHelper.java:212)
at com.android.build.gradle.tasks.PackageAndroidArtifact.doTask(PackageAndroidArtifact.java:431)
... 80 more
Caused by: java.io.IOException: Invalid keystore format
at com.android.ide.common.signing.KeystoreHelper.getCertificateInfo(KeystoreHelper.java:190)
... 81 more
BUILD FAILED
Total time: 1 mins 32.136 secs
**
command will cause NullPointerException as below:
java -jar uber-apk-signer.jar --apks test_unsigned.apk
And I add a pull reques 6679476
My internet is really slow and I have been trying to clone your git repo but fails every time, can you please help me sign this apk file for me ? Here's the file: https://www.dropbox.com/s/5j4mikcft3m4qic/com.lazada.android.apk?dl=0
Just sign it and then upload it somewhere else, thank you.
How can i sign app v1, is support only v2?
Hello,
I signed the framework-res.apk on my device with uber-apk-signer-1.0.0.jar and noticed that file names were changed in the META-INF.
Can we please get this fixed? I don't want these names changed,and I don't understand why you have this happening.
Original Names
CERT.RSA
CERT.SF
Changed Names
ANDROIDD.RSA
ANDROIDD.SF
Thanks
Hi thanks for the repo! I wonder how is Uber related to it? AFAIK Uber is a company, so I guess it is a product of the company? But I do not see anything in README
Hello,
Can you please make it so we can change all fields for the Owner/Issuer?
Owner: CN=Android Debug, OU=Android, O=US, L=US, ST=US, C=US
Issuer: CN=Android Debug, OU=Android, O=US, L=US, ST=US, C=US
Thanks
01. app-release.apk
VERIFY
file: /path/to/OnePlusExtension/app/release/app-release.apk
checksum: b6061010215bdcd30b2971202b465d87c12feaac3492db821d55ed59a9f38146 (sha256)
- zipalign verified
- signature VERIFY FAILED (app-release.apk)
ERROR: No JAR signatures
[Mon Feb 05 09:37:39 CST 2018][v0.8.3]
Successfully processed 0 APKs and 1 errors in 0.21 seconds.
This apk can be verified successfully by nougat/oreo for it's signed with scheme v2. It should be a expected behavior that an apk signed without v1 (/META-INF/CERT.*) is also valid.
Sample package available here.
Does it support apk files with android:extractNativeLibs="false"?
In this case also the binary libraries must be stored uncompressed and zip-aligned.
Hello,
Is there anything when signing certs that can be identified back to the person, or computer, etc., that can identify where it comes from?
From my understanding no, it's only what information someone puts in/creates... The owner/issuer O= L= ST= C= etc...
Nice app you created too...
But in Linux I just do all this by hand, so is there really any advantage to using uber-apk-signer over signing my own in Linux like the below?
mkdir -p /etc/ssl/localcerts
Run cmds in /localcerts
openssl genrsa -out key.pem 1024
openssl req -new -key key.pem -out request.pem
openssl x509 -req -days 9999 -in request.pem -signkey key.pem -out certificate.pem
openssl pkcs8 -topk8 -outform DER -in key.pem -inform PEM -out key.pk8 -nocrypt
java -jar signapk.jar /etc/ssl/localcerts/certificate.pem /etc/ssl/localcerts/key.pk8 framework-res.apk test.apk
THANKS
So basically my problem is this.
On the README.md it says that there is a built in zipalign feature, however when I use uber-apk-signer on Linux to try and sign an apk, I can't sign an APK at all because because zipalign could not execute, if I run apt install zipalign however, it works, how do I utilise the built-in zipalign feature if it's possible???
Sorry I'm still very new to this repo, I used to use an older type of signer but this one is better.
root@kali:~/Downloads/android/uber-apk-signer# java -jar uber-apk-signer.jar --apks /root/Downloads/android/facebook.apk
Error: Unable to access jarfile uber-apk-signer.jar
can you help me please
I got this error when signing APK:
Unable to determine APK's minimum supported Android platform version: malformed binary resource: AndroidManifest.xml
APK cannot be installed after resign.
java -jar uber-apk-signer-1.2.1.jar --allowResign -a
adb install -r
Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE]
Android 6.0.1
for first look the original APK contains CERT.SF and CERT.RSA
Since Android 9 key rotation is supported: https://source.android.com/security/apksigning/v3
while trying to udate to new version .iam getting this error can't verify signature KB63363901
This error is throwed and what can I do ?
Failed to load signer "signer #1"
java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.
at java.base/sun.security.util.DerInputStream.getLength(DerInputStream.java:604)
at java.base/sun.security.util.DerValue.init(DerValue.java:385)
at java.base/sun.security.util.DerValue.(DerValue.java:327)
at java.base/sun.security.util.DerValue.(DerValue.java:340)
at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1984)
at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:220)
at java.base/java.security.KeyStore.load(KeyStore.java:1472)
at com.android.apksigner.SignerParams.loadKeyStoreFromFile(SignerParams.java:362)
at com.android.apksigner.SignerParams.loadPrivateKeyAndCertsFromKeyStore(SignerParams.java:248)
at com.android.apksigner.SignerParams.loadPrivateKeyAndCerts(SignerParams.java:181)
at com.android.apksigner.ApkSignerTool.getSignerConfig(ApkSignerTool.java:419)
at com.android.apksigner.ApkSignerTool.sign(ApkSignerTool.java:336)
at com.android.apksigner.ApkSignerTool.main(ApkSignerTool.java:92)
at at.favre.tools.apksigner.SignTool.sign(SignTool.java:314)
at at.favre.tools.apksigner.SignTool.execute(SignTool.java:150)
at at.favre.tools.apksigner.SignTool.mainExecute(SignTool.java:45)
at at.favre.tools.apksigner.SignTool.main(SignTool.java:33)
This has been asked twice but both have been marked as "Completed" Without explaining how it was fixed. any help?
I wan to sign my apk packages but I get the following error
$ archlinux-java status
Available Java environments:
java-11-openjdk
java-8-jdk (default)
java-8-openjdk
$ java -jar uber-apk-signer-1.2.1.jar....
zipalign location: BUILT_IN
/tmp/uapksigner-834599882927137790/linux-zipalign-29_0_2262257386856777324.tmp
keystore:
.................
01. app-release-unsigned.apk
SIGN
file: /home/user/..../apk/release/app-release-unsigned.apk (0.17 MiB)
checksum: 35412b8284d3c5374cec45cd4993c544e26ef4d7b50a9c41aa6e12024a97888 (sha256)
- could not align
could not execute zipalign
java.lang.IllegalStateException: could not execute zipalign
at at.favre.tools.apksigner.SignTool.execute(SignTool.java:143)
at at.favre.tools.apksigner.SignTool.mainExecute(SignTool.java:45)
at at.favre.tools.apksigner.SignTool.main(SignTool.java:33)
Cmd history for debugging purpose:
-----------------------
[/tmp/uapksigner-5255291507018536870/linux-zipalign-29_0_24433956931453785855.tmp, -p, -v, 4, /home/user/..../apk/release/app-release-unsigned.apk, /home/user/...././app-release-unsigned-aligned.apk]
Verifying alignment of /home/user/...././app-release-unsigned-aligned.apk (4)...
71 res/mipmap-xhdpi-v4/ic_launcher_round.png (BAD - 3)
3796 assets/www/cordova-js-src/platform.js (OK - compressed)
5599 AndroidManifest.xml (OK - compressed)
6681 res/mipmap-mdpi-v4/ic_launcher_round.png (BAD - 1)
8285 assets/www/cordova-js-src/android/nativeapiprovider.js (OK - compressed)
9010 assets/www/cordova.js (OK - compressed)
25953 res/mipmap-xhdpi-v4/ic_launcher.png (BAD - 1)
27474 res/xml/config.xml (OK - compressed)
28542 assets/www/js/about.c1c8b494.js (OK - compressed)
29435 res/mipmap-xhdpi-v26/ic_launcher_background.png (BAD - 3)
29621 res/mipmap-anydpi-v26/ic_launcher_round.xml (OK - compressed)
29902 assets/www/css/app.d0415ad6.css (OK - compressed)
30485 res/mipmap-xxhdpi-v4/ic_launcher_round.png (BAD - 1)
36499 assets/www/js/chunk-vendors.7584f99d.js (OK - compressed)
85570 assets/www/cordova-js-src/plugin/android/app.js (OK - compressed)
87093 assets/www/js/app.b38801bb.js (OK - compressed)
91230 res/mipmap-mdpi-v4/ic_launcher.png (BAD - 2)
92012 assets/www/index.html (OK - compressed)
92525 res/mipmap-hdpi-v26/ic_launcher_background.png (BAD - 1)
92674 assets/www/css/about.9f825402.css (OK - compressed)
92782 res/drawable/ic_launcher_foreground.xml (OK - compressed)
93578 res/mipmap-mdpi-v26/ic_launcher_background.png (BAD - 2)
93749 assets/www/cordova-js-src/android/promptbasednativeapi.js (OK - compressed)
94574 res/mipmap-xxxhdpi-v26/ic_launcher_background.png (BAD - 2)
94783 res/mipmap-xxhdpi-v26/ic_launcher_background.png (BAD - 3)
94970 res/mipmap-hdpi-v4/ic_launcher.png (BAD - 2)
96085 res/mipmap-xxxhdpi-v4/ic_launcher.png (BAD - 1)
99683 res/mipmap-hdpi-v4/ic_launcher_round.png (BAD - 3)
102160 resources.arsc (OK)
105855 assets/www/cordova-js-src/exec.js (OK - compressed)
109416 assets/www/favicon.ico (OK - compressed)
111259 classes.dex (OK - compressed)
160114 res/mipmap-xxxhdpi-v4/ic_launcher_round.png (BAD - 2)
168729 assets/www/cordova_plugins.js (OK - compressed)
168925 res/mipmap-anydpi-v26/ic_launcher.xml (OK - compressed)
169212 res/mipmap-xxhdpi-v4/ic_launcher.png (OK)
171713 res/mipmap-ldpi-v26/ic_launcher_background.png (BAD - 1)
Verification FAILED
(1)
zipalign not compressing as
(java -jar uber-apk-signer.jar -a apk/app-release-unsigned.apk --out release)
C:\cordova\Android\android-sdk\build-tools\29.0.3\zipalign -v 4 app-release-unsigned.apk appname.apk
where app-release-unsigned.apk contains 265kb when it gets compressed it gets appname.apk 258kb
Keep getting this error everytime I run ./mvnw clean install, the error arises with both Java 1.8.0_252 and Java 11.0.3 for Kali Linux , done some research and can't seem to find a solution.
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] /home/kali/uber-apk-signer/src/main/java/at/favre/tools/apksigner/ui/MultiKeystoreParser.java:[6,24] cannot access java.util.stream.Collectors
bad class file: /modules/java.base/java/util/stream/Collectors.class
class file has wrong version 55.0, should be 53.0
Please remove or make sure it appears in the correct subdirectory of the classpath.
[INFO] 1 error
[INFO] -------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 13.585 s
[INFO] Finished at: 2021-11-09T04:54:32-05:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.8.1:compile (default-compile) on project uber-apk-signer: Compilation failure
[ERROR] /home/kali/uber-apk-signer/src/main/java/at/favre/tools/apksigner/ui/MultiKeystoreParser.java:[6,24] cannot access java.util.stream.Collectors
[ERROR] bad class file: /modules/java.base/java/util/stream/Collectors.class
[ERROR] class file has wrong version 55.0, should be 53.0
[ERROR] Please remove or make sure it appears in the correct subdirectory of the classpath.
[ERROR]
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
Last workign commit: 1ba3001
Last working CI: https://travis-ci.org/github/patrickfav/uber-apk-signer/jobs/671333260
$ java -jar ~/Downloads/uber-apk-signer-1.0.0.jar -a 1.apk --skipZipAlign --onlyVerify
source:
~/Downloads
01. 1.apk
VERIFY
file: /1.apk (92.59 MiB)
checksum: adf141e9285c1a3d4728298cec6c1337a9373db68155ec545cc5b48819457642 (sha256)
- signature VERIFY FAILED (1.apk)
ERROR: APK Signature Scheme v2 signer #1: Malformed additional attribute #1
[Fri Oct 26 17:40:02 CST 2018][v1.0.0]
but the apk could install success on my Android 5.0 & 5.1 devices.
here is my test app:
I need to resign an apk that is built with the gamedev tool Defold as it only signs with v1 but v2 is required for Android Instant Games.
I don't see in the docs for this how to enable it or maybe I'm missing something super obvious?
I'd like to skip this verification, is it possible?
It seems like its not possible because it is not in the help command but I'll ask anyway just in case
Hello,
I hope you don't mind me asking, since you do all of this, I assumed you would know how I can add the
AuthorityKeyIdentifier Extension to a keystore like listed below?
keytool -printcert -file CERT.RSA
Owner: EMAILADDRESS=[email protected], CN=OnePlus, OU=SW, O=OnePlus, L=Shenzhen, ST=Guangdong, C=CN
Issuer: EMAILADDRESS=[email protected], CN=OnePlus, OU=SW, O=OnePlus, L=Shenzhen, ST=Guangdong, C=CN
Serial number: ca7f2ef3e2f1842e
Valid from: Wed May 06 21:23:23 HST 2015 until: Sun Sep 21 21:23:23 HST 2042
Certificate fingerprints:
MD5: 0D:2B:B4:93:D4:C2:58:EB:10:5F:A6:E0:D5:9A:C4:7B
SHA1: 23:52:7E:F3:0C:2E:B1:07:DC:50:D2:80:07:94:B5:D5:8E:60:67:FC
SHA256: C6:E8:15:0A:A5:BB:AF:52:3C:A1:E2:D9:E3:56:00:8E:17:28:A1:2F:E2:0C:3C:78:75:A4:46:AF:B7:C5:79:F9
Signature algorithm name: SHA1withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: E2 4C A1 8E 47 F2 C0 74 76 F9 D3 7C E0 D8 5A 9F .L..G..tv.....Z.
0010: 2F DF 44 56 /.DV
]
]
#2: ObjectId: 2.5.29.19 Criticality=false
BasicConstraints:[
CA:true
PathLen:2147483647
]
#3: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: E2 4C A1 8E 47 F2 C0 74 76 F9 D3 7C E0 D8 5A 9F .L..G..tv.....Z.
0010: 2F DF 44 56 /.DV
]
]
Oracle states; . For non self-signed certificates, the authorityKeyIdentifier is always created.
I can make a keystore with the BasicConstraints, it's my understanding that the SubjectKeyIdentifier is always added.
This is what I've been playing with in a shell script, but it only adds the SubjectKeyIdentifier and BasicConstraints
Create a self signed key pair root CA certificate
keytool -genkeypair -v
-alias CERT
-dname "CN=Android, OU=Android, O=US, L=US, ST=US, C=US"
-keystore keystore.jks
-keypass android
-storepass android
-keyalg RSA
-keysize 4096
-ext BasicConstraints:"critical=ca:true"
-validity 9855
If I do all of this in a shell, then I get the AuthorityKeyIdentifier but I also get double of the same cert information, listed at the top; owner/issuer serial number, fingerprints, etc...
Create a self signed key pair root CA certificate
keytool -genkeypair -v
-alias CERT
-dname "CN=Android, OU=Android, O=US, L=US, ST=US, C=US"
-keystore keystore.jks
-keypass android
-storepass android
-keyalg RSA
-keysize 4096
-ext BasicConstraints:"critical=ca:true"
-validity 9855
Generate new ca-cert and ca-key
openssl
req
-new
-x509
-subj "/CN=Android/OU=Android/O=US/L=US/ST=US/C=US/"
-passout pass:android
-keyout ca-key
-out ca-cert
-days 9855
Extracting cert/creating cert sign req(csr)
keytool
-keystore keystore.jks
-keypass android
-storepass android
-alias CERT
-certreq
-file cert-file
Sign the “cert-file” and cert-signed wil be the new cert
openssl
x509
-req
-CA ca-cert
-CAkey ca-key
-in cert-file
-out cert-signed
-days 9855
-CAcreateserial
-passin pass:android
Importing the ca-cert to keystore file:
keytool
-keystore keystore.jks
-alias CARoot
-import
-file ca-cert
-storepass android
-noprompt
THANK YOU for your time and help with this, it's greatly appreciated, and I do like uber-apk-signer, I just like trying to learn and do this myself...
Hello, I have another question.
Can you please add option allow using the built-in keystore even another key exist in user_home/.android. I don't want to use the key in user_home/.android.
Because I sign apk using the built-in keystore and now after I installed Android Studio, it break the old sign.
I´am trying to run any command and always return this:
source:
null
Run with '-debug' parameter to get additional information.
I often sign zip, jars etc..
kind of feeded a zip to a batch file using uber-apk-signer,
and got
provided apk path or file 'D:\sample.zip' does not exist
java.lang.IllegalArgumentException: provided apk path or file 'D:\sample.zip' does not exist
at at.favre.tools.apksigner.ui.FileArgParser.parseAndSortUniqueFilesNonRecursive(FileArgParser.java:38)
at at.favre.tools.apksigner.SignTool.execute(SignTool.java:60)
at at.favre.tools.apksigner.SignTool.mainExecute(SignTool.java:45)
at at.favre.tools.apksigner.SignTool.main(SignTool.java:33)
Cmd history for debugging purpose:
-----------------------(exit code 1).
tries multiple variations of the arguments (including normalizing paths from backslash to forward slash),
until I've changed the extension to APK.
obviously it makes sense that u.a.s. only handles apk files (it's in the name..).
it seems like an exception that wasn't caught and thrown up until it got the the file-path exception handling method.
I personally transitioned from jarsigner, to apksigner (both can handle ZIP-DEFLATE),
to u.a.s., and a nice message (or even a meaningful exit code) would help a lot.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.