I used the Dynatrace auto-instrumentor command on my Android apk file
auto-instrumentor.cmd apk <apk file> prop <APK-Instr.properties>
and then signed it with my keystore.
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore mykeystore.keystore myApp.apk aliasname
Finally I zip align it using the below command:
zipalign -f -v 4 AppFile.apk AppFile2.apk
But when I try to install the file, I get a parsing error:
There is a problem parsing the package.
Note: I have been able to successfully verify the jar using the below command:
jarsigner -verify -keystore mystore.keystore AppFile.apk
But still get the parsing error!
Try using changing the hash algorithms and retrying. You may use either SHA2 or SHA256 as a start.
Note that SHA1 is being deprecated by browsers.
It's possible that your APK was signed with a debug key when it was first built. Running jarsigner again could be signing it a second time.
Take a look at this question and my answer here to see if this is the problem.
Related
I am signing my apk using the below command:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore mykeystore.keystore myApp.apk aliasname
The log ends with
.
.
.
signing: org/achartengine/image/zoom-1.png
signing: org/achartengine/image/zoom_in.png
signing: org/achartengine/image/zoom_out.png
signing: LICENSE.txt
signing: assets/cpwrUEM-instr-runtime.properties
jar signed.
But when I run the verification command:
jarsigner -verify -verbose -certs myApp.apk
I get the below error:
jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for res/drawable-hdpi-v4/btn_large.png
Most of the forums mentions that when we get the above error message we should resign the jar by adding -digestalg SHA1. But I already have that and still get the same exception.
On trying to install on a device, I get the message
There is a problem parsing the package.
UPDATE:
On changing the algorithm from SHA1 to SHA-256 it stills give me the same exception but this time on a xml file.
Verify if the apk you are signing is originally unsigned or not. If not, export the unsigned version using the Android Tools in your IDE.
I have created an APK using Unity but cannot upload it onto GooglePlay because it isn't assigned. I saw many pages on how can I solve it using Unity, but I am using a Mac.
I tried changing .apk to .zip and then changing the parameters in .xml (manifest) accordingly, but GooglePlay shows:
You uploaded an APK that is not zip aligned. You will need to run a
zip align tool on your APK and upload it again.
Please help.
With command-lines, you can sign(with jarsigner from the java-jdk) and align(with zipalign from the android-SDK).
Sign:jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
Align:zipalign -v 4 your_project_name-unaligned.apk your_project_name.apk
Having the error: unable to sign jar: java.util.zip.ZipException: invalid entry compressed size ... means that the apk is already signed, you should:
Verify that it's not signed with the debug-key:jarsigner -verify -verbose -certs my_application.apk.
Remove the debug-signature if needed:zip -d foo.apk META-INF/\*
When changing files in an extracted APK, I re-zip it, change the extension to .apk, and install like this:
$ adb install CustomAPK.apk
2831 KB/s (41896599 bytes in 14.450s)
pkg: /data/local/tmp/CustomAPK.apk
Failure [INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION]
What is this from?
Generate a key and sign the apk: Android Developer Website
Signing Your App Manually
You do not need Android Studio to sign your app. You can sign your app from the command line using standard tools from the Android SDK and the JDK. To sign an app in release mode from the command line:
Generate a private key using keytool. For example:
$ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
This example prompts you for passwords for the keystore and key, and to provide the Distinguished Name fields for your key. It then generates the keystore as a file called my-release-key.keystore. The keystore contains a single key, valid for 10000 days. The alias is a name that you will use later when signing your app.
Compile your app in release mode to obtain an unsigned APK.
Sign your app with your private key using jarsigner:
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
This example prompts you for passwords for the keystore and key. It then modifies the APK in-place to sign it. Note that you can sign an APK multiple times with different keys.
Verify that your APK is signed. For example:
$ jarsigner -verify -verbose -certs my_application.apk
Align the final APK package using zipalign.
$ zipalign -v 4 your_project_name-unaligned.apk your_project_name.apk
zipalign ensures that all uncompressed data starts with a particular byte alignment relative to the start of the file, which reduces the amount of RAM consumed by an app.
INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION
for this Uninstall APP and click run button to fix this issue
Build the App, and then Run
solved mine
I've decoded an APK with apktool (as the original source code was lost) so I could fix some issues with the layout xml files. I've then rebuilt it back up with apktool and when I tried to install it on my device (using adb: adb install appname.apk) it gave me this error:
[INSTALL_PARSE_FAILED_NO_CERTIFICATES]
the original apk however was signed by a keystore (on eclipse IDE), this one isn't, how can I sign it properly with it's original keystone file outside Eclipse!?
create a key using
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
then sign the apk using :
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore my_application.apk alias_name
check here for more info
Automated Process:
Use this tool (uses the new apksigner from Google):
https://github.com/patrickfav/uber-apk-signer
Disclaimer: Im the developer :)
Manual Process:
Step 1: Generate Keystore (only once)
You need to generate a keystore once and use it to sign your unsigned apk.
Use the keytool provided by the JDK found in %JAVA_HOME%/bin/
keytool -genkey -v -keystore my.keystore -keyalg RSA -keysize 2048 -validity 10000 -alias app
Step 2 or 4: Zipalign
zipalign which is a tool provided by the Android SDK found in e.g. %ANDROID_HOME%/sdk/build-tools/24.0.2/ is a mandatory optimization step if you want to upload the apk to the Play Store.
zipalign -p 4 my.apk my-aligned.apk
Note: when using the old jarsigner you need to zipalign AFTER signing. When using the new apksigner method you do it BEFORE signing (confusing, I know). Invoking zipalign before apksigner works fine because apksigner preserves APK alignment and compression (unlike jarsigner).
You can verify the alignment with
zipalign -c 4 my-aligned.apk
Step 3: Sign & Verify
Using build-tools 24.0.2 and older
Use jarsigner which, like the keytool, comes with the JDK distribution found in %JAVA_HOME%/bin/ and use it like so:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my.keystore my-app.apk my_alias_name
and can be verified with
jarsigner -verify -verbose my_application.apk
Using build-tools 24.0.3 and newer
Android 7.0 introduces APK Signature Scheme v2, a new app-signing scheme that offers faster app install times and more protection against unauthorized alterations to APK files (See here and here for more details). Therefore, Google implemented their own apk signer called apksigner (duh!)
The script file can be found in %ANDROID_HOME%/sdk/build-tools/24.0.3/ (the .jar is in the /lib subfolder). Use it like this
apksigner sign --ks-key-alias alias_name --ks my.keystore my-app.apk
and can be verified with
apksigner verify my-app.apk
The official documentation can be found here.
fastest way is by signing with the debug keystore:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore app.apk androiddebugkey -storepass android
or on Windows:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore %USERPROFILE%/.android/debug.keystore test.apk androiddebugkey -storepass android
You use jarsigner to sign APK's. You don't have to sign with the original keystore, just generate a new one. Read up on the details: http://developer.android.com/guide/publishing/app-signing.html
For those of you who don't want to create a bat file to edit for every project, or dont want to remember all the commands associated with the keytools and jarsigner programs and just want to get it done in one process use this program:
http://lukealderton.com/projects/programs/android-apk-signer-aligner.aspx
I built it because I was fed up with the lengthy process of having to type all the file locations every time.
This program can save your configuration so the next time you start it, you just need to hit Generate an it will handle it for you. That's it.
No install required, it's completely portable and saves its configurations in a CSV in the same folder.
Updated answer
Check https://shatter-box.com/knowledgebase/android-apk-signing-tool-apk-signer/
Old answer
check apk-signer a nice way to sign your app
I've been trying to use the jarsigner.exe and adb.exe to manually sign an android package and install it on a API V8 emulator. I created a simple HelloAndroid project and it would generate a signed HelloAndroid.apk using the debug.keystore located in the user's .android directory. When launching from Eclipse, it builds and installs the apk on the emulator without a problem.
I used the android tools to export an unsigned application package to a separate directory. I signed and zipAligned the package and used adb to install it but received the error:
Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES]
I used the following command to sign it.
jarsigner -verbose -keystore c:\users\jhwong\.android\debug.keystore
-storepass android -keypass android -digestalg SHA-1 -sigalg SHA1withRSA
-sigfile CERT -signedjar temp\HelloWorld2.apk
temp\HelloWorld.unsigned.apk androiddebugkey
adding: META-INF/MANIFEST.MF
adding: META-INF/CERT.SF
adding: META-INF/CERT.RSA
signing: res/layout/main.xml
signing: AndroidManifest.xml
signing: resources.arsc
signing: res/drawable-hdpi/icon.png
signing: res/drawable-ldpi/icon.png
signing: res/drawable-mdpi/icon.png
signing: classes.dex
That did not give me any errors and just to makes sure I ran:
jarsigner -verify -verbose temp\HelloWorld2.apk
It showed the jar was verified and each file signed and part of the manifest.
I ran zipalign -v 4 temp\HelloWorld2.apk temp\HelloWorld3.apk which finished without an error.
Then used adb install -r temp\HelloWorld3.apk.
I've seen several related threads and articles suggesting these directions but I'm perplexed as to why it doesn't work manually verses using Eclipse to build the signed package. I've even taken the package built from Eclipse and was able to use adb.exe to install it so I've narrowed it to signing the package. I've tried keystores that I've generated from the keytool but they didn't work as well which is why I tried the debug.keystore.
I'd appreciate any advice if they noticed anything wrong with my jarsigner code.
We had this exact same problem. Try using the following parameter values:
jarsigner ... -digestalg SHA1 -sigalg MD5withRSA ...
By the way, using explicit sigalg and digestalg seems to be mandatory with JDK 7.
To sign apks using JDK 1.7 one has to use these keywords "-sigalg MD5withRSA -digestalg SHA1 "
Reason:
As of JDK 7, the default signing algorithim has changed, requiring you to specify the signature and digest algorithims (-sigalg and -digestalg) when you sign an APK.
Command:
jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore [keystorefile]
[originalapk] alias_name
If you're using JDK 7, try
jarsigner -sigalg SHA1withRSA -digestalg SHA1
If you get
jarsigner error: java.security.SignatureException: private key algorithm is not compatible with signature algorithm
then try
jarsigner -sigalg MD5withRSA -digestalg SHA1