android signature generation tool

How to generate APK signature file with Android source code

Many of our applications need to use the system signature, you can generate the system signature file, use this signature when generating the apk, and then you can install it into the machine without putting it in the source code to compile it and re-flash the system.

First attached 50 and 20 robots common debugkey (Figure has been omitted)

In the Linux environment, the Android source code directory as the root directory.

Where platform.pk8 is the file needed to make the system signature.

1, in this directory, execute

generate a temporary file platform.pem

2, then execute the following command, will be in the directory to generate platform.p12 file, which should essentially be a digital certificate

3, and then execute the following command appears the following message, that is, the generation of successful platform.jks

This name can be changed to debug.keystore. Its suffix itself is not relevant, eclipse and AS are recognized platform.jks

4, and then in the packaging apk when you select platform.jks file, you can directly use adb command to install the apk to the machine.

xxxx indicates the path of the apk that needs to be installed

5. The signed Keystorepassword and Keypassword are both android

APK signing tools in Android jarsigner and apksigner detailed

Retrieved from

I. Tools

jarsigner is the JDK provides for the jar package signature of the general-purpose tools,

located in the JDK/bin/jarsigner.exe

apksigner is the official Google for the Android apk signing and verification of special tools,

located in AndroidSDK/build-tools/SDK version/apksigner.bat

Whether apk package, or jar package, the essence of the zip format of the compressed package, so their signing process are similar (V1 signature only),

The above two tools can be on the Androidapk package

Both tools can be used to sign Android apk packages.

1. Difference between V1 and V2 signatures

In AndroidStudio click on the menu Build->Generatesignedapk… There are two signature options V1(JarSignature)V2(FullAPKSignature),

From Android7.0 onwards, Google has added a new signature scheme V2Scheme(APKSignature);

But for Android7.0 and below, you can only use the old signature. Program V1scheme (JARsigning)



V2signature advantages are obvious:

Note: apksigner tool defaults to use both V1 and V2 signatures, in order to be compatible with the version of Android 7.0 or below

2. zipalign and V2 signatures

Located in AndroidSDK/build-tools/SDK version/zipalign.exe

zipalign is a tool to align zip packages, so that the uncompressed data in the APK package is arranged in an orderly manner and aligned, which reduces the memory consumption of the APP when running

zipalign-v4in.apkout.apk//4-byte alignment optimization

zipalign-c-v4in.apk///Check whether APK is aligned or not

zipalign can be executed after V1 signing

But zipalign can’t be executed after V2 signing, it can only be executed before V2 signing! before it is executed!!!

II. Signature steps

1. Generate key pairs (there are key libraries, can be ignored)

AndroidStudio in Debug, the App signature will use a default key library:

1. : You can reuse this command to create multiple key pairs in the same keystore

For example: add a new key pair to debug.keystore with the alias release

keytool-genkeypair-keystoredebug.keystore-aliasrelease- validity30000

2. View the keystore

Go to JDK/bin and enter the command

keytool-list-v-keystore keystore name





For example:

keytool-keypair-keystoredebug. keystoredebug.keystore

Now there are two pairs of keys in the debug.keystore keystore, the aliases are androiddebugkeyrelease


1.Method 1 (jarsigner, only supports V1 signing)

Into JDK/bin, enter the command

From JDK7, jarsigner default algorithm is SHA256, but Android4.2 does not support the algorithm,

So you need to modify the algorithm, add the parameter -digestalgSHA1-sigalgSHA1withRSA


For example:

Signed with JDK7 and above jarsigner, not supported under Android 4.2


Signed with JDK7 and above jarsigner. >2. Method 2 (apksigner, which uses both V1 and V2 signatures by default)

Go to AndroidSDK/build-tools/SDK version and enter the command

If there are more than one key pairs in the keystore, you must specify the key alias

Disable V2 signature

apksignersign–v2-signing-enabledfalse –ks keystore name xxx.apk



Only one key pair in the debug.keystore keystore

apksignersign– ksdebug.keystoreMyApp.apk

There are more than one key pair in the debug.keystore keystore, so you must specify the key alias

apksignersign –ksdebug.keystore–ks-key- aliasandroiddebugkeyMyApp.apk

3. Signature verification

1. Method 1 (keytool, which only supports V1 signature verification)

Go to JDK/bin and enter the command

keytool-printcert- jarfileMyApp.apk(show signing certificate information)


2. Method 2 (apksigner, support V1 and V2 signature verification)

Go to AndroidSDK/build-tools/SDK version, enter the command





1, open the project in AndroidStudio, click “Build” menu under the “GenerateSignedAPK”.

2. In “Keystorepath”, enter the path of the signed file, enter the password, and click “Next”. If you don’t have a signature file, please click the following link to create a signature file.

3. Modify the path of the apk file, and make sure the information on the interface is accurate, then click “Finish”.

4, wait a moment, in the following window can be signed whether the success of the message. If there is no error in the project, it will automatically generate the apk with signature. click the bottom of the “ShowinExplorer”.

5, this will open the EventLog window, click on the window at the end of the “ShowinExplorer”.

6, now will automatically jump to the signature of the apk path. At this point, you can publish the signed app in all major app markets.

This is the first time that you can publish a signed app in the app market.