1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
.\" Automatically generated by Pandoc 2.2.1
.\"
.TH "SIGNAPK" "1" "" "" ""
.hy
.SH NAME
.PP
signapk \- JAR and APK signing tool
.SH SYNOPSIS
.PP
Command line tool for signing Android ZIP/JAR/APK files:
.PP
\f[B]signapk\f[] [\-w] [\-a \f[I]alignment\f[]] [\-providerClass
\f[I]className\f[]] \f[I]publickey.x509\f[][\f[I].pem\f[]]
\f[I]privatekey.pk8\f[] [\f[I]publickey2.x509\f[][\f[I].pem\f[]]
\f[I]privatekey2.pk8\f[] \&...] \f[I]input.jar\f[] \f[I]output.jar\f[]
\f[B]signapk\f[] \f[I]file.jar\f[]
.PP
\f[I]input.jar\f[] is an existing file to sign.
.SH DESCRIPTION
.PP
Signs ZIP files, including JARs, APKs and Over\-The\-Air (OTA) updates,
in a way compatible with Android's mincrypt verifier, using EC or RSA
keys and SHA1 or SHA\-256.
The tool can additionally sign APKs using APK Signature Scheme v2.
It is the standard tool used to sign APK and JAR files distributed as
part of Android ROMs.
.SH HISTORICAL NOTE
.PP
Prior to the KitKat (aka 4.4.2 aka android\-19) release, signapk ignored
the signature algorithm specified in the certificate and always used
SHA1withRSA.
.PP
Starting with JellyBean\-MR2 (aka 4.3 aka android\-18), the platform
supports SHA256withRSA, so we use the signature algorithm in the
certificate to select which to use (SHA256withRSA or SHA1withRSA).
Also in JellyBean\-MR2, EC keys are supported.
.PP
Because there are old keys still in use whose certificate actually says
\[lq]MD5withRSA\[rq], those are treated as though they say
\[lq]SHA1withRSA\[rq] for compatibility with older releases.
.SH SEE ALSO
.PP
JAR(1)
.PP
ZIP(1)
.PP
ZIPALIGN(1)
.PP
https://source.android.com/devices/tech/ota/sign_builds.html
.SH AUTHORS
The Android Open Source Project.
|
