Android's Package Management System

Android's Package Management System


Table of Contents

  • How to resign an android app?
  • How to install an android apk?
  • android package management system.
  • How to get an app's certification?

1 How to resign an android app?

Android apk's digital signature strategy just employs the java's jar package method. So We can use java's keystore and jarsigner tools to sign an apk.
And the first step is to generate a valid certification:
  • make your own keystore
keytool -genkey -v -keystore iboxpay.keystore -alias ibox -keyalg RSA -keysize 2048 -validity 100000
please remember the store password and key password, I always set them the same one.
then before to resign an apk, I should remove its original signature first.
  • remove apk's digital signature
zip -d whatever.apk "META-INF/*"
After that, I can sign that apk by our own certification.
  • sign apk by jarsigner
jarsigner -verbose -keystore iboxpay.keystore -storepass 123456 whatever.apk ibox
  • align the apk
zipalign is a tool of android sdk, located in <android-sdk>/tools/. And this is not a necessary step, but it will make apk file more efficient.

zipalign -v 4 whatever.apk whatever_align.apk

2 How to install an android apk?

there are many ways to install an android apk. I list the ways here:
  • Android's PackageInstaller app
  • adb install whatever.apk
  • adb push whatever.apk /system/app
  • pm install "/path/to/apk"
But both of those ways must pass the android's package management system.

3 android package management system.

During the installation process, Android's PackageMangement system first authorize its signature, after that if the app request system priority, it will compare its certification with the system certification, only the app signed with system's certification can have system priority.

4 How to get an app's certification?

Actually, this section's topic should be how to get the signature of an app's certification, I consider the certification's signature as the serialization of the certification. So we can get the certification from its signature. I wrote an app to demonstrate it.

https://github.com/suzp1984/parrot/tree/master/android_app/GetSignatureApp

Comments

Post a Comment

Popular posts from this blog

Bluedroid stack in android

Image
Bluedroid stack in android Table of Contents Bluetooth stack in android Bluedroid .VS. Bluez Porting guide of Bluedroid stack 1 Bluetooth stack in android From Android 4.2, google use Bluedroid stack as its default Bluetooth host stack, before android 4.2, its default Bluetooth host stack was Bluez, which is also the Linux distribution's default stack. So why google changed its Bluetooth stack? The reason is maybe that Bluez stack was designed for the desktop environment, so in order to port Bluez into android, android must solve some dependency issues, like porting Dbus, Linux desktop's default IPC, into android. So there are at least five processes to power Bluetooth before android 4.2, they are systems, Bluetooth APP, Bluez, hciattach, and Dbus. The damn thing is that there are bugs between them, so Bluetooth stack is the weakest part in the android system before android 4.2, yeah, it is the usual reason that android system corrupted. So, what's t
Read more

How to setup a NAT server?

Image
How to setup an NAT server? Table of Contents What is NAT? How to setup NAT host? a shell script from vbird's book 1 What is NAT? NAT stands for Network Address Transition, which is the basic function of gateway host. I try to hack Bluetooth tethering module in android this week, it include the Bluetooth Pan profile and the NAT setup process, which means in order to implement the Bluetooth tethering, first, two devices must be connected by Bluetooth Pan profile, and then the server part device acted as gateway host to supply the network forward service. In other words, after Bluetooth Pan profile connected, the server must to setup its NAT rules to forward the IP packages. So how to setup NAT rules? 2 How to setup NAT host? My memory is still fresh that at the start of my Linux journey, I setup my Linux desktop as an NAT host to provide Internet services for my lab's classmates. During the days as a programmer, I once did a job to hacking android&
Read more

Network programming in elisp

  Network API in elisp Table of Contents 1 Introduction 2 A example 3 Http server implemented by elisp 1 Introduction Emacs is not just an editor, Yes, that's true. Emacs lisp can do network connection programming by its network API. But there is something difference with other kinds of programming language. First, elisp do not support multi-thread, pretty cool, huh!! Yeh, Multi-threads programming is a horrible venture for you, right! Second, There is no socket similarly conception in elisp, and elisp provide network programming ability as processes. Elisp can open a network connection by function – open-network-stream .  It can make network connection server listen a special port by function - make-network-process . Both of those function return a process object. Then you can communicate with the process by process's API. 2 A example I write a snippet code to figure out How to use it. ( require ' cl ) ( defvar my-network-client-b
Read more