Android's Package Management System

Android's Package Management System


Table of Contents

  • How to resign an android app?
  • How to install an android apk?
  • android package management system.
  • How to get an app's certification?

1 How to resign an android app?

Android apk's digital signature strategy just employs the java's jar package method. So We can use java's keystore and jarsigner tools to sign an apk.
And the first step is to generate a valid certification:
  • make your own keystore
keytool -genkey -v -keystore iboxpay.keystore -alias ibox -keyalg RSA -keysize 2048 -validity 100000
please remember the store password and key password, I always set them the same one.
then before to resign an apk, I should remove its original signature first.
  • remove apk's digital signature
zip -d whatever.apk "META-INF/*"
After that, I can sign that apk by our own certification.
  • sign apk by jarsigner
jarsigner -verbose -keystore iboxpay.keystore -storepass 123456 whatever.apk ibox
  • align the apk
zipalign is a tool of android sdk, located in <android-sdk>/tools/. And this is not a necessary step, but it will make apk file more efficient.

zipalign -v 4 whatever.apk whatever_align.apk

2 How to install an android apk?

there are many ways to install an android apk. I list the ways here:
  • Android's PackageInstaller app
  • adb install whatever.apk
  • adb push whatever.apk /system/app
  • pm install "/path/to/apk"
But both of those ways must pass the android's package management system.

3 android package management system.

During the installation process, Android's PackageMangement system first authorize its signature, after that if the app request system priority, it will compare its certification with the system certification, only the app signed with system's certification can have system priority.

4 How to get an app's certification?

Actually, this section's topic should be how to get the signature of an app's certification, I consider the certification's signature as the serialization of the certification. So we can get the certification from its signature. I wrote an app to demonstrate it.

https://github.com/suzp1984/parrot/tree/master/android_app/GetSignatureApp

Comments

Post a Comment

Popular posts from this blog

How Bluetooth LE works? -- Link Layer

Image
How Bluetooth LE works? - Link layer Table of Contents 1 Bluetooth LE system architecture 2 Bluetooth LE Physical layer 3 Bluetooth LE Link Layer states 4 Bluetooth LE Link Layer packets 1 Bluetooth LE system architecture This is the first post and hopefully a series of upcoming postings about Bluetooth Low Energy. Above figure is the protocol stack of a whole Bluetooth LE system. The Bluetooth LE is one part of Bluetooth v4.0 specification, it was designed not to pursue high transmission speed but for lower energy consumption. So the Bluetooth LE products can be powered by a button-cell battery for years. How did it do that? This article is a review of Robin Heydon's excellent book – Bluetooth Low Energy, the developer's handbook. Bluetooth LE is completely redesigned of classic Bluetooth protocol, It seems that both the Bluetooth LE and classic Bluetooth has the same architecture from above figure, but actually they are so different inside, an...
Read more

Bluedroid stack in android

Image
Bluedroid stack in android Table of Contents Bluetooth stack in android Bluedroid .VS. Bluez Porting guide of Bluedroid stack 1 Bluetooth stack in android From Android 4.2, google use Bluedroid stack as its default Bluetooth host stack, before android 4.2, its default Bluetooth host stack was Bluez, which is also the Linux distribution's default stack. So why google changed its Bluetooth stack? The reason is maybe that Bluez stack was designed for the desktop environment, so in order to port Bluez into android, android must solve some dependency issues, like porting Dbus, Linux desktop's default IPC, into android. So there are at least five processes to power Bluetooth before android 4.2, they are systems, Bluetooth APP, Bluez, hciattach, and Dbus. The damn thing is that there are bugs between them, so Bluetooth stack is the weakest part in the android system before android 4.2, yeah, it is the usual reason that android system corrupted. So, what's t...
Read more

Network programming in elisp

  Network API in elisp Table of Contents 1 Introduction 2 A example 3 Http server implemented by elisp 1 Introduction Emacs is not just an editor, Yes, that's true. Emacs lisp can do network connection programming by its network API. But there is something difference with other kinds of programming language. First, elisp do not support multi-thread, pretty cool, huh!! Yeh, Multi-threads programming is a horrible venture for you, right! Second, There is no socket similarly conception in elisp, and elisp provide network programming ability as processes. Elisp can open a network connection by function – open-network-stream .  It can make network connection server listen a special port by function - make-network-process . Both of those function return a process object. Then you can communicate with the process by process's API. 2 A example I write a snippet code to figure out How to use it. ( require ' cl ) ( defvar my-network-client-b...
Read more