Upload
jussi-pohjolainen
View
2.418
Download
1
Tags:
Embed Size (px)
Citation preview
Signing and Deploying Android Applica1ons
Jussi Pohjolainen Tampere University of Applied Sciences
App Signing, Overview
• All apps must be digitally signed with cer3ficate – Iden1fying the author of the app
• Typically self signed • Debug key for debugging • Suitable private key when publishing • Crea1ng keys and signing: Keytool and Jarsigner
Debug Mode
• While debugging and tes1ng, you can compile in debug mode
• Build tools uses the Keytool u1lity to generate a key with known alias and password. Key is used to sign the .apk file
• Developer does not have worry about this, if using Eclipse!
Release Mode
• When ready to release, developer must sign the .apk with your private key
• How? Two op1ons: – Using Keytool and Jarsigner in command-‐line. Keytool generates private key and Jarsigner signs the .apk with the key
– Using ADT Export Wizard with Eclipse (same than above but with GUI)
Signing for Public Release
1. Obtain suitable private key 2. Compile the applica1on in release mode 3. Sign your applica1on with private key 4. Align the final APK package
Obtain Suitable Private Key
• Private key – Is in your possession and represents your personal or corporate en1ty
– Validity period is expected lifespan of your app • Recommenda1on: over 25 years • Android Market: apps must have validity period ending a[er 22.10.2033
– It's not the debug key J
Obtain Suitable Private Key
• How to generate private key? • Use keytool – > keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
TB308POHJUS-L-2:temp pohjus$ keytool -genkey -v -keystore my-release-key.keystore -alias my-alias -keyalg RSA -keysize 2048 -validity 10000
Enter keystore password:
Re-enter new password:
What is your first and last name?
[Unknown]: Jussi Pohjolainen
What is the name of your organizational unit?
[Unknown]: TMI Jussi Pohjolainen
What is the name of your organization?
[Unknown]: TMI Jussi Pohjolainen
What is the name of your City or Locality?
[Unknown]: Tampere
What is the name of your State or Province?
[Unknown]: Finland
What is the two-letter country code for this unit?
[Unknown]: FI
Is CN=Jussi Pohjolainen, OU=TMI Jussi Pohjolainen, O=TMI Jussi Pohjolainen, L=Tampere, ST=Finland, C=FI correct?
[no]: yes
Generating 2,048 bit RSA key pair and self-signed certificate (SHA1withRSA) with a validity of 10,000 days
for: CN=Jussi Pohjolainen, OU=TMI Jussi Pohjolainen, O=TMI Jussi Pohjolainen, L=Tampere, ST=Finland, C=FI
Enter key password for <my-alias>
(RETURN if same as keystore password):
[Storing my-release-key.keystore]
TB308POHJUS-L-2:temp pohjus$ ls -al
total 88
drwxr-xr-x 5 pohjus staff 170 9 Tam 18:30 .
drwx------+ 46 pohjus staff 1564 9 Tam 16:43 ..
-rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore
TB308POHJUS-L-2:temp pohjus$
Signing for Public Release
1. Obtain suitable private key 2. Compile the applica3on in release mode 3. Sign your applica1on with private key 4. Align the final APK packate
Compiling using Release Mode
TB308POHJUS-L-2:temp pohjus$ ls -al
total 88
drwxr-xr-x 5 pohjus staff 170 9 Tam 18:30 .
drwx------+ 46 pohjus staff 1564 9 Tam 16:43 ..
-rw-r--r-- 1 pohjus staff 16435 9 Tam 18:28 BMI.apk
-rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore
TB308POHJUS-L-2:temp pohjus$
Signing for Public Release
1. Obtain suitable private key 2. Compile the applica1on in release mode 3. Sign your applica3on with private key 4. Align the final APK packate
Sign your applica1on with private key
• You now have the private key and the .apk file.
• Sign the .apk with the private key using jarsigner
• > jarsigner -verbose -keystore my-release-key.keystore my_application.apk alias_name
TB308POHJUS-L-2:temp pohjus$ jarsigner -verbose -keystore my-release-key.keystore BMI.apk my-alias Enter Passphrase for keystore: adding: META-INF/MY-ALIAS.SF adding: META-INF/MY-ALIAS.RSA signing: res/layout/main.xml signing: AndroidManifest.xml signing: resources.arsc signing: res/drawable-hdpi/icon.png signing: res/drawable-ldpi/icon.png signing: res/drawable-mdpi/icon.png signing: classes.dex
Signing for Public Release
1. Obtain suitable private key 2. Compile the applica1on in release mode 3. Sign your applica1on with private key 4. Align the final APK packate
Align the final APK Package
• zipalign tool ensures op1mizes the package for running in device: reduc1on of in the amount of ram
• > zipalign -v 4 your_project_name-unaligned.apk your_project_name.apk
TB308POHJUS-L-2:temp pohjus$ /Developer/android-sdk-mac_x86/tools/zipalign -v 4 BMI.apk BMI-ready-to-go.apk Verifying alignment of BMI-ready-to-go.apk (4)... 50 META-INF/MANIFEST.MF (OK - compressed) 426 META-INF/MY-ALIAS.SF (OK - compressed) 897 META-INF/MY-ALIAS.RSA (OK - compressed) 2021 META-INF/CERT.SF (OK - compressed) 2440 META-INF/CERT.RSA (OK - compressed) 3142 res/layout/main.xml (OK - compressed) 3693 AndroidManifest.xml (OK - compressed) 4296 resources.arsc (OK) 5916 res/drawable-hdpi/icon.png (OK) 9940 res/drawable-ldpi/icon.png (OK) 11536 res/drawable-mdpi/icon.png (OK) 13777 classes.dex (OK - compressed) Verification succesful TB308POHJUS-L-2:temp pohjus$ ls -al total 88 drwxr-xr-x 5 pohjus staff 170 9 Tam 18:30 . drwx------+ 46 pohjus staff 1564 9 Tam 16:43 .. -rw-r--r-- 1 pohjus staff 16443 9 Tam 18:30 BMI-ready-to-go.apk -rw-r--r-- 1 pohjus staff 16435 9 Tam 18:28 BMI.apk -rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore TB308POHJUS-L-2:temp pohjus$
And Install using ADB TB308POHJUS-L-2:temp pohjus$ /Developer/android-sdk-mac_x86/platform-tools/adb install BMI-ready-to-go.apk
700 KB/s (16443 bytes in 0.022s)
pkg: /data/local/tmp/BMI-ready-to-go.apk
Success
TB308POHJUS-L-2:temp pohjus$
Publishing to Android Market
Or just use Eclipse