1.創建壹個update目錄,該目錄包含自己想要升級或替換的內容
例如:
update/
update/system
update/system/app
update/system/app/doodle_jump.apk
update/META-INF
update/META-INF/com
update/META-INF/com/google
update/META-INF/com/google/Android
update/META-INF/com/google/android/update-script
該目錄包含doodle_jump遊戲,升級後該apk將出現在手機的/system/app/目錄下。
META-INF目錄下包含升級腳本,update-script腳本的內容如下:
show_progress 0.500000 0
copy_dir PACKAGE:system SYSTEM:
show_progress 0.100000 0
大家可以根據自己的升級內容添加相應的命令。
2.創建壓縮包
在update/目錄下運行:
$ zip -qry ../update.unsigned.zip ./
將在update/的父目錄下產生update.unsigned.zip 壓縮包
3.簽名
$?Java?-Xmx512m -jar signapk.jar -w key.x509.pem key.pk8 update.unsigned.zip update.zip
生成簽過名的update.zip包,其中
signapk.jar,key.x509.pem,key.pk8與具體手機系統相關
4.將簽過名的update.zip包放入手機sdcard根目錄,
重啟系統進入recovery模式,選擇
apply update.zip,成功後重啟手機
ok,現在手機上已經有doodle_jump遊戲了,並且它無法被刪除~
-- original english --
When publishing an application or a custom rom? you need to sign the .apk or .zip files with a?certificate?using a private key. The?Android?system uses the certificate to identify the author of an application and establish trust relationship between applications. The classic way of doing this was to use?keytool?then sign it with?jarsigner. In this tutorial i’ll explain an alternative method which is relatively easy to use for most people? using a tool calledSignApk.jar.
SignApk.jar is a tool included with the Android platform source bundle, you can download it from?here. To use SignApk.jar you have to create a private key with it’s corresponding certificate/public key. To create private/public key pair, you can use?Openssl. Openssl is relatively easy to use under unix/Linux?system. For Windows user, you can download Windows version of Openssl?here.
How to create private/public key pair using openssl (windows version)
Download openssl package from link given above
Extract it anywhere on your drive (eg. C:\openssl)
Within openssl directory type (use cmd tool):
- openssl genrsa -out key.pem 1024
- openssl req -new -key key.pem -out request.pem
- openssl x509 -req -days 9999 -in request.pem -signkey key.pem -out certificate.pem
- openssl pkcs8 -topk8 -outform DER -in key.pem -inform PEM -out key.pk8 -nocrypt
Note:
If you don’t want to create your own public/private key pair, you can use test key included in SignApk.rar.
======================================= Import =========================================
There are several ways to install applications or? library files to an?Android?Phone. You can use?Marketapplication to find and install or?adb?command line tool to install or push the files to Android file system. These are all easy to implement for? single? file but if you have several applications or library files to install at once, it might be better to use?update zip?file. The update zip file is Android advanced system to install applications or lib files to Android file system using recovery tool. This method is commonly used by rom or theme developers to distribute their package.
Download SignApk.rar from link given above
Extract it? anywhere on your drive (eg. c:\SignApk)
If you don’t have java installed,?download?and install it.
Copy certificate.pem and key.pk8 into your extracted SignApk directory
Within SignApk directory type:
java -jar signapk.jar certificate.pem key.pk8 your-app.apk? your-signed-app.apk
OR
java -jar signapk.jar certificate.pem key.pk8 your-update.zip your-signed-update.zip