Back

android - 发包, release production 发布安卓app的签名

发布时间: 2015-02-07 01:44:00

refer to:  http://blog.sina.com.cn/s/blog_6dee445401011gk6.html , 

and  http://www.cnblogs.com/ayanmw/p/3721858.html

为什么要用签名?

签名可以让你更方便的升级。让新的apk 包直接替换(覆盖安装)旧的apk文件,并且可以共享之前的数据目录。

所以对于安卓来说,签名很必要。

基本命令是:

# 参数 -validity: 33333天后过期。  对于 google store 需要大于10000天。
$ keytool -genkeypair -v -keystore /workspace/android_keys/happystock -alias happystock -keyalg RSA -sigalg SHA1withRSA -validity 33333

记得你输入的密码。

之后就会发现多个一个文件: /workspace/android_keys/happystock

# 可以用下面的命令查看这个 签名的详情: 
$ keytool -list -v -keystore /workspace/android_keys/happystock 
(记得密码要输入正确) 
Enter keystore password:  

Keystore type: JKS
Keystore provider: SUN

Your keystore contains 1 entry

Alias name: happystock
Creation date: Feb 7, 2015
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Happysoft, OU=Happysoft, O=Happysoft, L=Beijing, ST=Beijing, C=bj
Issuer: CN=Happysoft, OU=Happysoft, O=Happysoft, L=Beijing, ST=Beijing, C=bj
Serial number: 41049??
Valid from: Sat Feb 07 09:50:08 CST 2015 until: Fri May 14 09:50:08 CST 2106
Certificate fingerprints:
	 MD5:  DA:E4:20:38:ED:06:C5:CA:A4:3D:D6:E7:74:B6:??:23
	 SHA1: FE:36:CE:BC:D6:CD:49:6A:76:30:9A:82:F8:C7:93:75:C9:A3:??:59
	 SHA256: 69:B4:ED:48:96:9B:C2:64:01:9A:1B:AC:5E:52:FF:39:E8:84:24:CC:33:EC:A7:A6:0A:6A:C0:D2:2A:44:??:EF
	 Signature algorithm name: SHA1withRSA
	 Version: 3

Extensions: 

#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 44 D5 E9 E6 29 A6 6A 44   A0 CE 0E B3 00 ED 4D 7C  D...).jD......M.
0010: 8D 86 54 ??                                        ..T.
]
]
*******************************************
*******************************************

这个文件是用来给 apk 文件签名的( 这个文件本身不是签名,要注意了~) 

正常的 android 开发中,需要人肉使用  jarsigner 来运行命令,在Titanium  中,使用下面的命令:

# 注意 --target 以及后面的 -K (签名辅助文件), -P (签名辅助文件的密码), -L(别名)  -O (output file) 参数.
$ ti build --platform android --target dist-playstore -K /workspace/android_keys/happystock -P ?illyboy? -L happystock -O ./build

运行后,就可以看到结果了:

[INFO]  Creating unsigned apk
[INFO]  Processing /workspace/happystock_titanium/build/android/src
[INFO]  Writing unsigned apk: /workspace/happystock_titanium/build/android/bin/app-unsigned.apk
[INFO]  Using SHA1withRSA signature algorithm
[INFO]  Signing apk: /workspace/coding_tools/jdk1.7.0_67/bin/jarsigner "-sigalg" "SHA1withRSA" "-digestalg" "SHA1" "-keystore" "/workspace/android_keys/happystock" "-storepass" "*********" "-signedjar" "/workspace/happystock_titanium/build/android/bin/HappyStock.apk" "/workspace/happystock_titanium/build/android/bin/app-unsigned.apk" "happystock"
[INFO]  Aligning zip file: /workspace/android-sdk-linux/build-tools/20.0.0/zipalign "-v" "4" "/workspace/happystock_titanium/build/android/bin/HappyStock.apk" "/workspace/happystock_titanium/build/android/bin/HappyStock.apkz"
[INFO]  Writing build manifest: /workspace/happystock_titanium/build/android/build-manifest.json
[DEBUG] Copying /workspace/happystock_titanium/build/android/bin/HappyStock.apk => /workspace/happystock_titanium/build/HappyStock.apk
[INFO]  Packaging complete
[INFO]  Package location: /workspace/happystock_titanium/build/HappyStock.apk
[INFO]  Project built successfully in 1m 31s 632ms

把生成的文件 ,安装到手机上。

# 如果安装不了,提示 签名发生变化的话 (Failure [INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES])
# 就手动把手机端的app卸载,然后重新装
$ /workspace/android-sdk-linux/platform-tools/adb -s 4f6068df install -r build/HappyStock.apk

然后,来这里:http://open.weixin.qq.com/download/sdk/gen_signature.apk 下载签名应用,在手机中运行,根据提示输入程序的包名获得一个apk签名字符串,最后将这个字符串填到第一步的应用签名栏处。保存OK 可以正常调试应用了。

p.s. 可以得到结论:  这个签名字符串就是 md5 去掉了: ,并且全小写的结果。

Certificate fingerprints:
	 MD5:  DA:E4:20:38:ED:06:C5:CA:A4:3D:D6:E7:74:??:A1:23
结果为:  dae42038...a123

Back