[TUTORIAL] Print the certificate of APK - General Topics

When you get an Android application, you might want to know who publish it.
As we known, each APK should be signed before published, or else will get "NO_CERTIFICATE" error while installing.
A signed APK have META-INF directory in its package. We can unzip the APK, print the certificate by the following command:
keytool --printcert -file META-INF/CERT.RSA
then, we will get all the information including: who publish the apk, the fingerprint etc.

abanduan said:
When you get an Android application, you might want to know who publish it.
As we known, each APK should be signed before published, or else will get "NO_CERTIFICATE" error while installing.
A signed APK have META-INF directory in its package. We can unzip the APK, print the certificate by the following command:
keytool --printcert -file META-INF/CERT.RSA
then, we will get all the information including: who publish the apk, the fingerprint etc.
Click to expand...
Click to collapse
This is good or bad?

Absolutly GOOD
piotriix said:
This is good or bad?
Click to expand...
Click to collapse
What do you mean by? good or bad for what?

Thanks. I can install in trusted publishers and root ca in windows using certmgr.msc to install personal certificate hacked via batch file as admin to install digi signed vbscript.
How to do install it in trusted publishers manually using java keytool for android?
If we do above no need to check unknown sources box.
Pressing THANKS easier than typing.
Sent from s5360 GB DDMD1 rooted stock.

Related

How do I sign a .DLL file???

Ok , I am trying to resign my phcanBmp.dll file to have my own images. I have used ResHack in order to change the file and make a new one but I know you need to sign the file in order for it to work...
So I have downloaded the latest BuildOS+Package 4.2b3 and it has a signapp.exe.... Problem is I cant find any information on how to use it??? I have searched google and located a sign and timestamp dll files but I am not sure if this will work with mobile applications.
Please help
ryncppr said:
Ok , I am trying to resign my phcanBmp.dll file to have my own images. I have used ResHack in order to change the file and make a new one but I know you need to sign the file in order for it to work...
So I have downloaded the latest BuildOS+Package 4.2b3 and it has a signapp.exe.... Problem is I cant find any information on how to use it??? I have searched google and located a sign and timestamp dll files but I am not sure if this will work with mobile applications.
Please help
Click to expand...
Click to collapse
ResHack will cause a dll or exe locked to sign if u edit it heavily.
Use Heaventools Resource Editor or PE Explorer instead
I bought Resource Editor and there is no way to sign the file....It shows when I edit only 6 bitmap files it says the file is no longer signed or trusted...is there a way around this
NEVER MIND GOOGLE IS MY FRIEND
ryncppr said:
I bought Resource Editor and there is no way to sign the file....It shows when I edit only 6 bitmap files it says the file is no longer signed or trusted...is there a way around this
Click to expand...
Click to collapse
i attached the program i used to sign the htchome.dll file I patched. Do the following:
1) Put the file in the same folder as the program.
2) Go into command prompt and navigate to the folder which contains the the file (in my case C:\Documents and Settings\ScottE\Desktop\Programs\ATT Tilt\Programs\SignCode\SignCode)
3) Type "sign filename" which in my case was: sign htchome.dll
Then it should give you a message that the file was signed.
I just added a screenshot
you can also use sign tool from Microsoft SDK 2008
i tought he cannot sign the file after edit it. silly me there is also multisign tool floating in this forum based on SDK but with easy GUI.
skatdawg said:
i attached the program i used to sign the htchome.dll file I patched. Do the following:
1) Put the file in the same folder as the program.
2) Go into command prompt and navigate to the folder which contains the the file (in my case C:\Documents and Settings\ScottE\Desktop\Programs\ATT Tilt\Programs\SignCode\SignCode)
3) Type "sign filename" which in my case was: sign htchome.dll
Then it should give you a message that the file was signed.
I just added a screenshot
Click to expand...
Click to collapse
Thats what I used..!!!! Thank you so much for the response...The 2008 SDK signs files but not really, you actually have to buy digital signatures...this way its free and works....
Just copied my phncanbmp test file to my phone and it works like a charm!!
ryncppr said:
Thats what I used..!!!! Thank you so much for the response...The 2008 SDK signs files but not really, you actually have to buy digital signatures...this way its free and works....
Just copied my phncanbmp test file to my phone and it works like a charm!!
Click to expand...
Click to collapse
Glad to help you man
a lot of thanks dear scotchua very useful

rezipping update

I have opened jf1.5 adp1 and removed the camera app from it how do I zip it back up so my phone will perform the update. I have already updated my phone to the unedited version of jf1.5 adp1 when I try to use the edited version it aborts the updated
quilobo said:
I have opened jf1.5 adp1 and removed the camera app from it how do I zip it back up so my phone will perform the update. I have already updated my phone to the unedited version of jf1.5 adp1 when I try to use the edited version it aborts the updated
Click to expand...
Click to collapse
it has to be signed .. read JFs info for his "Build Environment" .. very easy to do in linux .. you can't just modify the zip and be done .. files must be signed
thanks for your response
No need for the entire build environment. Just get the AndroidMod.zip file (google for dl sources) and run the modified update.zip through signapk. There is a readme included detailing how to use it.
I have the sign app but I can't figure out how to use it. I searched but I could not find a good set of instructions.
Open your command line, change directory to the signapk directory (also for convenience your update.zip file should be in this directory too) then type:
java -jar signapk.jar testkey.x509.pem testkey.pk8 update.zip update_signed.zip
That's it. The update_signed.zip file will be the finished file. If it gives you an error 'java' is not a valid executable, that is because you don't have JRE or JDK installed.
ok I did all that put the update.zip that is signed on my sd card with nothing else on it. started teh up date the phone verifies the file. then it starts installing as soon as it starts to install I get this error on my phone. "E:Can't find update script installation aborted.
Somehow you deleted the update-script. Check the zip file to see if its still present:
\META-INF\com\google\android\update-script
it is still there
quilobo said:
it is still there
Click to expand...
Click to collapse
Confusing.
it is only a 3k file. I found a 14k file in another update.zip I had
still says it can't find it
What archive creation program are you using to create the zip?
winzip what should I be using
Hm. Idk, I was just curious. It shouldn't make a difference really. Particularly if the signing tool worked fine. Maybe someone else can shed some light on this.
Try and re download your sources and then modify and resign.
Also be sure to check your sources after download and transfer (SHA1, MD5 etc)
ok I redownloaded the file and repeated the process and still get the same error. all I am trying to do is remove the camera app from the jf1.5adp1 build and put it on my phone .

implementing Licencing service for app inventor apk

While following a tutorial over at androidworld.it I have created and edited a app inventor application that I would like to post up on the market.
Wile I was uploading into the developer console and publishing everything checked out fine until I hit publish. The old way for copy protection will soon be extinct and the following shows up.
The copy protection feature will be deprecated soon, please use licensing service instead.
Click to expand...
Click to collapse
To do this the apk file needs taken back down to source and ...
Integrating the LVL with your application code involves these tasks:
1. Adding the licensing permission your application's manifest.
2. Implementing a Policy — you can choose one of the full implementations provided in the LVL or create your own.
3. Implementing an Obfuscator, if your Policy will cache any license response data.
4. Adding code to check the license in your application's main Activity
Click to expand...
Click to collapse
The closest way ive seen on how to install this is ..
If you are developing using the SDK command-line tools, navigate to the directory containing your application project and open the default.properties file. Add a line to the file that specifies the android.library.reference.<n> key and the path to the library. For example:
android.library.reference.1=path/to/library_project
Alternatively, you can use this command to update the project properties, including the reference to the library project:
android update lib-project
--target <target_ID> \
--path path/to/my/app_project \
--library path/to/my/library_project
Click to expand...
Click to collapse
But decompiling the apk file with apktool creates no "default.properties" file
So I am at a loss on how to get this working.. Anyone recently get a app inventor app working on the market and figure out this part ? The tutorial has no info on this part. it may have been made prior to google implementing this.
Has anyone found a solution to this yet?
nicklantz did you end up with anything useful?
Any help appreciated.
Thanks
I have the same question.
anyone has the solution?

xap package signature is not valid?

i try to load some xap files into my phone using Tom XAP Installer v1.1, but i consistently got some error messages. i tried every method and can not fix it.
1. make sure your phone is unlocked
2. make sure you connected device to pc and zune launched.
My device is 100% sure unlocked and i have every tool installed in my machine.
Finally i used application deployment tool by MS, and i got error message:
"xap package signature is not valid or the wp manifest file is invalid. re-sign with valid signature and fix the manifest file."
what should i do? thanks for you help.
The XAP's are DRM protected. I know multiple ways to strip off the DRM, but that would be illegal and therefore I will not give you instructions on this forum. That would violate the rules of XDA forum.
The guy who gave you the xap used the wrong compression method to generate it.
- Rename it to .zip
- Decompress the zip
- Compress the decompressed files with Windows Integrated ZIP (Right Click->Send To)
- Rename .zip to .xap
so basically if you knew multiple ways to strip off the DRM, i can google it and do it by myself.
anyway, thanks.
Heathcliff74 said:
The XAP's are DRM protected. I know multiple ways to strip off the DRM, but that would be illegal and therefore I will not give you instructions on this forum. That would violate the rules of XDA forum.
Click to expand...
Click to collapse
simply re-decompressing the file will solve my problem? i doubt.
but i will try later. thanks.
kuerbis2 said:
The guy who gave you the xap used the wrong compression method to generate it.
- Rename it to .zip
- Decompress the zip
- Compress the decompressed files with Windows Integrated ZIP (Right Click->Send To)
- Rename .zip to .xap
Click to expand...
Click to collapse
thanks it's working...
does not work for me, but thanks?
I think you can use WP7-DesktopMarketplace
And remember to choose Remove DRM & Replace signature

[Q] Rar on android.

Hi:
I've recently started to develop my own comic reader. The problem I've come up with is cbr files, which are esentially rar files. Now I know there are comic readers out there (all of them, I think) that support cbr files. So there is a way of doing this, I just can't find how.
In the rarlabs official page (search google rar addons and it's the first page) there are several options. I would like to know if I download the commandline arm unrar how I could install it on Android (I have a motorola Xoom, it would be for Honeycomb), assuming that is correct.
If this is not an option is there a command line unrar application that I could call from my own? and How would the code be (to call an external application, that is)?
If the above is not possible, what is the way to get to unrar something in android?
The only real option I've seen would be to use junrar (hosted on github)
But it seems complicated and I'm not sure it works very well as I've seen a lot of conflicting reports.
Thanks for any help!
Try http://www.all-freeware.com/results/rar/for/android to unpack rar on Android.
Success,
Senax
Hi:
I'm not exactly sure what you wanted me to try. There is nothing in that page that would allow me to uncompress a rar file on android. Only a bunch of unrar utitilities and some android things but they are not related, that is, there is nothing that says unrar that also works on android.
thanks anyway.
Unrar
great app available here: androidzoom (dot) com/android_applications/tools/unrar_dhpu.html
Cheers,
Romuloxiii
Hi:
It's seems that I didn't make myself clear.
I want to develop an android application that needs to unrar files. Is there a way to call the unrar application from my own code?
If so, can you tell me how?
Otherwise, I appreciate the effort, but I can't use that.
Thank you very much!
You can bring the unrar binary along in the /asset of your app,
on first launch copy it to your apps /file directory, chmod +x it, and use exec("sh") to unrar the files from shell.
oh, I see. I think I get the the idea but I don't understand all the instructions.
What did you mean by importing thebinary on my asset?
If I do the step above why do I need to copy the binary on first launch?
Don't I need root privileges too chmod it? And how do I do it from my source code?
And finally where can I find the command line use of the application? Or is it the same as the Linux version?
I know there are a lot of questions, but please keep in mind that I'm very new at doing this.
Thanks for all the help!
You need to put it as asset to bring it along.
You need to copy it because asset files are not directly accessable.
You don't need root to chmod the file in your own directory.
You do it by using a shell from your code i.e. Process.exec("sh")
And finally you want to program the app not me,
so don't be lazy and invest some time.
Google google google google...
If there are still questions left after that, you may ask again .
Ok, I'll try it and get back to you!
Thanks!
Sorry for my lazyness, but I've been Googling for a good half hour without finding a simple 'unrar' binary executable compiled to run from terminal on rooted ARMx32 device. I don't want bloated GUI APK's or libraries for development implementation, but just the plain command line interface executable. Anyone, please? It's a pity they haven't baked it into Busybox as an applet, IMO.

Categories

Resources