当需要一些权限的时候就会用到系统的签名,有两种方式可以获得系统签名。
首先必须在AndroidManifest.xml的manifest节点中添加 android:sharedUserId=”android.uid.system”。
1.利用系统的签名文件
在android6.0和之前的版本可以用这条命令,
java -jar out/host/linux-x86/framework/signapk.jar build/target/product/security/platform.x509.pem build/target/product/security/platform.pk8 Settings.apk Settings.apk
在android7.0及之后的版本,使用这条命令,出现下面的错误
Exception in thread "main" java.lang.UnsatisfiedLinkError: no conscrypt_openjdk_jni in java.library.path
at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1867)
at java.lang.Runtime.loadLibrary0(Runtime.java:870)
at java.lang.System.loadLibrary(System.java:1122)
at org.conscrypt.NativeCryptoJni.init(NativeCryptoJni.java:25)
at org.conscrypt.NativeCrypto.<clinit>(NativeCrypto.java:54)
at org.conscrypt.OpenSSLBIOInputStream.<init>(OpenSSLBIOInputStream.java:34)
at org.conscrypt.OpenSSLX509Certificate.fromX509PemInputStream(OpenSSLX509Certificate.java:119)
at org.conscrypt.OpenSSLX509CertificateFactory$1.fromX509PemInputStream(OpenSSLX509CertificateFactory.java:220)
at org.conscrypt.OpenSSLX509CertificateFactory$1.fromX509PemInputStream(OpenSSLX509CertificateFactory.java:216)
at org.conscrypt.OpenSSLX509CertificateFactory$Parser.generateItem(OpenSSLX509CertificateFactory.java:94)
at org.conscrypt.OpenSSLX509CertificateFactory.engineGenerateCertificate(OpenSSLX509CertificateFactory.java:272)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
at com.android.signapk.SignApk.readPublicKey(SignApk.java:182)
at com.android.signapk.SignApk.main(SignApk.java:1087)
conscrypt_openjdk_jni是个什么东西。。。
这是一个库文件,位于prebuilts/sdk/tools/linux/lib64/libconscrypt_openjdk_jni.so,位置可能不同,可以使用find命令查找一下,然后使用下面的下面的命令进行签名。
java -Djava.library.path=prebuilts/sdk/tools/linux/lib64/ -jar out/host/linux-x86/framework/signapk.jar build/target/product/security/platform.x509.pem build/target/product/security/platform.pk8 out/target/product/v51_figi/system/priv-app/SettingsFigi/SettingsFigi.apk SettingsFigi.apk
注意前面多了 -Djava.library.path=prebuilts/sdk/tools/linux/lib64/ 这句话。
然后我把这些文件移到windows下,想在windows下完成签名,确怎么也不成功,提示的错误跟上面的一样,找不到conscrypt_openjdk_jni,有知道的大神可以告诉我,感激不尽。
2.利用Android.mk,这个方法网上有很多的介绍,这里简单写下
LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
LOCAL_MODULE := app-debug
LOCAL_SRC_FILES := app-debug.apk
LOCAL_MODULE_CLASS := APPS
LOCAL_MODULE_TAGS := optional
LOCAL_MODULE_SUFFIX := $(COMMON_ANDROID_PACKAGE_SUFFIX)
LOCAL_CERTIFICATE := platform
#LOCAL_PRIVILEGED_MODULE := true
#LOCAL_REQUIRED_MODULES :=
include $(BUILD_PREBUILT)
platform
#LOCAL_PRIVILEGED_MODULE := true
#LOCAL_REQUIRED_MODULES :=
include $(BUILD_PREBUILT)
LOCAL_CERTIFICATE 这个就是决定用哪种签名