定制自己的系统签名key,主要是防止相应平台大家使用的签名文件都是一样的情况下,非自己提供的签名文件签名第三方apk也能使用你的系统的权限,所有就需要我们根据自己的情况定制属于自己的系统签名key,具体的操作如下:
1.根据build/target/product/security_ori/README的帮助,修改相应的参数生成testkey、platform、shared、media,具体命令如下所示
The following commands were used to generate the test key pairs:
development/tools/make_key testkey '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
development/tools/make_key platform '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
development/tools/make_key shared '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
development/tools/make_key media '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
2. 生成 generate_verity_key
make generate_verity_key (mmm system/extras/verity/)
development/tools/make_key veritykey '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/[email protected]'
out/host/linux-x86/bin/generate_verity_key -convert veritykey.x509.pem verity_key
拷贝veritykey.pk8,veritykey.x509.pem,verity_key.pub 至 build/target/product/security/ 目录,将其重命名: verity.pk8, verity.x509.pem,verity_key ,并替换相应的 key。
根据以上步骤把生成的相应的key替换系统中build/target/product/security/ 目录下的key后重新编译系统,即可使用自己生成的系统签名key