ionic signature

Detailed explanation of Android application signature (or re-signature) developed by

IONIC Complete apk signature through DOS commands

A total of 3 tools, or 3 commands are needed to sign apk, namely: keytool, jarsigner and zipalign, the following is the right A brief introduction to these three tools:
            1) keytool: generate a digital certificate, that is, a key, which is the file with the extension .keystore mentioned above;
            2) jarsigner: use a digital certificate to sign the apk file;
            3) zipalign: Optimize the signed apk to improve the efficiency of interaction with the Android system (this tool is included in the Android SDK version 1.6).
      From the functions of these three tools, we can also see the order in which these three tools are used. Usually all the applications we develop by ourselves use the same signature, that is, use the same digital certificate, which means: if you are signing an Android application for the first time, the three tools above will be used. ; But if you already have a digital certificate, you only need to use jarsigner and zipalign to sign other apks in the future.
      In order to facilitate the use of the above three commands, you first need to add the paths where the above three tools are located to the environment variable path (I am talking about the convenience of use, not saying that this is necessary). How to configure environment variables will not be explained here. Here we need to talk about the default path of these three tools:
            1) keytool: the tool is located in the bin directory of the jdk installation path;
            2) jarsigner: the tool is located in the bin directory of the jdk installation path Under contents;
            3) zipalign: This tool is located in the android-sdk-windows/tools/ directory.
      I don’t know if you have noticed that the keytool and jarsigner tools are provided by jdk, which means that the generation of digital certificates and file signatures is not a patent of Android; In addition, literally understanding jarsigner can also guess that the tool is mainly used to sign jar files.

1" Use the keytool tool to generate a digital certificate
      keytool -genkey -v -keystore liufeng.keystore -alias liufeng.keystore -keyalg RSA -validity 20000
Description:
      1) keytool is the name of the tool, -genkey means that the operation is to generate a digital certificate, -v means to print out the details of the generated certificate and display it in the dos window;
      2)-keystore liufeng.keystore means the file name of the generated digital certificate is "liufeng.keystore";
      3)-alias liufeng.keystore means the certificate's The alias is "liufeng.keystore", of course, it can be different from the file name above;
      4) -keyalg RSA indicates that the algorithm used to generate the key file is RSA;
      5) -validity 20000 indicates that the validity period of the digital certificate is 20000 days, It means that the certificate will be invalid
after execute the above command to generate a digital certificate file, you will be prompted to enter some information, including the password of the certificate. The example is as follows:
     
2"Use the jarsigner tool to sign the Android application
      jarsigner -verbose -keystore liufeng.keystore -signedjar notepad_signed.apk notepad.apk liufeng.keystore
Description:
      1) jarsigner is the name of the tool, -verbose means to print out the detailed information in the signing process , displayed in the dos window;
      2) -keystore liufeng.keystore indicates the location of the digital certificate used for signing, there is no path written here, it indicates that it is in the current directory;
      3) -signedjar notepad_signed.apk notepad.apk indicates to notepad.apk File signature, the signed file name is notepad_signed.apk;
      4) The last liufeng.keystore represents the alias of the certificate, which corresponds to the name behind the -alias parameter when generating the digital certificate
3 "Use the zipalign tool to optimize the signed apk (non- It is necessary but recommended)
      zipalign -v 4 notepad_signed.apk notepad_signed_aligned.apk
description:
      1) zipalign is the tool name, -v means to print out detailed optimization information in the DOS window;
      2) notepad_signed.apk notepad_signed_aligned.apk means to optimize the signed file notepad_signed.apk, and the optimized file name is notepad_signed_aligned.apk

Note: If your previous program uses the default signature method (ie debug signature), once you change it The new signed application will not be able to overwrite the installation, and the original program must be uninstalled before it can be installed. Note: 1. Package apk There are two commands to package and generate apk under ionic: ionic bulid android ionic build --release android The first command generates a Cordova-debug.apk, which is obviously used for local development and testing. , Note that this apk is signed, so it can be installed on the mobile phone, but this cannot be used to put it on the shelves (experience the pit in person), because only packaging in the same environment can ensure that the signature of this apk is the same, This means that your machine must always be in good condition and the system and packaging tools, etc., are not modified. This is obviously unreasonable. Therefore, we must use the production method to package, which is the second command. This command generates an unsigned apk, which cannot be installed on the mobile phone and must be signed. http://www.cnblogs.com/share123/p/5900583.html http://blog.csdn.net/maxbalance/article/details/49157579