1. Signature file path
Determined by DEFAULT_SYSTEM_DEV_CERTIFICATE
It can be seen in build/core/config.mk
ifdef PRODUCT_DEFAULT_DEV_CERTIFICATE
DEFAULT_SYSTEM_DEV_CERTIFICATE := $(PRODUCT_DEFAULT_DEV_CERTIFICATE)
else
DEFAULT_SYSTEM_DEV_CERTIFICATE := build/make/target/product/security/testkey
endif
It is in turn determined by PRODUCT_DEFAULT_DEV_CERTIFICATE
We can define PRODUCT_DEFAULT_DEV_CERTIFICATE in different product mk
For example, device/mediatek/*****/device.mk
PRODUCT_DEFAULT_DEV_CERTIFICATE := vendor/google_mediatek/security/releasekey
2. Signature file name
Determined by LOCAL_CERTIFICATE
In build/core/package_internal.mk
# Pick a key to sign the package with. If this package hasn't specified
# an explicit certificate, use the default.
# Secure release builds will have their packages signed after the fact,
# so it's ok for these private keys to be in the clear.
ifeq ($(LOCAL_CERTIFICATE),)
LOCAL_CERTIFICATE := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
endif
ifeq ($(LOCAL_CERTIFICATE),EXTERNAL)
# The special value "EXTERNAL" means that we will sign it with the
# default devkey, apply predexopt, but then expect the final .apk
# (after dexopting) to be signed by an outside tool.
LOCAL_CERTIFICATE := $(DEFAULT_SYSTEM_DEV_CERTIFICATE)
PACKAGES.$(LOCAL_PACKAGE_NAME).EXTERNAL_KEY := 1
endif
# If this is not an absolute certificate, assign it to a generic one.
ifeq ($(dir $(strip $(LOCAL_CERTIFICATE))),./)
LOCAL_CERTIFICATE := $(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))$(LOCAL_CERTIFICATE)
endif
If LOCAL_CERTIFICATE is not defined in the application's Android.mk, the default testkey signature file is called.
If LOCAL_CERTIFICATE:=platform is defined, it means that the platform signature is used. In this case, the apk has the same signature as the system, because the system-level signature is also signed using the platform. In this case, use android:sharedUserId="android.uid. system" is useful!
3. Get the MD5 value of the apk signature
1. Install jdk and configure the environment
2. Execute the command in cmd: keytool -printcert -jarfile xxx.apk