We’re just finishing our new BlueID Client for Android devices. During the development I realized, that we need to rezip the BlueID software for Android because it must be personalized on the fly on download request. This is needed for security!
I found no tutorial explaining this content and it was a little bit tricky. If you like to make changes to an Android Package (file ending apk) internally in Java you need to do more than only unzip and zip again. I first tried to solve this by using the apkbuilder form the android-sdk tools, but it only works with file operations. I think I found a better solution.
First you need to include some libraries from the android-sdk tools lib folder into your project.
- apkbuilder.jar
- androidprefs.jar
- jarutils.jar
Then you need to make your changes to your package with the standard ZipStreams from Java. After this, use the following method for rezip or sign the package correctly for Android phones.
public byte[] packApk(byte[] zip) throws Exception {
DebugKeyProvider keyProvider = new DebugKeyProvider(null, null, null);
PrivateKey key = keyProvider.getDebugKey();
X509Certificate certificate = (X509Certificate) keyProvider.getCertificate();
ByteArrayOutputStream bout = new ByteArrayOutputStream();
SignedJarBuilder builder = new SignedJarBuilder(bout, key, certificate);
builder.writeZip(new ByteArrayInputStream(zip), null);
builder.close();
return bout.toByteArray();
}
I hope this code will help you!
Regards, Julia Bory
Schlagworte: Android, APK, apkbuilder, blueid, com.android.apkbuilder.ApkBuilder, HTC Hero, Java, Motorola Milestone, packen, Phone, rezip, security, Sicherheit, sign, signieren, signing, signjarbuilder, unzip, zip
Loading ...
