安卓15预置第三方apk时签名报错题目解决

打印 上一主题 下一主题

主题 993|帖子 993|积分 2979

有同事反馈集成apk时安装失败
   PackageManager: Failed to scan /product/app/test: No APK Signature Scheme v2 signature in package /product/app/test/test.apk
  检察编译后的apk签名信息
   DOES NOT VERIFY
  ERROR: JAR signer CERT.RSA: JAR signature META-INF/CERT.SF indicates the APK is signed using APK Signature Scheme v2 but no such signature was found. Signature stripped?
  但是用命令检察我的apk是正常的apksigner verify -v test.apk | grep Verified
   Verified using v1 scheme (JAR signing): true
  Verified using v2 scheme (APK Signature Scheme v2): true
  Verified using v3 scheme (APK Signature Scheme v3): false
  Verified using v3.1 scheme (APK Signature Scheme v3.1): false
  Verified using v4 scheme (APK Signature Scheme v4): false
  Verified for SourceStamp: false
  那么应该是编译过程做了某些变动。
解决办法

通过预编译的方法

  1. android_app_import {
  2.     name: "test",
  3.     apk: "test.apk",
  4.     // 保留apk自己的签名
  5.     presigned: true,
  6.     preprocessed: true,
  7.     // 打开将放到对应分区目录的priv-app文件夹下
  8.     // privileged: true,
  9.     // 打开将放到system_ext分区
  10.     // system_ext_specific: true,
  11.     // 打开将放到product分区
  12.     // product_specific: true,
  13.     // 打开将放到vendor分区
  14.     // proprietary: true,
  15.     // odm分区
  16.     // device_specific: true
  17.     // apk优化,内置三方apk时建议关闭
  18.     dex_preopt: {
  19.         enabled: false,
  20.     },
  21. }
复制代码
在安卓15上新增了app_import.go - OpenGrok cross reference for /build/soong/java/app_import.go
validatePresignedApk检测
假如加了presigned,但不加preprocessed,同时targetSdk大于即是30就会编译报错,更加方便开发者定位题目:
   [100% 5/5 0s remaining] Check presigned apkFAILED: out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stampbuild/soong/scripts/check_prebuilt_presigned_apk.py --aapt2 out/host/linux-x86/bin/aapt2 --zipalign out/host/linux-x86/bin/zipalign packages/test/test.apk out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stamppackages/test/test.apk: Prebuilt, presigned apks with targetSdkVersion >= 30 (or a codename targetSdkVersion) must set preprocessed: true in the Android.bp definition (because they must be signed with signature v2, and the build system would wreck that signature otherwise)
  别的apk内里的so不能压缩,否则会报错
   FAILED: out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stamp
  build/soong/scripts/check_prebuilt_presigned_apk.py --aapt2 out/host/linux-x86/bin/aapt2 --zipalign out/host/linux-x86/bin/zipalign --preprocessed packages/test/test.apk out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stamp
  packages/test/test.apk: Contains compressed JNI libraries
  因为安卓6开始支持直接加载apk内里的so,假如压缩的话,预编译会在apk内部进行解压,那么就会破坏apk签名。

其实,假如apk的minSdkVersion >= 23 并且 Android Gradle plugin >= 3.6.0情况下,打包时android:extractNativeLibs=false,apk的so默认是不压缩的。
在minSdkVersion < 23 或 Android Gradle plugin < 3.6.0情况下,打包时 android:extractNativeLibs=true,apk的so默认是压缩的。
参考:https://juejin.cn/post/6943920550125420558
Android13解决android_app_import内置第三方APK安装失败题目_but no such signature was found. signature strippe-CSDN博客
浅谈extractNativeLibs
通过直接拷贝的方法

参考:https://blog.csdn.net/wangwei6227/article/details/123727372
同样要注意apk so的压缩题目,假如是压缩过的,必须提取出来,并拷贝到apk机器目次。
可能碰到的selinux权限题目

   01-01 12:00:39.520000 5326 5326 W om.skype.raider: type=1400 audit(0.0:64): avc: denied { read } for name=“libSkypeAndroid.so” dev=“mmcblk0p22” ino=770074 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=ubject_r:system_data_file:s0 tclass=file permissive=0
  #====================== untrusted_app.te ======================
allow untrusted_app system_data_file:file r_file_perms;
参考:采用Signature Scheme v2签名方式的APK预置失败

免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?立即注册

x
回复

使用道具 举报

0 个回复

倒序浏览

快速回复

您需要登录后才可以回帖 登录 or 立即注册

本版积分规则

杀鸡焉用牛刀

金牌会员
这个人很懒什么都没写!
快速回复 返回顶部 返回列表