安卓15预置第三方apk时签名报错题目解决

有同事反馈集成apk时安装失败
   PackageManager: Failed to scan /product/app/test: No APK Signature Scheme v2 signature in package /product/app/test/test.apk
  检察编译后的apk签名信息
   DOES NOT VERIFY
  ERROR: JAR signer CERT.RSA: JAR signature META-INF/CERT.SF indicates the APK is signed using APK Signature Scheme v2 but no such signature was found. Signature stripped?
  但是用命令检察我的apk是正常的apksigner verify -v test.apk | grep Verified
   Verified using v1 scheme (JAR signing): true
  Verified using v2 scheme (APK Signature Scheme v2): true
  Verified using v3 scheme (APK Signature Scheme v3): false
  Verified using v3.1 scheme (APK Signature Scheme v3.1): false
  Verified using v4 scheme (APK Signature Scheme v4): false
  Verified for SourceStamp: false
  那么应该是编译过程做了某些变动。
解决办法

通过预编译的方法

1. android_app_import {
2.     name: "test",
3.     apk: "test.apk",
4.     // 保留apk自己的签名
5.     presigned: true,
6.     preprocessed: true,
7.     // 打开将放到对应分区目录的priv-app文件夹下
8.     // privileged: true,
9.     // 打开将放到system_ext分区
10.     // system_ext_specific: true,
11.     // 打开将放到product分区
12.     // product_specific: true,
13.     // 打开将放到vendor分区
14.     // proprietary: true,
15.     // odm分区
16.     // device_specific: true
17.     // apk优化，内置三方apk时建议关闭
18.     dex_preopt: {
19.         enabled: false,
20.     },
21. }

复制代码

在安卓15上新增了app_import.go - OpenGrok cross reference for /build/soong/java/app_import.go
validatePresignedApk检测
假如加了presigned，但不加preprocessed，同时targetSdk大于即是30就会编译报错，更加方便开发者定位题目：
   [100% 5/5 0s remaining] Check presigned apkFAILED: out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stampbuild/soong/scripts/check_prebuilt_presigned_apk.py --aapt2 out/host/linux-x86/bin/aapt2 --zipalign out/host/linux-x86/bin/zipalign packages/test/test.apk out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stamppackages/test/test.apk: Prebuilt, presigned apks with targetSdkVersion >= 30 (or a codename targetSdkVersion) must set preprocessed: true in the Android.bp definition (because they must be signed with signature v2, and the build system would wreck that signature otherwise)
  别的apk内里的so不能压缩，否则会报错
   FAILED: out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stamp
  build/soong/scripts/check_prebuilt_presigned_apk.py --aapt2 out/host/linux-x86/bin/aapt2 --zipalign out/host/linux-x86/bin/zipalign --preprocessed packages/test/test.apk out/soong/.intermediates/packages/test/test/android_common/validated-prebuilt/check.stamp
  packages/test/test.apk: Contains compressed JNI libraries
  因为安卓6开始支持直接加载apk内里的so，假如压缩的话，预编译会在apk内部进行解压，那么就会破坏apk签名。

其实，假如apk的minSdkVersion >= 23 并且 Android Gradle plugin >= 3.6.0情况下，打包时android:extractNativeLibs=false，apk的so默认是不压缩的。
在minSdkVersion < 23 或 Android Gradle plugin < 3.6.0情况下，打包时 android:extractNativeLibs=true，apk的so默认是压缩的。
参考：https://juejin.cn/post/6943920550125420558
Android13解决android_app_import内置第三方APK安装失败题目_but no such signature was found. signature strippe-CSDN博客
浅谈extractNativeLibs
通过直接拷贝的方法

参考：https://blog.csdn.net/wangwei6227/article/details/123727372
同样要注意apk so的压缩题目，假如是压缩过的，必须提取出来，并拷贝到apk机器目次。
可能碰到的selinux权限题目

   01-01 12:00:39.520000 5326 5326 W om.skype.raider: type=1400 audit(0.0:64): avc: denied { read } for name=“libSkypeAndroid.so” dev=“mmcblk0p22” ino=770074 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=ubject_r:system_data_file:s0 tclass=file permissive=0
  #====================== untrusted_app.te ======================
allow untrusted_app system_data_file:file r_file_perms;
参考：采用Signature Scheme v2签名方式的APK预置失败

免责声明：如果侵犯了您的权益，请联系站长，我们会及时删除侵权内容，谢谢合作！更多信息从访问主页：qidao123.com:ToB企服之家，中国第一个企服评测及商务社交产业平台。