./out/host/linux-x86/bin/apksigner要用 java 來run,所以要設定好 JAVA_HOME 和 PATH。
在 AOSP 中,lunch 完就都設定好了。
在 AOSP 中signkey 就是:
./out/host/linux-x86/bin/apksigner sign --key build/target/product/security/platform.pk8 \ --cert build/target/product/security/platform.x509.pem \ --out ~/SysApp-signed.apk \ out/target/product/vsoc_x86_64_only/system/priv-app/SysApp/SysApp.apkplatform.pk8 在
./build/make/target/product/security/platform.pk8 ./build/make/target/product/security/platform.x509.pemAOSP 中 OTA 相關的 generate key 說明:Sign build for release。
可以使用這個 app 來測試 privilege 的權限:
使用 android-studio 的 java - jetbrain runtime,是在 android-studio/jbr,所以要用 gradlew build 的話,在console就要指定 JAVA_HOME
~/sysapp$ JAVA_HOME=~/android-studio/jbr ./gradlew -version ------------------------------------------------------------ Gradle 8.13 ------------------------------------------------------------ Build time: 2025-02-25 09:22:14 UTC Revision: 073314332697ba45c16c0a0ce1891fa6794179ff Kotlin: 2.0.21 Groovy: 3.0.22 Ant: Apache Ant(TM) version 1.10.15 compiled on August 25 2024 Launcher JVM: 21.0.6 (JetBrains s.r.o. 21.0.6+-13391695-b895.109) Daemon JVM: /home/charles-chang/android-studio/jbr (no JDK specified, using current Java home) OS: Linux 6.11.0-28-generic amd64這個 folder 是android studio sync 丸的 folder,也就是說 gradle/wrapper/ 下 download 好是當版本的 gradle-wrapper.jar 和 gradle-wrapper.properties
叫 geminil-cli 找到 Makefile 中 signkey 的地方:
Here's a high-level overview of how it works:
- Build APKs: The build system first compiles your application's source code and resources to create an unsigned APK file.
- Create Target Files Zip: The build system then creates a "target files" zip archive. This zip file contains all the files that will be included in the final
system image, including your unsigned APK. - Sign Target Files: The sign_target_files_apks script is then called. This script takes the unsigned target files zip as input, signs all the APKs within it usingn
the keys specified in build/target/product/security/, and produces a new, signed target files zip. - Create System Image: Finally, the build system uses the signed target files zip to create the system.img and other partition images.
1 .PHONY: signed-target-files 2 signed-target-files: $(BUILT_TARGET_FILES_PACKAGE) 3 @echo"Package target files: $@" 4 $(hide) ./build/make/tools/releasetools/sign_target_files_apks.py \ 5 --default_key_mappings build/make/target/product/security \ 6 $(INTERNAL_OTA_SIGNING_ARGS) \ 7 -o$(OPTIONS_RECOVERY_AS_BOOT) \ 8 $(BUILT_TARGET_FILES_PACKAGE) $@In this rule:
- $(BUILT_TARGET_FILES_PACKAGE) is the unsigned target files zip.
- ./build/make/tools/releasetools/sign_target_files_apks.py is the signing script.
- --default_key_mappings build/make/target/product/security tells the script to use the keys in your build/target/product/security directory.
- $@ represents the output file, which is the signed target files zip.
沒有留言:
張貼留言