android 签名
xiaonian 2014-12-25
2.签名
a)Testkey,platform,share,media
b)android\build\target\product\security
c)android:sharedUserid="android.uid.system",相同的shareuserid可以共享资源
d)/development/tools目录下有个make_key的脚本,通过传入两个参数就可以生成一对签名用的key
rk中有3个签名文件
生成*.pem:opensslgenrsa-passoutpass:"123456"-outtestkey.pem2048
官方描述
Thefollowingcommandswereusedtogeneratethetestkeypairs:
development/tools/make_keytestkey'/C=US/ST=California/L=MountainView/O=Android/OU=Android/CN=Android/[email protected]'
development/tools/make_keyplatform'/C=US/ST=California/L=MountainView/O=Android/OU=Android/CN=Android/[email protected]'
development/tools/make_keyshared'/C=US/ST=California/L=MountainView/O=Android/OU=Android/CN=Android/[email protected]'
development/tools/make_keymedia'/C=US/ST=California/L=MountainView/O=Android/OU=Android/CN=Android/[email protected]'
Thefollowingstandardtestkeysarecurrentlyincluded:
testkey--agenerickeyforpackagesthatdonototherwisespecifyakey.
platform--atestkeyforpackagesthatarepartofthecoreplatform.
shared--atestkeyforthingsthataresharedinthehome/contactsprocess.
media--atestkeyforpackagesthatarepartofthemedia/downloadsystem.
Thesetestkeysareusedstrictlyindevelopment,andshouldneverbeassumed
toconveyanysortofvalidity.When$BUILD_SECURE=true,thecodeshouldnot
honorthesekeysinanycontext.
signingusingtheopensslcommandline(forboot/systemimages)
--------------------------------------------------------------
1.convertpk8formatkeytopemformat
%opensslpkcs8-informDER-nocrypt-intestkey.pk8-outtestkey.pem
2.createasignatureusingthepemformatkey
%openssldgst-binary-sha1-signtestkey.pemFILE>FILE.sig
extractingpublickeysforembedding
------------------------------------
it'saJavatool
butitgeneratesCcode
takealookatcommands/recovery/Android.mk
you'llseeitrunning$(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar
