SlideShare une entreprise Scribd logo
1  sur  20
Télécharger pour lire hors ligne
Signing	
  and	
  Deploying	
  	
  
    Android	
  Applica1ons	
  
            Jussi	
  Pohjolainen	
  
Tampere	
  University	
  of	
  Applied	
  Sciences	
  
App	
  Signing,	
  Overview	
  
•  All	
  apps	
  must	
  be	
  digitally	
  signed	
  with	
  
   cer3ficate	
  
     –  Iden1fying	
  the	
  author	
  of	
  the	
  app	
  
•    Typically	
  self	
  signed	
  
•    Debug	
  key	
  for	
  debugging	
  
•    Suitable	
  private	
  key	
  when	
  publishing	
  
•    Crea1ng	
  keys	
  and	
  signing:	
  Keytool	
  and	
  
     Jarsigner	
  
Debug	
  Mode	
  
•  While	
  debugging	
  and	
  tes1ng,	
  you	
  can	
  compile	
  
   in	
  debug	
  mode	
  
•  Build	
  tools	
  uses	
  the	
  Keytool	
  u1lity	
  to	
  generate	
  
   a	
  key	
  with	
  known	
  alias	
  and	
  password.	
  Key	
  is	
  
   used	
  to	
  sign	
  the	
  .apk	
  file	
  
•  Developer	
  does	
  not	
  have	
  worry	
  about	
  this,	
  if	
  
   using	
  Eclipse!	
  
Release	
  Mode	
  
•  When	
  ready	
  to	
  release,	
  developer	
  must	
  sign	
  
   the	
  .apk	
  with	
  your	
  private	
  key	
  
•  How?	
  Two	
  op1ons:	
  
   –  Using	
  Keytool	
  and	
  Jarsigner	
  in	
  command-­‐line.	
  
      Keytool	
  generates	
  private	
  key	
  and	
  Jarsigner	
  signs	
  
      the	
  .apk	
  with	
  the	
  key	
  
   –  Using	
  ADT	
  Export	
  Wizard	
  with	
  Eclipse	
  (same	
  than	
  
      above	
  but	
  with	
  GUI)	
  
Signing	
  for	
  Public	
  Release	
  
1.  Obtain	
  suitable	
  private	
  key	
  
2.  Compile	
  the	
  applica1on	
  in	
  release	
  mode	
  
3.  Sign	
  your	
  applica1on	
  with	
  private	
  key	
  
4.  Align	
  the	
  final	
  APK	
  package	
  
Obtain	
  Suitable	
  Private	
  Key	
  
•  Private	
  key	
  
    –  Is	
  in	
  your	
  possession	
  and	
  represents	
  your	
  personal	
  
       or	
  corporate	
  en1ty	
  
    –  Validity	
  period	
  is	
  expected	
  lifespan	
  of	
  your	
  app	
  
         •  Recommenda1on:	
  over	
  25	
  years	
  
         •  Android	
  Market:	
  apps	
  must	
  have	
  validity	
  period	
  ending	
  
            a[er	
  22.10.2033	
  
    –  It's	
  not	
  the	
  debug	
  key	
  J	
  
Obtain	
  Suitable	
  Private	
  Key	
  
•  How	
  to	
  generate	
  private	
  key?	
  
•  Use	
  keytool	
  
    –  > keytool -genkey -v -keystore my-
       release-key.keystore -alias alias_name -
       keyalg RSA -keysize 2048 -validity 10000
TB308POHJUS-L-2:temp pohjus$ keytool -genkey -v -keystore my-release-key.keystore -alias my-alias -keyalg RSA -
keysize 2048 -validity 10000
Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]: Jussi Pohjolainen
What is the name of your organizational unit?
  [Unknown]: TMI Jussi Pohjolainen
What is the name of your organization?
  [Unknown]: TMI Jussi Pohjolainen
What is the name of your City or Locality?
  [Unknown]: Tampere
What is the name of your State or Province?
  [Unknown]: Finland
What is the two-letter country code for this unit?
  [Unknown]: FI
Is CN=Jussi Pohjolainen, OU=TMI Jussi Pohjolainen, O=TMI Jussi Pohjolainen, L=Tampere, ST=Finland, C=FI correct?
  [no]: yes

Generating 2,048 bit RSA key pair and self-signed certificate (SHA1withRSA) with a validity of 10,000 days
         for: CN=Jussi Pohjolainen, OU=TMI Jussi Pohjolainen, O=TMI Jussi Pohjolainen, L=Tampere, ST=Finland, C=FI
Enter key password for <my-alias>
         (RETURN if same as keystore password):
[Storing my-release-key.keystore]
TB308POHJUS-L-2:temp pohjus$ ls -al
total 88
drwxr-xr-x    5 pohjus staff     170 9 Tam 18:30 .
drwx------+ 46 pohjus staff     1564 9 Tam 16:43 ..
-rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore
TB308POHJUS-L-2:temp pohjus$
Signing	
  for	
  Public	
  Release	
  
1.  Obtain	
  suitable	
  private	
  key	
  
2.  Compile	
  the	
  applica3on	
  in	
  release	
  mode	
  
3.  Sign	
  your	
  applica1on	
  with	
  private	
  key	
  
4.  Align	
  the	
  final	
  APK	
  packate	
  
Compiling	
  using	
  Release	
  Mode	
  
TB308POHJUS-L-2:temp pohjus$ ls -al
total 88
drwxr-xr-x   5 pohjus staff     170   9   Tam   18:30   .
drwx------+ 46 pohjus staff    1564   9   Tam   16:43   ..
-rw-r--r-- 1 pohjus staff 16435       9   Tam   18:28   BMI.apk
-rw-r--r--   1 pohjus staff    2281   9   Tam   18:28   my-release-key.keystore
TB308POHJUS-L-2:temp pohjus$
Signing	
  for	
  Public	
  Release	
  
1.  Obtain	
  suitable	
  private	
  key	
  
2.  Compile	
  the	
  applica1on	
  in	
  release	
  mode	
  
3.  Sign	
  your	
  applica3on	
  with	
  private	
  key	
  
4.  Align	
  the	
  final	
  APK	
  packate	
  
Sign	
  your	
  applica1on	
  with	
  private	
  key	
  
•  You	
  now	
  have	
  the	
  private	
  key	
  and	
  the	
  .apk	
  
   file.	
  
•  Sign	
  the	
  .apk	
  with	
  the	
  private	
  key	
  using	
  
   jarsigner	
  
•  > jarsigner -verbose -keystore my-release-
   key.keystore my_application.apk alias_name
TB308POHJUS-L-2:temp pohjus$ jarsigner -
verbose -keystore my-release-key.keystore
BMI.apk my-alias
Enter Passphrase for keystore:
   adding: META-INF/MY-ALIAS.SF
   adding: META-INF/MY-ALIAS.RSA
  signing: res/layout/main.xml
  signing: AndroidManifest.xml
  signing: resources.arsc
  signing: res/drawable-hdpi/icon.png
  signing: res/drawable-ldpi/icon.png
  signing: res/drawable-mdpi/icon.png
  signing: classes.dex
Signing	
  for	
  Public	
  Release	
  
1.  Obtain	
  suitable	
  private	
  key	
  
2.  Compile	
  the	
  applica1on	
  in	
  release	
  mode	
  
3.  Sign	
  your	
  applica1on	
  with	
  private	
  key	
  
4.  Align	
  the	
  final	
  APK	
  packate	
  
Align	
  the	
  final	
  APK	
  Package	
  
•  zipalign	
  tool	
  ensures	
  op1mizes	
  the	
  package	
  
   for	
  running	
  in	
  device:	
  reduc1on	
  of	
  in	
  the	
  
   amount	
  of	
  ram	
  
•  > zipalign -v 4 your_project_name-
   unaligned.apk your_project_name.apk
TB308POHJUS-L-2:temp pohjus$ /Developer/android-sdk-mac_x86/tools/zipalign -v 4
BMI.apk BMI-ready-to-go.apk
Verifying alignment of BMI-ready-to-go.apk (4)...
      50 META-INF/MANIFEST.MF (OK - compressed)
     426 META-INF/MY-ALIAS.SF (OK - compressed)
     897 META-INF/MY-ALIAS.RSA (OK - compressed)
    2021 META-INF/CERT.SF (OK - compressed)
    2440 META-INF/CERT.RSA (OK - compressed)
    3142 res/layout/main.xml (OK - compressed)
    3693 AndroidManifest.xml (OK - compressed)
    4296 resources.arsc (OK)
    5916 res/drawable-hdpi/icon.png (OK)
    9940 res/drawable-ldpi/icon.png (OK)
   11536 res/drawable-mdpi/icon.png (OK)
   13777 classes.dex (OK - compressed)
Verification succesful

TB308POHJUS-L-2:temp pohjus$ ls -al
total 88
drwxr-xr-x   5 pohjus staff     170   9   Tam   18:30   .
drwx------+ 46 pohjus staff    1564   9   Tam   16:43   ..
-rw-r--r-- 1 pohjus staff 16443       9   Tam   18:30   BMI-ready-to-go.apk
-rw-r--r--   1 pohjus staff 16435     9   Tam   18:28   BMI.apk
-rw-r--r--   1 pohjus staff    2281   9   Tam   18:28   my-release-key.keystore
TB308POHJUS-L-2:temp pohjus$
And	
  Install	
  using	
  ADB	
  
TB308POHJUS-L-2:temp pohjus$ /Developer/android-sdk-
mac_x86/platform-tools/adb install BMI-ready-to-
go.apk
700 KB/s (16443 bytes in 0.022s)
        pkg: /data/local/tmp/BMI-ready-to-go.apk
Success
TB308POHJUS-L-2:temp pohjus$
Publishing	
  to	
  Android	
  Market	
  
Or	
  just	
  use	
  Eclipse	
  

Contenu connexe

En vedette

Android 2D Drawing and Animation Framework
Android 2D Drawing and Animation FrameworkAndroid 2D Drawing and Animation Framework
Android 2D Drawing and Animation FrameworkJussi Pohjolainen
 
Android Wi-Fi Manager and Bluetooth Connection
Android Wi-Fi Manager and Bluetooth ConnectionAndroid Wi-Fi Manager and Bluetooth Connection
Android Wi-Fi Manager and Bluetooth ConnectionJussi Pohjolainen
 
00 introduction-mobile-programming-course.ppt
00 introduction-mobile-programming-course.ppt00 introduction-mobile-programming-course.ppt
00 introduction-mobile-programming-course.pptJussi Pohjolainen
 
Android Telephony Manager and SMS
Android Telephony Manager and SMSAndroid Telephony Manager and SMS
Android Telephony Manager and SMSJussi Pohjolainen
 
Short Intro to Android Fragments
Short Intro to Android FragmentsShort Intro to Android Fragments
Short Intro to Android FragmentsJussi Pohjolainen
 

En vedette (14)

Responsive Web Site Design
Responsive Web Site DesignResponsive Web Site Design
Responsive Web Site Design
 
Android 2D Drawing and Animation Framework
Android 2D Drawing and Animation FrameworkAndroid 2D Drawing and Animation Framework
Android 2D Drawing and Animation Framework
 
Android Wi-Fi Manager and Bluetooth Connection
Android Wi-Fi Manager and Bluetooth ConnectionAndroid Wi-Fi Manager and Bluetooth Connection
Android Wi-Fi Manager and Bluetooth Connection
 
00 introduction-mobile-programming-course.ppt
00 introduction-mobile-programming-course.ppt00 introduction-mobile-programming-course.ppt
00 introduction-mobile-programming-course.ppt
 
Android UI Development
Android UI DevelopmentAndroid UI Development
Android UI Development
 
Android Location and Maps
Android Location and MapsAndroid Location and Maps
Android Location and Maps
 
Android Threading
Android ThreadingAndroid Threading
Android Threading
 
Android Data Persistence
Android Data PersistenceAndroid Data Persistence
Android Data Persistence
 
Android Sensors
Android SensorsAndroid Sensors
Android Sensors
 
Android Multimedia Support
Android Multimedia SupportAndroid Multimedia Support
Android Multimedia Support
 
Android Telephony Manager and SMS
Android Telephony Manager and SMSAndroid Telephony Manager and SMS
Android Telephony Manager and SMS
 
Short Intro to Android Fragments
Short Intro to Android FragmentsShort Intro to Android Fragments
Short Intro to Android Fragments
 
Moved to Speakerdeck
Moved to SpeakerdeckMoved to Speakerdeck
Moved to Speakerdeck
 
Android Basic Components
Android Basic ComponentsAndroid Basic Components
Android Basic Components
 

Similaire à Android Security, Signing and Publishing

Configure &amp; send push notification on i os device
Configure &amp; send push notification on i os deviceConfigure &amp; send push notification on i os device
Configure &amp; send push notification on i os deviceShepHertz
 
iOS Provisioning : Running your app in an iOS device
iOS Provisioning : Running your app in an iOS deviceiOS Provisioning : Running your app in an iOS device
iOS Provisioning : Running your app in an iOS deviceMadusha Perera
 
How we integrate & deploy Mobile Apps with Travis CI
How we integrate & deploy Mobile Apps with Travis CIHow we integrate & deploy Mobile Apps with Travis CI
How we integrate & deploy Mobile Apps with Travis CIMarcio Klepacz
 
Publishing app to play store
Publishing app to play storePublishing app to play store
Publishing app to play storeShamsher Ahmed
 
Connect.Tech- Level Up Your Game With TravisCI
Connect.Tech- Level Up Your Game With TravisCIConnect.Tech- Level Up Your Game With TravisCI
Connect.Tech- Level Up Your Game With TravisCIstable|kernel
 
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpracticesConf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpracticesBrentMatlock
 
Securing the Web without site-specific passwords
Securing the Web without site-specific passwordsSecuring the Web without site-specific passwords
Securing the Web without site-specific passwordsFrancois Marier
 
Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24
Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24
Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24Kei IWASAKI
 
How we integrate & deploy Mobile Apps with Travis CI part 2
How we integrate & deploy Mobile Apps with Travis CI part 2How we integrate & deploy Mobile Apps with Travis CI part 2
How we integrate & deploy Mobile Apps with Travis CI part 2Marcio Klepacz
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorialKaty Slemon
 
Ransomware for fun and non-profit
Ransomware for fun and non-profitRansomware for fun and non-profit
Ransomware for fun and non-profitYouness Zougar
 
The Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTree
The Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTreeThe Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTree
The Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTreeRedBlackTree
 
Control infrared remote controls receiver RS-232
Control infrared remote controls receiver RS-232Control infrared remote controls receiver RS-232
Control infrared remote controls receiver RS-232topomax
 
Intro to mobile development with sencha touch
Intro to mobile development with sencha touchIntro to mobile development with sencha touch
Intro to mobile development with sencha touchjgarifuna
 
Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...
Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...
Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...Amazon Web Services
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesIntuit Developer
 
Intro to mobile development with sencha touch
Intro to mobile development with sencha touchIntro to mobile development with sencha touch
Intro to mobile development with sencha touchjgarifuna
 

Similaire à Android Security, Signing and Publishing (20)

Configure &amp; send push notification on i os device
Configure &amp; send push notification on i os deviceConfigure &amp; send push notification on i os device
Configure &amp; send push notification on i os device
 
iOS Provisioning : Running your app in an iOS device
iOS Provisioning : Running your app in an iOS deviceiOS Provisioning : Running your app in an iOS device
iOS Provisioning : Running your app in an iOS device
 
How we integrate & deploy Mobile Apps with Travis CI
How we integrate & deploy Mobile Apps with Travis CIHow we integrate & deploy Mobile Apps with Travis CI
How we integrate & deploy Mobile Apps with Travis CI
 
Publishing app to play store
Publishing app to play storePublishing app to play store
Publishing app to play store
 
Appium_set_up
Appium_set_upAppium_set_up
Appium_set_up
 
Connect.Tech- Level Up Your Game With TravisCI
Connect.Tech- Level Up Your Game With TravisCIConnect.Tech- Level Up Your Game With TravisCI
Connect.Tech- Level Up Your Game With TravisCI
 
cisco
cisco cisco
cisco
 
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpracticesConf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
 
Securing the Web without site-specific passwords
Securing the Web without site-specific passwordsSecuring the Web without site-specific passwords
Securing the Web without site-specific passwords
 
Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24
Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24
Collaboration hack with slackbot - PyCon HK 2018 - 2018.11.24
 
How we integrate & deploy Mobile Apps with Travis CI part 2
How we integrate & deploy Mobile Apps with Travis CI part 2How we integrate & deploy Mobile Apps with Travis CI part 2
How we integrate & deploy Mobile Apps with Travis CI part 2
 
Flask jwt authentication tutorial
Flask jwt authentication tutorialFlask jwt authentication tutorial
Flask jwt authentication tutorial
 
Ransomware for fun and non-profit
Ransomware for fun and non-profitRansomware for fun and non-profit
Ransomware for fun and non-profit
 
The Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTree
The Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTreeThe Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTree
The Mobile ToolChain with Fastlane - Code Red Talk at RedBlackTree
 
Control infrared remote controls receiver RS-232
Control infrared remote controls receiver RS-232Control infrared remote controls receiver RS-232
Control infrared remote controls receiver RS-232
 
Intro to mobile development with sencha touch
Intro to mobile development with sencha touchIntro to mobile development with sencha touch
Intro to mobile development with sencha touch
 
Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...
Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...
Amazon Services for Data Sync, Player Engagement & A/B Testing (MBL309) | AWS...
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
 
Intro to mobile development with sencha touch
Intro to mobile development with sencha touchIntro to mobile development with sencha touch
Intro to mobile development with sencha touch
 
201505 beena v0
201505 beena v0201505 beena v0
201505 beena v0
 

Plus de Jussi Pohjolainen

libGDX: Screens, Fonts and Preferences
libGDX: Screens, Fonts and PreferenceslibGDX: Screens, Fonts and Preferences
libGDX: Screens, Fonts and PreferencesJussi Pohjolainen
 
libGDX: User Input and Frame by Frame Animation
libGDX: User Input and Frame by Frame AnimationlibGDX: User Input and Frame by Frame Animation
libGDX: User Input and Frame by Frame AnimationJussi Pohjolainen
 
Intro to Building Android Games using libGDX
Intro to Building Android Games using libGDXIntro to Building Android Games using libGDX
Intro to Building Android Games using libGDXJussi Pohjolainen
 
Advanced JavaScript Development
Advanced JavaScript DevelopmentAdvanced JavaScript Development
Advanced JavaScript DevelopmentJussi Pohjolainen
 
libGDX: Simple Frame Animation
libGDX: Simple Frame AnimationlibGDX: Simple Frame Animation
libGDX: Simple Frame AnimationJussi Pohjolainen
 
libGDX: Simple Frame Animation
libGDX: Simple Frame AnimationlibGDX: Simple Frame Animation
libGDX: Simple Frame AnimationJussi Pohjolainen
 
Implementing a Simple Game using libGDX
Implementing a Simple Game using libGDXImplementing a Simple Game using libGDX
Implementing a Simple Game using libGDXJussi Pohjolainen
 
Building Android games using LibGDX
Building Android games using LibGDXBuilding Android games using LibGDX
Building Android games using LibGDXJussi Pohjolainen
 
Creating Asha Games: Game Pausing, Orientation, Sensors and Gestures
Creating Asha Games: Game Pausing, Orientation, Sensors and GesturesCreating Asha Games: Game Pausing, Orientation, Sensors and Gestures
Creating Asha Games: Game Pausing, Orientation, Sensors and GesturesJussi Pohjolainen
 
Creating Games for Asha - platform
Creating Games for Asha - platformCreating Games for Asha - platform
Creating Games for Asha - platformJussi Pohjolainen
 
Intro to Java ME and Asha Platform
Intro to Java ME and Asha PlatformIntro to Java ME and Asha Platform
Intro to Java ME and Asha PlatformJussi Pohjolainen
 

Plus de Jussi Pohjolainen (20)

Java Web Services
Java Web ServicesJava Web Services
Java Web Services
 
Box2D and libGDX
Box2D and libGDXBox2D and libGDX
Box2D and libGDX
 
libGDX: Screens, Fonts and Preferences
libGDX: Screens, Fonts and PreferenceslibGDX: Screens, Fonts and Preferences
libGDX: Screens, Fonts and Preferences
 
libGDX: Tiled Maps
libGDX: Tiled MapslibGDX: Tiled Maps
libGDX: Tiled Maps
 
libGDX: User Input and Frame by Frame Animation
libGDX: User Input and Frame by Frame AnimationlibGDX: User Input and Frame by Frame Animation
libGDX: User Input and Frame by Frame Animation
 
Intro to Building Android Games using libGDX
Intro to Building Android Games using libGDXIntro to Building Android Games using libGDX
Intro to Building Android Games using libGDX
 
Advanced JavaScript Development
Advanced JavaScript DevelopmentAdvanced JavaScript Development
Advanced JavaScript Development
 
Introduction to JavaScript
Introduction to JavaScriptIntroduction to JavaScript
Introduction to JavaScript
 
Introduction to AngularJS
Introduction to AngularJSIntroduction to AngularJS
Introduction to AngularJS
 
libGDX: Scene2D
libGDX: Scene2DlibGDX: Scene2D
libGDX: Scene2D
 
libGDX: Simple Frame Animation
libGDX: Simple Frame AnimationlibGDX: Simple Frame Animation
libGDX: Simple Frame Animation
 
libGDX: Simple Frame Animation
libGDX: Simple Frame AnimationlibGDX: Simple Frame Animation
libGDX: Simple Frame Animation
 
libGDX: User Input
libGDX: User InputlibGDX: User Input
libGDX: User Input
 
Implementing a Simple Game using libGDX
Implementing a Simple Game using libGDXImplementing a Simple Game using libGDX
Implementing a Simple Game using libGDX
 
Building Android games using LibGDX
Building Android games using LibGDXBuilding Android games using LibGDX
Building Android games using LibGDX
 
Creating Asha Games: Game Pausing, Orientation, Sensors and Gestures
Creating Asha Games: Game Pausing, Orientation, Sensors and GesturesCreating Asha Games: Game Pausing, Orientation, Sensors and Gestures
Creating Asha Games: Game Pausing, Orientation, Sensors and Gestures
 
Creating Games for Asha - platform
Creating Games for Asha - platformCreating Games for Asha - platform
Creating Games for Asha - platform
 
Intro to Asha UI
Intro to Asha UIIntro to Asha UI
Intro to Asha UI
 
Intro to Java ME and Asha Platform
Intro to Java ME and Asha PlatformIntro to Java ME and Asha Platform
Intro to Java ME and Asha Platform
 
Intro to PhoneGap
Intro to PhoneGapIntro to PhoneGap
Intro to PhoneGap
 

Dernier

COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 

Dernier (20)

COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 

Android Security, Signing and Publishing

  • 1. Signing  and  Deploying     Android  Applica1ons   Jussi  Pohjolainen   Tampere  University  of  Applied  Sciences  
  • 2. App  Signing,  Overview   •  All  apps  must  be  digitally  signed  with   cer3ficate   –  Iden1fying  the  author  of  the  app   •  Typically  self  signed   •  Debug  key  for  debugging   •  Suitable  private  key  when  publishing   •  Crea1ng  keys  and  signing:  Keytool  and   Jarsigner  
  • 3. Debug  Mode   •  While  debugging  and  tes1ng,  you  can  compile   in  debug  mode   •  Build  tools  uses  the  Keytool  u1lity  to  generate   a  key  with  known  alias  and  password.  Key  is   used  to  sign  the  .apk  file   •  Developer  does  not  have  worry  about  this,  if   using  Eclipse!  
  • 4. Release  Mode   •  When  ready  to  release,  developer  must  sign   the  .apk  with  your  private  key   •  How?  Two  op1ons:   –  Using  Keytool  and  Jarsigner  in  command-­‐line.   Keytool  generates  private  key  and  Jarsigner  signs   the  .apk  with  the  key   –  Using  ADT  Export  Wizard  with  Eclipse  (same  than   above  but  with  GUI)  
  • 5. Signing  for  Public  Release   1.  Obtain  suitable  private  key   2.  Compile  the  applica1on  in  release  mode   3.  Sign  your  applica1on  with  private  key   4.  Align  the  final  APK  package  
  • 6. Obtain  Suitable  Private  Key   •  Private  key   –  Is  in  your  possession  and  represents  your  personal   or  corporate  en1ty   –  Validity  period  is  expected  lifespan  of  your  app   •  Recommenda1on:  over  25  years   •  Android  Market:  apps  must  have  validity  period  ending   a[er  22.10.2033   –  It's  not  the  debug  key  J  
  • 7. Obtain  Suitable  Private  Key   •  How  to  generate  private  key?   •  Use  keytool   –  > keytool -genkey -v -keystore my- release-key.keystore -alias alias_name - keyalg RSA -keysize 2048 -validity 10000
  • 8. TB308POHJUS-L-2:temp pohjus$ keytool -genkey -v -keystore my-release-key.keystore -alias my-alias -keyalg RSA - keysize 2048 -validity 10000 Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: Jussi Pohjolainen What is the name of your organizational unit? [Unknown]: TMI Jussi Pohjolainen What is the name of your organization? [Unknown]: TMI Jussi Pohjolainen What is the name of your City or Locality? [Unknown]: Tampere What is the name of your State or Province? [Unknown]: Finland What is the two-letter country code for this unit? [Unknown]: FI Is CN=Jussi Pohjolainen, OU=TMI Jussi Pohjolainen, O=TMI Jussi Pohjolainen, L=Tampere, ST=Finland, C=FI correct? [no]: yes Generating 2,048 bit RSA key pair and self-signed certificate (SHA1withRSA) with a validity of 10,000 days for: CN=Jussi Pohjolainen, OU=TMI Jussi Pohjolainen, O=TMI Jussi Pohjolainen, L=Tampere, ST=Finland, C=FI Enter key password for <my-alias> (RETURN if same as keystore password): [Storing my-release-key.keystore] TB308POHJUS-L-2:temp pohjus$ ls -al total 88 drwxr-xr-x 5 pohjus staff 170 9 Tam 18:30 . drwx------+ 46 pohjus staff 1564 9 Tam 16:43 .. -rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore TB308POHJUS-L-2:temp pohjus$
  • 9. Signing  for  Public  Release   1.  Obtain  suitable  private  key   2.  Compile  the  applica3on  in  release  mode   3.  Sign  your  applica1on  with  private  key   4.  Align  the  final  APK  packate  
  • 11. TB308POHJUS-L-2:temp pohjus$ ls -al total 88 drwxr-xr-x 5 pohjus staff 170 9 Tam 18:30 . drwx------+ 46 pohjus staff 1564 9 Tam 16:43 .. -rw-r--r-- 1 pohjus staff 16435 9 Tam 18:28 BMI.apk -rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore TB308POHJUS-L-2:temp pohjus$
  • 12. Signing  for  Public  Release   1.  Obtain  suitable  private  key   2.  Compile  the  applica1on  in  release  mode   3.  Sign  your  applica3on  with  private  key   4.  Align  the  final  APK  packate  
  • 13. Sign  your  applica1on  with  private  key   •  You  now  have  the  private  key  and  the  .apk   file.   •  Sign  the  .apk  with  the  private  key  using   jarsigner   •  > jarsigner -verbose -keystore my-release- key.keystore my_application.apk alias_name
  • 14. TB308POHJUS-L-2:temp pohjus$ jarsigner - verbose -keystore my-release-key.keystore BMI.apk my-alias Enter Passphrase for keystore: adding: META-INF/MY-ALIAS.SF adding: META-INF/MY-ALIAS.RSA signing: res/layout/main.xml signing: AndroidManifest.xml signing: resources.arsc signing: res/drawable-hdpi/icon.png signing: res/drawable-ldpi/icon.png signing: res/drawable-mdpi/icon.png signing: classes.dex
  • 15. Signing  for  Public  Release   1.  Obtain  suitable  private  key   2.  Compile  the  applica1on  in  release  mode   3.  Sign  your  applica1on  with  private  key   4.  Align  the  final  APK  packate  
  • 16. Align  the  final  APK  Package   •  zipalign  tool  ensures  op1mizes  the  package   for  running  in  device:  reduc1on  of  in  the   amount  of  ram   •  > zipalign -v 4 your_project_name- unaligned.apk your_project_name.apk
  • 17. TB308POHJUS-L-2:temp pohjus$ /Developer/android-sdk-mac_x86/tools/zipalign -v 4 BMI.apk BMI-ready-to-go.apk Verifying alignment of BMI-ready-to-go.apk (4)... 50 META-INF/MANIFEST.MF (OK - compressed) 426 META-INF/MY-ALIAS.SF (OK - compressed) 897 META-INF/MY-ALIAS.RSA (OK - compressed) 2021 META-INF/CERT.SF (OK - compressed) 2440 META-INF/CERT.RSA (OK - compressed) 3142 res/layout/main.xml (OK - compressed) 3693 AndroidManifest.xml (OK - compressed) 4296 resources.arsc (OK) 5916 res/drawable-hdpi/icon.png (OK) 9940 res/drawable-ldpi/icon.png (OK) 11536 res/drawable-mdpi/icon.png (OK) 13777 classes.dex (OK - compressed) Verification succesful TB308POHJUS-L-2:temp pohjus$ ls -al total 88 drwxr-xr-x 5 pohjus staff 170 9 Tam 18:30 . drwx------+ 46 pohjus staff 1564 9 Tam 16:43 .. -rw-r--r-- 1 pohjus staff 16443 9 Tam 18:30 BMI-ready-to-go.apk -rw-r--r-- 1 pohjus staff 16435 9 Tam 18:28 BMI.apk -rw-r--r-- 1 pohjus staff 2281 9 Tam 18:28 my-release-key.keystore TB308POHJUS-L-2:temp pohjus$
  • 18. And  Install  using  ADB   TB308POHJUS-L-2:temp pohjus$ /Developer/android-sdk- mac_x86/platform-tools/adb install BMI-ready-to- go.apk 700 KB/s (16443 bytes in 0.022s) pkg: /data/local/tmp/BMI-ready-to-go.apk Success TB308POHJUS-L-2:temp pohjus$
  • 20. Or  just  use  Eclipse