I need to customize an APK file based on the current browser session. I have a web page that serves my Android application's APK file. I've created a URL handler that processes the request, opens the APK file (it's just a zip file) in memory and modifies the config file, adding all the customization-related data to it. Finally, I send the in-memory stream bytes as the response. My results are as follows:
- If I just modify the APK as described above, the android package manager crashes
- If I modify the APK as described above, but also sign it with jarsigner, the package manager still crashes. If I try to verify the signature of the APK, I get an error: "invalid SHA1 signature file digest for [PATH TO CONFIG FILE]"
- If I use APKTool to unpack the APK, then modify the config file, then repack it with APKTool, then sign it with jarsigner, the app installs as it should and I get my customizations. However, this process is really slow, over 10 seconds.
I was wondering if I can exclude a certain file from the manifest/signature generation in a way that the file remains in the APK and gets installed. Since I'm only going to be modifying that file, I should be able to do it without breaking the signature.
0 comments:
Post a Comment