|
|
| (21 intermediate revisions by 3 users not shown) |
| Line 1: |
Line 1: |
| == Apk signature and verification ==
| | {{Migrating|https://smartpossdk.gitbook.io/cloudpossdk/faq/other-development/app-signing-process}} |
| In standard Android system, all the applications should be signed before installed to system. Please refer to [https://developer.android.com/studio/publish/app-signing.html Google's resource] for detail.
| |
| | |
| In wizarPOS terminal, the system will also verify the certificate chain of the APK signatures by the application root certificate, except the normal Android signature checking. So the terminal only allow the APK signed by the application root certificate or its sub certificate.
| |
| | |
| The developer should apply the development certificate from wizarPOS. Please refer to this document [ftp://sdkuser:wizsdkar@ftp.wizarpos.com/wizarPOSDevCertificateApplyGuide_en.pdf wizarPOSDevCertificateApplyGuide_en.pdf]. After you get the CSR reply from wizarPOS, please import the certificate chain file to your key store. Then the APK signed by this key store can be installed to wizarPOS production terminal.
| |
| | |
| By default, the additional signature verification is not required in developing mode terminal. So you can use ADB to install and debug the normal Android APK in developing mode terminal.
| |
| | |
| The wizarPOS application root certificate can also be update to acquire's own application root certificate to let acquirer (terminal owner) control the terminal application totally.
| |
| | |
| == How to sign app ==
| |
| === Sign by IDE ===
| |
| Please refer to [https://developer.android.com/studio/publish/app-signing.html Google Sign APP]
| |
| * Click Build>Generate Signed Bundle/APK
| |
| * Select APK
| |
| [[File:Signtargetselect.png|frameless|left|thumb|caption]]
| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| * Choose keystore and input the info in the follow picture, click Next.
| |
| [[File:Signjksinput.png|frameless|left|thumb|caption]]
| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| * Keep Default settings, set stored path of the signed APK, then click Finish.
| |
| [[File:Signnext.png|frameless|left|thumb|caption]]
| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| === Sign by Command Line Tool ===
| |
| wizarPOS provides a java signature tool to help developer sign the APK. You can use it in command line. Please download the [ftp://sdkuser:wizsdkar@ftp.wizarpos.com/SignatureTools_v2.5-4-gfdb8ffd.jar signature tool v2.5-4]. Please make sure that you have already installed the JRE 1.6 or above in your PC.
| |
| | |
| ==== Run signature tool ====
| |
| In PC, run the follow command:
| |
| | |
| * Use jks:'''java -jar <File Path>/SignatureTools.jar sign --keytype jks --apk <File Path>/<in name>.apk --out <File Path>/<out name>.apk --keystore <File Path>/<name>.jks --alias androiddebugkey --storepass wizarpos(Optional) --sigAlg SHA1withRSA(SHA1withRSA/MD5withRSA/SHA256withRSA, Optional) --signatureScheme v2(v1/v2)'''
| |
| Replace the real parameter value, and change the key password and store password to your real password.
| |
| * Use pk8:'''java -jar <File Path>/SignatureTools.jar sign --keytype pk8 --apk <File Path>/<in name>.apk --out <File Path>/<out name>.apk --keyfile <File Path>/private_pwd.pk8(With or Without password) --certs <File Path>/cert.x509_pwd.pem --keypass android(Optional) --storepass android(Optional) --sigAlg SHA1withRSA(SHA1withRSA/MD5withRSA/SHA256withRSA, Optional) --signatureScheme v2(v1/v2)'''
| |
| Replace the real parameter value, and change the key password and store password to your real password.
| |
|
| |
| {| class="wikitable"
| |
| |-
| |
| ! Parameter !!Value !! Specification
| |
| |-
| |
| | --keytype || jks or pk8|| The type of the keystore which used to sign the APK.
| |
| |-
| |
| | --keystore|| The path of the jks key store file|| It must be defined when using jks keystore
| |
| |-
| |
| | --keyfile|| The path of the pk8 file|| It must be defined when using pk8 file as keystore.
| |
| |-
| |
| | --apk|| The file path of the apk before signed|| The file path of the apk before signed
| |
| |-
| |
| | --out|| The file path of the apk after signed|| The file path of the apk after signed
| |
| |-
| |
| | --alias|| Alias name of private key|| Alias name of private key in jks file
| |
| |-
| |
| | --certs|| Certificates file path|| When keytype is pk8, this is the certificate chain
| |
| |-
| |
| | --storepass|| Password of keystore file|| Password of keystore file
| |
| |-
| |
| | --keypass || password of private key|| password of private key in jks file or pk8 file
| |
| |-
| |
| | --sigAlg || signature algorithm|| SHA1withRSA/MD5withRSA/SHA256withRSA
| |
| |-
| |
| | --signatureScheme || signature scheme|| v1/v2
| |
| |}
| |
