stackoom
  简体   繁体   中英

What does Android app signing means?

 原文  2015-02-22 19:17:16       android/ signing

Question

After developing android app, I have to sign it in order to publish it to Play store.

What does singing process actually do?

I thought it related to encryption, but I am able to uncompress the apk file without any need to my app's signing keys.

2 answers

solution1
 4 ACCPTED  2015-02-22 19:21:54

Android requires that all apps be digitally signed with a certificate before they can be installed. Android uses this certificate to identify the author of an app, and the certificate does not need to be signed by a certificate authority. Android apps often use self-signed certificates. The app developer holds the certificate's private key.

The basics behind protecting your Android app is to use a generated certificate and digital “key” which provides a unique, encrypted, and reasonably un-hackable signature. This proves that the app came from you, not some other suspicious source.

On Android, this is done via a keystore. The keystore is a simple file with a really large block of encrypted data. This file can be stored anywhere on your computer, and this is generally the first problem that developers encounter. There are two types of keystores that you should be aware of: debug and release. Keystore files are also protected by a pair of passwords: one for the keystore file itself and another for each keystore/alias pair within the file. While these passwords should ideally be unique, most developers use the same password for both.

You can sign an app in debug or release mode. You sign your app in debug mode during development and in release mode when you are ready to distribute your app. The Android SDK generates a certificate to sign apps in debug mode. To sign apps in release mode, you need to generate your own certificate.

How to sign your apps in Android Studio

solution2
 0  2015-02-22 19:20:44

Android requires that all apps be digitally signed with a certificate before they can be installed. Android uses this certificate to identify the author of an app, and the certificate does not need to be signed by a certificate authority. Android apps often use self-signed certificates. The app developer holds the certificate's private key.

Android Documentation: Signing Your Applications

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question What does rooting of android means? What does the $ means in .hprof file android studio what does mAdvertiseFlags = -1 means in the Android BLE Application? What does @Module means in dagger for android? What does Disable Inspection in android studio means? What does android folder and gradle means in Flutter? What does msm means in android source? What does “Free” means in Heap monitoring screen when running Android app on emulator (eclipse)? What does "user" mean what they say ANDROID_D is unique to each combination of app-signing key, user, and device What does -> means in Java
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM