怎么解决“These packages should not be signed with a well known key”有关问题
如何解决“These packages should not be signed with a well known key”问题
如果你在做CTS测试时出现此问题:
会令你感到莫名其妙。这个问题一般是由于使用android提供的缺省私钥对apk包进行签名,导致CTS测试失败。
很多开发者不使用自己的key签名而是使用android提供的缺省私钥对apk包进行签名。只要打开apk包下的META-INF\CERT.RSA查看其中是否有android@android.com或者通过命令jarsigner -verify -certs -verbose xxx.apk查看就知道是否是使用了缺省私钥对包进行了签名。注:jarsigner是JDK命令。
相关的CTS junit的源码如下
security/src/anroid/security/cts/PackageSignatureTest.java
for (PackageInfo packageInfo : allPackageInfos) {
String packageName = packageInfo.packageName;
if (packageName != null && ! isWhitelistedPackage(packageName)) {
for (Signature signature : packageInfo.signatures) {
// android的缺省签名是wellKnownSignatures所有一旦你的包使用它签名一定会被列为badPackages
if (wellKnownSignatures.contains(signature)) {
badPackages.add(packageInfo.packageName);
}
}
}
}
assertTrue("These packages should not be signed with a well known key: " + badPackages, badPackages.isEmpty());
如果你在做CTS测试时出现此问题:
junit.framework.AssertionFailedError: These packages should not be signed with a well known key: [xxx.xxx.xxx.xxx] at android.security.cts.PackageSignatureTest.testPackageSignatures(PackageSignatureTest.java:62)
会令你感到莫名其妙。这个问题一般是由于使用android提供的缺省私钥对apk包进行签名,导致CTS测试失败。
很多开发者不使用自己的key签名而是使用android提供的缺省私钥对apk包进行签名。只要打开apk包下的META-INF\CERT.RSA查看其中是否有android@android.com或者通过命令jarsigner -verify -certs -verbose xxx.apk查看就知道是否是使用了缺省私钥对包进行了签名。注:jarsigner是JDK命令。
相关的CTS junit的源码如下
security/src/anroid/security/cts/PackageSignatureTest.java
for (PackageInfo packageInfo : allPackageInfos) {
String packageName = packageInfo.packageName;
if (packageName != null && ! isWhitelistedPackage(packageName)) {
for (Signature signature : packageInfo.signatures) {
// android的缺省签名是wellKnownSignatures所有一旦你的包使用它签名一定会被列为badPackages
if (wellKnownSignatures.contains(signature)) {
badPackages.add(packageInfo.packageName);
}
}
}
}
assertTrue("These packages should not be signed with a well known key: " + badPackages, badPackages.isEmpty());