Explain in detail the implementation steps of debugging with the official signature of Android studio
Explain in detail the implementation steps of debugging with the official signature of Android studio
In Android studio, gradle can be used to automatically sign when packaging. In fact, Android studio will add debug signature to debugged applications by default, but sometimes when you call some third-party SDKs, you need to formally sign them, so let's share the method of using gradle automatic signature.
1、 Create signature file
Open as, select build - > generate signed APK, select the project to be packaged, click next, and then click create new... To create the signature file
Fill in the response information of the signature file, as shown below. Remember the three values of password, key alias and key password, and then click OK to complete the creation.
After completion, a JKS signature file is generated in the corresponding path. If you choose to package manually, you can select the signature file, and then fill in the password and alias to sign.
@H_ 404_ 47@
2、 Configure gradle Auto Packaging
Copy the signature file to the root directory of the main project, open the build.gradle file of the main project, and add the following contents under the Android node:
Storefile: signature file. If it is placed in another path, it needs to be modified accordingly
Storepassword: password (the first password just filled in)
Keyalias: alias
Keypassword: alias password
Then rebuild the project and expand the gradle tab on the right bar, as shown below:
Assemblyrelease is the official signature. Double click assemblyrelease to start the command:
After execution, you can see build successful, indicating that the official signature packaging is successful. Expand the build folder of the project and find app-release.apk, which is the official version.
The next time you run up directly, you will bring an official signature. It's much easier than signing manually~~
Of course, in order to improve security, we can also configure the four attributes as variables in gradle.preferences of the main project, and then reference variables in build.gradle. As follows:
This can have the same effect.
3、 Meaning of application signature
(1) Protect the legitimate rights and interests of developers
After we package and sign the application, it means that the application is developed by the signer or organization and has ownership of the application.
(2) Prevent application replacement
Application signature can prevent some people from confusing and replacing installed programs by using the same package name, resulting in some malicious tampering. If APK uses one key signature, the files signed by another key cannot be installed or overwritten the old version when publishing, which can prevent your installed applications from being overwritten or replaced by malicious third parties. It's actually a sign.
(3) Ensure application version consistency
Generally, the application will be updated, that is, the version will be upgraded. If the signature of the application is inconsistent, it cannot be updated or replaced. Therefore, the signature of the application is the premise to ensure the smooth update and installation of the current application.
(4) Data and code can be shared among multiple programs through permission
Android provides a permission granting mechanism based on digital certificates. Applications can share general functions or data with other programs to those programs with the same digital certificates. If the protectionlevel of a permission is signature, the permission can only be granted to programs with the same digital certificate as the package in which the permission is located. On the other hand, Android system allows programs with the same digital signature to run in a process, and Android programs will treat them as the same program. Therefore, developers can develop their own programs in modules, and users only need to download the appropriate modules when needed.
The above is the explanation of the implementation steps of debugging officially signed by Android studio. If you have any questions, you can leave a message for discussion! Thank you for reading, hope to help you, thank you for your support to this site!