Hello, I'm working with Android application developers. We need to recognize which APK package(.apk) is unsigned application package or signed application package. Also we would like to distinguish which signed APK package is signed by private key or signed by debug key. I know we could find these with Jarsigner tool. But we can't figure out that way. We have to find out with actual APK package(.apk file) which is generated by developers.
Here we found some clue. When we uncompressed the signed APK package then we found a foler(META- INF) and three files(CERT.RSA, CERT, MANIFEST.MF). When we open the CERT.RSA file with text editor, I could find the text, "Android Debug" in .apk was signed with the debug key. So here is our question, 1. If I find the specific text, "Android Debug", then .apk is signed with the debug key.(correct or incorrect?) 2. If I uncompressed .apk and there is no CERT.RSA(*.RSA, I guess some case the file name is differnt) then .apk is unsigned. (correct or incorrect?) Thank you for reading my question. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
