B22 Jarsigner

Once you have a private key, you can use it to sign your application files. Signing your files is done using the jarsigner tool. Before you can use the jarsigner tool, you need to export your project as an unsigned .apk archive. To export your project using the Eclipse/ADT environment, right-click and select the Android Tools > Export Unsigned Application Package option, as shown in figure B.1.

Once you have an unsigned archive file, then you can use the jarsigner tool to sign it with your key, as shown here:

jarsigner -verbose -keystore my-release-key.keystore RestaurantFinder.apk W my_key

This command tells the jarsigner tool to use the previously defined keystore file (my-release-key.keystore) for the particular .apk, using the specified key (designated by the key alias my_key).

Figure B.1 Using Android Tools from the Eclipse/ADT environment to export an unsigned application archive package

Once you enter this command and use the correct password, jarsigner will create a few metadata files (a manifest, for example) and will digitally sign each file in the archive with your key, as shown here:

adding adding adding signing signing signing signing signing signing signing signing signing signing signing

META-INF/MANIFEST.MF

META-INF/TOTSP_KE.SF

META-INF/TOTSP_KE.RSA

res/anim/scaler.xml res/drawable/no_review_image.png res/drawable/restaurant_icon.png res/layout/review_criteria.xml res/layout/review_detail.xml res/layout/review_list.xml res/layout/spinner_view.xml res/layout/spinner_view_dropdown.xml

AndroidManifest.xml resources.arsc classes.dex

Jarsigner is the last step; after your archive is signed with your key, it's ready to be installed on a device and tested outside debug mode. You can use the adb tools to install a signed .apk archive (adb install [path_to_apk] ), or you can optionally use the very handy APK Installer application that is available in the Android Market (http://www.android.com/market/).

The APK Installer tool lets you install archives that are copied onto your SD card, as opposed to using the adb. Once you plug your device in via USB, you can elect to mount the device (following the on-device screen instructions) and copy files to it. This works like any USB drive, and you can drag your .apk onto your phone. With an .apk archive on your SD card, you can then browse to it from the APK Installer and select Install—it will take care of the rest.

The streamlined process we have outlined here, creating a key and signing your applications with it, is the bare minimum that you need to install an application on an Android device in non-debug mode. For more detailed information you should review the Android documentation in this area (http://code.google.com/android/devel/ sign-publish.html - signing).

Once you are familiar with signing your applications, the next thing you need to do is perform some final cleanup before actual distribution to end users.

0 0

Post a comment