android_app_import strips signature of certain APKs

119 views
Skip to first unread message

Mikko Koivisto

unread,
Aug 24, 2022, 5:49:26 PMAug 24
to Android Building
I’m trying to include WhatsApp.apk to the image of Cuttlefish virtual device. The rule looks like this:
android_app_import {
name: "WhatsApp",
apk: "WhatsApp.apk",
presigned: true,
product_specific: true,
dex_preopt: {
  enabled: false,
},
}


However, when doing the device build (lunch aosp_cf_x86_64_phone-userdebug) the signature changes:
mikko_koivisto@cf-dev-mikko:~/aosp/out$ apksigner verify -v target/product/vsoc_x86_64/product/app/WhatsApp/WhatsApp.apk
DOES NOT VERIFY
ERROR: JAR signer WHATSAPP.DSA: JAR signature META-INF/WHATSAPP.SF indicates the APK is signed using APK Signature Scheme v2 but no such signature was found. Signature stripped?


The app in the original location shows:
mikko_koivisto@cf-dev-mikko:~/aosp$ apksigner verify -v device/google/cuttlefish/guest/prebuilts/WhatsApp.apk
Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): false
Verified using v3.1 scheme (APK Signature Scheme v3.1): false
Verified using v4 scheme (APK Signature Scheme v4): false
Verified for SourceStamp: false
Number of signers: 1


Missing signature makes PackageManager to reject the app included in the image and it won't be visible in launcher.
I believe the behavior has changed in aosp master during last couple of weeks. The behavior is also apk-dependent since some apks (with similar android_app_import parameters) build just fine.
Best Regards,
Mikko
Reply all
Reply to author
Forward
0 new messages