Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Calabash-android resign with signature scheme v2 #951

Open
abeljus opened this issue May 16, 2022 · 1 comment
Open

Calabash-android resign with signature scheme v2 #951

abeljus opened this issue May 16, 2022 · 1 comment

Comments

@abeljus
Copy link

abeljus commented May 16, 2022

I'm trying to install and run a debug APK with Calabash-android, but it is failing because the scheme of the signature.

My original APK is signed with the debug keystore using scheme v2 (signed when building it via gradle):

$ apksigner verify -v myapp.apk
Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): true

However, it cannot be used as it is with calabash-android (getting error No signature files found in META-INF. Cannot proceed.), so I need to resign it with calabash:

$ calabash-android resign myapp.apk

Signing process seems to work fine, but when I try to install the just signed APK I'm getting this error:

adb: failed to install /Users/acampos/myapp.apk: Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES: Scanning Failed.: No signature found in package of version 2 or newer for package com.myapp]

When trying to verify the signature of the new APK, this is the result:

$ apksigner verify -v myapp.apk
DOES NOT VERIFY
ERROR: Target SDK version 30 requires a minimum of signature scheme v2; the APK is not signed with this or a later signature scheme
...

It seems that the latest Android versions need scheme v2 for the signatures, but calabash resign action is still using v1.

I have already tried creating a new debug.keystore, changing to different versions (ruby, calabash-android, etc.),..., but no success.

Any idea about how to make calabash sign the APK using scheme v2?

Thank you!
@olbartek
Copy link

olbartek commented Jul 27, 2023
edited
Loading

I was able to get around this by using apksigner instead of calabash-android for signing the app.
Instead of resigning the app with calabash-android resign myapp.apk you can try to do the following:

  • sign the test server using calabash-android: bundle exec calabash-android build <path_to_apk>
  • sign the app using apksigner: apksigner sign --ks <path_to_debug_keystore> <path_to_apk>

Just make sure that you're signing the app with the same keystore that is being used to sign the test server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@olbartek @abeljus