Closed iBotPeaches closed 1 year ago
Could you please specfiy what change in newer android builds breaks this function? I am unable to find any documentation about it online.
@KevinX8 https://source.android.com/security/apksigning#schemes
Injection of files without resigning application will not work without taking out layers of AOSP security with modified ROMs. So best choice of action is to remove the feature to prevent confusion.
@KevinX8 https://source.android.com/security/apksigning#schemes
Injection of files without resigning application will not work without taking out layers of AOSP security with modified ROMs. So best choice of action is to remove the feature to prevent confusion.
Hmm well could you add a warning that the features doesn't work on apps that use v3 or higher instead as the feature is still useful for apps on v2 or lower, which for some reason some app developers still use eg YouTube.
I hate to be annoying but is it possible this feature could be left in apktool? I know V2 and V3 signing makes it redundant but it's still very useful for people trying to mod their system apps (framework-res.apk, SystemUI.apk, ETC). I've yet to encounter any roms where those files are signed with either the V2 or V3 methods.
It's not a major problem if the feature is removed, we can get around it, but it's really handy to have the option there.
As Kevin said, YouTube still uses V1, which makes it handy to modify and add layers to it, can you put a warning for apps that use V3 and higher so it won't break anything and feature will still persist in app
So...is this still set to be removed? It's a useful feature but I do see how it can confuse people.
I'll delay it till 2.6. Should be about 1-1.5 years.
I never did reply to this..
Thank you for delaying the removal. It's very helpful.
Updated tool to reflect delay to 2.6 - https://github.com/iBotPeaches/Apktool/commit/94e224ee3f7ec456ace7ce153d28ab1435de03c8
I renamed 2.5.1 to 2.6.0 and after 2.6.0. Apktool is going in 2 branch directions
tldr - marking this 3.0.0.
I'm new to modding, so I'm not sure I follow the thread. Can the original META-INF
folder still be used if other files are modified? And the original app signature will remain intact?
No, the signature won't remain intact, this used to work for apps signed with v2 and below that were installed as system apps but now almost every app has switched to v3+, even YouTube which makes this feature obsolete, we found a completely different method to keep signature intact for vanced here: https://github.com/YTVanced/VancedManager/tree/compose/app/src/main/java/com/vanced/manager/core/installer/util
Is Vanced a mod of the YouTube app? If it is, is your method preserving the signature of Vanced, or of YouTube?
Is Vanced a mod of the YouTube app? If it is, is your method preserving the signature of Vanced, or of YouTube?
Yes, it preserves the signature of stock YouTube so that Google play services will function with vanced but the method will work with any app
Can you be my new best friend? I've been trying to capture network traffic from a Unity game. I've followed tutorials to edit network_security_config.xml
. After rebuilding, zipaligning, and signing I've gotten to where I can see https traffic with a proxy but the Google Sign-In fails. I'll look through those files a bit more later to try to understand what they're doing (was looking during work for a bit, but had to give up). I haven't been active in Android Studio since before Kotlin came along and I couldn't find a good resource on the shell commands that were being executed. Can you explain it a bit more or is there a better forum to have this discussion?
Can you be my new best friend? I've been trying to capture network traffic from a Unity game. I've followed tutorials to edit
network_security_config.xml
. After rebuilding, zipaligning, and signing I've gotten to where I can see https traffic with a proxy but the Google Sign-In fails. I'll look through those files a bit more later to try to understand what they're doing (was looking during work for a bit, but had to give up). I haven't been active in Android Studio since before Kotlin came along and I couldn't find a good resource on the shell commands that were being executed. Can you explain it a bit more or is there a better forum to have this discussion?
Sure we can discuss it further on https://discord.gg/vanced
Seems like the new android 13 release (Pixel 6 Pro) enforces the new signature standards on system apps for me now. I can no longer boot a decompiled/recompiled SystemUIGoogle, even when using original signatures.
Noticed Failed to scan /system_ext/priv-app/SystemUIGoogle: No APK Signature Scheme v2 signature in package /system_ext/priv-app/SystemUIGoogle/SystemUIGoogle.apk
in the logcat
No longer deprecating this. Still has uses.
Per deprecation note, this feature will be removed in Apktool ~v2.5.0~ v2.6.0 due to stricter Android builds making it useless.