Introduction

ZipSigner is an Android app for signing Zip, Apk, and/or Jar files on-board Android devices.  Similar to jarsigner and signapk, this app can be used to sign update zip files, APK, or JAR files using one of the four built-in keys, or with your own private keys.  The keystore and key creation features provide some of the same functionality as the Java keytool utility.

The built-in keys and auto-select modes allow rooted themers and modders to sign updates and modified APKs.  Signing with private keys is an activity performed by developers in order to publish apps on Google play.

ZipSigner 2 was renamed to just "ZipSigner" as of the 3.3 release.

Features

  • Works without root permissions.
  • Signing activity is callable by other apps via an Intent
  • Integrated file browser for picking input and output files (v1.2)
  • Output files are automatically zip-aligned (v1.3)
  • The compression mode and size of entries in the input file are preserved in the output (v1.3)
  • Sign with your choice of key: media, platform, shared, or testkey (v1.4)
  • Auto-modes for determining which key to sign with (v1.4)
  • Automatically generate the output filename based on the input filename -- "input.zip" becomes "input-signed.zip" (v1.5)
  • Sign with your own keys (v2.4)
  • Create your own keys and self-signed certificates. View key and certificate properties. (v2.7)
  • Display certificate fingerprints and key hashes. Values can be copied to the clipboard on long-press. (v3.1)

Zip Picker Activity

This is the activity launched by default. From this screen you can enter the input and output files. When you click "Sign File" the Zip Signer Activity is launched.

Selecting Input/Output Files

The "Choose In/Out...", "Input...", and "Output..." buttons launch an integrated file browser to select the input and output file parameters. Upon selection, the file name text fields are updated. When using "Choose In/Out..." the output filename is automatically set base on the name of the selected input file -- e.g., "input.zip" becomes "input-signed.zip" for the output filename (v1.5).

Key/Mode

Prior to v1.4 ZipSigner always signed with the "testkey". This is also the key required in most cases when signing an update zip file for Android.

ZipSigner can sign with the four Google keys: "media", "platform", "shared", and "testkey". Specifying one of the four keys directly as the key/mode will force the output to be signed with the specified key, regardless of which key the input file was signed with. There are also three auto-select key modes -- "auto", "auto-testkey", and "auto-none".

Mode Name Description
auto In auto mode ZipSigner examines the signature block of the input file and automatically determines which key should be used to sign the file such that the output is signed with the same key as the input file. In "auto" mode the signing operation will fail if it can't determine which of the four keys to use.
auto-testkey The mode "auto-testkey" is similar except ZipSigner falls back to the testkey if it cant automatically determine which key to use.
auto-none In this mode, if the signing key can't be determined automatically then the input file is simply copied to the output file. This results in unsigned output when the key can't be determined.
none In this mode the input file is simply copied to the output file. NOTE: this results in unsigned output unless the input was already signed. The only practical benefit of this mode is that the output will be zip-aligned.

Starting in version 2.4, the Key/Mode list can contain the names of your own keys.  See Working with Your Own Keys for more details.

My Keys Activity

You can sign files with your own keys contained in one or more keystore files.  This activity screen provides the ability to work with keystores and private keys.  See Working with Your Own Keys for more details.


Zip Signer Activity

This activity signs the files specified in the Intent extras. This activity can be called by any other app to sign files. See the source code of the Zip Picker for an example.