When I am trying to install third party apk using ADB
tool, I have faced "Failure
[INSTALL_PARSE_FAILED_NO_CERTIFICATES]" error.
To resolve the issue, I have followed few steps.
Open command prompt; Go to your debug.keystore
location.
For eg:
You can find the
debug.keystore file in the following
location
C:\Documents
and Settings\User\.android
1.
Using Zip align copied apk.
zipalign -v 4 D:\Test.apk
D:\Testc.apk
2.
keytool -genkey -v -keystore debug.keystore
-alias sampleName -keyalg RSA
-keysize 2048 -validity 20000
Now
a prompt will ask for
- Password
- First and lastname
- Name of Organization unit
- Name of Organization
- City
- State
- Country
After
entering these fields we get our Certificate
3.
jarsigner -verbose -keystore debug.keystore D:\Testc.apk sampleName
In some cases we need add -sigalg SHA1withRSA -digestalg SHA1 arguments to work out the step 3
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore debug.keystore D:\Testc.apk sampleName
Now it will ask for the password and then it will replace the apk with the signed one.
jarsigner -verbose -keystore debug.keystore D:\Testc.apk sampleName
In some cases we need add -sigalg SHA1withRSA -digestalg SHA1 arguments to work out the step 3
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore debug.keystore D:\Testc.apk sampleName
Now it will ask for the password and then it will replace the apk with the signed one.
To check whether it is working or not, you can check
using the following command.
jarsigner
-verify D:\Testc.apk
Then
I have installed apk using ADB.
Adb
install D:\Testc.apk
Thanks for reading :)
If you have any other quick thoughts/hints that you think people will find useful, feel free to leave a comment.
Thanks for the post
ReplyDeleteI got error in verifying the jar file..
Error : java.lang.securityexception: "invalid SHA1 signature file digest for res/layout/main.xml"
I was testing a sample third party app robotium.googlecode.com/files/AndroidCalculator.apk
Any help would be greatly appreciated..
Thanks,
Srini
Hi Srini,
DeleteI have checked out the project from the URL robotium.googlecode.com/files/AndroidCalculator.zip and http://robotium.googlecode.com/files/AndroidCalculator.apk
I haven't faced any error. both are working fine.
what is the password we have to enter in the cmd prompt?
ReplyDeleteIn step 2, whatever password is given by the user.
DeleteThe same one should be used when password is asked
The same problem exists on JDK7, but the solution is different.
ReplyDelete"It works with JDK 7 if I specify the parameters "-digestalg SHA1 -sigalg MD5withRSA" for jarsign, but not with the default algorithms, whatever they are."
http://code.google.com/p/android/issues/detail?id=19567
hi Vardhan
ReplyDeletewhen i,am run this command (keytool -genkey -v -keystore debug.keystore -alias VritiEducation -keyalg RSA -keysize 2048 -validity 20000) terminal, then get this Exception
Please help me........
keytool -genkey -v -keystore debug.keystore -alias VritiEducation -keyalg RSA -keysize 2048 -validity 20000
Enter keystore password:
keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect
java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:788)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1201)
at sun.security.tools.KeyTool.doCommands(KeyTool.java:742)
at sun.security.tools.KeyTool.run(KeyTool.java:194)
at sun.security.tools.KeyTool.main(KeyTool.java:188)
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:786)
... 5 more
If you receive the following error: "keytool error: java.io.IOException: Keystore was tampered with, or password was incorrect", it probably means that the value you specified for store_path already exists. Move or rename the file and rerun keytool.
DeleteNormally To generate a new keystore file we will be using that command.
thanks, it worked , saved me a lot of time :-)
ReplyDeleteHi there, I've done the abov and it verified the jar successfully with jarsigner -verify
ReplyDeletejar verified.
But when trying adb install I still get the PARSE FAILED NO CERTIFICATES
Check this command:
Delete"jarsigner -verify -verbose -certs your.apk"
If jar is verified then there is no problem of certificate
You can check the apk is certified or not in the console.
you can try this command:
"zipalign -v 4 your.apk new_your.apk"
Then the generated apk, you can install.
I re-followed your tutorial, seems somehow I missed out the zipalign bit initially :/. re-did it all but now on adb install -r myapk.apk, I am getting the following:
Deleteroot@ben:/home/ben/Myapk1.02/dist# adb install -r myAPKc.apk
445 KB/s (4851069 bytes in 10.641s)
pkg: /data/local/tmp/myAPKc.apk
Failure [INSTALL_PARSE_FAILED_INCONSISTENT_CERTIFICATES]
I then checked the jarsigner as per your reply and got at the end,
jar verified.
Then did zipalign and got:
Verification successful.
Re-tried adb install -r and got the same error as above.
Ah, fixed, deleted the app off the phone rather than trying a re-install, all working! :)
DeleteCheers for the reply, and gret tutorial, very simple to follow.... (when I read it correctly)
zipalign -v 4 D:\Test.apk D:\Testc.apk....hai sir please Explain about this ,,When i am trying to insatall GoogleLoginservice.apk i am getting
ReplyDeleteD:\Android\sdk of me\sdk\platform-tools>adb install GoogleServicesFramework.apk
81 KB/s (2221760 bytes in 26.627s)
pkg: /data/local/tmp/GoogleServicesFramework.apk
Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES]
zipalign is an archive alignment tool that provides important optimization to Android application (.apk) files.
Delete-v : verbose output
4 : to be aligned on 4-byte boundaries
if the parser did not find any certificates in the .apk then we will be getting the following error INSTALL_PARSE_FAILED_NO_CERTIFICATES
great tutorial...
ReplyDeleteHello Vardhan.
ReplyDeleteI've done as you told, but get this when verifying :
C:\"Program Files (x86)"\Java\jdk1.6.0_29\bin\jarsigner -verify C:\fred\GoogleServicesFramework_.apk
jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for res/drawable-xhdpi/notification_system_update_download_failure.png
Where did I went wrong ?
If your png is unsigned then you will get following exception.
DeleteTry this "zipalign -f -v -c 4 GoogleServicesFramework_.apk GoogleServicesFramework_new.apk "
If above command wont work then try the below options
There are some security exception with higher version of java.
Try to add this parameters "-digestalg SHA1 -sigalg MD5withRSA" for jarsign and check.
or
You can install lower version like JDK 1.6.26
Hi Varadhan,
ReplyDeleteWhen i run jarsigner i get jar verified, but i also get extra warning messages. Is that ok ?
C:\Users\KarthikV\.android>jarsigner -verify D:\IRCTCMobile.apk
jar verified.
Warning:
This jar contains entries whose certificate chain is not validated.
Re-run with the -verbose and -certs options for more details.
No, if your certificate chain is not yet validate then there will be problem in uploading file to market.
DeleteRe-run with "jarsigner -verify -verbose -certs your.apk"
You can identify where the problem is.
Now getting different error. Thanks for reply.
ReplyDeleteStep i followed :
Command1 : keytool -genkeypair -alias androiddebugkey -keypass android -keystore debug.keystore -storepass android -dname "CN=Android Debug,O=Android,C=US" -validity 9999
Command 2 : keytool -list -alias androiddebugkey -keystore debug.keystore -storepass android -keypass android Successfully
Command 3 : jarsigner.exe -verbose -keystore debug.keystore FastNotepad.apk androiddebugkey
Executed the above 3 commands successfully after removing the signature folder(ieMETA-INF) folder in the FastNotepad.apk file.
After that executed "adb install FastNotepad.apk" command, for which i got error message Failure [Install_Parse_Failed_No_Certificates].
Tried with both JDK 1.7 and 1.6. Tried with 3 different Windows 7, Windows XP machines. Same error msg. Unable to proceed further. Plz help.
Thanks in advance.
Also after Command 3 execution deleted META-INF folder gets created in FastNotepad.apk. If there is any possibility to chat with u directly plz let me know. Thanks. My Id is kvteen (at) gmail dot com.
DeleteYou can upload your apk and send me a link, I will support you in finding the solution.
DeleteHi Harsha, Thanks for replying.
DeletePlease find the apk file in the below link. Size 4MB.
https://rapidshare.com/files/562623395/HandriteNotepad.apk
Please let me know in case of any other queries. Thanks.
Hi Karthik,
DeleteFrom your manifest file, I have understood little information.
META-INF Structure in Android is as follows
META-INF/MANIFEST.MF, META-INF/CERT.SF and META-INF/CERT.RSA
But I found this files ANDROIDD.DSA, ANDROIDD.SF and MANIFEST.MF
Your manifest file says
Created-By: 1.7.0_25 (Oracle Corporation) instead of Created-By: 1.0 (Android)
MANIFEST.MF contains the list of files present in the APK and digest. The default digest used is SHA-1
Android uses SHA1-Digest but it is SHA-256-Digest.
My guess the android project is not created by android guidelines.
CERT.RSA The .SF file is signed and the signature is placed in the .RSA file. Signature block files produced using the RSA algorithm are saved with the extension .RSA, those generated with DSA or EC keys with the .DSA or .EC extensions, respectively. Multiple signatures can be performed, resulting in multiple .SF and .RSA/DSA/EC files in the JAR file's META-INF/ directory.
I Prefer RSA, since supposed to encrypt the file with public key rather than doing with private key (DSA).
By the above information. I can say your apk is verified with jarsigner but not with android, since android can't understand your apk structure, so it says install parse failed no certificates even though all your objects in apk is certified by jarsigner
Thanks for reply. I fear it might be one of the issues mentioned here
Deletehttp://code.google.com/p/android/issues/detail?id=830
The below is the error message i got from logcat. Exception reading res/layout/booking_
view.xml. SO renamed and deleted the /booking_view.xml but got same type error with next xml file in res/layout/. Any idea whats happening ? Once again thanks for reply.
07-19 02:58:46.743 D/AndroidRuntime( 1339):
07-19 02:58:46.743 D/AndroidRuntime( 1339): >>>>>> AndroidRuntime START com.andr
oid.internal.os.RuntimeInit <<<<<<
07-19 02:58:46.743 D/AndroidRuntime( 1339): CheckJNI is ON
07-19 02:58:46.803 D/dalvikvm( 1339): Trying to load lib libjavacore.so 0x0
07-19 02:58:46.823 D/dalvikvm( 1339): Added shared lib libjavacore.so 0x0
07-19 02:58:46.863 D/dalvikvm( 1339): Trying to load lib libnativehelper.so 0x0
07-19 02:58:46.873 D/dalvikvm( 1339): Added shared lib libnativehelper.so 0x0
07-19 02:58:47.903 D/AndroidRuntime( 1339): Calling main entry com.android.comma
nds.pm.Pm
07-19 02:58:47.983 W/ActivityManager( 280): No content provider found for permi
ssion revoke: file:///data/local/tmp/IRCTCMobile.apk
07-19 02:58:48.043 W/ActivityManager( 280): No content provider found for permi
ssion revoke: file:///data/local/tmp/IRCTCMobile.apk
07-19 02:58:48.043 I/PackageManager( 280): Copying native libraries to /data/ap
p-lib/vmdl-780346396
07-19 02:58:48.203 W/PackageParser( 280): Exception reading res/layout/booking_
view.xml in /data/app/vmdl-780346396.tmp
07-19 02:58:48.203 W/PackageParser( 280): java.lang.SecurityException: META-INF
/ANDROIDD.SF has invalid digest for org/htmlparser/parserapplications/filterbuil
der/images/open.gif in /data/app/vmdl-780346396.tmp
07-19 02:58:48.203 W/PackageParser( 280): at java.util.jar.JarVerifier.inv
alidDigest(JarVerifier.java:131)
07-19 02:58:48.203 W/PackageParser( 280): at java.util.jar.JarVerifier.ver
ifyCertificate(JarVerifier.java:350)
07-19 02:58:48.203 W/PackageParser( 280): at java.util.jar.JarVerifier.rea
dCertificates(JarVerifier.java:258)
07-19 02:58:48.203 W/PackageParser( 280): at java.util.jar.JarFile.getInpu
tStream(JarFile.java:378)
07-19 02:58:48.203 W/PackageParser( 280): at android.content.pm.PackagePar
ser.loadCertificates(PackageParser.java:446)
07-19 02:58:48.203 W/PackageParser( 280): at android.content.pm.PackagePar
ser.collectCertificates(PackageParser.java:634)
07-19 02:58:48.203 W/PackageParser( 280): at com.android.server.pm.Package
ManagerService.installPackageLI(PackageManagerService.java:7859)
07-19 02:58:48.203 W/PackageParser( 280): at com.android.server.pm.Package
ManagerService.access$1900(PackageManagerService.java:172)
07-19 02:58:48.203 W/PackageParser( 280): at com.android.server.pm.Package
ManagerService$5.run(PackageManagerService.java:5995)
07-19 02:58:48.203 W/PackageParser( 280): at android.os.Handler.handleCall
back(Handler.java:725)
07-19 02:58:48.203 W/PackageParser( 280): at android.os.Handler.dispatchMe
ssage(Handler.java:92)
07-19 02:58:48.203 W/PackageParser( 280): at android.os.Looper.loop(Looper
.java:137)
07-19 02:58:48.203 W/PackageParser( 280): at android.os.HandlerThread.run(
HandlerThread.java:60)
07-19 02:58:48.213 E/PackageParser( 280): Package com.rambalaboina.irctc has no
certificates at entry res/layout/booking_view.xml; ignoring!
07-19 02:58:48.404 D/dalvikvm( 280): GC_EXPLICIT freed 296K, 16% free 5810K/688
8K, paused 16ms+15ms, total 173ms
07-19 02:58:48.484 D/AndroidRuntime( 1339): Shutting down VM
07-19 02:58:48.503 D/dalvikvm( 1339): GC_CONCURRENT freed 117K, 21% free 469K/58
8K, paused 1ms+2ms, total 17ms
If you resign the new one with a different signing key then also you will get this issue.
DeleteI want to know, how you are generating apk file, its through ant or maven or with eclipse?
Generating apk file ? You mean where i get my apk file. I just download from frees sites. For Eg : For IRTCT apk file i downloaded form the below given link.
Deletehttp://www.torrapk.com/index.php/en/dwld/29-travel/2466-download-irctc-mobile-app-apk-20
After i download i open it using 7 Zip Manager and delete the META_INF folder and run the above mentioned 3 commands.
Also in your previous comments you have mentioned "android project is not created by android guidelines." So should i run different types of command ? Is there any way to solve it ?
Once again. Thanks for reply.
If apk is signed properly and then if you want to do this steps, we can't do because you won't have the private key of the keystore file with you, so you can't override properly.
DeleteSo is there any way to make it work ? Do u need any more information to find the root cause ? How to proceed further ? Can i start fresh ?
DeleteAny way to proceed further ?
DeleteHi Karthik,
DeleteI have tried when the apk is not signed but you are checking with apk which is signed already and trying to modify only certificate.
I haven't tried this approach.
When i get a time, I will also check from my side to achieve your idea.
i recompiled the app and after following the above [rocess i face this problem
ReplyDeleteThis jar contains entries whose certificate chain is not validated.
Try to generate apk from eclipse ADT and check.
Deleteor
The above steps are for Java 1.6 not for Java 1.7, If you're using 1.7 plz uninstall and use 1.6
For 1.7 commands has to be changed
PLease I have not understand any of the ABOVE BLOG, but I have this error.... what to do now? Please explain me step by step...
ReplyDeleteall the points shown in step by step.
DeleteIf your facing problem in any step, please let me know. I ca explain.
For Android Studio
ReplyDeleteTarget : Android 5.0
Build --> Build APK (not Generate Signed APK)
pm install /dir/XXX.apk
maybe works