views:

111

answers:

2

Hello,
If I have a JAR (Android APK), and I signed it like this:

jarsigner -keystore my.keystore someApk.apk myAlias

How do I un-sign it? Because if I open it as a zip file and try to extract the AndroidManifest.xml, they are all messed up. Thanks,
Isaac Waller

+1  A: 

If you don't care about the manifest and other meta information (which you probably don't since you just want to extract resources) you can just extract the files with jar -xvf myjar.jar, delete the META-INF directory, and create a new (unsigned jar).

If you do care about the meta information, take a look at Understanding Signing and Verification for a description of what signing does. You should be able to un-sign the jar by editing the manifest and deleting the signature file in the jar's META-INF directory.

The above might answer your question, but they might not solve your problem, because I am not sure how having a signed jar would result in resources' being "messed up". The resources themselves are unaffected by the signing process. If you just extract resources via the jar command itself (as in the second paragraph above), do you still have problems?

Marty Lamb
Hello, What I need is the AndroidManifest.xml in the JAR (APK) file. I should of been more specific. Thanks, Isaac
Isaac Waller
A: 

It turns out that the problem is not related to the signing at all - it's because the XML file is compiled. To look at the contents of this file you must use the aapt tool.

Isaac Waller