Resigning system.img on a device
Ok, so we figured it out. I am not going to go into full detail (too much writing), but here is the basic gist for anyone who stumbles on this:
If you want change the key which the system is signed with, you need to do the following steps:
- Extract
/system/
dir from the running phone - Inspect the
.apk
files (from/system/app
and/system/framework
) to figure out which ones are signed by the same key as theframework-res.apk
. I used a modified version of the script linked here to figure out which APKs to sign. - If the APKs in
/system/app
which share the signing key withframework-res.apk
are odexed, you need to de-odex them. - resign the APKs and the
framework-res.apk
and pack them in anupdate.zip
(google how to do that).
On my specific device I had to resign both /system/framework/framework-res.apk
and /system/framework/lge-res.apk
from /system/framework
and also had to de-odex and sign 20 .apks
from the /system/app
folder in order to get everything running smoothly.
The "system apk" is /system/framework/framework.jar
. I've never tried to re-sign the system image but I've written code which was part of the system image (not within a normal apk project) and it became part of this jar. There are additional jars in this directory which may need to be re-signed also.
The signature is created randomly and placed in two files in your build environment, build/target/product/security/platform.pk8
and build/target/product/security/platform.x509.pem
. I don't know how to extract these from a normal key store, however I've been able to copy them from one firmware build to another to ensure that both images had the same platform key. Also, I've been able to change the signature of APKs with this command: java -jar signapk.jar platform.x509.pem platform.pk8 Old.apk New.apk
. You'll find signapk.jar in your build, at out/host/linux-x86/framework/signapk.jar