signapk is a free cross-platform standalone tool to sign the Android APK file, it's written in C/C++ and has compatible command line arguments with Google ApkSigner.
signapk is implemented from scratch in C/C++ according to ApkSigner docs, because there are many factors involved in APK signing. If you have problems with the signature, please submit an issue at https://github.com/dvdforge/signapk/issues.
keytool -importkeystore -srckeystore-srcstoretype PKCS12 -destkeystore -deststoretype JKS -srcstorepass mysecret -deststorepass mysecret -srcalias myalias -destalias myalias -srckeypass mykeypass -destkeypass mykeypass -noprompt
signapk
| Command | Description |
|---|---|
| sign | Sign the provided APK |
| verify | Check whether the provided APK is expected to verify on Android |
| Options | Description |
|---|---|
| --ks | KeyStore file |
| --ks-key-alias | KeyStore key alias |
| --ks-pass | KeyStore password |
| --key-pass | Key password |
| --in | Input file |
| --out | Output file |
| --help -h |
Help |
| --verbose -v |
Verbose output |
| --v1-signing-enabled | Whether to enable signing using APK Signature Scheme v1 |
| --v2-signing-enabled | Whether to enable signing using APK Signature Scheme v2 |
| --v3-signing-enabled | Whether to enable signing using APK Signature Scheme v3 |
| --min-sdk-version | Lowest API Level |
| --max-sdk-version | Highest API Level |
# Sign the in.apk with signing scheme v1/v2/v3, output to out.apk
signapk sign --ks rsa_1024.jks --ks-pass pass:android --key-pass pass:android --v1-signing-enabled true --v2-signing-enabled true --v3-signing-enabled true --out out.apk in.apk
# Verify app.apk
signapk verify --verbose app.apk