copy¶

Copy (extract & patch) signatures from signed to unsigned APK.

extract¶

Extract APK signatures from signed APK.

patch¶

Patch extracted APK signatures onto unsigned APK.

compare¶

Compare two APKs by copying the signature from the first to a copy of the second and checking if the resulting APK verifies.

This command requires apksigner(1).

copy/extract/patch¶

--v1-only [no|auto|yes]

Whether to expect only a v1 signature: no means a v2 signature is expected as well, auto means the presence of a v2 signature is detected automatically, and yes means a v2 signature is not expected (and ignored if it does exist). Default: no.

You can also set the environment variable APKSIGCOPIER_V1_ONLY instead.

compare¶

--unsigned

Accept unsigned second_apk.

--min-sdk-version

Passed to apksigner(1) when verifying.

APKSIGCOPIER_EXCLUDE_ALL_META¶

Exclude all metadata files, not just MANIFEST.MF.

APKSIGCOPIER_COPY_EXTRA_BYTES¶

Copy extra bytes after data (e.g. an existing v2 signature).

extract¶

$ mkdir meta
$ apksigcopier extract signed.apk meta
$ ls -1 meta
8BEA2A77.RSA
8BEA2A77.SF
APKSigningBlock
APKSigningBlockOffset
MANIFEST.MF
    

patch¶

$ apksigcopier patch meta unsigned.apk out.apk
    

copy¶

$ apksigcopier copy signed.apk unsigned.apk out.apk
    

compare¶

$ apksigcopier compare foo-from-fdroid.apk foo-built-locally.apk
$ apksigcopier compare foo.apk --unsigned foo-unsigned.apk