.\" Automatically generated by Pandoc 2.17.1.1 .\" .\" Define V font for inline verbatim, using C font in formats .\" that render this, and otherwise B font. .ie "\f[CB]x\f[]"x" \{\ . ftr V B . ftr VI BI . ftr VB B . ftr VBI BI .\} .el \{\ . ftr V CR . ftr VI CI . ftr VB CB . ftr VBI CBI .\} .TH "apksigcopier" "1" "2023-02-08" "v1.1.1" "General Commands Manual" .hy .SH NAME .PP apksigcopier - copy/extract/patch android apk signatures & compare apks .SH SYNOPSIS .PP \f[B]apksigcopier\f[R] copy [\f[I]options\f[R]] \f[I]signed_apk\f[R] \f[I]unsigned_apk\f[R] \f[I]output_apk\f[R] .PP \f[B]apksigcopier\f[R] extract [\f[I]options\f[R]] \f[I]signed_apk\f[R] \f[I]output_dir\f[R] .PP \f[B]apksigcopier\f[R] patch [\f[I]options\f[R]] \f[I]metadata_dir\f[R] \f[I]unsigned_apk\f[R] \f[I]output_apk\f[R] .PP \f[B]apksigcopier\f[R] compare [\f[I]options\f[R]] \f[I]first_apk\f[R] \f[I]second_apk\f[R] .PP \f[B]apksigcopier\f[R] --version .PP \f[B]apksigcopier\f[R] --help .PP \f[B]apksigcopier\f[R] [\f[I]command\f[R]] --help .SH DESCRIPTION .PP A command line tool for copying android APK signatures from a signed APK to an unsigned one (in order to verify reproducible builds). It can also be used to compare two APKs with different signatures. .SH COMMANDS .SS copy .PP Copy (extract & patch) signatures from signed to unsigned APK. .SS extract .PP Extract APK signatures from signed APK. .SS patch .PP Patch extracted APK signatures onto unsigned APK. .SS compare .PP Compare two APKs by copying the signature from the first to a copy of the second and checking if the resulting APK verifies. .PP This command requires apksigner(1). .PP NB: copying from an APK v1-signed with signflinger to an APK signed with apksigner works, whereas the reverse fails; see the FAQ in the README. .SH OPTIONS .SS copy/extract/patch .PP --v1-only [no|auto|yes] .PP Whether to expect only a v1 signature: \f[I]no\f[R] means a v2 signature is expected as well, \f[I]auto\f[R] means the presence of a v2 signature is detected automatically, and \f[I]yes\f[R] means a v2 signature is not expected (and ignored if it does exist). Default: \f[I]no\f[R]. .PP You can also set the environment variable \f[B]APKSIGCOPIER_V1_ONLY\f[R] instead. .SS compare .PP --unsigned .PP Accept unsigned \f[I]second_apk\f[R]. .PP --min-sdk-version .PP Passed to apksigner(1) when verifying. .PP --verify-cmd .PP Command (with arguments) used to verify APKs. Default: \f[I]apksigner verify\f[R]. .SH ENVIRONMENT VARIABLES .PP The following environment variables can be set to \f[I]1\f[R], \f[I]yes\f[R], or \f[I]true\f[R] to override the default behaviour. .SS APKSIGCOPIER_EXCLUDE_ALL_META .PP Exclude all metadata files, not just MANIFEST.MF. .SS APKSIGCOPIER_COPY_EXTRA_BYTES .PP Copy extra bytes after data (e.g.\ an existing v2 signature). .SS APKSIGCOPIER_SKIP_REALIGNMENT .PP Skip realignment of ZIP entries. .SH EXAMPLES .SS extract .IP .nf \f[C] $ mkdir meta $ apksigcopier extract signed.apk meta $ ls -1 meta 8BEA2A77.RSA 8BEA2A77.SF APKSigningBlock APKSigningBlockOffset MANIFEST.MF \f[R] .fi .SS patch .IP .nf \f[C] $ apksigcopier patch meta unsigned.apk out.apk \f[R] .fi .SS copy .IP .nf \f[C] $ apksigcopier copy signed.apk unsigned.apk out.apk \f[R] .fi .SS compare .IP .nf \f[C] $ apksigcopier compare foo-from-fdroid.apk foo-built-locally.apk $ apksigcopier compare foo.apk --unsigned foo-unsigned.apk \f[R] .fi .SH SEE ALSO .PP apksigner(1) .SH COPYRIGHT .PP Copyright \[co] 2023 FC Stegerman. License GPLv3+: GNU GPL version 3 or later . This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. .SH AUTHORS FC Stegerman .