Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

3.0.0 - Remove "-c/--copy-original" #2129

Closed
iBotPeaches opened this issue Jul 13, 2019 · 18 comments
Closed

3.0.0 - Remove "-c/--copy-original" #2129

iBotPeaches opened this issue Jul 13, 2019 · 18 comments
Assignees
@iBotPeaches

Comments

@iBotPeaches
Copy link
Owner

iBotPeaches commented Jul 13, 2019
edited
Loading

Per deprecation note, this feature will be removed in Apktool v2.5.0 v2.6.0 due to stricter Android builds making it useless.
@iBotPeaches iBotPeaches self-assigned this Jul 13, 2019
iBotPeaches added a commit that referenced this issue Jul 13, 2019
@iBotPeaches
fix: add deprecation notice into code for #2129
81acde7
@KevinX8
Copy link

KevinX8 commented Jul 28, 2019

Could you please specfiy what change in newer android builds breaks this function? I am unable to find any documentation about it online.

@iBotPeaches
Copy link
Owner Author

@KevinX8 https://source.android.com/security/apksigning#schemes

Injection of files without resigning application will not work without taking out layers of AOSP security with modified ROMs. So best choice of action is to remove the feature to prevent confusion.

@KevinX8
Copy link

KevinX8 commented Sep 6, 2019

@KevinX8 https://source.android.com/security/apksigning#schemes

Injection of files without resigning application will not work without taking out layers of AOSP security with modified ROMs. So best choice of action is to remove the feature to prevent confusion.

Hmm well could you add a warning that the features doesn't work on apps that use v3 or higher instead as the feature is still useful for apps on v2 or lower, which for some reason some app developers still use eg YouTube.

@Ticklefish
Copy link

I hate to be annoying but is it possible this feature could be left in apktool? I know V2 and V3 signing makes it redundant but it's still very useful for people trying to mod their system apps (framework-res.apk, SystemUI.apk, ETC).
I've yet to encounter any roms where those files are signed with either the V2 or V3 methods.

It's not a major problem if the feature is removed, we can get around it, but it's really handy to have the option there.

@X1nto
Copy link

X1nto commented Oct 28, 2019

As Kevin said, YouTube still uses V1, which makes it handy to modify and add layers to it, can you put a warning for apps that use V3 and higher so it won't break anything and feature will still persist in app

@Ticklefish Ticklefish mentioned this issue Nov 30, 2019
Closed
@Ticklefish
Copy link

So...is this still set to be removed? It's a useful feature but I do see how it can confuse people.

@iBotPeaches
Copy link
Owner Author

I'll delay it till 2.6. Should be about 1-1.5 years.

@iBotPeaches iBotPeaches changed the title 2.5.0 - Remove "-c/--copy-original" 2.6.0 - Remove "-c/--copy-original" Dec 6, 2019
@Ticklefish Ticklefish mentioned this issue Dec 29, 2019
Closed
@Ticklefish
Copy link

I never did reply to this..

Thank you for delaying the removal. It's very helpful.

@Ticklefish Ticklefish mentioned this issue Dec 29, 2019
Closed
@Ticklefish Ticklefish mentioned this issue Jan 6, 2020
Closed
@Ticklefish Ticklefish mentioned this issue Jan 15, 2020
Closed
@iBotPeaches
Copy link
Owner Author

Updated tool to reflect delay to 2.6 - 94e224e

iBotPeaches added a commit that referenced this issue Nov 28, 2020
@iBotPeaches
docs: delay removal of -c to v2.6.0 - #2129
3cb814c
@iBotPeaches iBotPeaches pinned this issue Nov 29, 2020
@iBotPeaches
Copy link
Owner Author

I renamed 2.5.1 to 2.6.0 and after 2.6.0. Apktool is going in 2 branch directions

  • 2.6.1 - fixes release in 1-4 months after 2.6.0
  • 3.0.0 - big picture, removable of aapt1, redo option handling for easier maven use, redo cli, breaking changes

tldr - marking this 3.0.0.

@iBotPeaches iBotPeaches changed the title 2.6.0 - Remove "-c/--copy-original" 3.0.0 - Remove "-c/--copy-original" Sep 1, 2021
@tconn87
Copy link

tconn87 commented Jan 12, 2022

I'm new to modding, so I'm not sure I follow the thread. Can the original META-INF folder still be used if other files are modified? And the original app signature will remain intact?

@KevinX8
Copy link

KevinX8 commented Jan 12, 2022

No, the signature won't remain intact, this used to work for apps signed with v2 and below that were installed as system apps but now almost every app has switched to v3+, even YouTube which makes this feature obsolete, we found a completely different method to keep signature intact for vanced here: https://github.com/YTVanced/VancedManager/tree/compose/app/src/main/java/com/vanced/manager/core/installer/util

@tconn87
Copy link

tconn87 commented Jan 12, 2022

Is Vanced a mod of the YouTube app? If it is, is your method preserving the signature of Vanced, or of YouTube?

@KevinX8
Copy link

KevinX8 commented Jan 12, 2022

Is Vanced a mod of the YouTube app? If it is, is your method preserving the signature of Vanced, or of YouTube?

Yes, it preserves the signature of stock YouTube so that Google play services will function with vanced but the method will work with any app

@tconn87
Copy link

tconn87 commented Jan 12, 2022

Can you be my new best friend? I've been trying to capture network traffic from a Unity game. I've followed tutorials to edit network_security_config.xml. After rebuilding, zipaligning, and signing I've gotten to where I can see https traffic with a proxy but the Google Sign-In fails. I'll look through those files a bit more later to try to understand what they're doing (was looking during work for a bit, but had to give up). I haven't been active in Android Studio since before Kotlin came along and I couldn't find a good resource on the shell commands that were being executed. Can you explain it a bit more or is there a better forum to have this discussion?

@KevinX8
Copy link

KevinX8 commented Jan 12, 2022

Can you be my new best friend? I've been trying to capture network traffic from a Unity game. I've followed tutorials to edit network_security_config.xml. After rebuilding, zipaligning, and signing I've gotten to where I can see https traffic with a proxy but the Google Sign-In fails. I'll look through those files a bit more later to try to understand what they're doing (was looking during work for a bit, but had to give up). I haven't been active in Android Studio since before Kotlin came along and I couldn't find a good resource on the shell commands that were being executed. Can you explain it a bit more or is there a better forum to have this discussion?

Sure we can discuss it further on https://discord.gg/vanced

@mwilky
Copy link

mwilky commented Aug 22, 2022

Seems like the new android 13 release (Pixel 6 Pro) enforces the new signature standards on system apps for me now. I can no longer boot a decompiled/recompiled SystemUIGoogle, even when using original signatures.

Noticed Failed to scan /system_ext/priv-app/SystemUIGoogle: No APK Signature Scheme v2 signature in package /system_ext/priv-app/SystemUIGoogle/SystemUIGoogle.apk in the logcat

@bcoles bcoles mentioned this issue Feb 24, 2023
Open
@iBotPeaches
Copy link
Owner Author

No longer deprecating this. Still has uses.

@iBotPeaches iBotPeaches unpinned this issue Aug 1, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iBotPeaches iBotPeaches

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@iBotPeaches @tconn87 @mwilky @KevinX8 @Ticklefish @X1nto