Android: how to edit AndroidManifest.xml

Sometime to edit a system apk we have to edit its AndroidManifest.xml but we can't simple edit it otherwise we will corrupt the signature and the edited apk will not be loaded at system boot.

We could disable the signature check in the services.jar or resign every apk in the rom but these aren't the more elegant solutions.

After editing the AndroidManifest.xml in a system's apk we can check the edited apk's signature in .apk/META-INF/CERT.RSA and then re-sign every system apk that has its same serial number in the signature.

With this command we will have every info about the certificate:

keytool -printcert -v -file .apk/META-INF/CERT.RSA

and with this command we will have the Serial number:

keytool -printcert -v -file CERT.RSA|grep "Serial number"| cut -c 19-23

We can re-sign the apk with signapk using the own certificate, the test certificate or the AOSP certificate. Here the certificates.

This is the command to sign the apk with the test certificate:

java -Xmx512M -jar signapk.jar testkey.x509.pem testkey.pk8 .apk .apk.signed

and this is the command to sign the apk with the aosp certificate:

java -Xmx512M -jar signapk.jar platform.x509.pem platform.pk8 .apk .apk.signed

To automate the entire process we can use these scripts:

#!/bin/bash

cd app

for filename in *.apk
do
	unzip -d $filename.extract $filename META-INF/CERT.RSA
	if [ -f $filename.extract/META-INF/CERT.RSA ]
	then
		mkdir `keytool -printcert -v -file $filename.extract/META-INF/CERT.RSA|grep "Serial number"| cut -c 19-23`
		mv $filename `keytool -printcert -v -file $filename.extract/META-INF/CERT.RSA|grep "Serial number"| cut -c 19-23`/$filename
		mv `echo $filename | sed 's/\(.*\.\)apk/\1odex/'` `keytool -printcert -v -file $filename.extract/META-INF/CERT.RSA|"Serial number"| cut -c 19-23`/`echo $filename | sed 's/\(.*\.\)apk/\1odex/'`
		rm -rf $filename.extract
	else
		mkdir none
		mv $filename none
		mv `echo $filename | sed 's/\(.*\.\)apk/\1odex/'` none
		rm -rf $filename.extract
	fi
done;

mkdir other
mv * other
mv other/1446 motorola
mv other/b399 platform
mv other/f2a7 shared
mv other/f2b9 media
mv other/936e test
#!/bin/bash

cd app

for filename in `find . -name '*.apk' -or -name '*.jar'`
do
	echo $filename
	java -Xmx512M -jar signapk.jar platform.x509.pem platform.pk8 $filename $filename.signed
	rm $filename
	mv $filename.signed $filename
done;