想了解更多关于开源的应用签内容,请访问:
51CTO 开源基础软件社区
https://ost.51cto.com
OpenHarmony应用签名 - 厂商私有签名文章介绍如何生成厂商私有签名和修改运行系统中的应用签配置文件,使私有签名签出的应用签应用可以正常在系统中安装和使用。
本文我们将介绍:
说明:本文档使用的签名文件和密钥等信息已由OpenHarmony应用签名 - 厂商私有签名文档生成。
配置trusted_apps_sources.json文件,增加私有签名信息。注意“,”符号后面需要加入空格才可正常匹配。文件源码位置:
base/security/appverify/interfaces/innerkits/appverify/config/OpenHarmony/trusted_apps_sources.json
{ "name":"OpenHarmony-Tizi apps", "app-signing-cert":"C=CN, O=OpenHarmony-Tizi-app-cert, OU=OpenHarmony-Tizi-app-cert Community, CN=OpenHarmony Application Release", "profile-signing-certificate":"C=CN, O=OpenHarmony-Tizi-profile-cert, OU=OpenHarmony-Tizi-profile-cert Community, CN=OpenHarmony Application Profile Release", "profile-debug-signing-certificate":"C=CN, O=OpenHarmony-Tizi-profile-cert, OU=OpenHarmony-Tizi-profile-cert Community, CN=OpenHarmony Application Profile Debug", "issuer-ca":"C=CN, O=OpenHarmony-Tizi-subCA, OU=OpenHarmony-Tizi-subCA Community, CN=OpenHarmony Application CA", "max-certs-path":3, "critialcal-cert-extension":["keyusage"]}
配置trusted_root_ca.json文件,将OpenHarmony-Tizi-rootCA.cer密钥信息处理后加入到文件中。文件源码位置:
base/security/appverify/interfaces/innerkits/appverify/config/OpenHarmony/trusted_root_ca.json
"C=CN, O=OpenHarmony-Tizi-rootCA, OU=OpenHarmony-Tizi-rootCA Community, CN=OpenHarmony Application Root CA":"-----BEGIN CERTIFICATE-----\nMIICQzCCAemgAwIBAgIEUwKY8TAKBggqhkjOPQQDAjCBhTELMAkGA1UEBhMCQ04x\nIDAeBgNVBAoMF09wZW5IYXJtb255LVRpemktcm9vdENBMSowKAYDVQQLDCFPcGVu\nSGFybW9ueS1UaXppLXJvb3RDQSBDb21tdW5pdHkxKDAmBgNVBAMMH09wZW5IYXJt\nb255IEFwcGxpY2F0aW9uIFJvb3QgQ0EwHhcNMjMwNTIxMTQwNTI2WhcNMjQwNTIw\nMTQwNTI2WjCBhTELMAkGA1UEBhMCQ04xIDAeBgNVBAoMF09wZW5IYXJtb255LVRp\nemktcm9vdENBMSowKAYDVQQLDCFPcGVuSGFybW9ueS1UaXppLXJvb3RDQSBDb21t\ndW5pdHkxKDAmBgNVBAMMH09wZW5IYXJtb255IEFwcGxpY2F0aW9uIFJvb3QgQ0Ew\nWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARoC3C5WijOQkLq/AjmtEWkZ+Ooso1p\nRl34qPpEPH0b6iun5wpAlDe20bcCvsiFda2RNXFsqHIl+cj59bnLh83Ro0UwQzAd\nBgNVHQ4EFgQUAIpcSDCk3q3hZ+qwobekzT9vLHAwEgYDVR0TAQH/BAgwBgEB/wIB\nADAOBgNVHQ8BAf8EBAMCAQYwCgYIKoZIzj0EAwIDSAAwRQIhANKbxPqFT5PwURVf\n1Oxa8cf1udcgO0ntULei/GhaQIobAiBH787oVyJtKxMuPw9K6zzhJjBNjZzW0DrK\n/NOyuKLetw==\n-----END CERTIFICATE-----\n"
重新编译系统镜像,烧录至设备,使用私有签名签出的应用安装测试。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
以权限管理应用(com.ohos.permissionmanager)为例,其他应用可根据需求配置。
应用源码位置:applications/standard/permission_manager
应用编译信息:
// applications/standard/permission_manager/permissionmanager/BUILD.gnohos_hap("permission_manager") { hap_profile = "src/main/module.json" deps = [ ":permission_manager_js_assets", ":permission_manager_resources", ] certificate_profile = "../signature/pm.p7b" hap_name = "permission_manager" part_name = "prebuilt_hap" subsystem_name = "applications" js_build_mode = "debug" module_install_dir = "app/com.ohos.permissionmanager"}
使用hap-sign-tool.jar查看原权限管理应用p7b签名文件信息对应的Profile签名证书信息。
p7b文件位置:applications/standard/permission_manager/signature/pm.p7b
java -jar hap-sign-tool.jar verify-profile -inFile pm.p7b -outFil
e pm.json
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
将bundle-name、apl、app-feature和allowed-acls字段分别复制到UnsgnedReleasedProfileTemplate.json文件中。
通过文本查看的方式打开p7b文件,把app-privilege-capabilities字段信息拷贝到UnsgnedReleasedProfileTemplate.json文件中。
说明:验签JSON未输出app-privilege-capabilities字段,已与开发反馈,步骤3为临时方案,后续如有修改会进行文档更新。
替换distribution-certificate为私有签名OpenHarmony-Tizi-app-cert.pem文件中第一部分的密钥。把回车转换为\n字符,替换UnsgnedReleasedProfileTemplate.json文件的distribution-certificate字段。例如:
转换前:
-----BEGIN CERTIFICATE-----MIICazCCAhGgAwIBAgIFAPERF2IwCgYIKoZIzj0EAwIwgYIxCzAJBgNVBAYTAkNOMR8wHQYDVQQKDBZPcGVuSGFybW9ueS1UaXppLXN1YkNBMSkwJwYDVQQLDCBPcGVuSGFybW9ueS1UaXppLXN1YkNBIENvbW11bml0eTEnMCUGA1UEAwweT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gU3ViIENBMB4XDTIzMDUyMTE0MDU0M1oXDTI0MDUyMDE0MDU0M1owgYkxCzAJBgNVBAYTAkNOMSIwIAYDVQQKDBlPcGVuSGFybW9ueS1UaXppLWFwcC1jZXJ0MSwwKgYDVQQLDCNPcGVuSGFybW9ueS1UaXppLWFwcC1jZXJ0IENvbW11bml0eTEoMCYGA1UEAwwfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUmVsZWFzZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABN0OL1RqzWXQWCXpT0tt54aFR0Ul7pqZYBJaCKT049xUYcfwCHLd0q0IzktNo9nqKIjE5BxOk76w7kHhxwowI2qjazBpMB0GA1UdDgQWBBQAW6LlxgLrPko7kHS/jbcsqnh4WTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAYBgwrBgEEAY9bAoJ4AQMECDAGAgEBCgEAMAoGCCqGSM49BAMCA0gAMEUCIQDHIWx4AELONvCoKaQnHQAW0baygjR168gmlnGfnFGowAIgfMV5/nIvmRAbpapqO3a2pBKeHFfeU5zel/T1Bgty198=-----END CERTIFICATE-----
转换后:
-----BEGIN CERTIFICATE-----\nMIICazCCAhGgAwIBAgIFAPERF2IwCgYIKoZIzj0EAwIwgYIxCzAJBgNVBAYTAkNO\nMR8wHQYDVQQKDBZPcGVuSGFybW9ueS1UaXppLXN1YkNBMSkwJwYDVQQLDCBPcGVu\nSGFybW9ueS1UaXppLXN1YkNBIENvbW11bml0eTEnMCUGA1UEAwweT3Blbkhhcm1v\nbnkgQXBwbGljYXRpb24gU3ViIENBMB4XDTIzMDUyMTE0MDU0M1oXDTI0MDUyMDE0\nMDU0M1owgYkxCzAJBgNVBAYTAkNOMSIwIAYDVQQKDBlPcGVuSGFybW9ueS1UaXpp\nLWFwcC1jZXJ0MSwwKgYDVQQLDCNPcGVuSGFybW9ueS1UaXppLWFwcC1jZXJ0IENv\nbW11bml0eTEoMCYGA1UEAwwfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUmVsZWFz\nZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABN0OL1RqzWXQWCXpT0tt54aFR0Ul\n7pqZYBJaCKT049xUYcfwCHLd0q0IzktNo9nqKIjE5BxOk76w7kHhxwowI2qjazBp\nMB0GA1UdDgQWBBQAW6LlxgLrPko7kHS/jbcsqnh4WTAJBgNVHRMEAjAAMA4GA1Ud\nDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAYBgwrBgEEAY9bAoJ4AQME\nCDAGAgEBCgEAMAoGCCqGSM49BAMCA0gAMEUCIQDHIWx4AELONvCoKaQnHQAW0bay\ngjR168gmlnGfnFGowAIgfMV5/nIvmRAbpapqO3a2pBKeHFfeU5zel/T1Bgty198=\n-----END CERTIFICATE-----\n
{ "version-name": "2.0.0", "version-code": 2, "app-distribution-type": "os_integration", "uuid": "5027b99e-5f9e-465d-9508-a9e0134ffe18", "validity": { "not-before": 1594865258, "not-after": 1689473258 }, "type": "release", "bundle-info": { "developer-id": "OpenHarmony", "distribution-certificate": "-----BEGIN CERTIFICATE-----\nMIICazCCAhGgAwIBAgIFAPERF2IwCgYIKoZIzj0EAwIwgYIxCzAJBgNVBAYTAkNO\nMR8wHQYDVQQKDBZPcGVuSGFybW9ueS1UaXppLXN1YkNBMSkwJwYDVQQLDCBPcGVu\nSGFybW9ueS1UaXppLXN1YkNBIENvbW11bml0eTEnMCUGA1UEAwweT3Blbkhhcm1v\nbnkgQXBwbGljYXRpb24gU3ViIENBMB4XDTIzMDUyMTE0MDU0M1oXDTI0MDUyMDE0\nMDU0M1owgYkxCzAJBgNVBAYTAkNOMSIwIAYDVQQKDBlPcGVuSGFybW9ueS1UaXpp\nLWFwcC1jZXJ0MSwwKgYDVQQLDCNPcGVuSGFybW9ueS1UaXppLWFwcC1jZXJ0IENv\nbW11bml0eTEoMCYGA1UEAwwfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUmVsZWFz\nZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABN0OL1RqzWXQWCXpT0tt54aFR0Ul\n7pqZYBJaCKT049xUYcfwCHLd0q0IzktNo9nqKIjE5BxOk76w7kHhxwowI2qjazBp\nMB0GA1UdDgQWBBQAW6LlxgLrPko7kHS/jbcsqnh4WTAJBgNVHRMEAjAAMA4GA1Ud\nDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAYBgwrBgEEAY9bAoJ4AQME\nCDAGAgEBCgEAMAoGCCqGSM49BAMCA0gAMEUCIQDHIWx4AELONvCoKaQnHQAW0bay\ngjR168gmlnGfnFGowAIgfMV5/nIvmRAbpapqO3a2pBKeHFfeU5zel/T1Bgty198=\n-----END CERTIFICATE-----\n", "bundle-name": "com.ohos.permissionmanager", "apl": "normal", "app-feature": "hos_system_app" }, "acls": { "allowed-acls": [ "ohos.permission.GET_SENSITIVE_PERMISSIONS", "ohos.permission.GRANT_SENSITIVE_PERMISSIONS", "ohos.permission.REVOKE_SENSITIVE_PERMISSIONS", "ohos.permission.PERMISSION_USED_STATS", "ohos.permission.GET_BUNDLE_INFO_PRIVILEGED", "ohos.permission.GET_BUNDLE_INFO", "ohos.permission.MANAGE_AUDIO_CONFIG", "ohos.permission.MANAGE_CAMERA_CONFIG" ] }, "permissions": { "restricted-permissions": [] }, "issuer": "pki_internal", "app-privilege-capabilities": [ "AllowAppDesktopIconHide", "AllowAbilityExcludeFromMissions", "AllowAppUsePrivilegeExtension" ]}
ProvisionProfile文件签名,生成权限管理应用的p7b文件。
java -jar hap-sign-tool.jar sign-profile -keyAlias "OpenHarmony-Tizi-profileCA" -signAlg "SHA256withECDSA" -mode "localSign" -profileCertFile "OpenHarmony-Tizi-profile-cert-release.pem" -inFile "UnsgnedReleasedProfileTemplate.json" -keystoreFile "OpenHarmony-Tizi.p12" -outFile "pm.p7b" -keyPwd "Pwd-Tizi-5" -keystorePwd "Pwd-Tizi-2"
将pm.p7b文件替换源码中原p7b文件。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
修改编译签名信息。
通过build/ohos/app/app_internal.gni文件查看应用签名需要的编译参数。
_private_key_path = default_hap_private_key_pathif (defined(private_key_path)) { _private_key_path = private_key_path}_signature_algorithm = default_signature_algorithmif (defined(signature_algorithm)) { _signature_algorithm = signature_algorithm}_key_alias = default_key_aliasif (defined(key_alias)) { _key_alias = key_alias}_keystore_path = default_keystore_pathif (defined(keystore_path)) { _keystore_path = keystore_path}_keystore_password = default_keystore_passwordif (defined(keystore_password)) { _keystore_password = keystore_password}_certificate_file = default_hap_certificate_fileif (defined(certificate_file)) { _certificate_file = certificate_file}
默认编译签名信息位于源码位置build/ohos_var.gni。
default_hap_private_key_path = "OpenHarmony Application Release"default_signature_algorithm = "SHA256withECDSA"default_key_alias = "123456"default_keystore_password = "123456"default_keystore_path = "//developtools/hapsigner/dist/OpenHarmony.p12"default_hap_certificate_file = "//developtools/hapsigner/dist/OpenHarmonyApplication.pem"
编译配置字段 | hap-sign-tool.jar字段 | 签名信息 |
default_hap_private_key_path | keyAlias | OpenHarmony-Tizi-subCA |
default_signature_algorithm | signAlg | SHA256withECDSA |
default_key_alias | keyPwd | Pwd-Tizi-4 |
default_keystore_password | keystorePwd | Pwd-Tizi-2 |
default_keystore_path | keystoreFile | OpenHarmony-Tizi.p12 |
default_hap_certificate_file | appCertFile | OpenHarmony-Tizi-app-cert.pem |
说明:编译字段default_hap_private_key_path和default_key_alias的命名与hap-sign-tool.jar字段的命名有出入,但是与build/scripts/hapbuilder.py中sign_hap函数中的取值相对应,需注意,目前已与开发反馈,后续如有修改会进行文档更新。
def sign_hap(hapsigner, private_key_path, sign_algo, certificate_profile, keystore_path, keystorepasswd, keyalias, certificate_file, unsigned_hap_path, signed_hap_path): cmd = ['java', '-jar', hapsigner, 'sign-app'] cmd.extend(['-mode', 'localsign']) cmd.extend(['-signAlg', sign_algo]) cmd.extend(['-keyAlias', private_key_path]) cmd.extend(['-inFile', unsigned_hap_path]) cmd.extend(['-outFile', signed_hap_path]) cmd.extend(['-profileFile', certificate_profile]) cmd.extend(['-keystoreFile', keystore_path]) cmd.extend(['-keystorePwd', keystorepasswd]) cmd.extend(['-keyPwd', keyalias]) cmd.extend(['-appCertFile', certificate_file]) cmd.extend(['-profileSigned', '1']) cmd.extend(['-inForm','zip']) child = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) stdout, stderr = child.communicate() if child.returncode: print(stdout.decode(), stderr.decode()) raise Exception("Failed to sign hap")
此处如果修改默认签名配置,则全部由系统编译生成的应用都需要替换p7b文件。本文档仅替换了权限管理应用的p7b文件,所以单独配置权限管理应用的编译配置。
// applications/standard/permission_manager/permissionmanager/BUILD.gnohos_hap("permission_manager") { hap_profile = "src/main/module.json" deps = [ ":permission_manager_js_assets", ":permission_manager_resources", ] certificate_profile = "../signature/pm.p7b" hap_name = "permission_manager" part_name = "prebuilt_hap" subsystem_name = "applications" js_build_mode = "debug" module_install_dir = "app/com.ohos.permissionmanager" private_key_path = "OpenHarmony-Tizi-subCA" // 增加的签名配置信息 signature_algorithm = "SHA256withECDSA" // 增加的签名配置信息 key_alias = "Pwd-Tizi-4" // 增加的签名配置信息 keystore_path = "//developtools/hapsigner/dist/OpenHarmony-Tizi.p12" // 增加的签名配置信息 keystore_password = "Pwd-Tizi-2" // 增加的签名配置信息 certificate_file = "//developtools/hapsigner/dist/OpenHarmony-Tizi-app-cert.pem" // 增加的签名配置信息}
将p12文件和pem文件放到步骤7中编译配置的源码目录中。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
由于p7b文件的替换,所以预安装配置文件中的app_signature也会被改变,需要重新生成,生成方法可以参考OpenHarmony应用开发技巧 - 如何获取证书指纹。
权限管理应用生成app_signature:
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
app_signature:F433242143C463C5931D84E127DA67A6B00B02C5625C17AA2EAA77A393400A33
替换install_list_capability.json文件,权限管理应用指纹信息。
// vendor/hihope/rk3568/preinstall-config/install_list_capability.json{ "bundleName": "com.ohos.permissionmanager", "app_signature": ["F433242143C463C5931D84E127DA67A6B00B02C5625C17AA2EAA77A393400A33"], "allowAppUsePrivilegeExtension": true},
重新编译系统镜像,烧录至设备,查看权限管理应用是否被正确安装,并验证指纹信息是否与新生成的指纹信息一致。
bm dump -n com.ohos.permissionmanager | grep finger
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
生成Debug等级的p7b文件需要用到UnsgnedDebugProfileTemplate.json和OpenHarmony-Tizi-profile-cert-debug.pem文件。
未修改的UnsgnedDebugProfileTemplate.json:
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
与Release配置文件区别在Debug配置文件增加了debug-info字段,Debug签名需要指定安装设备的udid。
获取设备udid。
hdc shell "bm get --udid"
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
3BCB000C4E2B33075C2759B3A454AF51D7BFF3D2AA489879F70D829E272F03F3
配置UnsgnedDebugProfileTemplate.json文件,将设备udid和development-certificate信息配置进文件。development-certificate的配置方式与Release配置文件相同,可以参考“配置源码编译应用的签名文件”章节的步骤4。
配置后的UnsgnedDebugProfileTemplate.json文件
{ "version-name": "2.0.0", "version-code": 2, "uuid": "fe686e1b-3770-4824-a938-961b140a7c98", "validity": { "not-before": 1610519532, "not-after": 1705127532 }, "type": "debug", "bundle-info": { "developer-id": "OpenHarmony", "development-certificate": "-----BEGIN CERTIFICATE-----\nMIICazCCAhGgAwIBAgIFAPERF2IwCgYIKoZIzj0EAwIwgYIxCzAJBgNVBAYTAkNO\nMR8wHQYDVQQKDBZPcGVuSGFybW9ueS1UaXppLXN1YkNBMSkwJwYDVQQLDCBPcGVu\nSGFybW9ueS1UaXppLXN1YkNBIENvbW11bml0eTEnMCUGA1UEAwweT3Blbkhhcm1v\nbnkgQXBwbGljYXRpb24gU3ViIENBMB4XDTIzMDUyMTE0MDU0M1oXDTI0MDUyMDE0\nMDU0M1owgYkxCzAJBgNVBAYTAkNOMSIwIAYDVQQKDBlPcGVuSGFybW9ueS1UaXpp\nLWFwcC1jZXJ0MSwwKgYDVQQLDCNPcGVuSGFybW9ueS1UaXppLWFwcC1jZXJ0IENv\nbW11bml0eTEoMCYGA1UEAwwfT3Blbkhhcm1vbnkgQXBwbGljYXRpb24gUmVsZWFz\nZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABN0OL1RqzWXQWCXpT0tt54aFR0Ul\n7pqZYBJaCKT049xUYcfwCHLd0q0IzktNo9nqKIjE5BxOk76w7kHhxwowI2qjazBp\nMB0GA1UdDgQWBBQAW6LlxgLrPko7kHS/jbcsqnh4WTAJBgNVHRMEAjAAMA4GA1Ud\nDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAYBgwrBgEEAY9bAoJ4AQME\nCDAGAgEBCgEAMAoGCCqGSM49BAMCA0gAMEUCIQDHIWx4AELONvCoKaQnHQAW0bay\ngjR168gmlnGfnFGowAIgfMV5/nIvmRAbpapqO3a2pBKeHFfeU5zel/T1Bgty198=\n-----END CERTIFICATE-----\n", "bundle-name": "com.openharmony.signtest", "apl": "normal", "app-feature": "hos_normal_app" }, "acls": { "allowed-acls": [ "" ] }, "permissions": { "restricted-permissions": [ "" ] }, "debug-info": { "device-ids": [ "3BCB000C4E2B33075C2759B3A454AF51D7BFF3D2AA489879F70D829E272F03F3" ], "device-id-type": "udid" }, "issuer": "pki_internal"}
说明:如果不配置udid,在应用安装时报错,error: failed to install bundle. error: signature verification failed due to not trusted app source.
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
ProvisionProfile文件签名,注意需使用OpenHarmony-Tizi-profile-cert-debug.pem配合UnsgnedDebugProfileTemplate.json进行签名。
java -jar hap-sign-tool.jar sign-profile -keyAlias "OpenHarmony-Tizi-profileCA" -signAlg "SHA256withECDSA" -mode "localSign" -profileCertFile "OpenHarmony-Tizi-profile-cert-debug.pem" -inFile "UnsgnedDebugProfileTemplate.json" -keystoreFile "OpenHarmony-Tizi.p12" -outFile "com.openharmony.signtest.debug.p7b" -keyPwd "Pwd-Tizi-5" -keystorePwd "Pwd-Tizi-2"
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
hap应用包签名,appCertFile参数与Release版本签名不变,profileFile使用Debug签出的p7b文件。
java -jar hap-sign-tool.jar sign-app -keyAlias "OpenHarmony-Tizi-subCA" -signAlg "SHA256withECDSA" -mode "localSign" -appCertFile "OpenHarmony-Tizi-app-cert.pem" -profileFile "com.openharmony.signtest.debug.p7b" -inFile "entry-default-unsigned.hap" -keystoreFile "OpenHarmony-Tizi.p12" -outFile "entry-default-signed-debug.hap" -keyPwd "Pwd-Tizi-4" -keystorePwd "Pwd-Tizi-2"
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
安装应用。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
以com.openharmony.signtest工程为例。
在工程根路径创建signature文件夹,把应用签名所需文件放入此文件夹下,包括OpenHarmony-Tizi-app-cert.pem、OpenHarmony-Tizi.p12和com.openharmony.signtest.p7b文件。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
更改OpenHarmony-Tizi-app-cert.pem后缀为cer。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
单击File > Project Structure > Project > SigningConfigs进入签名配置界面,如果勾选Automatically generate signature则需取消勾选。选取签名文件和配置密钥,点击OK保存配置。
Store file(*.p12):OpenHarmony-Tizi.p12
Store password:Pwd-Tizi-2
Key alias:OpenHarmony-Tizi-subCA
Key password:Pwd-Tizi-4
Sign alg:SHA256withECDSA
Profile file(*.p7b):com.openharmony.signtest.p7b
Certpath file(*.cer):OpenHarmony-Tizi-app-cert.cer
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
构建安装验证。
OpenHarmony应用签名 - 厂商私有签名的配置和使用-开源基础软件社区
想了解更多关于开源的内容,请访问:
51CTO 开源基础软件社区
https://ost.51cto.com
责任编辑:jianghua 来源: 51CTO 开源基础软件社区 私有签名密钥(责任编辑:时尚)
首发麒麟5nm芯 曝华为Mate 40砍单30%:一机难求?
傲农生物(603363.SH):控股股东质押700万股 累计质押公司股份1.27亿股