Installation woes with Android

blong · March 20, 2012, 2:22pm

Looking for help on an Android issue…

I have a number of apps that have custom certificates (mostly for Google maps usage)

2 of the apps, which used to behave perfectly well, have now started behaving oddly. Not at runtime, but with regard to installation.

I have 2 devices, one running Android 2.2.2 and one running Android 2.3.4

All apps install and run happily on Android 2.2.2

2 of the apps will not install onto 2.3.4. When installing I see this in DDMS:

03-20 12:44:02.055: E/PackageParser(240): Package com.blong.sampleapp has no certificates at entry res/drawable/openglcubeimage.png; ignoring!

or:

03-20 13:14:18.037: E/PackageParser(240): Package com.blong.googleapi has no certificates at entry res/drawable/androidmarker.png; ignoring!

From the command-line I see:

Failure [INSTALL_PARSE_FAILED_NO_CERTIFICATES]

I don;t get why 2.3.4 is objecting when 2.2.2 is very happy.

Apps are signed with JDK 7

I’ll have to check the behaviour with JDK 6 I guess, but if anyone can suggest a reason why a later Android would be less happy with the signed nature of just 2 apps, I’d be interested to hear.

blong · March 20, 2012, 3:21pm

Oh.

Ok.

So a bit of experimentation and I get to the bottom of it.

It appears that when making a custom key with later Android versions you have to be a bit careful

I was using RSA encryption - works fine on Android 2.2.2

I tried a 1024-sized key and also 2048 - same failure.

Then I switched back to DSA. No problem. It installs fine on my Android 3 and 4 emulators and on the 2.3.4 device.

Bizarre.

Why would Google stop accepting RSA encrypted keys?! I’ve seen nothing about this written anywhere…

<later>

Ok, so it’s not strictly true that RSA signed keystores are not accepted. On one of these >2.2.2 Android devices I found an older copy of an app that was successfully installed. I pulled it onto a local drive with:

adb -e pull /data/app/com.blong.sampleapp-1.apk foo.apk

Then I checked it out with jarsigner -verbose -verify foo.apk

The info dumped out confirmed it was signed with an RSA certificate.

I am not feeling enlightened…