0

我正在开发支持 MirrorLink 的 Android 应用程序,并在使用 Google 开发人员密钥签署 APK 后遇到 Mirrorlink 检查“应用程序 ID”的问题。

我已经为 Android Studio 创建了使用 Mirrorlink 插件生成的空项目,它创建了 Gradle 任务,允许生成.crt带有 Mirrorlink 相关配置信息的文件。我只是将此脚本复制到build.gradle主应用程序模块中我自己的文件中。但是 Mirrorlink-aware 应用程序验证器显示签名 APK 错误(发布到 Google Play 的标准应用程序签名),而如果 APK 未签名则不会发现任何问题

如何发现应用签名后出现的问题?

我尝试了什么:1)将 Gradle 脚本与Mirrorlink 提供的示例应用程序对齐- 不走运。

2)插入v1SigningEnabled falsev2SigningEnabled false- 没有运气。

3) 签名和未签名 APK 的 Gradle 输出是相同的,除了输出文件名和> Task :app:validateSigningRelease任务。

AndroidManifest.xml Mirrorlink 相关截图:

<uses-permission android:name="com.mirrorlink.android.service.ACCESS_PERMISSION"/>

<intent-filter>
                <action android:name="com.mirrorlink.android.app.LAUNCH"/>
                <category android:name="android.intent.category.DEFAULT"/>
            </intent-filter>

            <intent-filter>
                <action android:name="com.mirrorlink.android.app.TERMINATE"/>
                <category android:name="android.intent.category.DEFAULT"/>

应用模块的build.gradle

def generateSelfSignedCertificate(version){
    def buildType = version == "release" ? "assembleRelease": "assembleDebug"
    def rerunAssemble = true
    def projectLocation = projectDir.toString()
    def certGeneratorLocation = "certificategenerator-android-studio.jar"
    def certXmlLocation = projectLocation + "/certificate.xml"
    def certificateDestination = projectLocation + "/src/main/assets/self-signed.ccc.crt"
    def certificateFolder = projectLocation + "/src/main/assets/"
    def certificateIssuer = "CN=SELF-SIGNED"
    def developerId = ""
    def apkLocation = ""
    android.applicationVariants.all { variant ->
        if ((variant.name).equals(version)) {
            variant.outputs.each { output ->
                //noinspection GrReassignedInClosureLocalVar
                apkLocation = output.outputFile
            }
        }
    }

    if (project.hasProperty("isLast")) {
        rerunAssemble = !isLast
    }


    if (rerunAssemble) {
        def subdir = new File(certificateFolder)
        if( !subdir.exists() ) {
            subdir.mkdirs()
        }
        exec {
            executable 'java'
            args "-jar", certGeneratorLocation, "generate-certificate", apkLocation,
                    android.defaultConfig.applicationId, android.defaultConfig.versionCode,
                    certXmlLocation, certificateDestination, certificateIssuer, developerId
            println(args)
        }
        if (System.properties['os.name'].toLowerCase().contains("windows")) {
            exec {
                executable "cmd"
                workingDir projectLocation
                args  "/c", "..\\gradlew.bat", buildType, "-PisLast=true"
            }
        } else {
            exec {
                executable "bash"
                workingDir projectLocation
                args "../gradlew", buildType, "-PisLast=true"
            }
        }
    }
}

android {
.....

    signingConfigs {
        storeFile = 'sign.keyStorePath')
            keyAlias = 'sign.keyAlias'
            storePassword = 'sign.storePassword'
            keyPassword = 'sign.keyPassword'
        }
    }

    afterEvaluate {
        if (this.hasProperty("assembleRelease")){
            assembleRelease.finalizedBy generateSelfSignedCertificateForRelase
        }
    }

    task generateSelfSignedCertificateForRelase {
        doLast {
            generateSelfSignedCertificate("release")
        }
    }

    buildTypes {
        release {
            minifyEnabled true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
            signingConfig signingConfigs.release
        }
    }
}

....
}

运行“assesbleRelease”没有问题 - 它生成带有 Mirrorlink 应用程序 ID 的 .crt 文件。但是如果我把这个文件放在“Mirrorlink-aware application validator”中——它会显示错误报告,如下:

Checking com.mirrorlink.android.app.LAUNCH intent - OK
Checking com.mirrorlink.android.app.TERMINATE intent - OK
Checking com.mirrorlink.android.service.ACCESS_PERMISSION permission - OK
Checking DEVELOPER entity - INCONCLUSIVE. DEVELOPER entity not found
Checking if developer certificate exists for serverID="" - INCONCLUSIVE. DEVELOPER entity not found
Checking application id - FAIL. Calculated application ID doesn't mach id provided in self signed certificate
Checking self signed certificate - OK


The APK is not configured correctly.

但是,如果我删除字符串signingConfig signingConfigs.release,验证器不会发现任何问题:

Checking com.mirrorlink.android.app.LAUNCH intent - OK
Checking com.mirrorlink.android.app.TERMINATE intent - OK
Checking com.mirrorlink.android.service.ACCESS_PERMISSION permission - OK
Checking DEVELOPER entity - INCONCLUSIVE. DEVELOPER entity not found
Checking if developer certificate exists for serverID="" - INCONCLUSIVE. DEVELOPER entity not found
Checking application id - OK
Checking self signed certificate - OK


The APK is correctly configured as a MirrorLink Aware application.
4

1 回答 1

0

好吧,伙计们,我发现了问题 :) 我在项目中有 Crashlytics,它创建的文件crashlytics-build.properties在每次构建时都会略有变化。

在此处输入图像描述

是的,这个文件被 Mirrorlink 的工具计算在内,该工具certificategenerator-android-studio.jar生成带有证书的 appID。我做了一些逆向工程并检查了这个工具内部发生了什么:它只跳过assets/self-signed.ccc.crt文件和META-INF/内容。

所以,我在每次组装时都有稍微不同的 APK... 禁用 Crashlytics 插件解决了这个问题。您可以禁用 Crashlytics 插件(坏主意),或使用ext.alwaysUpdateBuildId = false参数跳过创建唯一构建 ID。在这里阅读更多

于 2019-08-24T14:57:47.523 回答