A while ago I suspended my exploration of Android development, having reevaluated my priorities and taken a step back from a period of fairly intensive work on tools. Back in June, I wrote a brief overview of the status of my compiler tools then didn't really look at them until this week. The first thing I needed to do was to figure out why I could no longer build packages for my phone.
To get myself familiar with the build process again, I decided to rebuild a simple prototype for a game that I had been working on. Everything seemed to go as planned – the tools didn't complain about anything, so I hadn't left the code in a non-working state. However, when I used adb to upload the package to the phone, the package manager rejected it with a terse and unhelpful response, which adb helpfully relayed back to the console:
If you search the Web for this error, you will quickly discover that it seems to be one of its favourite catchphrases, covering all sorts of problems it finds with packages. Unfortunately, this makes finding useful advice about it to be very difficult — the Android site doesn't seem to include anything useful about errors delivered via adb, probably because the average developer is supposed to be using Android Studio, not “messing about” at the command line. Having spent a few years working on API documentation and manuals for developers, I imagine that someone thought that information about command line tools would somehow take something away from the beautiful learning journey they had planned for new developers, so decided not to make that a priority. Perhaps my cynicism is uncalled for. In any case, trawling the Web for answers led to the usual sites where I found desperate programmers wailing and thrashing around while onlookers suggested things like cleaning their project and reading the documentation. How helpful!
To cut a long story short, a site I'd visited earlier provided a way to help diagnose the problem. Unpacking packages I'd built before the summer – using unzip because APK files are just ZIP files – and packages I had just built this week, I was then able to inspect their certificates with the following command:
openssl asn1parse -i -inform DER -in META-INF/CERT.RSA
It turned out that when signing my packages, openssl was including a field that claimed the digest used was sha1 but was using sha256 to create the digest. This was not happening in June, and it turns out that an update to the Debian openssl package in September (version 1.0.1t-1) included a change to the default message digest algorithm used. I “fixed” my problem by ensuring that my new signing certificate is created using the same digest algorithm that I use when signing packages. Still, not everything worked straight away – installing my newly created package on the phone failed with this complaint:
However, searching for this error proved much more fruitful and enlightening than for the previous one, and the solution – uninstall the old version of the application – was simple and quick.
It would probably be good to document a few things I did earlier in the year, though I'm even less inclined to stare at Android documentation than I was before. It would be useful to be able to make the occasional small application for my own purposes and I'm quite accustomed to the peculiarities of my own toolchain, though others might find it a little strange to get used to.
Categories: Free Software, Android
Copyright © 2016 David Boddie
Published: 2016-10-25 22:41:00 UTC
Last updated: 2016-11-01 16:36:34 UTC