This article is my first time to upload a summary of Google Play work, may be too basic, big guy do not spit, this article all command environment is Windows. Expected reading time: 10 minutes Update Time: 2021 01月22 11:37:21

JKS signature problem

Gradlew resguardxxxRelease (custom resguardTask package) is used to generate the official Apk and submit Google Play to indicate that the key time is about to expire. (Wondering why it’s almost due.) We use the keytool command to obtain the details of JKS: check whether the JDK bin folder has keytool. (generated if jarsigner.exe is not running), then use

keytool -list -v -keystore  xxx.jks
Copy the code

When you generate a signature, you can specify a time limit, which is set to 25 years by default, and Google Play has a hard-and-hard rule that all App signatures must be valid after the 2033-10-22 date. If a message is displayed indicating that the key duration is about to expire, you can change the validity period to longer or even 1000 years

Code problem

Missing 64-bit CPU SO package problem

Apps distributed on Google Play must now support the 64-bit architecture, which means that the app on the shelf must contain multiple SO packages for the architecture, not just ‘Armeabi’. Added ‘ARM64-V8A’ architecture for 64-bit support.

Adb shell getProp ro.product.cpu.abi can see the phone’s default so folder based on the return value from the command line. The ARM64-V8A is 64-bit. In addition, phones that have more than 4 gigabytes of memory are usually 64 bits, because the 32 supports 4 gigabytes of maximum memory.

History VersionCode problem

If there are historical app bundle submission records, you need to update the app version_code number, which is usually automatically added by one. Around April 12, 2020, the app version target_SDK = 28 is required

SSL Handler Err warning

The WebViewClient callback to the onReceivedSslError() method is used in the project. Mhandler.proceed () should not be used to agree directly. You need to prompt the user for manually approving the certificate. Example code block:

@Override
    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
        final SslErrorHandler mHandler = handler;
        AlertDialog.Builder builder = new AlertDialog.Builder(view.getContext());
        builder.setMessage(view.getContext().getString(R.string.SSL_err));
        builder.setPositiveButton(view.getContext().getString(R.string.SSL_next), (dialog, which) -> mHandler.proceed());
        builder.setNegativeButton(view.getContext().getString(R.string.cancel), (dialog, which) -> mHandler.cancel());
        builder.setOnKeyListener((dialog, keyCode, event) -> {
            if (event.getAction() == KeyEvent.ACTION_UP && keyCode == KeyEvent.KEYCODE_BACK) {
                mHandler.cancel();
                dialog.dismiss();
                return true;
            }
            return false;
        });
        AlertDialog dialog = builder.create();
        dialog.show();
    }
Copy the code

Test the problem after it hits the shelves

So let’s start with App Bundle

Google has officially launched App Bundle for some time. After a brief understanding, WE can see that it is a relatively mature official dynamic component technology. However, for applications launched in China, the convenience brought by this technology is basically not felt. In addition, due to the restrictions imposed by Google at the end of 2019, you must submit the App Bundle version to submit the official version. The bundle summary is as follows: Submit all resources in all cases to the App market, and install resource bundles, language packs, and ABI packages that are suitable for users’ phones dynamically when downloading.

So file problem

When downloading the APP, I found that I could not log in all the time, and an error message was reported indicating that the network request Put Body was empty (which involved the encryption and decryption of NDK request field). At first, I thought that the so package was not entered because of the bundle dynamic packaging. Verification problem:

Download bundletool. Jar

Decompile the AAB package using the command


java -jar bundletool-all.jar build-apks --bundle= %YMCapp.aab% --output=%YMCapp.apks% --ks=%YMC.jks% --ks-pass=pass:%kspass% --ks-key-alias=%alias% --key-pass=pass:%keypass%

Copy the code

%YMCapp. Aab % : aab file, app bundle file %YMCapp. Apks % : output apks (zip) % ymc.jks % : JKS file %kspass% : key store password % Alias % : alias% keypass% : key password

In the command line, it is best to use the absolute path

The aAB packages generated by the default bundle are divided into Base Apks and Split Apks. Different Apks can be installed for different resolutions, CPU architectures and languages. Split Apks are differentiated for lib and MATH files. Best to pack your own aAB experience)

When no problem is found, the problem is considered as subcontracting, and aAB intelligent subcontracting is shut down by default

Bundle {density {enableSplit = false // Style size file} language {enableSplit = false // language file} abi {enableSplit = false // abi so file}Copy the code

After late decompilation of APK, found that so package has into APK, that should not be! The whole man is blind

A colleague told me that Google Signing is not on the product by default. I woke up all at once

Google Play default signature

The Signing configuration cannot be turned off by default. Download apps from Google and repackage them. This will cause your app signature certificates MD5, SHA1, sha-256 to change, so any third parties that use these configurations will be affected. Due to the project I participated in, all the information communicated with the server was encrypted by SO, so file verified the APP signature, the signature was changed, so encryption failed to return empty string, resulting in the result that all the data of PUT Body were empty.

Your app has joined the signing scheme. The first one is your new signature from googlePlay. You can download the signing certificate in the upper right corner, followed by the signing certificate you uploaded to the app. With signing certificates, the first option is theoretically possible: we can make two packages, one dedicated to GooglePlay. Second solution: replace the GooglePlay signature file

Here we focus on the implementation of the second scheme,

Pepk.jar

Download pepK and follow the instructions on the website

java -jar %pepk.jar% --keystore=%YMCapp.jks% --alias=%alias% --output=%output.zip% --encryptionkey=eb10fe8f7c7c9df715022017b00c6471f8ba8170b13049a11e6c09ffe3056a104a3bbe4ac5a955f4ba4fe93fc8cef27558a3eb9d 2a529a2092761fb833b656cd48b9de6a --signing-keystore=%YMCapp.jks% --signing-key-alias=%alias%Copy the code

Jar % : Pepk tool address % YMcapp.jks % : JKS file % Alias % : alias% %output.zip% : Output file (to submit the file to GooglePlay)

In the command line, it is best to use the absolute path

After the replacement, upload a new package for the package signature to take effect.

Refer to the article

Access to Google Analytics

Google Analytics access reference blogs

The Google Play Store does not allow the USE of TBS SDK

In order to reduce your APK package size increment and timely dynamic release to solve security risks, TBS SDK adopts the solution of background dynamic kernel delivery. Since Google Play forbids the distribution of any binary code (including SO, DEX and JAR) and the use of plug-in technology, if you have multi-channel packaging ability, you can access the SDK with only interfaces in the overseas version to ensure that the compilation passes, only use the system Webview and download address. Use standard SDK versions in other channels for normal use of X5 capabilities