#!/system/bin/sh # bc-sign — sign APKs with debug or release keystore # Usage: bc-sign [output.apk] [--release keystore.jks] CONFIG_DIR="/data/adb/buildchain" TBIN="/data/data/com.termux/files/usr/bin" DEBUG_KS="$CONFIG_DIR/debug.keystore" DEBUG_PASS="android" DEBUG_ALIAS="androiddebugkey" die() { echo "ERROR: $1"; exit 1; } # Create debug keystore if it doesn't exist ensure_debug_keystore() { if [ ! -f "$DEBUG_KS" ]; then echo "Creating debug keystore..." "$TBIN/keytool" -genkey -v \ -keystore "$DEBUG_KS" \ -storepass "$DEBUG_PASS" \ -alias "$DEBUG_ALIAS" \ -keypass "$DEBUG_PASS" \ -keyalg RSA -keysize 2048 -validity 10000 \ -dname "CN=Android Debug,O=Android,C=US" 2>/dev/null || die "keytool failed — is Java installed? Run: buildchain setup" fi } INPUT="$1" OUTPUT="${2:-$(echo "$INPUT" | sed 's/\.unsigned\.apk$/.apk/' | sed 's/\.aligned\.apk$/.apk/')}" [ -z "$INPUT" ] && { echo "Usage: bc-sign [output.apk] [--release keystore.jks]"; exit 1; } [ ! -f "$INPUT" ] && die "File not found: $INPUT" # Check for release signing if [ "$3" = "--release" ] && [ -n "$4" ]; then KEYSTORE="$4" [ ! -f "$KEYSTORE" ] && die "Keystore not found: $KEYSTORE" echo "Signing with release key: $KEYSTORE" read -p "Keystore password: " KS_PASS read -p "Key alias: " KS_ALIAS read -p "Key password: " KEY_PASS "$TBIN/apksigner" sign \ --ks "$KEYSTORE" \ --ks-pass "pass:$KS_PASS" \ --ks-key-alias "$KS_ALIAS" \ --key-pass "pass:$KEY_PASS" \ --v1-signing-enabled true \ --v2-signing-enabled true \ --v3-signing-enabled true \ --out "$OUTPUT" \ "$INPUT" || die "apksigner failed" else # Debug sign ensure_debug_keystore # Try apksigner first (from SDK), fall back to jarsigner if command -v apksigner >/dev/null 2>&1 || [ -f "$TBIN/apksigner" ]; then SIGNER=$(command -v apksigner 2>/dev/null || echo "$TBIN/apksigner") "$SIGNER" sign \ --ks "$DEBUG_KS" \ --ks-pass "pass:$DEBUG_PASS" \ --ks-key-alias "$DEBUG_ALIAS" \ --key-pass "pass:$DEBUG_PASS" \ --out "$OUTPUT" \ "$INPUT" 2>/dev/null && echo "Signed (apksigner): $OUTPUT" && exit 0 fi # Fallback to jarsigner if [ -f "$TBIN/jarsigner" ]; then cp "$INPUT" "$OUTPUT" 2>/dev/null "$TBIN/jarsigner" \ -keystore "$DEBUG_KS" \ -storepass "$DEBUG_PASS" \ -keypass "$DEBUG_PASS" \ -signedjar "$OUTPUT" \ "$INPUT" \ "$DEBUG_ALIAS" 2>/dev/null && echo "Signed (jarsigner): $OUTPUT" && exit 0 fi die "No signing tool found. Install Java: buildchain setup" fi echo "Signed: $OUTPUT"