Notice (2018-05-24): bugzilla.xamarin.com is now in
Please join us on
Visual Studio Developer Community and in the
Mono organizations on
GitHub to continue tracking issues. Bugzilla will remain
available for reference in read-only mode. We will continue to work
on open Bugzilla bugs, copy them to the new locations
as needed for follow-up, and add the new items under Related
Our sincere thanks to everyone who has contributed on this bug
tracker over the years. Thanks also for your understanding as we
make these adjustments and improvements for the future.
Please create a new report on
Developer Community or GitHub with
your current version information, steps to reproduce, and relevant error
messages or log files if you are hitting an issue that looks similar to
this resolved bug and you do not yet see a matching new report.
As of build tools 24.0.3, Google has recommended that developers use "apksigner"
However we currently only support jarsigner within this task.
This tool is used within the APK Signature Scheme v2:
Thus this tool is v1 scheme (jarsigner) and v2 scheme compatible.
It also has a few benefits such as:
-Faster app install times
-More protection against unauthorized alterations to APK files
This would need to account for the follow workflows:
1. If you use apksigner, zipalign must only be performed before the APK file has been signed. If you sign your APK using apksigner and make further changes to the APK, its signature is invalidated.
2. If you use jarsigner, zipalign must only be performed after the APK file has been signed.
Another source: https://android.googlesource.com/platform/tools/apksig/
Marking this issue as CONFIRMED as per internal talk. The task does not support anything but jarsigner currently.
Also, note that apksigner is "missing" from 26.0.0 of the Android build tools - https://issuetracker.google.com/issues/62696222
Looks like apksigner was fixed(re-added) as of the end of July. Looks like Google forgot to include it in the payload and now it's there. I can confirm it's now included in build-tools\26.0.1
The current implementation uses a weak algorithm, so it's really important to get this ASAP.
Meanwhile, I submitted a PR to work around the problem: https://github.com/xamarin/xamarin-android/pull/927 which is not at all something that's better than moving to apksigner!
PR is up for this https://github.com/xamarin/xamarin-android/pull/928
Fixed in xamarin-android/master/f6c58d6