Signatures made by older versions of AGP cannot be copied by apksigcopier
because the signing method differs too much from that used by apksigner
(and signflinger
in newer versions).
It is unlikely that support for these signatures will be added.
The v1 (JAR) signature files are always added at the end of the ZIP file by apksigner
and apksigcopier
; these older versions add them in a different position and sometimes the order of the ZIP entries in the central directory doesn't match the order of the entries in the file.
Some versions (e.g. 4.0.2
) use create_version=2.4
(resulting in an Unsupported create_version
error from apksigcopier
) for the v1 signature files and leave an empty (i.e. w/o any entries, just the main headers) MANIFEST.MF
in the unsigned APK.
The empty MANIFEST.MF
is also present in the signed APK when using v2 signing only, whereas apksigner
and apksigcopier
always remove this file during signing/copying.
Versions <= 4.1.2
produce unsupported signatures, versions >= 4.2.2
seem to be unaffected.
If upgrading to a newer version of AGP is not an option, you can build an unsigned APK and sign it with apksigner
; only use of a signingConfig
in build.gradle
with one of these older versions produces unsupported signatures.
Another workaround is to use apksigner
instead of signingConfig
in build.gradle
; this allows keeping the exact same workflow, requiring only some small modifications to build.gradle
.