google

change apk verion code (work in progress)

matthias mader

disclaimer: this is neither a supported guide nor allowed, i’m not suitable for any loss

issue

we want to republish the old app with a new version, e.g. an app got accidentally updated from playstore and isn’t working anymore – this was raised in a business case since google’s auto block update feature failed – more or less a challange to find a way to get it back working, let’s begin

the app

coose your desired app, in this example Avaya Workplace app available from Google PlayStore in version: 3.14.0.53.FA-RELEASE54-BUILD.19

we need to get the apk file of that app, extract/download with one of the service below

OnDevice Apk Extractor

Online apkpure

decompile

use apktool to reverse engineer the apk, extract and decode the resources to nearly original format, download required jre for java here

change verison

to change the version of the app, edit the apktool.yml in the extracted path, raise the “versionCode” as well the “versionName” above the last/current release

build

after the change we need to rebuild the decompiled and edited apk 

apktool build $OUTPUT_FOLDER

sign and align

there is a tool Uber Apk Signer that helps signing, zip aligning and verifying Android application packages (APKs), you need a keystore generated with Android Studio or keytool

java -jar c:\temp\uber-apk-signer.jar -a "C:\temp\avaya.3.14_neu.apk" --ks /path/release.jks --ksAlias my_alias

test

App info App name App version APK name Installation source Installation time Last update source Last update time Avaya Workplace 3.14.0.54. FA-RE LEASE54-BUlLD. 19 com.avaya.android.flare Package installer 2021/01/05 1 Package installer 2021/01/05 1

install successfully, the newly installed version is above the original 3.14.x, deploy the app to the required devices, either manually, via EMM system or solutions like Samsung KNOX Configure

update is not possible, wenn try to install the app over an existing one – it fails – since the signature differs from orginal signed app to resigned version

reference “with a changed signature they will have to uninstall the current app before they can install the same app with the new signature”

Summary: Always use the same signature!

Check: http://developer.android.com/tools/publishing/app-signing.html

summary

… so walked amost the entire way, but got stuck at a crutial point, so either

  • got assistance to get the signature working
  • the signing process is as secure as google promise