When building an app, should you sign the source code? This question often arises when people want to release their apps. The answer is that it depends on the situation. It’s not a must-do thing in most cases, but if you want to publish your app on Google Play Store, then you need to sign the APK file before uploading it. So what exactly is signing? How do we go about doing this? In this article, I will give you answers to these questions and more!
No, it is not required
No, it is not required. The signature(app签名) is based on the APK/IPA file, not the source code. The signature is implemented on the mobile side so that mobile phones can confirm and verify whether the file is signed by specific companies instead of viruses and malware.
The signature is implemented on the mobile side so that mobile phones can confirm and verify whether the file is signed by specific companies instead of viruses and malware.
The signature is based on the APK/IPA file
The signature is based on the APK/IPA file. The signature is implemented on the mobile side so that mobile phones can confirm and verify whether the file is signed by specific companies instead of viruses and malware.
The verification process includes the following steps:
Check whether it’s a valid certificate chain (including root certificates) or not;
Check whether it has expired or not;
Check whether there are any revoked certificates in this chain;
So regardless of whether the signature is done before or after coding
So regardless of whether the signature is done before or after coding, as long as the signature file and related information are included in the APK/IPA file. It will work fine afterward.
The Android application package (APK) is an archive file format for mobile apps that can be downloaded from Google Play to a device like an Android phone or tablet computer. The APK file format is based on the ZIP file standard and contains all of the files needed for installing a mobile app on a device. The APK format was introduced with Android’s 1.0 (API level 1) release in 2008, which allowed developers to distribute their apps through Google Play (then called Android Market), as well as directly to users via email or other means such as SD cards.[5]
Which does not need to be connected to source code
The signature (ios签名)is based on the APK/IPA file, which does not need to be connected to the source code. The signature is implemented on the mobile side and used to confirm whether or not the file has been signed by a specific company.
Signing is a security measure, so it’s important to know how to verify the signature of an app. This article will explain how to check if an iOS app has been signed by Apple and what to do if it hasn’t.
The signature is based on the APK/IPA file, which does not need to be connected to the source code.