I'm trying to do the following things to an Android app without root access:
- De-compile the apk with
adb d xxx.apk
(done) - Modify some files in
/res/xml/
(done) - Re-build the apk with
adb b xxx
(done) - Sign the apk (
keytool
+zipalign
+apksigner
) - Downgrade with
adb push xxx.apk /data/local/tmp/
&adb shell pm install -r -d /data/local/tmp/xxx.apk
I'm able to sign the apk with my own keypair, but I don't want to uninstall & re-install the apk to install the modified version -- I want to downgrade the original app to preserve the data.
However, step 5 produces:
Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE: Existing package xxx signatures do not match newer version; ignoring!]
It seems like downgrade app's old & new version must have the same signature. Is there anyway to bypass this check, or solve this situation?
I read this question: How do I force reinstallation of an apk with different signature on rooted Android? ... but it requires root access.
adb install
do APK signature verification?. You are trying to circumvent the security model on Android so root access is generally a starting point.targetSDK
version: See my answer on that topic: android.stackexchange.com/a/231237/2241