Betan Publish

Introduction

Betan Publish is a command-line tool for encrypting beta copies of your APKs. The basic idea is that you point it at a directory containing a set of APKs you want to distribute securely, and it encrypts them to another directory.

Requirements

Java 1.6
A recent version of aapt available on your path, i.e. if you type aapt at your command prompt it should run the Android packaging tool.

Download

The most recent version of the betan-publish tool is 1.1 (download jar).

Note that the betan-publish tool has not yet been tested on Windows.

Usage

You run betan-publish using java -jar, supplying the path to the jar file and the destination directory for the encrypted APKs together with any additional switches and parameters. A simple invocation might look like:

java -jar betan-publish-1.1.jar -password seekret -m -s apks/betas  apks/encrypted

The example above would copy all the APKs from apks/betas encrypted into apks/encrypted using the password seekret to autogenerate user passwords for each APK together with a betan-index.txt file containing details about all the APKs that were encrypted. In addition to creating this index file, betan-publish will also list this information to the console, this is only really useful if you are autogenerating any passwords since the primary column of information in the output is the password for the APK. If you want to specify your own passwords, you need to create a simple encryption configuration file (see below).

By default, the tool will look in the current working directory for APK files to encrypt. Together with a number of other parameters, the source directory of APKs can be specified using switches. These are listed below, as the appear in the command-line help.

Usage: betan-publish [options] dest-dir
Option                                  Description                            
------                                  -----------                            
-a, --passalpha [Boolean]               auto-generated passwords should use    
                                          characters [A-Z]                     
-e, --encryption <File>                 a list of apk encryptions to use       
-h, --help                              displays this help                     
-l, --passlength <Integer>              auto-generated password length         
                                          (default: 8)                         
-m, --makedirs [Boolean]                create the destination directory if it 
                                          doesn't exist                        
-n, --passnumeric [Boolean]             auto-generated passwords should use    
                                          digits [0-9]                         
-p, --password                          the password used to autogenerate apk  
                                          passwords                            
-r, --remove [Boolean]                  remove existing apks and indexes from  
                                          destination directory                
-s, --source <File>                     the directory to which the beta apks   
                                          will be published          
-u, --passupper [Boolean]               auto-generated passwords should be     
                                          upper case                           
-v, --version                           show version and copyright notice

Configuration

If you want to control the password(s) that apply to a specific application or APK file, you need to supply an 'encryption file'. This is a text file that matches passwords (and in the future other conditions) to APKs. There is one line per 'rule'. Each line consists of (in the following order):

An indication of the type of encryption rule. At present this will always be 'E:1'.
A selector for the APK(s) to which the rule applies. This will commonly consist of the application package name followed optionally by forward slash and a specific version code, or version name, though a hex encoded SHA-1 digest can also be supplied for cases where there is no other way of distinguishing the APK.
A set of conditions that apply to the APK. These are not currently supported and this must currently be blank (a single '_' underscore).
One or more space-delimited passwords that apply to the matching APKs. One encrypted APK file will be created for each password in this list.

In addition, the file can include blank lines and lines beginning with # are ignored and may be used to add comments.

When the same password is specified for multiple APKs, any user who supplies that password will be given an option of which application they want to install.

Sample encryption file

A sample file might look like this:

# every version of this application has the same password
E:1 com.example.app1 _ jupiter
# different versions of this application require different passwords
E:1 com.example.app2/1 _ neptune
E:1 com.example.app2/2 _ pluto
# these two APKs differ but (confusingly) have the same package and version
E:1 b8d9e2b83f48e5ac6a32e7cbb13012a56391ecd0 _ mercury
E:1 af51d2b225870a5a218d915809620b5bb8fe9a57 _ mars
# there are several possible passwords for this application
E:1 com.example.app3 _ earth venus