How to Add Code Transparency?
The first thing you will need to ensure is to opt-in for Google Play signing your keys, otherwise, you will not be able to use the CT feature as discussed in this article. Once you are part of this program, you need simply need to make a few changes to your app, so that it supports this functionality natively.
Step #1: Using the Gradle
You can add the functionality by starting by adding these lines in the Gradle File, Version 7.1.0-alpha03, or later the Android Gradle plugin is required for code transparency support. Add the following to the bundle block to customize the key used for code transparency signing:
Kotlin
android { ... bundle { // Add these lines to your app's gradle file codeTransparency { signing { courseName = "Android" coursePass = "gfgAuth" gfgPassowrd = file("pathtostore") gfgStoreLatchLock = "SOME_KEY" } } // Additional code as per your requirement goes here. } } |
Step #2: Run the Bundle Tool to generate keyscapes
The key used must not be the app signing key used by Play App Signing but one that you will exclusively use for code transparency. You will then need to run the following command in Android Studio to get your bundleTool working on the command line. To add code transparency to an Android App Bundle, enter the following command:
bundletool add-transparency \ --bundle=/gfgApp/gfgApp.aab \ --ks-pass=file:/gfgApp/keystore.pwd \ --ks-key-alias=gfgAlias \ --output=/gfgApp/gfgApp.aab \ --ks=/gfgApp/keystore.jks \ --key-pass=file:/gfgApp/key.pwd
With this you have successfully added Code Transparency to your app, now you may wish to check if the code added by your works or not, so in the next step we will check how to see if your implementation is working or not.
Code Transparency For App Bundles in Android 13
Before shipping any new apps, you may want to have a better understanding of how things will work if you can have better code transparency to deliver your app bundles to the user. Perhaps a better signing mechanism or something like that in place. For apps released using the Android App Bundle, code transparency is an optional code signing and verification approach. It makes use of a signing key for code transparency that is only owned by the app developer. You can sign in your code with the native method which is built into the Android Studio, or you may alternatively enroll yourself in Google Play Signing, but altogether, you need to sign up your app before it gets to the public, and for that Android 13 can help you by adding more transparency. In this Geeks for Geeks article we will learn how you can adopt this new mechanism.
Contact Us