Source of binaries?

[Deleted user]

This module includes pre-built binaries, such as zipsigner*.jar, curl, keycheck, aapt. What are sources for them?
I tried to build this with exactly same options as provided (NDK version, SDK, etc.), but I failed to link it with Android.mk. How can we confirm those binaries aren't malicious?

[F3FFO]

Hi @jdr44 , I understand your doubts about the pre-built binaries that I include in the form and now I will list the origin of each of them, but first I would like to remind you that everyone is open source and you are free to replace the pre-built binaries with the one they prefer! Anyway:

• zipsigner[on readme]: https://github.com/Magisk-Modules-Repo/zipsigner
• keycheck: https://github.com/Zackptg5/Keycheck
• aapt: is already being built as part of the Android Open Source Project (AOSP) source code. The work is to simply modify the build scripts for each of the desired tools to build for the desired architectures. For more information on how to build the AOSP project, please see the official documentation: https://source.android.com/setup/build/requirements
• curl[on readme]: you can build them yourself by referring to my repo (in my repository in the readme I put an example Android.mk file, of course you need to be able to create your own file to be able to build the binaries as you like) otherwise you can do reference to this repository: https://github.com/Zackptg5/Cross-Compiled-Binaries-Android, which makes available the already built binaries and some suggestions on how to build them yourself!