SignApk.jar is a utility used by the AOSP build process to sign builds or packages including JARs, APKs etc. with various signatures. The SignApk.java has been picked up from the AOSP source tree and fixed for dependencies. This project includes the JAR file along with it's dependencies packaged for those who don't have the AOSP source and would like to sign personal packages.
The Runme.sh is a shell script prepared for making the JAR execution process a hair more easier for those unfamiliar with terminal commands. Nevertheless, usage of the script is revealed when you run ./Runme.sh with no arguments. An example is shown with the test keys testkey.pk8 and testkey.x508.pem (downloadable) from the source used to sign a sample foo.apk.
The execution is as simple as,
./Runme.sh -w testkey.x509.pk8 testkey.pk8 foo.apk foo-signed.apk on any Linux machine.
Kindly note,
testkey.x509.pk8andtestkey.pk8if not in the current directory as theRunme.sh, would require the fully qualified path (e.g.~/SignApk/testkey.x509.pk8)foo-signed.apkis the signed APK that would be generated after the execution completes
This project by no means supports malicious intentions of signing third-party packages with platform signatures. You're directly responsible for your deeds - play safe and thanks!