Is it possible to add a new signature to an existing app?

Question

After reading the Signature Scheme v2 documentation here i was wondering if i can add a new signature to my current application.

Just to elucidate i have an App version 1.0 with Signature key "A". I want to send an update (version 2.0) with both Signature Keys "A" and "B".

This quote from the documentation seems to confirm the possibility but i was not able to achieve this.

Verification succeeds if at least one signer was found and step 3 succeeded for each found signer.

Every time that i try to install the version 2.0 as an update on top of version 1.0 i get this error message:

Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE: Package (package name) signatures do not match the previously installed version; ignoring!]

Answer 1

Edit: jarsigner can actually additional signatures, but the signing is weaker than what apksigner does, so I would strongly discourage this option. Also Play doesn't support multiple signers.

You cannot add a signature with apksigner. Any additional signing operation will remove the previous signature of the APK. However, you can sign in a single operation with both v1 and v2 signing schemes. This is what apksigner does by default when you use it with the sign subcommand.

Note that you cannot sign with a new keystore, you must keep signing with the same keystore for the updates of your app to work on Android.

Hope that helps. Let me know if I can clarify.

Answer 2

apksigner in sdk 31.0.0 has a new feature: --append-signature. By this feature , a new signature can be appended into the signed apk and the previous signature will not be removed.

However, if one is system signature, another is 3rd party signature, the apk will become non-system signature.