VR系列——Oculus Publishing文档：五、应用签名

Oculus手机app在不同研发阶段需要两种不同的签名。

• Oculus 签名文件（开发应用时需要，提交时不需要）
• Android 应用签名（提交应用时需要）

Oculus 签名文件 (osig)

在开发阶段，app必须要有Oculus发行的签名文件或osig的签名。签名以文件的形式包含在app中，以便于访问设备底层的VR函数集。每个签名文件都依赖于特定的设备，因此你要为研发所用的每个设备生成相应的osig文件。

你可以在提交应用时移除osig文件，虽然这么做不是必须的。当你的应用审核通过后，我们会修改APK，使其可以用于各种设备。

请访问我们的osig自助门户查看更多详情，了解如何为设备申请osig文件：https://developer.oculus.com/tools/osig/

Android 应用签名

安卓使用数字证书（又称为keystore）对应用作者的身份进行加密验证。所有的安卓应用都必须通过这种证书提供数字签名后才可在安卓设备上安装运行。

所有的开发人员都必须创建自己唯一的数字签名，并在提交Oculus审核前对应用程序签名。更多详情请见安卓的“应用程序签名”文档：http://developer.android.com/tools/publishing/app-signing.html

务必要保存好用于应用签名的证书文件。之后每次更新应用都要用同样的证书文件进行签名，否则会提交失败。

注意：应用提交审核前必须要用安卓证书对其进行签名。

Android 应用签名 和 Unity

Unity会用默认的临时调试证书，自动为安卓应用签名。在编译最终发布版本时，创建一个新的安卓keystore，并由Use Existing Keystore选项来指定，路径为Edit->Project Settings->Player->Publishing Options。更多信息详见Unity文档的“安卓”部分：http://docs.unity3d.com/Manual/class-PlayerSettings.html。

拓展阅读

①manifest：manifest文件的主要功能是向Android声明应用程序的组件。当Android启动一个应用程序组件之前，它必须知道哪些个组件是存在的，所以开发人员在开发过程中，必须将应用程序中 出现的组件一一在 AndroidManifest.xml文件中申明，最终这个AndroidManifest.xml文件也会被一起打包到.apk文件中去。manifest文件以XML作为结构格式，而且对于所有应用程序，都叫做AndroidManifest.xml。为声明一个应用程序组件，它还会做很多额外工作，比如指明应用程序所需链接到的库的名称（除了默认的Android库之外）以及声明应用程序期望获得的各种权限。

②Intent Filter是用来注册 Activity、Service 和Broadcast Receiver具有能在某种数据上执行一个动作的能力。使用Intent Filter，应用程序组件告诉Android，它们能为其它程序的组件的动作请求提供服务，包括同一个程序的组件、本地的或第三方的应用程序。

---

原文如下

Oculus mobile apps require two distinct signatures at different stages of development.

• Oculus Signature File (required during development, not required for submission)
• Android Application Signature (required for submission)

Oculus Signature File (osig)

During development, your application must be signed with an Oculus-issued Oculus Signature File, or osig. This signature comes in the form of a file that you include in your application in order to access protected lowlevel VR functionality on your mobile device. Each signature file is tied to a specific device, so you will need to generate osig files for each device that you use for development.

You may remove your osig file for submission, though doing so is not required. When your application is approved, we will modify the APK so that it can be used on all devices.

Please see our osig self-service portal for more information and instructions on how to request an osig for development: https://developer.oculus.com/tools/osig/

Android Application Signing

Android uses a digital certificate (also called a keystore) to cryptographically validate the identity of application authors. All Android applications must be digitally signed with such a certificate in order to be installed and run on an Android device.

All developers must create their own unique digital signature and sign their applications before submitting them to Oculus for approval. For more information and instructions, please see Android’s “Signing your Applications” documentation: http://developer.android.com/tools/publishing/app-signing.html

Make sure to save the certificate file you use to sign your application. Every subsequent update to your application must be signed with the same certificate file, or it will fail.

Note: Your application must be signed by an Android certificate before you submit it.

Android Application Signing and Unity

Unity automatically signs Android applications with a temporary debug certificate by default. Before building your final release build, create a new Android keystore and assign it with the Use Existing Keystore option, found in Edit > Project Settings > Player > Publishing Options. For more information, see the “Android” section of Unity’s documentation here: http://docs.unity3d.com/Manual/class-PlayerSettings.html.