Corona SDK: removing standard permissions from AndroidManifest.xml

Hey,

now i want to dig into a topic that was really annoying to us in the development of Cookie Billiard. For some reason Corona SDK ALWAYS includes the following permissions in the androidManifest.xml:


<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />

There is no easy way to remove them from within corona. The settings file is not able to remove those permissions. Corona itself, does not provide an official solution to that. So here I'm explaining it to you:

1) Download the APK manager. I used version 5.0.2
In order for the APK-Manager to work properly you need to have your JDK (Java Development Kit) "bin" folder added to your PATH environment variable

2) Put the .apk that needs to be changed in the folder "place-apk-here-for-modding"
3) run the script and choose option 9 for decompiling

4) Go into the projects folder of the APK Manager and change the androidManifest.xml to your likings

5) Run option 11 (compile) in the APK Manager script, then you will be confronted with two questions: answer them both with "2". Then the following question pops up:

Now go into the "keep" folder and just delete androidManifest.xml and resources.arsc and then hit enter in the script (or any other key)

6) Now you have successfully compiled your .apk without the permissions in the androidManifest.xml. However thats not enough for the android market. Now you still need the sign the .apk with your certificate and you need to run zipalign in order to align your package structure according to the google standards.

7) Signing the app with jarsigner.
Jarsigner is a standard cmd-application that comes witht the JDK. If you don't have that download it and add the bin folder of the JDK to your Path environment variable.

Then perform the following command in your console according to your own folders:

jarsigner -verbose -keystore C:\...\releaseKey.keystore C:\...\Apk_Manager_5.0.2\place-apk-here-for-modding\unsignedCookieBilliard.apk moccagames

You will then be asked for the password of your keystore-file. enter it and all your files should successfully be signed.

8) Now you need to zipalign you signed .apk:

zipalign is a cmd-tool that comes with the Android Development Kit. You already needed it in order to run the APK-manager. However for the APK-Manager you just needed to add the "platform-tools" folder to your PATH environment variable. The zipalign tool resides within the "tools" folder of the Android SDK. If not already done add it to your PATH-variable.

Perform the following command in your console according to your own folders
zipalign -f -v 4 C:\...\CookieBilliard.apk C:\...\CookieBilliardZipAlign.apk

If everything was successfull a "Verifiaction successfull" message should appear at the end.

Now you have the same .apk like in the beginning, just without the permissions that you removed, ready to be uploaded to the android market :)

Hope the tutorial is helpful. If there are any questions please post them in the comments.

Your MOCCA GAMES team

!!!IMPORTANT: Do never try to change .apks that are not yours!!! We are not responsible for any legal issues that may arise from that!!!