Modifying system apps: original AndroidManifest.xml required, but why?

Question

The basic steps for editing a system APK:

1. Make a backup of the APK.
2. Decompile working APK.
3. Makes changes.
4. Recompile working APK.
5. Copy/paste both the META-INF folder and AndroidManifest.xml from the backup APK (which was never decompiled) into the recompiled working APK. Done!

META-INF contains the signature: that makes sense. But, what is the purpose of AndroidManifest.xml in retaining the original signature? I have tested this myself and Android would not load the APK with a recompiled AndroidManifest.xml (i.e. not an original AndroidManifest.xml).

Many guides state the necessity of copying both META-INF and AndroidManfest.xml from the original APK to the modded APK.

The closest answer I have found is that recompiling corrupts the AndroidManifest.xml (see http://rootzwiki.com/topic/268-guide-newbies-how-to-port-themes/), but I compared an original and post-recompiling AndroidManifest.XML and they're identical (says WinMerge and they have identical MD5 and SHA1 hashes). Another individual (http://miuiandroid.com/community/threads/q-remove-miui-torch-app.16013/) speculates that META-INF and AndroidManifest.xml are somehow tied to each other.

Everyone does this, but does anyone know why?

Answer 1

When verifying a system APK, Android checks the signature of a subset of the files in the APK to ensure that they haven't been tampered with. These files include AndroidManifest.xml, classes.dex, and others. If the SHA-1 digests (stored in META-INF/MANIFEST.MF and META-INF/CERT.SF) of the original files don't match the digests of the files in the modified APK, then Android will refuse to load the APK.