签署 android 应用程序抛出 IOException: Redundant length bytes found [英] Signing android app throws IOException: Redundant length bytes found

问题描述

我们正在开发 Cordova 应用程序，但在对该应用程序的 Android 版本进行签名时遇到了困难.

We're working on a Cordova app and having difficulty signing the Android version of the app.

使用命令

jarsigner -keystore keystore.p12 -storetype pkcs12 android-release-unsigned.apk 1

给出以下异常

java.io.IOException: DerInputStream.getLength(): Redundant length bytes found

来自 这一行在 OpenJDK 显然 这是为了修复CVE-2016-5546 虽然我对加密的了解不够，无法真正理解它.

which comes from this line in OpenJDK apparently this was added to fix CVE-2016-5546 although I don't know enough about crypto to really understand it.

使用 openssl 导出证书并从中创建新的 p12 工作正常，但更改了签名，这意味着 Play 商店拒绝上传.

Exporting the certificate with openssl and creating a new p12 from that works fine but changes the signature which means the play store rejects the upload.

我们的密钥库来自我们最初将应用开发外包给的另一家公司.

The keystore we have came from another company that we originally outsourced the app development to.

任何 jarsigner 或 keytool 命令都会抛出相同的异常，我认为这是有道理的，因为它们都使用相同的 Java 库

Any jarsigner or keytool command throws the same exception which I guess makes sense since they all use the same Java lib

推荐答案

我们遇到了同样的问题.我们发现 JDK 1.8.0_112 没有您所说的错误.于是我们就这样解决了问题:

We had the same problem. We have found that JDK 1.8.0_112 doesn't have the bug that you're talking about. So we resolved the problem in this way:

首先我们使用以下命令(Javajdk1.8.0_112inkeytool.exe):

At first we converted temp_keystore.p12 into mycert.keystore by using the following command (Javajdk1.8.0_112inkeytool.exe):

keytool -importkeystore -srckeystore temp_keystore.p12 -destkeystore mycert.keystore -srcstoretype pkcs12

然后我们使用如下命令(Javajdk1.8.0_112injarsigner.exe):

Then we use the following command (Javajdk1.8.0_112injarsigner.exe):

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore mycert.keystore ReadyForSigning.apk 1

签署apk.(命令末尾的1"为别名)

to sign apk. ("1" at the end of command is the alias)

PS.: 可能不需要从 .p12 转换为 .keystore.

PS.: Converting from .p12 to .keystore may be not necessary.

这篇关于签署 android 应用程序抛出 IOException: Redundant length bytes found的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！