签署Android应用程序抛出IOException:找到冗余长度字节 [英] Signing android app throws IOException: Redundant length bytes found
问题描述
我们正在开发Cordova应用程序并且无法签署Android版本的应用程序。
We're working on a Cordova app and having difficulty signing the Android version of the app.
使用命令
jarsigner -keystore keystore.p12 -storetype pkcs12 android-release-unsigned.apk 1
给出以下异常
java.io.IOException: DerInputStream.getLength(): Redundant length bytes found
来自这一行 显然已添加以修复 CVE-2016-5546 虽然我不太了解加密来真正理解它。
which comes from this line in OpenJDK apparently this was added to fix CVE-2016-5546 although I don't know enough about crypto to really understand it.
使用openssl导出证书并从中创建新的p12工作正常但更改了签名,这意味着Play商店拒绝上传。
Exporting the certificate with openssl and creating a new p12 from that works fine but changes the signature which means the play store rejects the upload.
我们来自另一家公司的密钥库,我们最初将应用程序开发外包给。
The keystore we have came from another company that we originally outsourced the app development to.
任何jarsigner或keytool命令抛出相同的异常,我猜这是有道理的因为他们都使用相同的Java库
Any jarsigner or keytool command throws the same exception which I guess makes sense since they all use the same Java lib
推荐答案
我们遇到了同样的问题。我们发现JDK 1.8.0_112没有您正在谈论的错误。所以我们用这种方式解决了这个问题:
We had the same problem. We have found that JDK 1.8.0_112 doesn't have the bug that you're talking about. So we resolved the problem in this way:
首先我们将 temp_keystore.p12
转换为 mycert.keystore
使用以下命令( Java \jdk1.8.0_112\bin\keytool.exe
):
At first we converted temp_keystore.p12
into mycert.keystore
by using the following command (Java\jdk1.8.0_112\bin\keytool.exe
):
keytool -importkeystore -srckeystore temp_keystore.p12 -destkeystore mycert.keystore -srcstoretype pkcs12
然后我们使用以下命令( Java \jdk1.8.0_112\bin\jarsigner.exe)
:
Then we use the following command (Java\jdk1.8.0_112\bin\jarsigner.exe)
:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore mycert.keystore ReadyForSigning.apk 1
签署 apk
。 (命令末尾的 1
是别名)
to sign apk
. ("1
" at the end of command is the alias)
PS。:从<$ c $转换c> .p12 到 .keystore
可能没有必要。
PS.: Converting from .p12
to .keystore
may be not necessary.
这篇关于签署Android应用程序抛出IOException:找到冗余长度字节的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!