https://community.nxp.com/t5/i-MX-Processors/Does-Android-OS-10-support-make-with-password-protected/m-p/1958161#M228678 <P>Environment:<BR />The Android OS environment being used is as follows:<BR />URL: <A href="https://www.nxp.jp/design/design-center/software/embedded-software/i-mx-software/android-os-for-i-mx-applications-processors:IMXANDROID" target="_blank">https://www.nxp.jp/design/design-center/software/embedded-software/i-mx-software/android-os-for-i-mx-applications-processors:IMXANDROID</A><BR />Android Version: Android Q10.0.0_2.6.0 (Linux 5.4.70 kernel)</P><P>Objective:<BR />We would like to create an environment where the NXP certificates located in the following folder are replaced with custom certificates:</P><P>(path/to/)/android_build/devices/fsl/common/security/<BR />media, networkstack, platform, shared, testkey<BR />and<BR />releasekey (this one is custom-added)</P><P>Problem:<BR />When we place a password-protected certificate and attempt to build, the following error occurs:</P><BLOCKQUOTE><P>&gt; java.lang.IllegalArgumentException: illegal object in getInstance: org.bouncycastle.asn1.DLSequence<BR />&gt; at org.bouncycastle.asn1.ASN1Integer.getInstance(ASN1Integer.java:44)<BR />&gt; at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.&lt;init&gt;(PrivateKeyInfo.java:134)<BR />&gt; at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.getInstance(PrivateKeyInfo.java:83)<BR />&gt; at com.android.signapk.SignApk.readPrivateKey(SignApk.java:277)<BR />&gt; at com.android.signapk.SignApk.main(SignApk.java:1091)</P></BLOCKQUOTE><P>Note: This issue does not occur if the certificate is not password-protected.</P><P>Question 1:<BR />In the Android make process, there is no prompt for password input. How should the password be set?</P><P>Question 2:<BR />We believe that the prebuilt JDK 9 does not support password-protected certificates.<BR />Has it been confirmed that JDK 9 can be used to build with password-protected certificates?<BR />Or should we assume that Android Q10.0.0_2.6.0 (Linux 5.4.70 kernel) does not support password-protected certificates?</P><P>When I sign an apk with a passworded certificate with sign_target_files_apks after making with a non-passworded certificate, I get a prompt for a password.<BR />However, the same error occurs when the password is entered.<BR />This seems to occur when using a pre-built JDK 9, and it is believed that JDK 9 does not support password-protected certificates.</P><P>In the Android OS build steps, JDK 9 is set in the path when running source build/envsetup.sh.<BR />Thus, we believe that using JDK 9 is the correct approach.</P><P>When using JDK 19 installed on a PC to run sign_targetfiles_apk, this issue does not occur.</P> Fri, 20 Sep 2024 01:37:46 GMT yamasita_yoshiyuki 2024-09-20T01:37:46Z https://community.nxp.com/t5/i-MX-Processors/Does-Android-OS-10-support-make-with-password-protected/m-p/1958161#M228678 <P>Environment:<BR />The Android OS environment being used is as follows:<BR />URL: <A href="https://www.nxp.jp/design/design-center/software/embedded-software/i-mx-software/android-os-for-i-mx-applications-processors:IMXANDROID" target="_blank">https://www.nxp.jp/design/design-center/software/embedded-software/i-mx-software/android-os-for-i-mx-applications-processors:IMXANDROID</A><BR />Android Version: Android Q10.0.0_2.6.0 (Linux 5.4.70 kernel)</P><P>Objective:<BR />We would like to create an environment where the NXP certificates located in the following folder are replaced with custom certificates:</P><P>(path/to/)/android_build/devices/fsl/common/security/<BR />media, networkstack, platform, shared, testkey<BR />and<BR />releasekey (this one is custom-added)</P><P>Problem:<BR />When we place a password-protected certificate and attempt to build, the following error occurs:</P><BLOCKQUOTE><P>&gt; java.lang.IllegalArgumentException: illegal object in getInstance: org.bouncycastle.asn1.DLSequence<BR />&gt; at org.bouncycastle.asn1.ASN1Integer.getInstance(ASN1Integer.java:44)<BR />&gt; at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.&lt;init&gt;(PrivateKeyInfo.java:134)<BR />&gt; at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.getInstance(PrivateKeyInfo.java:83)<BR />&gt; at com.android.signapk.SignApk.readPrivateKey(SignApk.java:277)<BR />&gt; at com.android.signapk.SignApk.main(SignApk.java:1091)</P></BLOCKQUOTE><P>Note: This issue does not occur if the certificate is not password-protected.</P><P>Question 1:<BR />In the Android make process, there is no prompt for password input. How should the password be set?</P><P>Question 2:<BR />We believe that the prebuilt JDK 9 does not support password-protected certificates.<BR />Has it been confirmed that JDK 9 can be used to build with password-protected certificates?<BR />Or should we assume that Android Q10.0.0_2.6.0 (Linux 5.4.70 kernel) does not support password-protected certificates?</P><P>When I sign an apk with a passworded certificate with sign_target_files_apks after making with a non-passworded certificate, I get a prompt for a password.<BR />However, the same error occurs when the password is entered.<BR />This seems to occur when using a pre-built JDK 9, and it is believed that JDK 9 does not support password-protected certificates.</P><P>In the Android OS build steps, JDK 9 is set in the path when running source build/envsetup.sh.<BR />Thus, we believe that using JDK 9 is the correct approach.</P><P>When using JDK 19 installed on a PC to run sign_targetfiles_apk, this issue does not occur.</P> Fri, 20 Sep 2024 01:37:46 GMT https://community.nxp.com/t5/i-MX-Processors/Does-Android-OS-10-support-make-with-password-protected/m-p/1958161#M228678 yamasita_yoshiyuki 2024-09-20T01:37:46Z