Sign Android images with new generated keys.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Sign Android images with new generated keys.

2,194 Views
NunoVilaca
Contributor II

We're trying to sign target files with our own keys (generated with the mkkeys.sh script, as described in the FAQ pdf ), but are getting an error:

rewriting BOOT/RAMDISK/default.prop:
replace: ro.bootimage.build.fingerprint=Android/var_mx6/var_mx6:8.0.0/1.0.0-ga/2020072402:user/dev-keys
with: ro.bootimage.build.fingerprint=Android/var_mx6/var_mx6:8.0.0/1.0.0-ga/2020072402:user/release-keys
rewriting RECOVERY/RAMDISK/default.prop:
rewriting RECOVERY/RAMDISK/prop.default:
replace: ro.bootimage.build.fingerprint=Android/var_mx6/var_mx6:8.0.0/1.0.0-ga/2020072402:user/dev-keys
with: ro.bootimage.build.fingerprint=Android/var_mx6/var_mx6:8.0.0/1.0.0-ga/2020072402:user/release-keys
replace: ro.build.display.id=1.0.0-ga dev-keys
with: ro.build.display.id=1.0.0-ga
replace: ro.build.tags=dev-keys
with: ro.build.tags=release-keys
replace: ro.build.description=var_mx6-user 8.0.0 1.0.0-ga 2020072402 dev-keys
with: ro.build.description=var_mx6-user 8.0.0 1.0.0-ga 2020072402 release-keys
replace: ro.build.fingerprint=Android/var_mx6/var_mx6:8.0.0/1.0.0-ga/2020072402:user/dev-keys
with: ro.build.fingerprint=Android/var_mx6/var_mx6:8.0.0/1.0.0-ga/2020072402:user/release-keys
signing: BasicDreams.apk (/home/nvilaca/.android-certs//platform)
java.security.NoSuchAlgorithmException: 1.2.840.113549.1.5.13 SecretKeyFactory not available
at java.base/javax.crypto.SecretKeyFactory.<init>(SecretKeyFactory.java:122)
at java.base/javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:168)
at com.android.signapk.SignApk.decryptPrivateKey(SignApk.java:238)
at com.android.signapk.SignApk.readPrivateKey(SignApk.java:261)
at com.android.signapk.SignApk.main(SignApk.java:1024)

ERROR: signapk.jar failed: return code 1

Is it the way the keys are generated? Or something missing?

Ubuntu 18.04.1

OpenSSL 1.1.1  11 Sep 2018

Labels (2)
Tags (1)
0 Kudos
Reply
1 Reply

2,120 Views
IvanRuiz
NXP Employee
NXP Employee

Hello,

Which MPU are you running it at? -Anyway, the purpose of this is to sign OTA packages, for that, you will need to use the mkkey.sh script for generating the keys, but please remember that it will be required to be run 4 times (for each key) specifying the key name and password for each. The detailed description is addressed in chapter 29 of the following document: https://www.nxp.com/docs/en/reference-manual/Android_Frequently_Asked_Questions.pdf 

Hope that helps!

BR,

Ivan.

0 Kudos
Reply