Defining password for custom certificate

662 views
Skip to first unread message

fonix232

unread,
Oct 5, 2013, 10:19:41 PM10/5/13
to android-...@googlegroups.com
I've replaced the build/target/product/security certificates with my own, to be used with new builds. Using the old, public PDK (now mirrored by kandroid, http://www.kandroid.org/online-pdk/guide/release_keys.html), I've generated the new platform, media, shared and release keys, without setting any password. 

The problem comes where the build tools try to sign the APKs. Somehow the keys get flagged as password-required ones, and as I'm using multiple threads, the requests time out, resulting in a compile error.

I know about the ANDROID_PW_FILE change, already made a file, but as the format is not described anywhere, and I'm not that good with Python, I am pretty sure I screwed up something.

Can anyone give me some directions on how to set up ANDROID_PW_FILE for empty passwords?

shridutt kothari

unread,
Oct 10, 2013, 4:15:33 AM10/10/13
to android-...@googlegroups.com
Hi fonix232,

I also do not have good experience with Python, but i managed this with a workaround:

1. if your all your certificates at build/target/product/security are using a common single password your can hardcode that in readPassword() method in /build/tools/signapk/SignApk.java file before build (dont forget to remove it after build, for keeping it secure)

2. if your all your certificates at build/target/product/security are using a different password your can use single thread for building (but still it will be difficult to enter password again & again).

You can use these above workaround until some python expert helps you with ANDROID_PW_FILE  change.(Also let me know that python procedure if you get that working, as i am also interested in it)

Hope that helps!

Thanks,
Shridutt Kothari
Impetus Infotech Limited

fonix232

unread,
Oct 12, 2013, 4:01:36 AM10/12/13
to android-...@googlegroups.com
Yes, I'm currently using a hardcoded password (the certificate has no password whatsoever, yet it requests one).

The ANDROID_PW_FILE change, as I said, has already been merged, at least it is part of the Rockchip 4.2.2 SDK I'm using. After re-reading the code a few times, I realized that there are two variables to set: ANDROID_PW_FILE to a file where you store passwords for certificates, and EDITOR that points to a terminal-based text editor.

However this does not work at all for some reason.Might be a problem with the SDK I've received.

Qiwen Zhao

unread,
Oct 12, 2013, 6:09:26 PM10/12/13
to android-...@googlegroups.com
Here is the password file format, one line for each key

[[[  password  ]]] path/to/key

make sure you export the variable ANDROID_PW_FILE

Also suggest you mount it as a temp file to make it a little more secure:

  1. mkdir /tmp/ramdisk
  2. chmod 700 /tmp/ramdisk
  3. sudo mount -t tmpfs -o size=2M tmpfs /tmp/ramdisk/
  4. export ANDROID_PW_FILE=/tmp/ramdisk/ANDROID
Reply all
Reply to author
Forward
0 new messages