Develop Reference

Generate signed apk android studio - Error with key

I am trying to generate signed apk with an exiting keystore
but i have following problem
Error:org.gradle.tooling.BuildException: Failed to read key MedicalAssistanceKey from store "D:\MedicalAsError:com.android.ide.common.signing.KeytoolException: Failed to read key MedicalAssistanceKey from store
"D:\MedicalAss_download\MyKey.jks": Cannot recover keys_download\MyKey.jks": Cannot recover key
Error:java.security.UnrecoverableKeyException: Cannot recover key
I am sure the password and key are correct

The keystore and key passwords have to be the same.
You could use commands to modify passwork as below:
keytool -storepasswd -new [insert new keystore password] -keystore [insert keystore file name]
keytool -keypasswd -alias [insert alias] -new [insert new key password] -keystore [insert keystore file name]
Or if you like GUI, download from http://keystore-explorer.org/
Note: keytool.exe exists in jdk/bin folder or jre/bin folder.

if you have special characters in your passwords use this tool to change it:
http://keystore-explorer.org/
special characters like Ç

keytool error: java.security.UnrecoverableKeyException: Cannot recover key android

I can't signed my apk with the existing keystore. Its giving me this error when signing:
com.android.ide.common.signing.KeytoolException: Failed to read key Cannot recover key
So, by following this link, I have tried to change the password but its giving me keytool error: java.security.UnrecoverableKeyException: Cannot recover key error when executing this command:
keytool -keypasswd -alias %MyKeyAlias% -new %newpassword% -keystore KeyStore.jks
I have already a version available in playstore using this keystore.

I finally solved it by reading the document:
https://www.rickyadams.com/wp/index.php/2017/11/15/keytool-java-keystore-ssl/
As I use a different storepass and keypass.
Verify the private key password by attempting to change it
> keytool -keypasswd -keystore KEYSTORE -alias ALIAS -storepass PASSWORD
This is the output you’ll see if a key password isn’t set, or if the key password is the same as the store password:
New key password for <ALIAS>:
This is the output you’ll see if a key password is set and you enter it incorrectly:
Enter key password for ALIAS:
keytool error: java.security.UnrecoverableKeyException: Cannot recover key
This is the output you’ll see if a key password is set and you enter it correctly:
Enter key password for <ALIAS>:
New key password for <ALIAS>:

Looks like missing private key.

Check android keystore keypass for correctness

I'm automating some things that involve the android keytool and jarsigner. The tool takes a keystore, the password for the keystore, the alias name, and the password for the alias / key, and I'm trying to find a way to explicitly check to see if the supplied password for the alias / key is correct.
Any ideas? Also, I need to check it without a jar file to sign - getting that file in my context is lengthy, so I want to abort sooner rather than later.

You can also check if the password is correct without attempting to change the password. I did it by listing the properties of the keystore with this command:
keytool -list -keystore <keystorefile> -storepass <passwordtocheck>

You can do it a couple of ways:
A. With keytool
If you run the command keytool -keypasswd -keystore <keystore> -alias <alias> -storepass <storepass> -keypass <keypass> -new <keypass> then you will get the error Keystore was tampered with, or password was incorrect if the keystore password is wrong, or the error Cannot recover key if the alias password is wrong. Unfortunately the return code is 1 in both cases, so you will need to do parsing of the program's output if you want to be smart about the type of error.
B. With a small Java program
Something along these lines:
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
try (FileInputStream fis = new FileInputStream(keystore)) {
ks.load(fis, ksPw.toCharArray());
}
ks.getEntry(alias, new KeyStore.PasswordProtection(aliasPw.toCharArray()));
will fail at line 4 with a java.io.IOException if the key store password is wrong, or with a java.security.UnrecoverableKeyException at line 7 if the alias password is wrong.

Lost keystore alias but have file and password used for alias

recently I added a new alias to my keystore to sign my app.
Now I lost the new generated file with the alias, but remember the password and the alias name and have an older copy the file. Is there a way to recreate the alias using this things?

You can list the contents of your keystore with the command:
keytool -list -keystore <name of keystore file>
To do this, you will need to provide the keystore password (not the alias password). This will tell you the aliases in the file, which are self-contained, allowing you to sign. If you wish, you could also extract keys using other options / tools.

Open your key store (.jks) file with text editor. It will display binary form of data. The readable text in the first line is your key alias.
For example, your key alias in the following binary data is the key alias.
þíþí your key alias UYY_ 0‚þ0
+* ‚êa÷í–ØRö}ðžá䶈ùÎL\ô©2‘wå¥H¨V †¸®Àµ£ð×þ7—â;TÁÙcsª”ž˜4ÝÉ'AÀì,’„×S¼ðßÅ'€Õ¡ó‚˜ ö!y’Çåx|(woÁh4u-û†‚‡§Qȸ|ˆ³”ÜæûZŽ²a±O­´¢^À.ªbÅ“e†6 É秮j§˜y ößÿØ0Çd# /Ã?®¦ìé¼/§Zq””Ê•©„=~Ùì¢>º}DàO<Ö¹SbpÎŒ#Ø„°^Í^e»>¾ü«nM(
"Nbûh·2ðÁ0¯ç¿61êè“[.ÇzeYŽºXkuÄy*ôq¥FSs]:2“ì

http://tim12332013.blogspot.tw/2014/10/corona-sdk-android-keystore-lost-alias.html
look it may help you
keytool -list -v -keystore X:/XXXX /XXXX.keystore -storepass XXXX

This worked for me:
keytool -list -v -keystore "file address"
Copy your alias name and TaDa!!!

The default alias in latest android studio version is "key0". You can try this if you haven't changed your alias value.

How can I create a keystore?

What are the steps to create a keystore for android?
I need to use google maps in my app and I don't know what steps I missed.
Please provide me with the specific detailed steps (I didn't understand it from the guides).

To answer the question in the title, you create a keystore with the Java Keytool utility that comes with any standard JDK distribution and can be located at %JAVA_HOME%\bin. On Windows this would usually be C:\Program Files\Java\jre7\bin.
On Windows, open a command window and switch to that directory. On Linux type OS do the same with a terminal. Then run:
keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Keytool prompts you to provide passwords for the keystore, provide the Distinguished Name fields and then the password for your key. It then generates the keystore as a file called my-release-key.keystore in the directory you're in. The keystore and key are protected by the passwords you entered. The keystore contains a single key, valid for 10000 days. The alias_name is a name that you — will use later, to refer to this keystore when signing your application.
For more information about Keytool, see the documentation at: http://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html
and for more information on signing Android apps go here: http://developer.android.com/tools/publishing/app-signing.html

Signing Your App in Android Studio
To sign your app in release mode in Android Studio, follow these steps:
1- On the menu bar, click Build > Generate Signed APK.
2-On the Generate Signed APK Wizard window, click Create new to create a new keystore.
If you already have a keystore, go to step 4.
3- On the New Key Store window, provide the required information as shown in figure
Your key should be valid for at least 25 years, so you can sign app updates with the same key through the lifespan of your app.
4- On the Generate Signed APK Wizard window, select a keystore, a private key, and enter the passwords for both. Then click Next.
5- On the next window, select a destination for the signed APK and click Finish.
referance
http://developer.android.com/tools/publishing/app-signing.html

I was crazy looking how to generate a .keystore using in the shell a single line command, so I could run it from another application. This is the way:
echo y | keytool -genkeypair -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias business -keypass kpi135 -keystore /working/android.keystore -storepass ab987c -validity 20000
dname is a unique identifier for the application in the .keystore
cn the full name of the person or organization that generates the .keystore
ou Organizational Unit that creates the project, its a subdivision of the Organization that creates it. Ex. android.google.com
o Organization owner of the whole project. Its a higher scope than ou. Ex.: google.com
c The country short code. Ex: For United States is "US"
alias Identifier of the app as an single entity inside the .keystore (it can have many)
keypass Password for protecting that specific alias.
keystore Path where the .keystore file shall be created (the standard extension is actually .ks)
storepass Password for protecting the whole .keystore content.
validity Amout of days the app will be valid with this .keystore
It worked really well for me, it doesnt ask for anything else in the console, just creates the file. For more information see keytool - Key and Certificate Management Tool.

Create keystore file from command line :
Open Command line:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved
// (if you want to store keystore file at C:/ open command line with RUN AS ADMINISTRATOR)
C:\Windows\system32> keytool -genkey -v -keystore [your keystore file path]{C:/index.keystore} -alias [your_alias_name]{index} -keyalg RSA -keysize 2048 -validity 10000[in days]
Enter > It will prompt you for password > enter password (it will be invisible)
Enter keystore password:
Re-enter new password:
Enter > It will ask your detail.
What is your first and last name?
[Unknown]: {AB} // [Your Name / Name of Signer]
What is the name of your organizational unit?
[Unknown]: {Self} // [Your Unit Name]
What is the name of your organization?
[Unknown]: {Self} // [Your Organization Name]
What is the name of your City or Locality?
[Unknown]: {INDORE} // [Your City Name]
What is the name of your State or Province?
[Unknown]: {MP} //[Your State]
What is the two-letter country code for this unit?
[Unknown]: 91
Enter > Enter Y
Is CN=AB, OU=Self, O=Self, L=INDORE, ST=MP, C=91 correct?
[no]: Y
Enter > Enter password again.
Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 10,000 days
for: CN=AB, OU=Self, O=Self, L=INDORE, ST=MP, C=91
Enter key password for <index> (RETURN if same as keystore password):
Re-enter new password:
[ Storing C:/index.keystore ]
And your are DONE!!!
Export In Eclipse :
Export your android package to .apk with your created keystore file
Right click on Package you want to export and select export
Select Export Android Application > Next
Next
Select Use Existing Keystore > Browse .keystore file > enter password > Next
Select Alias > enter password > Next
Browse APK Destination > Finish
In Android Studio:
Create keystore [.keystore/.jks] in studio...
Click Build (ALT+B) > Generate Signed APK...
Click Create new..(ALT+C)
Browse Key store path (SHIFT+ENTER) > Select Path > Enter name > OK
Fill the detail about your .jks/keystore file
Next
Your file
Enter Studio Master Password (You can RESET if you don't know) > OK
Select *Destination Folder * > Build Type
release : for publish on app store
debug : for debugging your application
Click Finish
Done !!!

This tutorial:
“sign-your-android-applications-for.html”
Archived here:
https://web.archive.org/web/20181002011446/http://techdroid.kbeanie.com/2010/02/sign-your-android-applications-for.html
was very helpful for me the first time I had to create a keystore. It is simple but the instructions on developer.android.com are a little too brief.
The part I was unsure about was where to save and what name to give the keystore file.
I seems it doesn't matter where you put it just be sure to keep it safe and keep a number of backups.
I just put it in my app directory
Name the file "something.keystore" where something can be whatever you want. I used app_name.keystore, where app_name was the name of my app.
The next part was what to name the alias. Again it doesn't seem to matter so again I just used the app_name again. Keep the passwords the same as you used before. Fill out the rest of the fields and you are done.

Use this command to create debug.keystore
keytool -genkey -v -keystore ~/.android/debug.keystore -alias androiddebugkey -storepass android -keypass android -keyalg RSA -keysize 2048 -validity 10000 -dname "CN=Android Debug,O=Android,C=US"

I followed this guide to create the debug keystore.
The command is:
keytool -genkeypair -alias androiddebugkey -keypass android -keystore debug.keystore -storepass android -dname "CN=Android Debug,O=Android,C=US" -validity 9999

First thing to know is wether you are in Debug or Release mode. From the developer site "There are two build modes: debug mode and release mode. You use debug mode when you are developing and testing your application. You use release mode when you want to build a release version of your application that you can distribute directly to users or publish on an application marketplace such as Google Play."
If you are in debug mode you do the following ...
A. Open terminal and type:
keytool -exportcert -alias androiddebugkey -keystore path_to_debug_or_production_keystore -list -v
Note: For Eclipse, the debug keystore is typically located at ~/.android/debug.keystore...
B. when prompted for a password simply enter "android" ...
C. If you are in Release mode follow the instructions on...
http://developer.android.com/tools/publishing/app-signing.html <-- this link pretty much explains everything you need to know.

based on #EliuX answer, Latest tools compatible with app bundle
echo y | keytool -genkey -keystore ./android.jks -dname "n=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias android -keypass android -storepass android -keyalg RSA -keysize 2048 -validity 2000
For your build.gradle
signingConfigs {
debug {
storeFile file('android.jks')
keyAlias 'android'
keyPassword 'android'
storePassword 'android'
}
}

You can create your keystore by exporting a signed APK. When you will try to export/build a signed APK, it will ask for a keystore.
You can choose your existing keystore or you can easily create a new one by clicking create new keystore
Here a link very useful and well-explained of how to create your keystore and generate a signed APK
THis link explained how to do it with Android Studio, but if I remember, it is pretty similar on Eclipse
WATCH OUT
Once you generate your keystore, keep it somewhere safe because you will need it to regenerate a new signed APK.
How do I export a project in the Android studio?

I'd like to suggest automatic way with gradle only
** Define also at least one additional param for keystore in last command e.g. country '-dname', 'c=RU' **
apply plugin: 'com.android.application'
// define here sign properties
def sPassword = 'storePassword_here'
def kAlias = 'keyAlias_here'
def kPassword = 'keyPassword_here'
android {
...
signingConfigs {
release {
storeFile file("keystore/release.jks")
storePassword sPassword
keyAlias kAlias
keyPassword kPassword
}
}
buildTypes {
debug {
signingConfig signingConfigs.release
}
release {
shrinkResources true
minifyEnabled true
useProguard true
signingConfig signingConfigs.release
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
}
}
...
}
...
task generateKeystore() {
exec {
workingDir projectDir
commandLine 'mkdir', '-p', 'keystore'
}
exec {
workingDir projectDir
commandLine 'rm', '-f', 'keystore/release.jks'
}
exec {
workingDir projectDir
commandLine 'keytool', '-genkey', '-noprompt', '-keystore', 'keystore/release.jks',
'-alias', kAlias, '-storepass', sPassword, '-keypass', kPassword, '-dname', 'c=RU',
'-keyalg', 'RSA', '-keysize', '2048', '-validity', '10000'
}
}
project.afterEvaluate {
preBuild.dependsOn generateKeystore
}
This will generate keystore on project sync and build
> Task :app:generateKeystore UP-TO-DATE
> Task :app:preBuild UP-TO-DATE

If you don't want to or can't use Android Studio, you can use the create-android-keystore NPM tool:
$ create-android-keystore quick
Which results in a newly generated keystore in the current directory.
More info: https://www.npmjs.com/package/create-android-keystore