Menu
After a while of not updating my applications in the Play Store I tried to sign one of my APK with my keystore, only to find that the keystore and alias password doesn't work anymore. The keystore password I was able to reset using this gist: gist.github.com/zach-klippenstein/4631307 and works fine now. This happens for two different keystores for two different applications.
Running keytool -list -keystore mykeystore resulted in:
Keystore type: JKS Keystore provider: SUN Your keystore contains 1 entry myalias, Dec 23, 2014, PrivateKeyEntry, Certificate fingerprint (SHA1): 85:8F:69...... I am 100% sure that the alias password is the same as the keystore password, but it doesn't seem to work. I've tried signing the APK in Android Studio and with jarsigner -keystore mykeystore -storepass mykeystorepassword app-debug.apk myalias but the response is always: jarsigner: unable to recover key from keystore.
I tried moving the alias to a new keystore file with keytool -importkeystore -srckeystore mykeystore -destkeystore newkeystore -srcalias myalias it then asks me to enter new password for the new keystore and the password for the old keystore (both work), only after entering the alias password I get an exception:
Enter destination keystore password: Re-enter new password: Enter source keystore password: Enter key password for <myalias> keytool error: java.security.UnrecoverableKeyException: Cannot recover key After some Googling I found that for some people the keystore stopped working after updating to another JDK version or Android Studio version, so I am wondering if that is the case for me also. The keystore was created in 2014 so I was probably on JDK7 at the time (I am now at 8). It is also suspicious two keystores mysteriously stop working..
Can this be fixed somehow?
EDIT:
I tried the solution from Jan and got the following results:
keytool -importkeystore -srckeystore mykeystore -destkeystore newkeystore -deststoretype pkcs12 gives me the same exception: keytool error: java.security.UnrecoverableKeyException: Cannot recover key.
After running this command: keytool -importkeystore -srckeystore newkeystore -srcstoretype pkcs12 -destkeystore finalkeystore -deststoretype jks I get this error: keytool error: java.io.IOException: DerInputStream.getLength(): lengthTag=109, too big.
SECOND EDIT:
I also tried signing the apk on a PC with JDK7, no luck.
THIRD EDIT:
I tried using the KeyStore Explorer and it opens the keystore file just fine and shows one entry (not expired). When I try to open the private key I get the same exception. Stacktrace:
java.security.UnrecoverableKeyException: Cannot recover key at sun.security.provider.KeyProtector.recover(KeyProtector.java:328) at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:146) at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56) at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96) at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70) at java.security.KeyStore.getKey(KeyStore.java:1023) at net.sf.keystore_explorer.gui.actions.KeyStoreExplorerAction.unlockEntry(KeyStoreExplorerAction.java:154) at net.sf.keystore_explorer.gui.actions.KeyStoreExplorerAction.getEntryPassword(KeyStoreExplorerAction.java:123) at net.sf.keystore_explorer.gui.actions.KeyPairPrivateKeyDetailsAction.doAction(KeyPairPrivateKeyDetailsAction.java:69) at net.sf.keystore_explorer.gui.actions.KeyStoreExplorerAction.actionPerformed(KeyStoreExplorerAction.java:93) at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:2022) at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2348) at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:402) at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:259) at javax.swing.AbstractButton.doClick(AbstractButton.java:376) at javax.swing.plaf.basic.BasicMenuItemUI.doClick(BasicMenuItemUI.java:833) at javax.swing.plaf.basic.BasicMenuItemUI$Handler.mouseReleased(BasicMenuItemUI.java:877) at java.awt.Component.processMouseEvent(Component.java:6535) at javax.swing.JComponent.processMouseEvent(JComponent.java:3324) at java.awt.Component.processEvent(Component.java:6300) at java.awt.Container.processEvent(Container.java:2236) at java.awt.Component.dispatchEventImpl(Component.java:4891) at java.awt.Container.dispatchEventImpl(Container.java:2294) at java.awt.Component.dispatchEvent(Component.java:4713) at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4888) at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4525) at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4466) at java.awt.Container.dispatchEventImpl(Container.java:2280) at java.awt.Window.dispatchEventImpl(Window.java:2750) at java.awt.Component.dispatchEvent(Component.java:4713) at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758) at java.awt.EventQueue.access$500(EventQueue.java:97) at java.awt.EventQueue$3.run(EventQueue.java:709) at java.awt.EventQueue$3.run(EventQueue.java:703) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:76) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86) at java.awt.EventQueue$4.run(EventQueue.java:731) at java.awt.EventQueue$4.run(EventQueue.java:729) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:76) at java.awt.EventQueue.dispatchEvent(EventQueue.java:728) at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201) at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116) at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105) at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101) at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93) at java.awt.EventDispatchThread.run(EventDispatchThread.java:82) 
857
The answer: use the cleartext password given to you for your keystore file. Don't copy anything into the password prompt. The password is exactly what your certificate authority has given to you for your keystore file.
The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material remaining non-exportable.
Keystore file is stored and secured in Google play. Your APKs will be signed by Google Play with app signing key and published to users. Even if you lost your upload key you can contact with Google and you can update your application after validating your account.
Try
keytool -importkeystore -srckeystore old.keystore -destkeystore new.keystore -deststoretype pkcs12 and
keytool -importkeystore -srckeystore new.keystore -srcstoretype pkcs12 -destkeystore final.keystore -deststoretype jks as suggested in this question.
75
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
