从 rsa 文件创建密钥库
Create keystore from rsa file
我开发了一款 运行 在 100 台设备上使用的应用。想要更新它,但如果我安装新的 APK 给我错误。 “Android App Not Install。已经安装了一个具有相同名称但签名有冲突的现有包”。
我研究并发现了问题。
我更改了我的 SSD,这就是我的 debug.keystore 文件在格式化时消失的原因。
我在 APK 中找到了 RSA 文件。 我可以用旧 APK 中的值更改我的新 debug.keystore 吗?
我研究了密钥工具。我可以使用 importcert 并在一个 debug.keystore 中提供两个证书吗?
这将是可能的,每个人都可以解压 APK 并获得您的私钥。下次格式化前做好备份!
我认为Google在文档中解释得很好
https://developer.android.com/studio/publish/app-signing.html#secure-key
Maintaining the security of your private key is of critical
importance, both to you and to the user. If you allow someone to use
your key, or if you leave your keystore and passwords in an unsecured
location such that a third-party could find and use them, your
authoring identity and the trust of the user are compromised.
If a third party should manage to take your key without your knowledge
or permission, that person could sign and distribute apps that
maliciously replace your authentic apps or corrupt them. Such a person
could also sign and distribute apps under your identity that attack
other apps or the system itself, or corrupt or steal user data.
Your private key is required for signing all future versions of your
app. If you lose or misplace your key, you will not be able to publish
updates to your existing app. You cannot regenerate a previously
generated key.
Your reputation as a developer entity depends on your securing your
private key properly, at all times, until the key is expired. Here are
some tips for keeping your key secure:
- Select strong passwords for the keystore and key.
- Do not give or lend anyone your private key, and do not let unauthorized persons know your keystore and key passwords.
- Keep the keystore file containing your private key in a safe, secure place.
In general, if you follow common-sense precautions when generating,
using, and storing your key, it will remain secure.
MD5、SHA1、SHA256 - 不同的摘要(hash-function 的结果)并且不能用于恢复您的密钥库。
我开发了一款 运行 在 100 台设备上使用的应用。想要更新它,但如果我安装新的 APK 给我错误。 “Android App Not Install。已经安装了一个具有相同名称但签名有冲突的现有包”。
我研究并发现了问题。 我更改了我的 SSD,这就是我的 debug.keystore 文件在格式化时消失的原因。
我在 APK 中找到了 RSA 文件。 我可以用旧 APK 中的值更改我的新 debug.keystore 吗?
我研究了密钥工具。我可以使用 importcert 并在一个 debug.keystore 中提供两个证书吗?
这将是可能的,每个人都可以解压 APK 并获得您的私钥。下次格式化前做好备份!
我认为Google在文档中解释得很好
https://developer.android.com/studio/publish/app-signing.html#secure-key
Maintaining the security of your private key is of critical importance, both to you and to the user. If you allow someone to use your key, or if you leave your keystore and passwords in an unsecured location such that a third-party could find and use them, your authoring identity and the trust of the user are compromised.
If a third party should manage to take your key without your knowledge or permission, that person could sign and distribute apps that maliciously replace your authentic apps or corrupt them. Such a person could also sign and distribute apps under your identity that attack other apps or the system itself, or corrupt or steal user data.
Your private key is required for signing all future versions of your app. If you lose or misplace your key, you will not be able to publish updates to your existing app. You cannot regenerate a previously generated key.
Your reputation as a developer entity depends on your securing your private key properly, at all times, until the key is expired. Here are some tips for keeping your key secure:
- Select strong passwords for the keystore and key.
- Do not give or lend anyone your private key, and do not let unauthorized persons know your keystore and key passwords.
- Keep the keystore file containing your private key in a safe, secure place.
In general, if you follow common-sense precautions when generating, using, and storing your key, it will remain secure.
MD5、SHA1、SHA256 - 不同的摘要(hash-function 的结果)并且不能用于恢复您的密钥库。