Still problems with creating the neccessary file for keystore reset (Lengthy mail)

Klaus major-k klaus at major-k.de
Wed Aug 28 06:17:17 EDT 2024 

Hi Panos,

I had created a new keystore and PEM file with the shell commands that Gooogle support supplied.
Still no joy...
----------------------------------------------------
% java -jar pepk.jar --keystore=android_upload2.jks --alias=upload --output=output.zip  --rsa-aes-encryption --encryption-key-path=upload_certificate2.pem
Enter password for store 'android_upload2.jks':
Enter password for key 'upload':
Error: Unable to export or encrypt the private key
java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:454)
	at java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:93)
	at java.base/java.security.KeyStore.getKey(KeyStore.java:1075)
	at com.google.wireless.android.vending.developer.signing.tools.extern.export.KeystoreHelper.extractPrivateKey(KeystoreHelper.java:63)
	at com.google.wireless.android.vending.developer.signing.tools.extern.export.KeystoreHelper.getPrivateKey(KeystoreHelper.java:35)
	at com.google.wireless.android.vending.developer.signing.tools.extern.export.ExportEncryptedPrivateKeyTool.run(ExportEncryptedPrivateKeyTool.java:209)
	at com.google.wireless.android.vending.developer.signing.tools.extern.export.ExportEncryptedPrivateKeyTool.main(ExportEncryptedPrivateKeyTool.java:165)
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
	at java.base/com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:861)
	at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:941)
	at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:734)
	at java.base/com.sun.crypto.provider.PBES2Core.engineDoFinal(PBES2Core.java:310)
	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2244)
	at java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:370)
	at java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:257)
	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:361)
	... 6 more
-------------------------------------------------------

I will also write a mail to Google support now, maybe they can explain what's going wrong.
The tone of their last mails however made me feel that they only take actual JAVA developers seriously. :-/

> Am 28.08.2024 um 09:37 schrieb Klaus major-k via use-livecode <use-livecode at lists.runrev.com>:
> 
> Hi Panos,
> 
>> Am 28.08.2024 um 09:17 schrieb panagiotis merakos via use-livecode <use-livecode at lists.runrev.com>:
>> 
>> Also, in the screenshot you attached, it looks like the arguments
>> "signing-keystore" and "keystore" expect a different value.
>> 
>> The "keystore" looks like it should be the "android_upload.keystore" you
>> created and used to sign the app in LiveCode. I am not sure what is the
>> "signing-keystore" - were you asked to create one?
>> 
>> Same for the "signing-key-alias" - it looks like it is expected to be
>> different for the "alias" (the latter should be "sehenkey")
>> 
>> I had a look in the terminal command I had issued back then, and it did not
>> include these 2 arguments ("signing-key-alias" and "signing-keystore") - it
>> was just:
>> 
>> java -jar pepk.jar --keystore=android_upload.keystore --alias=sehenkey
>> --output=output.zip  --rsa-aes-encryption
>> --encryption-key-path=upload_certificate.pem
>> 
>> So it might be worth giving this a try as well, again with openjdk 20.0.1
> 
> sounds promising! :-)
> Thank you, we will try this.
> 
>> Kind regards,
>> Panos

Best

Klaus

--
Klaus Major
https://www.major-k.de
https://www.major-k.de/bass
klaus at major-k.de

More information about the use-livecode mailing list