Skip to content

Instantly share code, notes, and snippets.

@tzutalin

tzutalin/keytool-importkeypair

Last active July 5, 2016 02:40
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tzutalin/f52c332fd5eab17b740657446864e361 to your computer and use it in GitHub Desktop.
Save tzutalin/f52c332fd5eab17b740657446864e361 to your computer and use it in GitHub Desktop.
Download ZIP
android-signature.sh
Raw
keytool-importkeypair
#! /bin/bash
#
# This file is part of keytool-importkeypair.
#
# keytool-importkeypair is free software: you can redistribute it
# and/or modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation, either version 3 of
# the License, or (at your option) any later version.
#
# keytool-importkeypair is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied warranty
# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with keytool-importkeypair. If not, see
# <http://www.gnu.org/licenses/>.
#
DEFAULT_KEYSTORE=$HOME/.keystore
keystore=$DEFAULT_KEYSTORE
pk8=""
cert=""
alias=""
passphrase=""
tmpdir=""
scriptname=`basename $0`
usage() {
cat << EOF
usage: ${scriptname} [-k keystore] [-p storepass]
-pk8 pk8 -cert cert -alias key_alias
This script is used to import a key/certificate pair
into a Java keystore.
If a keystore is not specified then the key pair is imported into
~/.keystore in the user's home directory.
The passphrase can also be read from stdin.
EOF
}
cleanup() {
if [ ! -z "${tmpdir}" -a -d ${tmpdir} ]; then
rm -fr ${tmpdir}
fi
}
while [ $# -gt 0 ]; do
case $1
in
-p | --passphrase | -passphrase)
passphrase=$2
shift 2
;;
-h | --help)
usage
exit 0
;;
-k | -keystore | --keystore)
keystore=$2
shift 2
;;
-pk8 | --pk8 | -key | --key)
pk8=$2
shift 2
;;
-cert | --cert | -pem | --pem)
cert=$2
shift 2
;;
-a | -alias | --alias)
alias=$2
shift 2
;;
*)
echo "${scriptname}: Unknown option $1, exiting" 1>&2
usage
exit 1
;;
esac
done
if [ -z "${pk8}" -o -z "${cert}" -o -z "${alias}" ]; then
echo "${scriptname}: Missing option, exiting..." 1>&2
usage
exit 1
fi
for f in "${pk8}" "${cert}"; do
if [ ! -f "$f" ]; then
echo "${scriptname}: Can't find file $f, exiting..." 1>&2
exit 1
fi
done
if [ ! -f "${keystore}" ]; then
storedir=`dirname "${keystore}"`
if [ ! -d "${storedir}" -o ! -w "${storedir}" ]; then
echo "${scriptname}: Can't access ${storedir}, exiting..." 1>&2
exit 1
fi
fi
# Create temp directory ofr key and pkcs12 bundle
tmpdir=`mktemp -q -d "/tmp/${scriptname}.XXXX"`
if [ $? -ne 0 ]; then
echo "${scriptname}: Can't create temp directory, exiting..." 1>&2
exit 1
fi
key="${tmpdir}/key"
p12="${tmpdir}/p12"
if [ -z "${passphrase}" ]; then
# Request a passphrase
read -p "Enter a passphrase: " -s passphrase
echo ""
fi
# Convert PK8 to PEM KEY
openssl pkcs8 -inform DER -nocrypt -in "${pk8}" -out "${key}"
# Bundle CERT and KEY
openssl pkcs12 -export -in "${cert}" -inkey "${key}" -out "${p12}" -password pass:"${passphrase}" -name "${alias}"
# Print cert
echo -n "Importing \"${alias}\" with "
openssl x509 -noout -fingerprint -in "${cert}"
# Import P12 in Keystore
keytool -importkeystore -deststorepass "${passphrase}" -destkeystore "${keystore}" -srckeystore "${p12}" -srcstoretype PKCS12 -srcstorepass "${passphrase}"
# Cleanup
cleanup
Raw
signature.sh
#!/bin/sh
./keytool-importkeypair -k android.keystore -p android -pk8 platform.pk8 -cert platform.x509.pem -alias platform
# android.keystore : signature file
# android : the password
# platform.pk8、platform.x509.pem : They are system's signature files
# platfrom: key alias. which is the same as platform
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment