摘要:文章末有完整腳本生成的文件生成文件的路徑文件別名密碼加密方式有效時(shí)間把需要的國家地址公司名等信息一次寫入使用的生成文件。
用shell腳本生成.x509.pem 和.pk8 文件并signed apk。
文章末有完整腳本
-----生成keystore 的文件
keytool -genkey -v -keystore ${KEY_STORE_PATH} -alias ${ALIASES} -storepass ${PASS} -keypass ${PASS} -keyalg RSA -validity 20000 -dname "CN="Android", OU="xxx-shanghai", O="xxx", L="Mountain View", ST="California", C="US""
-keystore 生成文件的路徑 -alias 文件別名 -storepass -keypass 密碼 -keyalg 加密方式 -validity 有效時(shí)間 -dname 把需要的國家 地址 公司名等信息 一次寫入
使用 java sdk 的keytool 生成keystore 文件。
-----把keystore文件轉(zhuǎn)換為pkcs12格式
keytool -importkeystore -srckeystore ${KEY_STORE_PATH} -destkeystore ${DEST_KEY_STORE_PATH} -srcstoretype JKS -deststoretype PKCS12 -deststorepass ${PASS} -srcstorepass ${PASS} -destkeypass ${PASS}
-srckeystore keystore文件路徑 -destkeystore 生成的pkc12文件路徑
-----把pkcs12 轉(zhuǎn)成pem,方便可以通過文本方式查看
openssl pkcs12 -in ${DEST_KEY_STORE_PATH} -nodes -out ${DEST_TMP_RSA_PATH} -password pass:${PASS}
-in pkcs12 路徑, -out 生成的pem 路徑 password pass: 密碼
-----截取pem文件生成.X509.pem .rsa.pem文件
# 1.獲取 pkcs12.rsa.pem 文件 PRIVATE KEY 起始行數(shù) # 因?yàn)椴煌h(huán)境生成的私鑰頭不同(BEGIN RSA PRIVATE KEY,BEGIN PRIVATE KEY ) 所以這里加個(gè)判斷 private_key_begin=`grep "BEGIN RSA PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` if [ $? -ne 0 ]; then private_key_begin=`grep "BEGIN PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` private_key_end=`grep "END PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` else private_key_end=`grep "END RSA PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` fi # 2.截取pkcs12.rsa.pem 文件 并生成PRIVATE.rsa.pem文件 sed -n ${private_key_begin%%:*},${private_key_end%%:*}p ${DEST_TMP_RSA_PATH} >> ${PRIVATE_RSA} # 1.獲取 pkcs12.rsa.pem 文件 CERTIFICATE KEY 起始行數(shù) cert_509_begin=`grep "BEGIN CERTIFICATE" ${DEST_TMP_RSA_PATH} -n` cert_509_end=`grep "END CERTIFICATE" ${DEST_TMP_RSA_PATH} -n` # 2. 截取pkcs12.rsa.pem 文件 并生成CERT_X509.X509.pem文件 sed -n ${cert_509_begin%%:*},${cert_509_end%%:*}p ${DEST_TMP_RSA_PATH} >> ${CERT_X509}
-----私鑰轉(zhuǎn)pk8格式
openssl pkcs8 -topk8 -outform DER -in ${PRIVATE_RSA} -inform PEM -out ${PK8_PATH} -nocrypt
-----signed apk
java -jar ${SIGNED_JAR} ${CERT_X509} ${PK8_PATH} ${APK} ${SIGNED_APK}
所需參數(shù) signed.jar x509.pem pk8.rsa.pem apk signed_apk 路徑
-----刪除不需要的文件
rm $KEY_STORE_PATH $DEST_KEY_STORE_PATH $DEST_TMP_RSA_PATH $PRIVATE_RSA
完整腳本
#!/bin/sh KEY_STORE_PATH="$4"/app_"$1".keystore DEST_KEY_STORE_PATH="$4"/tmp_"$1".p12 DEST_TMP_RSA_PATH="$4"/tmp_"$1".rsa.pem PRIVATE_RSA="$4"/private_"$1".rsa.pem CERT_X509="$4"/cert_"$1".x509.pem PK8_PATH="$4"/private_"$1".pk8 ALIASES="$1" PASS=xxx"$1" APK="$4"/"$2" SIGNED_APK="$4"/"$3" SIGNED_JAR="$4"/signapk.jar if [ $# != 4 ] ; then echo "$0 Need to be: uuid, apk, sigend_apk , path(signapk.jar to be in the path, The signed files generated will also be in this path)" exit 1; fi keytool -genkey -v -keystore ${KEY_STORE_PATH} -alias ${ALIASES} -storepass ${PASS} -keypass ${PASS} -keyalg RSA -validity 20000 -dname "CN="Android", OU="xxx-shanghai", O="xxx", L="Mountain View", ST="California", C="US"" keytool -importkeystore -srckeystore ${KEY_STORE_PATH} -destkeystore ${DEST_KEY_STORE_PATH} -srcstoretype JKS -deststoretype PKCS12 -deststorepass ${PASS} -srcstorepass ${PASS} -destkeypass ${PASS} openssl pkcs12 -in ${DEST_KEY_STORE_PATH} -nodes -out ${DEST_TMP_RSA_PATH} -password pass:${PASS} private_key_begin=`grep "BEGIN RSA PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` if [ $? -ne 0 ]; then private_key_begin=`grep "BEGIN PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` private_key_end=`grep "END PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` else private_key_end=`grep "END RSA PRIVATE KEY" ${DEST_TMP_RSA_PATH} -n` fi sed -n ${private_key_begin%%:*},${private_key_end%%:*}p ${DEST_TMP_RSA_PATH} >> ${PRIVATE_RSA} cert_509_begin=`grep "BEGIN CERTIFICATE" ${DEST_TMP_RSA_PATH} -n` cert_509_end=`grep "END CERTIFICATE" ${DEST_TMP_RSA_PATH} -n` sed -n ${cert_509_begin%%:*},${cert_509_end%%:*}p ${DEST_TMP_RSA_PATH} >> ${CERT_X509} openssl pkcs8 -topk8 -outform DER -in ${PRIVATE_RSA} -inform PEM -out ${PK8_PATH} -nocrypt java -jar ${SIGNED_JAR} ${CERT_X509} ${PK8_PATH} ${APK} ${SIGNED_APK} if [ ! -f $SIGNED_APK ]; then echo "Failed to sign apk" exit 1; fi rm $KEY_STORE_PATH $DEST_KEY_STORE_PATH $DEST_TMP_RSA_PATH $PRIVATE_RSA
文章版權(quán)歸作者所有,未經(jīng)允許請勿轉(zhuǎn)載,若此文章存在違規(guī)行為,您可以聯(lián)系管理員刪除。
轉(zhuǎn)載請注明本文地址:http://specialneedsforspecialkids.com/yun/75927.html
閱讀 2851·2021-09-22 15:43
閱讀 4686·2021-09-06 15:02
閱讀 845·2019-08-29 13:55
閱讀 1679·2019-08-29 12:58
閱讀 3061·2019-08-29 12:38
閱讀 1206·2019-08-26 12:20
閱讀 2264·2019-08-26 12:12
閱讀 3311·2019-08-23 18:35