All geek questions in one place

What fields make unique android storage unique?

Is it possible to create a new one if I lose the android storage file (APK)? I know all the data, for example. name, surname, organization, password, expiration date, etc. Can I create the same keystore using this data, or should I protect the main keystore file in a safe place?

Is there something like a timestamp or hash, or automatically generated data inside a keystore or those data fields that I wrote manually to make the keystore unique and identifiable?

+5
source share
5 answers

Keystore is nothing more than a container. It contains keys, public key certificates used to sign your applications before they are deployed.

Android requires all APKs to be digitally signed with a certificate before they can be installed. When you sign the APK, the signature tool attaches the public key certificate to the APK. The public key certificate serves as the “fingerprint” that uniquely associates the APK with you and your corresponding private key. This helps Android ensure that any future updates to your APK are genuine and come from the original author. The key used to create this certificate is called the application signing key.

A keystore is a binary file containing one or more private keys.

You can create a new keystore, and if you post your original certificate there, it makes no difference. You can extract the certificate from one keystore and place it in another.

Basically, an Android Studio tool or keytool , for example, generates these keys for you and puts them in the keystore. Physically RSA keypair keys are RSA keypair , like this example http://phpseclib.sourceforge.net/rsa/examples.html , the private key used to sign and store in the keystore only , the public key used to verify the signature.

There is no way to recover the key if you have lost the keystore. So, do your best to protect the keystore , especially if you published applications signed by it with certificates.

0
source

If you released the application in the play store, it will not allow you to update the application, because now you have a different keystore file, and therefore you need to create a new application on the game server. Yes, each keystore file is unique, and you cannot do the same again.

0
source

For KeyStore, I can say that Keystore is unique. nobody but the certificate holder can update your application. This means that if you release it into the wild, lose the certificate that you used to sign the application, then you cannot issue updates to keep this certificate safe and backup if necessary.

But besides signing apks to go out into the wild, you can use it to authenticate your device to the server via SSL if you want it (also Android) among other functions.

I came across the same thing, and from my experience I can say that nothing will work, maybe I'm wrong, maybe there are some ways, but I tried a lot.

You can create a new keystore, but the Android Market will not allow you to download apk as an update - even worse, if you try to download apk as a new application, it will not allow it, because it knows that there is a “different” version of the same apk already on the market, even if you remove the previous version from the market

Do your best to find this keystore ...

0
source

Google suggested one way to download the keystore safely, so you no longer have to worry about the keystore.

More details:

https://support.google.com/googleplay/android-developer/answer/7384423

https://developer.android.com/studio/publish/app-signing.html#google-play-app-signing

0
source

No, you can’t. Cannot create the same .keystore file with the same password and alias. If you have lost the key file, you can reset your file from the Google game.

You can follow these steps:

0
source

Source: https://habr.com/ru/post/1274244/

More articles:


All Articles