SC20 - Signing Android Release

Alexandre_Estanislau · February 10, 2020, 8:06pm

Dear all,

I’m trying to sign an Android Release (Version 7.1.2) with my release keys, but it is not working.

See error below:

signing: MobileUpdateClient.apk         (/home/estanislau/work/projects/wellpay/repos/x1_certs/release/platform)
ERROR: No minSdkVersion returned by aapt

More verbose:

signing: MobileUpdateClient.apk         (/home/estanislau/work/projects/wellpay/repos/x1_certs/release/platform)
running:  aapt dump badging /tmp/tmpnEoKHL
 ERROR: No minSdkVersion returned by aapt

Does anybody have an idea? I’m following the steps described on Android Source page (https://source.android.com/devices/tech/ota/sign_builds), my keys don’t have password at this moment, because trying with password I have another error from Java.

Thanks in advance

jax.zhang · February 14, 2020, 7:52am

Can you tell me which command you are using to sign.

Alexandre_Estanislau · February 14, 2020, 11:48am

Hello Jax.

See the commands execute from build until sign:

Build:

$ source build/envsetup.sh
$ lunch msm8909-userdebug
$ make -j16 dist DIST_DIR=~/dist_output/

Generate keys:

$ subject='/C=BR/ST=Sao Paulo/L=Sao Paulo/O=My Company/OU=R&D/CN=MyCompany/emailAddress=contato@mycompany.com.br'
$ for x in releasekey platform shared media; do ./development/tools/make_key ~/release/$x "$subject" ; done

Signing:

$ ./build/tools/releasetools/sign_target_files_apks -v --default_key_mappings ~/release ~/dist_output/msm8909-target_files.zip ~/dist_output/signed-msm8909-target_files.zip

Output eror when keys are generated without password

signing: MobileUpdateClient.apk         (/home/estanislau/work/projects/wellpay/repos/x1_certs/release/platform)
ERROR: No minSdkVersion returned by aapt</i>

When I generate keys protecting them with a password, I have another error, see below:
running: openssl pkcs8 -in /home/ubuntu/release/media.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in /home/ubuntu/release/media.pk8 -inform DER -passin pass:
running: openssl pkcs8 -in /home/ubuntu/release/platform.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in /home/ubuntu/release/platform.pk8 -inform DER -passin pass:
running: openssl pkcs8 -in /home/ubuntu/release/releasekey.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in /home/ubuntu/release/releasekey.pk8 -inform DER -passin pass:
running: openssl pkcs8 -in /home/ubuntu/release/shared.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in /home/ubuntu/release/shared.pk8 -inform DER -passin pass:
running: openssl pkcs8 -in cts/hostsidetests/appsecurity/certs/cts-testkey1.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in cts/hostsidetests/appsecurity/certs/cts-testkey2.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in cts/hostsidetests/appsecurity/certs/keysets/cts-keyset-test-a.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in cts/hostsidetests/appsecurity/certs/keysets/cts-keyset-test-b.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in cts/hostsidetests/appsecurity/certs/keysets/cts-keyset-test-c.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in cts/hostsidetests/appsecurity/certs/keysets/cts-keyset-test-ec-a.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in frameworks/base/core/tests/coretests/apks/keyset/…/…/certs/keyset_A.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in frameworks/base/core/tests/coretests/apks/keyset/…/…/certs/keyset_B.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in frameworks/base/core/tests/coretests/apks/version/…/…/certs/unit_test.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in frameworks/base/core/tests/coretests/apks/version/…/…/certs/unit_test_diff.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in frameworks/base/core/tests/coretests/apks/version_nosys/…/…/certs/unit_test.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in vendor/unbundled_google/libraries/certs/clockwork.pk8 -inform DER -nocrypt
running: openssl pkcs8 -in vendor/unbundled_google/libraries/certs/clockwork.pk8 -inform DER -passin pass:
Enter password for /home/ubuntu/release/media key>
Enter password for /home/ubuntu/release/platform key>
Enter password for /home/ubuntu/release/releasekey key>
Enter password for /home/ubuntu/release/shared key>
rewriting RECOVERY/RAMDISK/default.prop:
replace: ro.bootimage.build.fingerprint=qcom/msm8909/msm8909:7.1.2/N2G47H/ubuntu01132103:userdebug/test-keys
with: ro.bootimage.build.fingerprint=qcom/msm8909/msm8909:7.1.2/N2G47H/ubuntu01132103:userdebug/release-keys
replace: ro.build.display.id=msm8909-userdebug 7.1.2 N2G47H eng.ubuntu.20200113.210300 test-keys
with: ro.build.display.id=msm8909-userdebug 7.1.2 N2G47H eng.ubuntu.20200113.210300
replace: ro.build.tags=test-keys
with: ro.build.tags=release-keys
replace: ro.build.description=msm8909-userdebug 7.1.2 N2G47H eng.ubuntu.20200113.210300 test-keys
with: ro.build.description=msm8909-userdebug 7.1.2 N2G47H eng.ubuntu.20200113.210300 release-keys
replace: ro.build.fingerprint=qcom/msm8909/msm8909:7.1.2/N2G47H/ubuntu01132103:userdebug/test-keys
with: ro.build.fingerprint=qcom/msm8909/msm8909:7.1.2/N2G47H/ubuntu01132103:userdebug/release-keys
rewriting BOOT/RAMDISK/default.prop:
replace: ro.bootimage.build.fingerprint=qcom/msm8909/msm8909:7.1.2/N2G47H/ubuntu01132103:userdebug/test-keys
with: ro.bootimage.build.fingerprint=qcom/msm8909/msm8909:7.1.2/N2G47H/ubuntu01132103:userdebug/release-keys
signing: Telecom.apk (/home/ubuntu/release/platform)
running: aapt dump badging /tmp/tmprvx6Wk
running: java -Xmx2048m -Djava.library.path=out/host/linux-x86/lib64 -jar out/host/linux-x86/framework/signapk.jar --min-sdk-version 25 /home/ubuntu/release/platform.x509.pem /home/ubuntu/release/platform.pk8 /tmp/tmprvx6Wk /tmp/tmpIEEA9j
java.lang.ClassCastException: org.bouncycastle.asn1.DLSequence cannot be cast to org.bouncycastle.asn1.ASN1Integer
at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.(PrivateKeyInfo.java:79)
at org.bouncycastle.asn1.pkcs.PrivateKeyInfo.getInstance(PrivateKeyInfo.java:45)
at com.android.signapk.SignApk.readPrivateKey(SignApk.java:271)
at com.android.signapk.SignApk.main(SignApk.java:1105)

ERROR: signapk.jar failed: return code 1

Alexandre_Estanislau · February 18, 2020, 12:01pm

Dear all,

Issue solved.

MobileUpdateClient is a package pre-compiled on MSM8909 build environment and doesn’t have the minSdkVersion defined on its AndroidManifest.xml (checked with Android Studio). Just removed it from final image.
Package RootPA’s AndroidManifest makes reference to versionCode on APK resource’s XML. I changed it keeping the versionCode on AndroidManifest with same value.

Kind Regards,
Alexandre

Anas_Abo_Hyleh · May 3, 2020, 7:06am

Hi @jax.zhang
I have same problem, and issue solved like what @Alexandre_Estanislau did.
But the question is "What about removing MobileUpdateClient app? Is there pad effect by removing it?
please give advice.

Anas_Abo_Hyleh · May 12, 2020, 8:03am

Hello @jax.zhang
Could you replay my question please?