I had a hard time convincing relic to sign an Android application bundle with a key generated with keytool according to Google's instructions. The only thing that worked what using an unencrypted private key. Seeing that the import-key command already supports PKCS#12, I decided to add support for PKCS#12 key files (like the keystores created by keytool). Since modern keys use SHA256 instead of SHA1, I also had to find a replacement for the frozen and outdated golang.org/x/crypto/pkcs12 module.
Thanks for the contribution! I followed this up with an addition to load the certificates as well, so it doesn't need to be separately provided. Let me know if it doesn't work for you.
This PR adds support for PKCS#12 key files.
I had a hard time convincing relic to sign an Android application bundle with a key generated with keytool according to Google's instructions. The only thing that worked what using an unencrypted private key. Seeing that the import-key command already supports PKCS#12, I decided to add support for PKCS#12 key files (like the keystores created by keytool). Since modern keys use SHA256 instead of SHA1, I also had to find a replacement for the frozen and outdated golang.org/x/crypto/pkcs12 module.
Using the following
relic.yml
:I could successfully sign an Android application bundle with our upload key.
I don't really know Go (yet). Comments are welcome.
I agree to the contributing guidelines, but I couldn't find the referenced contributor agreement file.