README revision b6c1cf6de79035f58b512f4400db458c8401379a
1The following commands were used to generate the test key pair: 2 3 openssl genrsa -3 -out testkey.pem 2048 4 5 openssl req -new -x509 -key testkey.pem -out testkey.x509.pem -days 10000 \ 6 -subj '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com' 7 8 openssl pkcs8 -in testkey.pem -topk8 -outform DER -out testkey.pk8 -nocrypt 9 10Alternatively you can use the "mkkey.sh" command included in this directory. 11 12The following standard test keys are currently included: 13 14testkey -- a generic key for packages that do not otherwise specify a key. 15platform -- a test key for packages that are part of the core platform. 16shared -- a test key for things that are shared in the home/contacts process. 17media -- a test key for packages that are part of the media/download system. 18 19These test keys are used strictly in development, and should never be assumed 20to convey any sort of validity. When $BUILD_SECURE=true, the code should not 21honor these keys in any context. 22 23 24signing using the openssl commandline (for boot/system images) 25-------------------------------------------------------------- 26 271. convert pk8 format key to pem format 28 % openssl pkcs8 -inform DER -nocrypt -in testkey.pk8 -out testkey.pem 29 302. create a signature using the pem format key 31 % openssl dgst -binary -sha1 -sign testkey.pem FILE > FILE.sig 32 33extracting public keys for embedding 34------------------------------------ 35it's a Java tool 36but it generates C code 37take a look at commands/recovery/Android.mk 38you'll see it running $(HOST_OUT_JAVA_LIBRARIES)/dumpkey.jar