Android/Cordova/Gradle:Keystore has been tampered with or password was incorrect

Question

I want to make a Jenkins server build my Cordova based (Android) application. For that, I intend to use Gradle (because the project from Cordova has all necessary files). I released the application several times from IntelliJ -> Export signed APK, but I can't get the gradle'd version to be correctly signed with my keystore.

Here's what I configured:

Keystore

Generated via keytool, already used to publish my application via Google Play Store. I thought Gradle might have a problem with special characters in the keystore and/or key password, so I used

keytool -storepasswd -keystore mykeystore.keystore

and

keytool -keypasswd -alias myalias -keystore mykeystore.keystore

to change them. I'm 100% certain that my passwords are correct in my Gradle configuration files.

Cordovas build.gradle

This file is pre-generated for the project, I didn't change much. I left the following lines untouched:

if (cdvReleaseSigningPropertiesFile) {
    signingConfigs {
        release {
            // These must be set or Gradle will complain (even if they are overridden).
            keyAlias = ""
            keyPassword = "__unset" // And these must be set to non-empty in order to have the signing step added to the task graph.
            storeFile = null
            storePassword = "__unset"
        }
    }
    (snip)
}

To fulfill the cdvReleaseSigningPropertiesFile condition, I created a file release-signing.properties in the projects android directory (see http://cordova.apache.org/docs/en/dev/guide/platforms/android/index.html#setting-gradle-properties ).

storeFile=keystore/mykeystore.keystore
storePassword="my_password"
keyAlias="myalias"
keyPassword="my_password"

---

Now, when I run ./gradlew signingReport --info, I get the following output:

Selected primary task 'signingReport' from project :
Tasks to be executed: [task ':signingReport', task ':CordovaLib:signingReport']
:signingReport (Thread[main,5,main]) started.
:signingReport
Executing task ':signingReport' (up-to-date check took 0.001 secs) due to:
  Task has not declared any outputs.
Variant: debugAndroidTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: releaseUnitTest
Config: release
Store: /Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore
Alias: "myalias"
Error: Failed to read key "myalias" from store "/Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore": Keystore was tampered with, or password was incorrect
----------
Variant: release
Config: release
Store: /Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore
Alias: "myalias"
Error: Failed to read key "myalias" from store "/Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore": Keystore was tampered with, or password was incorrect
----------
Variant: debug
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: debugUnitTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
:signingReport (Thread[main,5,main]) completed. Took 0.292 secs.
:CordovaLib:signingReport (Thread[main,5,main]) started.
:CordovaLib:signingReport
Executing task ':CordovaLib:signingReport' (up-to-date check took 0.0 secs) due to:
  Task has not declared any outputs.
Variant: debugAndroidTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: release
Config: none
----------
Variant: debug
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: releaseUnitTest
Config: none
----------
Variant: debugUnitTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
:CordovaLib:signingReport (Thread[main,5,main]) completed. Took 0.008 secs.

BUILD SUCCESSFUL

Total time: 23.152 secs
Stopped 0 compiler daemon(s).

Runing a ./gradlew build results in this error message:

:transformResourcesWithMergeJavaResForRelease UP-TO-DATE

:validateReleaseSigning

:packageRelease FAILED

FAILURE: Build failed with an exception.

• What went wrong: Execution failed for task ':packageRelease'. Failed to read key "myalias" from store "/Users/myusername/Documents /MyApplication/project/platforms/android/keystore /mykeystore.keystore": Keystore was tampered with, or password was incorrect

Any ideas on how to resolve that error?

Answer 1

Gradle signing process has problems in escaping possible backslashes in your store password or key password. I suspect that what happened to you is something similar.

Answer 2

Since I couldn't find the reason for Gradle being so stubborn, I removed the file release-signing.properties to let Gradle build the unsigned APK and used the following commands to sign the file in a shell script:

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore mykeystore.keystore
               myapplication.apk mykeyalias -storepass mypassword

/path/to/somewhere/android-sdk-macosx/build-tools/23.0.3/zipalign -v 4
               myapplication.apk myapplication-signed.apk