0

My question is specifically about Delphi 10.4, but it can be applicable to other versions as well.

AFAIK the developers can provide keystore file for signing their Delphi Android applications in two ways:

  • They can provide the defaule keystore file for their Windows profile: Delphi Tools - Options... - Deployment - Provisioning - Build Type: Android (4 options - 32/64 bit + Development/Application Store) - Key Store. One should take into account that the Android options in the Build Type can be unavailable in some situation, the one just need to play some tricky games with the combobox and then those options become available by some miracle. Let it be.

  • They can override the default setting (previous point) for each project by setting Delphi - Project - Options... - Deployment - Provisioning - Target: Android 32/64 bit + All/Debug/Release configurations and the Key Store fields appear for the Release Configuration.

I have made Android application, the package apk without providing any keystore file, the Delphi allows to do it, it allows to compile, build and deploy (crete apk package) the app with the empty keystore files. But nevertheless, the signing process happens and the final apk file can be unarchived and there are signing information META-INF/ANDROIDD.SF, ANDROIDD.RSA.

My question - which keystore file is used by Delphi IDE (or by Java SDK, it Delphi commands it for the signing of app) to sign the app for which the keystore information is not provided in Windows profiles neither project options?

I have tried to decode such default ANDROIDD.RSA using suggestions from What is contained in "./META-INF/CERT.RSA" file for an Android app? and the result is:

C:\OpenSSL-Win32\bin>openssl pkcs7 -inform DER -in ANDROIDD.RSA -noout -print_certs
subject=/C=US/ST=California/L=San Francisco/O=Embarcadero Technologies/OU=Mobile Organization/CN=Unnamed
issuer=/C=US/ST=California/L=San Francisco/O=Embarcadero Technologies/OU=Mobile Organization/CN=Unnamed

So, the Delphi IDE/Studio uses some default information for the signing. It is OK, but where is the default keystore for generating default signature?

TomR
  • 2,696
  • 6
  • 34
  • 87
  • I know that this is highly unusual situation. Developers provide their own keystore files, there is no sense not to do this. But I am in this situation, unfortunately and I am seeking these rare knowledge. – TomR Feb 23 '22 at 14:24
  • One can expect that Android SDK can contain some keystore file, but, unfortunately, C:\Users\Public\Documents\Embarcadero\Studio\21.0\CatalogRepository\AndroidSDK-2525-21.0.38860.1461 has none. – TomR Feb 23 '22 at 14:39
  • Windows search gave the C:\Users\MY_NAME\AppData\Roaming\Embarcadero\BDS\21.0 debug.keystore file. It may be the one I am looking for. I am checking and I will report back. – TomR Feb 23 '22 at 14:45
  • 1
    denug.keystore is the file that Delphi automatically creates to sign debug builds. For release builds you need to provide provisioning info or you need to sign application manually. – Dalija Prasnikar Feb 23 '22 at 19:40

0 Answers0