Search Unity

  1. Megacity Metro Demo now available. Download now.
    Dismiss Notice
  2. Unity support for visionOS is now available. Learn more in our blog post.
    Dismiss Notice

Android Keystore Passwords not saved between sessions

Discussion in 'Android' started by moatdd, Mar 20, 2014.

  1. moatdd

    moatdd

    Joined:
    Jan 13, 2013
    Posts:
    178
    Every time I restart Unity, it seems to forget my keystore passwords.

    It remembers everything else, though. It remembers my alias and the location of the keystore file, but every session, I have to re-paste the password info into BOTH password fields (for the key AND the keystore).

    Not sure why unity won't save this info, as it seems to be able to save all the necessary data for Blackberry.

    It's happening on Unity 4.3 on Windows 7 64-bit Professional.

    Not sure if there's any more pertinent info I can give on this.
     
  2. MDragon

    MDragon

    Joined:
    Dec 26, 2013
    Posts:
    329
    I'm just going to assume this is a security feature- Unity SHOULDN'T save the passwords for the keys. A "hacker" could get into that data easily and retrieve your passwords- thus putting the keystore itself at risk (and ultimately your product).
     
  3. moatdd

    moatdd

    Joined:
    Jan 13, 2013
    Posts:
    178
    These must be the "hackers" you speak of.


    1. This aberration only affects the Android settings, and not Blackberry, unless there's some sort of platform prejudice going on which is preposterous.
    2. The passwords could be stored in encrypted form.
    3. Not saving the passwords makes the passwords vulnerable to interception via a keylogging utility every time they are manually entered.
    4. Not saving the passwords makes the passwords vulnerable to interception via a simple clipboard scan every time they are copy/pasted into the fields.
    5. If a hollywood "hacker" gained access to computers on my premises, losing my app would be the least of my troubles.

    Your assumption is invalid.
     
    Last edited: Aug 19, 2014
    SolidAlloy, glenneroo, Kogar and 7 others like this.
  4. Pompey Paul

    Pompey Paul

    Joined:
    Mar 14, 2014
    Posts:
    3
    Is there any direction on this? We're finding the same thing too. Be design or simply a Unity bug?
     
  5. peter_on

    peter_on

    Joined:
    Jan 8, 2009
    Posts:
    63
    Agreed it's Pretty irritating,... and i would suggest an option to save the password in keychains.
    c'mon it's common to store email passwords in keychains. Security concern is a lame excuse...
     
  6. thbach

    thbach

    Joined:
    Feb 14, 2014
    Posts:
    9
    I think theres a check box next to the keystore path which saves the keystore with the project.
    but yes you have to put in your password each time you open the project, probably by design, but i dont know. it is annoying. I just have my machine on 24/7 with unity open
     
  7. Badams66

    Badams66

    Joined:
    Mar 11, 2014
    Posts:
    49
    I don't see it as a big deal...?
    When writing using the Android SDK and Eclipse, you don't even get the option to save the location of the keystore. You have to manually select it each time you compile, which also involves typing in the password. Not to mention having two separate keys (debug, and publishing key).

    Personally, coming from using Eclipse for many years now, I like the way Unity has done it
     
  8. petey

    petey

    Joined:
    May 20, 2009
    Posts:
    1,817
    It'd be nice if it told you there was nothing in the password field when you click build, rather than right at the end :)
     
    mbentley3123 likes this.
  9. JFo

    JFo

    Joined:
    Dec 9, 2007
    Posts:
    217
  10. AbandonedCart

    AbandonedCart

    Joined:
    Mar 4, 2014
    Posts:
    72
    Unless you have a version of Eclipse over 6 years old, you must be doing something wrong.
    Eclipse allows you to choose the save location of the keys you create, and does not assign a password to the default debug key (which does have a set location).

    Eclipse remembers the location of the last used keystore for each project and the specific alias you chose within it, which could be different files in different locations with different aliases per project. While it does require you to enter a password manually when using the GUI export, both ant and gradle support keystore variables that include password.

    If you want to "presign" your application, create or choose the key you intend to use so that it is saved as the project default key (and select the desired alias for the sake of being thorough), then add a new cs script in the Editor folder and replace the default content (replacing the capitalized words with the values for your specific project) with:

    Code (CSharp):
    1. using UnityEngine;
    2. using UnityEditor;
    3. using System.IO;
    4.  
    5. [InitializeOnLoad]
    6. public class PreloadSigningAlias
    7. {
    8.  
    9.     static PreloadSigningAlias ()
    10.     {
    11.         PlayerSettings.Android.keystorePass = "KEYSTORE_PASS";
    12.         PlayerSettings.Android.keyaliasName = "ALIAS_NAME";
    13.         PlayerSettings.Android.keyaliasPass = "ALIAS_PASSWORD";
    14.     }
    15.  
    16. }
     
    Last edited: Aug 18, 2014
  11. moatdd

    moatdd

    Joined:
    Jan 13, 2013
    Posts:
    178
    This worked. Thank you!!!!!!!
     
  12. AbandonedCart

    AbandonedCart

    Joined:
    Mar 4, 2014
    Posts:
    72
    I also found out that you can bypass the common theory that the signing keystore must be made in Unity by specifying the full path as the value of keystoreName. I have successfully signed using a keystore generated with Eclipse. All the other variables will be applied to the specified keystore.

    There is one eccentricity to this script. Even if you only play the blank default scene for two seconds, something needs to be played on a fresh load to call InitializeOnLoad.
     
  13. psykojello2

    psykojello2

    Joined:
    Jul 19, 2013
    Posts:
    37
    I know this is nearly a year late, but this is awesome! I don't know how someone of you "like how Unity has done it". I can understand you can work around it or deal with the annoying-ness of having to type in your password each time. But "liking" it is a bit extreme.

    The biggest bother is the fact that Unity tells you after the build fails that it doesn't have the password. Come on! At the very least prompt for password on build.

    Trying the editor script now...
     
    mbentley3123 likes this.
  14. DurbsDev

    DurbsDev

    Joined:
    Sep 16, 2012
    Posts:
    16
    Unity Cloud build does preserve the passwords in it's configuration for Android. The same keystore and alias configuration can even be applied across projects without having to set it up again.

    My feeling is that Unity should be preserving the passwords for local builds too.
     
  15. Megahard

    Megahard

    Joined:
    Apr 23, 2016
    Posts:
    2
    ptaszor likes this.
  16. kk99

    kk99

    Joined:
    Nov 5, 2013
    Posts:
    81

    ABSÓLUTELY AMAZING. I wish I had read this one year ago . . .

    I cannot count how many times I wanted to built something and I accidentally typed the wrong password.

    Absolutely shame on unity who cannot provide such a simple feature
     
  17. trigraph

    trigraph

    Joined:
    Jan 24, 2017
    Posts:
    15
    I did something similar to LoungeKatt. I wouldn't have bothered if I'd read this first TBH. The only benefit of the script below is that it reads a little txt file that you have locally with the passwords in it... since the method above requires you to check in (to source control), the passwords.... which is a little scary. Anyways, put this in your Editor folder if you want to use it. You'll likely need to modify the buildPlayerOptions.scenes and buildPlayerOptions.target.

    Code (csharp):
    1.  
    2. using UnityEngine;
    3. using UnityEditor;
    4. using System.Diagnostics;
    5. using System.IO;
    6.  
    7. public class BuildMenu
    8. {
    9.     [MenuItem("Build/Android")]
    10.     public static void BuildAndroid()
    11.     {
    12.         if (!File.Exists("BuildConfig.txt"))
    13.         {
    14.             EditorUtility.DisplayDialog
    15.             (
    16.                 "Missing Build Config",
    17.                 "In the project folder create BuildConfig.txt. Inside write 3 lines. 1. The keystore password, 2. The key password. 3. The destination apk folder with forward slashes and NO final slash. Do NOT check the file in.",
    18.                 "OK"
    19.             );
    20.             return;
    21.         }
    22.  
    23.         StreamReader configReader = new StreamReader("BuildConfig.txt");
    24.         string storePassword = configReader.ReadLine();
    25.         string keyPassword = configReader.ReadLine();
    26.         string destFolder = configReader.ReadLine();
    27.         configReader.Close();
    28.  
    29.         string filename = EditorUtility.SaveFilePanel("Build Android APK", destFolder, "", "apk");
    30.         PlayerSettings.keystorePass = storePassword;
    31.         PlayerSettings.keyaliasPass = keyPassword;
    32.  
    33.         BuildPlayerOptions buildPlayerOptions = new BuildPlayerOptions();
    34.         buildPlayerOptions.scenes = new [] { "Assets/Scenes/Game.unity" };
    35.         buildPlayerOptions.locationPathName = filename;
    36.         buildPlayerOptions.target = BuildTarget.Android;
    37.         buildPlayerOptions.options = BuildOptions.None | BuildOptions.ShowBuiltPlayer;
    38.         BuildPipeline.BuildPlayer(buildPlayerOptions);
    39.     }
    40. }
    41.  
     
    almosr and Zhukovp like this.
  18. andrew_pearce_

    andrew_pearce_

    Joined:
    Nov 5, 2018
    Posts:
    167
    It's worth to mention that in Unity 2018 you have to create "Editor" folder and place your scrip PreloadSigningAlias.cs there. Otherwise you will get error "The type or namespace name `InitializeOnLoad' could not be found. Are you missing an assembly reference?" Thanks
     
  19. AbandonedCart

    AbandonedCart

    Joined:
    Mar 4, 2014
    Posts:
    72
    I could understand your concern, if it were required. It's a little scary if you are blindly committing every file in the project. Source control (git, svn, etc) always has some form of exclusion list and adding 'PreloadSigningAlias.cs' to my .gitignore resolved any risk without additional code.

    Any sharing of my code does not require that I provide the script because it is a convenience for personal use, not a part of the project code. By simply ignoring that file, I save myself 24 lines of code and numerous method calls.
     
  20. mohammadnt96

    mohammadnt96

    Joined:
    Aug 16, 2020
    Posts:
    1
    this works on a mac , unfortunately in another mac it throws this error :

    Code (csharp):
    1.  
    2. PreloadSigningAlias.cs(5,2): error CS0246: The type or namespace name 'InitializeOnLoad' could not be found (are you missing a using directive or an assembly reference?)
    3.  
    what im missing ?
     
  21. radiantboy

    radiantboy

    Joined:
    Nov 21, 2012
    Posts:
    1,633
    Wow still happening in 2021..
     
    cbeauchemin_bhvr likes this.
  22. JuliusM

    JuliusM

    Unity Technologies

    Joined:
    Apr 17, 2013
    Posts:
    835
    From the very beginning this was an intended behavior for security reasons. There are no plans to change it.
     
  23. mgear

    mgear

    Joined:
    Aug 3, 2010
    Posts:
    9,350
    can you add warning or don't allow builds (and even jump to that panel then), if its missing password?
    (lots of time would be saved, instead of waiting for build to be almost ready and then error..)
     
    Kogar likes this.
  24. JuliusM

    JuliusM

    Unity Technologies

    Joined:
    Apr 17, 2013
    Posts:
    835
    Which Unity version are you talking about? This change was done a while ago from what I remember. The editor should check for passwords at the start of the build and stop the build if the password was not provided.
     
    mgear likes this.
  25. mgear

    mgear

    Joined:
    Aug 3, 2010
    Posts:
    9,350
    ok nice, i'm still mostly on 2019 or lower, maybe its in recent versions, thats great!
     
  26. radiantboy

    radiantboy

    Joined:
    Nov 21, 2012
    Posts:
    1,633
    Ahh ok, just in case a thief breaks into the office and makes a fake signed apk with his malware in and uploads it to google play lol. Seems like a totally crazy choice, makes me scream every single time.. no worries though :)
     
  27. Dream_Code_TM

    Dream_Code_TM

    Joined:
    Jul 19, 2013
    Posts:
    38