安卓签名⽂件及解析1. Android Studio默认的apk打包⽂件地址
⽤户根⽬录/.android/debug.keystore
Eclipse ADT基本⼀致:Windows->Preference->Android->Build 可以查看
2. 通过keytool计算apk的签名
对于jdk7及以上版本可以直接通过如下命令
keytool -list -printcert -jarfile apk_file_path
如果有keystore⽂件
keytool -list -keystore file_path
默认的debug.keystore密码为android
如果知道keystore的alias和密码,可以显⽰更详细的信息
keytool -list -alias androiddebugkey -keystore debug.keystore -storepass android -keypass android -v
对于jdk7以下的版本,可以先解压apk,对⽬标⽂件META-INF/CERT.RSA计算签名 keytool -printcert -file file_path
(对RSA⽂件有个简短的介绍)
3. 在android运⾏时计算apk的签名
/*
standard MessageDigest algorithms:
MD5
SHA-1
SHA-256
*/
private String getCertificateFingerprint(Context mContext, String algorithm, String packageName) { PackageManager pm = PackageManager();
int flags = PackageManager.GET_SIGNATURES;
PackageInfo packageInfo = null;
try {
packageInfo = pm.getPackageInfo(packageName, flags);
} catch (PackageManager.NameNotFoundException e) {
e.printStackTrace();
}
}
if (packageInfo == null)
return null;
Signature[] signatures = packageInfo.signatures;
/
/此处我直接默认只有⼀个签名
byte[] cert = signatures[0].toByteArray();
InputStream input = new ByteArrayInputStream(cert);
CertificateFactory cf = null;
try {
cf = Instance("X509");
} catch (CertificateException e) {
e.printStackTrace();
}
if (cf == null)
return null;
X509Certificate c = null;
try {
c = (X509Certificate) cf.generateCertificate(input);
} catch (CertificateException e) {
e.printStackTrace();
}
if (c==null)
return null;
String hexString = null;
try {
MessageDigest md = Instance(algorithm); byte[] publicKey = md.Encoded());
hexString = byte2HexFormatted(publicKey);
} catch (NoSuchAlgorithmException e1) {
e1.printStackTrace();
} catch (CertificateEncodingException e) {
e.printStackTrace();
}
return hexString;
}
public static String byte2HexFormatted(byte[] arr) {
StringBuilder str = new StringBuilder(arr.length * 2);
for (int i = 0; i < arr.length; i++) {
String h = HexString(arr[i]);
int l = h.length();安卓软件签名工具
if (l == 1) h = "0" + h;
if (l > 2) h = h.substring(l - 2, l);
str.UpperCase());
if (i < (arr.length - 1)) str.append(':');
}
String();
}
第⼆个链接提及了⼀个开源项⽬
4. 直接通过java程序获取
1) 读取apk中的RSA签名⽂件
ZipFile zipFile = new ZipFile("demo-debug.apk_2.0.4.apk");
Enumeration<? extends ZipEntry> entries = ies();
while(entries.hasMoreElements()){
ZipEntry entry = Element();
if (Name().endsWith("RSA")) {
ZipEntry entry = Element();
//TODO with InputStream(entry)
}
}
2) 计算RSA⽂件签名
public static String[] getSign(InputStream input, String algorithm) throws CertificateException, NoSuchAlgorithmException { CertificateFactory cf = Instance("X509");
Collection<? extends Certificate> c = cf.generateCertificates(input);
Certificate[] certs = c.toArray(new Certificate[c.size()]);
String[] hexString = new String[certs.length];
for (int i=0; i<certs.length; i++) {
X509Certificate x509Cert = (X509Certificate)certs[i];
MessageDigest md = Instance(algorithm);
byte[] publicKey = md.Encoded());
//byte2HexFormatted和android那边的⼀致
hexString[i] = byte2HexFormatted(publicKey);
}
return hexString;
}
主要参考了,可以搜索printcert,其中printCertFromStream是主要需要关注的函数
private void printCertFromStream(InputStream in, PrintStream out)
相关的⼀个开源项⽬
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论