查找 apk 文件签名的最简单方法是什么?请注意,我不是在询问代码。我只想从我的电脑上找到它。像这样的签名 975yYkKAQF+KST7g3ASHvHkYopq=
$ $ANDROID_SDK/build-tools/$BUILD_TOOLS_VERSION/apksigner verify --print-certs -v $APK_FILE
示例:
$ /Users/hborders/android/build-tools/29.0.2/apksigner verify --print-certs -v ~/Desktop/my-apk.apk
Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): false
Number of signers: 1
Signer #1 certificate DN: CN=Bob Smith, OU=Acme, O=Acme, L=San Francisco, ST=California, C=US
Signer #1 certificate SHA-256 digest: f1f2f3f3f21f26a67s76a6a76a76a76a76a67c78c8c78c709c90c90c09932451
Signer #1 certificate SHA-1 digest: 839103847abdefcbade123713957358920
Signer #1 certificate MD5 digest: 182831983712923f2e2e2f2a2c2fbc25
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 1024
Signer #1 public key SHA-256 digest: 8acaca8cabcaabdadc8cc99cc695ace47aec4c747c746c476cae4657c47c4765
Signer #1 public key SHA-1 digest: b11bca4123bea24befbe5b8be9768ef078
apksignerbuild-toolsprint-apk-signature您可以使用Java 7的密钥和证书管理工具(keytool)来获取应用程序的签名。运行以下命令
keytool -printcert -jarfile app-release.apk
您还可以获取密钥库的签名请查看这篇文章:我们如何检查APK和密钥库文件的SHA1或签名
Signature[] sigs = context.getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;
for (Signature sig : sigs)
{
Trace.i("MyApp", "Signature hashcode : " + sig.hashCode());
}
http://developer.android.com/reference/android/content/pm/PackageManager.html
这可能有帮助
首先,解压APK并提取文件/META-INF/ANDROID_.RSA(该文件也可能是CERT.RSA,但应该只有一个.RSA文件)。
然后发出此命令:
keytool -printcert -文件 ANDROID_.RSA 您将获得这样的证书指纹:
MD5: B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB
SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68
Signature algorithm name: SHA1withRSA
然后再次使用 keytool 打印出签名密钥库的所有别名:
keytool -list -keystore my-signing-key.keystore 您将获得别名列表及其证书指纹:
android_key,2010 年 1 月 23 日,PrivateKeyEntry, 证书指纹 (MD5): B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB 瞧!我们现在可以确定 apk 已使用此密钥库和别名“android_key”进行签名。
Keytool 是 Java 的一部分,因此请确保您的 PATH 中有 Java 安装目录。
您可以使用Android构建工具中提供的
apksignerebra@him:~/Android/Sdk/build-tools/30.0.3$ ./apksigner verify --print-certs -v ~/application.apk
Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): true
Verified using v4 scheme (APK Signature Scheme v4): false
Verified for SourceStamp: false
Number of signers: 1
Signer #1 certificate DN: CN=Supreeth Herle
Signer #1 certificate SHA-256 digest: 87f10d5ab8a769bff49200039bbd5d17a0f9d0b9bcccabc36527ec3c98d978dd
Signer #1 certificate SHA-1 digest: e46872f28b350b7e1f140de535c2a835804f0be3
Signer #1 certificate MD5 digest: fabb11667489da8f214ed30d8efd0979
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 2048
Signer #1 public key SHA-256 digest: 530468d2918764b0244a46ea406bfeb1742f4da73b6d86eefb4005c37fc04a3b
Signer #1 public key SHA-1 digest: 884c2bf64530118dde84250ed8a03e2c2c2bb3aa
然后您可以使用Linux内置工具将相应的签名转换为您想要的格式(即base64):
ebra@him:~/Android/Sdk/build-tools/30.0.3$ ./apksigner verify --print-certs -v ~/application.apk | grep 'certificate SHA-1' | cut -d ':' -f 2 | xxd -r -p | base64
5Ghy8os1C34fFA3lNcKo1YBPC+M=
输入完整命令并使用 apk 完整路径,它将为您提供所有详细信息
D:\Android_Sdk\build-tools\34.0.0>apksigner verify --print-certs -v C:\Users\xxxx\xxxxx\xxxxxx_UAT_F_2.6.14_106.apk
Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): false
Verified using v3.1 scheme (APK Signature Scheme v3.1): false
Verified using v4 scheme (APK Signature Scheme v4): false
Verified for SourceStamp: false
Number of signers: 1
Signer #1 certificate DN: CN=sampfe123412
Signer #1 certificate SHA-256 digest: 96b3b7885b0b711ab6c85978f2ed12afd77a969b12c439a7698d8ac0c4e405e7
Signer #1 certificate SHA-1 digest: f40606177c1058c768cd1e92710a04e12e466ca7
Signer #1 certificate MD5 digest: 11299ec77a402a1200594f0f5aca09fb
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 2048
Signer #1 public key SHA-256 digest: b471e69c3404dee1d1c7996a87d500c297626f7312462dcf2bd70ed6121cbad6
Signer #1 public key SHA-1 digest: fe40f2530abd179427fbef9efc721bea7ade9012
Signer #1 public key MD5 digest: 93df4cc57d2137a215b5f6de05da0588