How to find signature of apk file?

前端 未结 4 501
长发绾君心
长发绾君心 2021-02-08 09:31

What\'s the easiest way to find signature of an apk file? Please note that I\'m not asking about code. I just want to find it from my pc. Signature like this one 975yYkKAQF+KST7

相关标签:
4条回答
  • 2021-02-08 09:52

    https://github.com/warren-bank/print-apk-signature

    ex: print-apk-signature ./file.apk SHA-1

    0 讨论(0)
  • 2021-02-08 09:58
    Signature[] sigs = context.getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;
    for (Signature sig : sigs)
    {
        Trace.i("MyApp", "Signature hashcode : " + sig.hashCode());
    }
    

    http://developer.android.com/reference/android/content/pm/PackageManager.html

    this might help

    First, unzip the APK and extract the file /META-INF/ANDROID_.RSA (this file may also be CERT.RSA, but there should only be one .RSA file).

    Then issue this command:

    keytool -printcert -file ANDROID_.RSA You will get certificate fingerprints like this:

     MD5:  B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB
     SHA1: 16:59:E7:E3:0C:AA:7A:0D:F2:0D:05:20:12:A8:85:0B:32:C5:4F:68
     Signature algorithm name: SHA1withRSA
    

    Then use the keytool again to print out all the aliases of your signing keystore:

    keytool -list -keystore my-signing-key.keystore You will get a list of aliases and their certificate fingerprint:

    android_key, Jan 23, 2010, PrivateKeyEntry, Certificate fingerprint (MD5): B3:4F:BE:07:AA:78:24:DC:CA:92:36:FF:AE:8C:17:DB Voila! we can now determined the apk has been signed with this keystore, and with the alias 'android_key'.

    Keytool is part of Java, so make sure your PATH has Java installation dir in it.

    How do I find out which keystore was used to sign an app?

    0 讨论(0)
  • $ $ANDROID_SDK/build-tools/$BUILD_TOOLS_VERSION/apksigner verify --print-certs -v $APK_FILE
    

    Example:

    $ /Users/hborders/android/build-tools/29.0.2/apksigner verify --print-certs -v ~/Desktop/my-apk.apk
    
    Verifies
    Verified using v1 scheme (JAR signing): true
    Verified using v2 scheme (APK Signature Scheme v2): true
    Verified using v3 scheme (APK Signature Scheme v3): false
    Number of signers: 1
    Signer #1 certificate DN: CN=Bob Smith, OU=Acme, O=Acme, L=San Francisco, ST=California, C=US
    Signer #1 certificate SHA-256 digest: f1f2f3f3f21f26a67s76a6a76a76a76a76a67c78c8c78c709c90c90c09932451
    Signer #1 certificate SHA-1 digest: 839103847abdefcbade123713957358920
    Signer #1 certificate MD5 digest: 182831983712923f2e2e2f2a2c2fbc25
    Signer #1 key algorithm: RSA
    Signer #1 key size (bits): 1024
    Signer #1 public key SHA-256 digest: 8acaca8cabcaabdadc8cc99cc695ace47aec4c747c746c476cae4657c47c4765
    Signer #1 public key SHA-1 digest: b11bca4123bea24befbe5b8be9768ef078
    

    apksigner is part of the Android SDK in the build-tools directory. It's the tool print-apk-signature uses.

    0 讨论(0)
  • 2021-02-08 10:06

    You can use Java 7’s Key and Certificate Management Tool ( keytool) to get the signature of app. Run bellow command

    keytool -printcert -jarfile app-release.apk
    

    You can also get Signature of a Keystore please check this post: How we can check SHA1 or Signature of APK and Keystore file

    0 讨论(0)
提交回复
热议问题