Android 签名信息读取

阅读更多

public void getSingInfo() {     

try { 

         PackageManager manager=getPackageManager()

         PackageInfo packageInfo=manager.getPackageInfo(getPackageName(),                      PackageManager.GET_SIGNATURES);

         Signature[] signs = packageInfo.signatures;     

         Signature sign = signs[0];        

         return parseSignature(sign.toByteArray());

} catch (Exception e) {       

        e.printStackTrace();    

        return null;

}  
}

public static String parseSignature(byte[] signature) { 

try {           

           CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 

           X509Certificate cert = (X509Certificate) certFactory.generateCertificate(new                                                   ByteArrayInputStream(signature));     

           String pubKey = cert.getPublicKey().toString();      

           String signNumber = cert.getSerialNumber().toString();      

       System.out.println("signName:" + cert.getSigAlgName()); 

System.out.println("pubKey:" + pubKey);    
System.out.println("signNumber:" + signNumber);           
System.out.println("subjectDN:"+cert.getSubjectDN().toString());

} catch (CertificateException e) {        
          e.printStackTrace();     
          return null;
} 
}

获取到以上信息可以用来做签名比对。


非android环境下获取签名信息：

private char[] toChars(byte[] mSignature) {

   byte[] sig = mSignature;

   final int N = sig.length;

   final int N2 = N*2;

   char[] text = new char[N2];

  
   for(int j=0;j
    byte v = sig[j];

    int d = (v>>4)&0xf;

    text[j*2] = (char)(d >= 10 ? ('a' + d - 10) : ('0' + d));

    d = v&0xf;

    text[j*2+1] = (char)(d >= 10 ? ('a' + d - 10) : ('0' + d));
}

   return text;

}

private java.security.cert.Certificate[] loadCertificates(JarFile jarFile, JarEntry je, byte[] readBuffer) {

try {

InputStream is = jarFile.getInputStream(je);

while(is.read(readBuffer,0,readBuffer.length)!=-1) {

}

is.close();

return (java.security.cert.Certificate[])(je!=null?je.getCertificates():null);

} catch (Exception e) {

e.printStackTrace();

System.err.println("Exception reading "+je.getName()+" in "+jarFile.getName()+": "+e);

}

return null;

}

public String getApkSignInfo(String apkFilePath){

byte[] readBuffer = new byte[8192];

java.security.cert.Certificate[] certs = null;

try{

JarFile jarFile = new JarFile(apkFilePath);

Enumeration entries = jarFile.entries();

while(entries.hasMoreElements()){

JarEntry je = (JarEntry)entries.nextElement();

   if(je.isDirectory()){

       continue;

   }

   if(je.getName().startsWith("META-INF/")){

    continue;

   }

   java.security.cert.Certificate[] localCerts = loadCertificates(jarFile,je,readBuffer);

   System.out.println("File " + apkFilePath + " entry " + je.getName()+ ": certs=" + certs + " ("+ (certs != null ? certs.length : 0) + ")");

   if (certs == null) {

   certs = localCerts;

}else{

for(int i=0; i
   boolean found = false;

   for (int j = 0; j < localCerts.length; j++) {

    if (certs[i] != null && certs[i].equals(localCerts[j])) {

     found = true;

     break;

       }

   }

   if (!found || certs.length != localCerts.length) {

     jarFile.close();

     return null;

   }

}

}

}

jarFile.close();

return new String(toChars(certs[0].getEncoded()));

}catch(Exception e){

e.printStackTrace();

}

return null;

}