【Android】一个获取Android应用签名摘要的App工具
将APK发布到应用商店或接入第三方的SDK时,有时需要提供APK的签名摘要信息,可以通过摘要算法MD5或SHA-1来获取签名的摘要,除了获取自己的APK签名,也可以获取手机上其他已安装的APK签名,只需要传入其他APK的包名即可.
private static final char[] HEX_CHAR = {
'0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
};
/** 获取签名的MD5摘要 */
public String[] signatureDigest() {
pkgInfo = mContext.getPackageManager().getPackageInfo(
mContext.getPackageName(), PackageManager.GET_SIGNATURES);
int length = pkgInfo.signatures.length;
String[] digests = new String[length];
for (int i = 0; i < length; ++i) {
Signature sign = mPkgInfo.signatures[i];
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] digest = md5.digest(sign.toByteArray()); // get digest with md5 algorithm
digests[i] = toHexString(digest);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
digests[i] = null;
}
}
return digests;
}
/** 将字节数组转化为对应的十六进制字符串 */
private String toHexString(byte[] rawByteArray) {
char[] chars = new char[rawByteArray.length * 2];
for (int i = 0; i < rawByteArray.length; ++i) {
byte b = rawByteArray[i];
chars[i*2] = HEX_CHAR[(b >>> 4 & 0x0F)];
chars[i*2+1] = HEX_CHAR[(b & 0x0F)];
}
return new String(chars);
}
应用示例如下,输入手机上已安装的Apk包名(自动提示会列出匹配的所有包名),显示该Apk的签名MD5摘要:
完整代码可以从github上获取,Apk包可以在这里获取。
How to get app signature?|StackOverFlow 这篇文章提供了获取APK签名和证书的示例代码.
获取指定包名的APK签名,并输出签名的hash值:
Signature[] sigs = context.getPackageManager().getPackageInfo(
context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;
for (Signature sig : sigs){
Log.i("MyApp", "Signature hashcode : " + sig.hashCode());
}
获取已安装的APK的签名,并从签名中生成X.509证书信息.
final PackageManager packageManager = context.getPackageManager();
final List packageList = packageManager.getInstalledPackages(PackageManager.GET_SIGNATURES);
for (PackageInfo p : packageList) {
final String strName = p.applicationInfo.loadLabel(packageManager).toString();
final String strVendor = p.packageName;
sb.append("
" + strName + " / " + strVendor + "
");
final Signature[] arrSignatures = p.signatures;
for (final Signature sig : arrSignatures) {
/*
* Get the X.509 certificate.
*/
final byte[] rawCert = sig.toByteArray();
InputStream certStream = new ByteArrayInputStream(rawCert);
final CertificateFactory certFactory;
final X509Certificate x509Cert;
try {
certFactory = CertificateFactory.getInstance("X509");
x509Cert = (X509Certificate) certFactory.generateCertificate(certStream);
sb.append("Certificate subject: " + x509Cert.getSubjectDN() + "
");
sb.append("Certificate issuer: " + x509Cert.getIssuerDN() + "
");
sb.append("Certificate serial number: " + x509Cert.getSerialNumber() + "
");
sb.append("
");
}
catch (CertificateException e) {
// e.printStackTrace();
}
}
}