署名认证相关知识
命令:
生成keystone(存放一组证书和私钥的地方)
keytool -genkey -alias(别名) hello -keyalg RSA -validity 20000 -keystore hello.keystore
查看keystore 信息
keytool -list -v -keystore hello.keystore -storepass 123456
缺省情况下,-list 命令打印证书的 MD5 指纹。而如果指定了 -v 选项,将以可读格式打印证书,如果指定了 -rfc 选项,将以可打印的编码格式输出证书。
keytool -list -rfc -keystore hello.keystore -storepass 123456
证书的导出:
keytool -export -alias test -keystore hello.keystore -file test.crt -storepass 123456
证书的导入
keytool -import -alias rootcert -file root.crt -keystore hello.keystore
证书条目的删除:
keytool -delete -alias ceatecert1 -keystore .keystore -storepass 123456
使用jdk的jarsigner工具对apk文件签名
jarsigner -verbose -keystore hello.keystore TestApk.apk test
签名后可以使用如下命令验证是否签名成功:
jarsigner -verify to_sign.apk
如果需要查看更详细的验证信息,可修改为:
jarsigner -certs -verbose -verify to_sign.apk
获取证书信息相关方法:
package com.nec.test;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import android.app.Activity;
import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageParser;
import android.os.Bundle;
import android.os.Environment;
import android.util.DisplayMetrics;
import android.util.Log;
public class TestApkActivity extends Activity {
/** Called when the activity is first created. */
private static final String FILENAME = "cacerts.bks";
private static final String FILENAME_CERT = "ca.crt"; //test.crt \ ca.crt
private List<PublicKey> listKey = new ArrayList<PublicKey>();
private File file;
static final String IN_FILE_NAME = "c:\\Documents and Settings\\2172980000522\\TestApk.apk";
static final String OUT_FILE_NAME = "c:\\Documents and Settings\\2172980000522\\TestApk.Zip";
private final static String PATH = "/sdcard/fcding.apk"; // TestApk.apk
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
// readCacerts(FILENAME);
try {
readCert(FILENAME_CERT);
} catch (Exception e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
}
TestApkActivity activity = new TestApkActivity();
PackageInfo pi = activity.parsePackage(PATH, PackageManager.GET_SIGNATURES);
String issuerDN = null;
String subjectDN = null;
String publickey = null;
try {
byte[] signature = pi.signatures[0].toByteArray();
// String hash = md5(signature);
CertificateFactory certFactory =
CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)
certFactory.generateCertificate(
new ByteArrayInputStream(signature));
issuerDN = cert.getIssuerDN().toString();
Log.d("TRACK", issuerDN);
subjectDN = cert.getSubjectDN().toString();
Log.d("TRACK", subjectDN);
publickey = cert.getPublicKey().toString();
Log.d("TRACK", publickey);
System.out.println("====================++++++++++++++++++++"+listKey.contains(cert.getPublicKey()) );
} catch (CertificateException e) {
e.printStackTrace();
}
}
private PackageInfo parsePackage(String archiveFilePath, int flags){
PackageParser packageParser = new PackageParser(archiveFilePath);
DisplayMetrics metrics = new DisplayMetrics();
metrics.setToDefaults();
final File sourceFile = new File(archiveFilePath);
PackageParser.Package pkg = packageParser.parsePackage(
sourceFile, archiveFilePath, metrics, 0);
if (pkg == null) {
return null;
}
packageParser.collectCertificates(pkg, 0);
return PackageParser.generatePackageInfo(pkg, null, flags, 0, 0);
}
private void readCert(String fileName) throws Exception{
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream in = getAssets().open(fileName);
Certificate c = cf.generateCertificate(in);
PublicKey publicKey = c.getPublicKey();
listKey.add(publicKey);
System.out.println("********---------------**********"+publicKey.toString());
} catch (Exception e) {
e.printStackTrace();
}
}
private void readCacerts(String filename) {
try {
InputStream inputStream = getAssets().open(filename);
KeyStore keyStore = KeyStore.getInstance("bks");
keyStore.load(inputStream, null);
file = new File(Environment.getExternalStorageDirectory(), "a.txt");
getApplication().openFileOutput("a.txt", Context.MODE_APPEND);
FileOutputStream outputStream = new FileOutputStream(file);
copyStream(keyStore, outputStream);
Log.i(TAG, "File create Success");
} catch (Exception e) {
e.printStackTrace();
}
}
private void copyStream(KeyStore keyStore, OutputStream fileOutputStream)
throws Exception {
Enumeration<String> enumeration = keyStore.aliases();
while (enumeration.hasMoreElements()) {
String element = enumeration.nextElement();
Certificate certificate = keyStore.getCertificate(element);
listKey.add(certificate.getPublicKey());
String content = certificate.toString();
System.out.println("================"+content);
fileOutputStream.write(content.getBytes());
}
}
}
http://www.blogjava.net/zh-weir/archive/2011/07/19/354663.html
APk 签名 调用隐藏包