-
查看Android打包时签名文件keystore的MD5值
有些SDK提供方需要我们提供打包APK时使用的包名和签名文件(xxxxxx.jks这个文件)MD5值,然后SDK服务端应该会进行比对保证商户调用的合法性。不然光靠包名是可以伪造的,怎么获取签名文件的MD5值?
方法一:
原先通过命令keytool -list -v -keystore test.jks 可以查看md5值,但是发现现在查看不了,只有SHA1和SHA256的
方法二:改成从androidstudio查看
在app的build.gradle中配置你们签名文件,怎么生成签名文件?
build-->Generate signed bundle\APK-->next -->Create new
android{
signingConfigs { release { keyAlias 'test' storePassword '666666' keyPassword '666666' storeFile file('E:\\test.jks') } debug { keyAlias 'test' storePassword '666666' keyPassword '666666' storeFile file('E:\\test.jks') } }}
右侧gradle Tasks里面双击signingReport就可以查看签名文件的MD5值了
方法三:从PackageInfo类中获取
- package com.chinapay.umsfacesdkdemo.utils;
- import android.content.Context;
- import android.content.pm.PackageInfo;
- import android.content.pm.PackageManager;
- import android.content.pm.Signature;
- import android.util.Log;
- import java.security.MessageDigest;
- import java.util.ArrayList;
- import java.util.HashMap;
- /**
- * 获取签名工具类
- */
- public class AppSigning {
- public final static String MD5 = "MD5";
- public final static String SHA1 = "SHA1";
- public final static String SHA256 = "SHA256";
- private static HashMap
- /**
- * 返回一个签名的对应类型的字符串
- *
- * @param context
- * @param type
- * @return 因为一个安装包可以被多个签名文件签名,所以返回一个签名信息的list
- */
- public static ArrayList
getSignInfo(Context context, String type) { - if (context == null || type == null) {
- return null;
- }
- String packageName = context.getPackageName();
- if (packageName == null) {
- return null;
- }
- if (mSignMap.get(type) != null) {
- return mSignMap.get(type);
- }
- ArrayList
mList = new ArrayList (); - try {
- Signature[] signs = getSignatures(context, packageName);
- for (Signature sig : signs) {
- String tmp = "error!";
- if (MD5.equals(type)) {
- tmp = getSignatureByteString(sig, MD5);
- } else if (SHA1.equals(type)) {
- tmp = getSignatureByteString(sig, SHA1);
- } else if (SHA256.equals(type)) {
- tmp = getSignatureByteString(sig, SHA256);
- }
- mList.add(tmp);
- }
- } catch (Exception e) {
- Log.e("e", e.getMessage());
- }
- mSignMap.put(type, mList);
- return mList;
- }
- /**
- * 获取签名sha1值
- *
- * @param context
- * @return
- */
- public static String getSha1(Context context) {
- String res = "";
- ArrayList
mlist = getSignInfo(context, SHA1); - if (mlist != null && mlist.size() != 0) {
- res = mlist.get(0);
- }
- return res;
- }
- /**
- * 获取签名MD5值
- *
- * @param context
- * @return
- */
- public static String getMD5(Context context) {
- String res = "";
- ArrayList
mlist = getSignInfo(context, MD5); - if (mlist != null && mlist.size() != 0) {
- res = mlist.get(0);
- }
- return res;
- }
- /**
- * 获取签名SHA256值
- *
- * @param context
- * @return
- */
- public static String getSHA256(Context context) {
- String res = "";
- ArrayList
mlist = getSignInfo(context, SHA256); - if (mlist != null && mlist.size() != 0) {
- res = mlist.get(0);
- }
- return res;
- }
- /**
- * 返回对应包的签名信息
- *
- * @param context
- * @param packageName
- * @return
- */
- private static Signature[] getSignatures(Context context, String packageName) {
- PackageInfo packageInfo = null;
- try {
- packageInfo = context.getPackageManager().getPackageInfo(packageName, PackageManager.GET_SIGNATURES);
- return packageInfo.signatures;
- } catch (Exception e) {
- Log.e("e", e.toString());
- }
- return null;
- }
- /**
- * 获取相应的类型的字符串(把签名的byte[]信息转换成16进制)
- *
- * @param sig
- * @param type
- * @return
- */
- private static String getSignatureString(Signature sig, String type) {
- byte[] hexBytes = sig.toByteArray();
- String fingerprint = "error!";
- try {
- MessageDigest digest = MessageDigest.getInstance(type);
- if (digest != null) {
- byte[] digestBytes = digest.digest(hexBytes);
- StringBuilder sb = new StringBuilder();
- for (byte digestByte : digestBytes) {
- sb.append((Integer.toHexString((digestByte & 0xFF) | 0x100)).substring(1, 3));
- }
- fingerprint = sb.toString();
- }
- } catch (Exception e) {
- Log.e("e", e.toString());
- }
- return fingerprint;
- }
- /**
- * 获取相应的类型的字符串(把签名的byte[]信息转换成 95:F4:D4:FG 这样的字符串形式)
- *
- * @param sig
- * @param type
- * @return
- */
- private static String getSignatureByteString(Signature sig, String type) {
- byte[] hexBytes = sig.toByteArray();
- String fingerprint = "error!";
- try {
- MessageDigest digest = MessageDigest.getInstance(type);
- if (digest != null) {
- byte[] digestBytes = digest.digest(hexBytes);
- StringBuilder sb = new StringBuilder();
- for (byte digestByte : digestBytes) {
- sb.append(((Integer.toHexString((digestByte & 0xFF) | 0x100)).substring(1, 3)).toUpperCase());
- sb.append(":");
- }
- fingerprint = sb.substring(0, sb.length() - 1).toString();
- }
- } catch (Exception e) {
- Log.e("e", e.toString());
- }
- return fingerprint;
- }
- }
调用上面的 String md5=AppSigning.getMD5(MainActivity.this)就可以了
-
相关阅读:
js原理及手写系列
【云原生Docker系列第三篇】Docker网络模式(在失去的所有人里,我最怀念自己 )
【毕业设计】 单片机自动写字机器人设计与实现 - 物联网 嵌入式 stm32
我们又组织了一次欧洲最大开源社区活动,Hugging Face 博客欢迎社区成员发帖、Hugging Chat 功能更新!...
python pytorch- TextCNN TextRNN FastText Transfermer (中英文)文本情感分类实战(附数据集,代码皆可运行)
VS Code 和 Python:数据科学的天作之合
【Linux】在Xilinx平台上实现UVC Gadget(1)
【学生个人网页设计作品】使用HMTL制作一个超好看的保护海豚动物网页
系列六、Java垃圾回收器主要有哪些?
OpenGL入门(四)之纹理Texture
- 原文地址:https://blog.csdn.net/figo0423/article/details/126176817