网上方法很多,但是网上很多代码不是到获取Signature就终止了,就是获取的MD5和实际值不一样。反编译了腾讯的一个工具apk,修改了下代码,获取的MD5值和实际应用值一样,可以直接用了。
1.命令行获取keystore的签名值,和之后代码获取的值对比,看是否一样。
keytool -list -v -keystore keystore.keystore
2.根据包名获取签名Signature[],这里的代码比网上好多获取所有包,然后遍历包名是否一样好多了。
private Signature[] getRawSignature(Context context, String packageName) {
if (packageName == null || packageName.length() == 0) {
return null;
}
try {
PackageInfo info = context.getPackageManager().getPackageInfo(packageName, PackageManager.GET_SIGNATURES);
if (info != null) {
return info.signatures;
}
//errout("info is null, packageName = " + packageName);
return null;
} catch (PackageManager.NameNotFoundException e) {
//errout("NameNotFoundException");
return null;
}
}
3.获取签名的MD5值
//获取原始签名
Signature[] signs = getRawSignature(context, Constants.PackageName);
try {
//获取原始签名MD5
String signValidString = getSignValidString(signs[0].toByteArray());
}
catch (Exception e) {
}
private static String getSignValidString( byte[] paramArrayOfByte) throws NoSuchAlgorithmException {
MessageDigest localMessageDigest = MessageDigest.getInstance("MD5");
localMessageDigest.update(paramArrayOfByte);
return toHexString(localMessageDigest.digest());
}
public static String toHexString(byte[] paramArrayOfByte) {
if (paramArrayOfByte == null) {
return null;
}
StringBuilder localStringBuilder = new StringBuilder(2 * paramArrayOfByte.length);
for (int i = 0; ; i++) {
if (i >= paramArrayOfByte.length) {
return localStringBuilder.toString();
}
String str = Integer.toString(0xFF & paramArrayOfByte[i], 16);
if (str.length() == 1) {
str = "0" + str;
}
localStringBuilder.append(str);
}
}
5.对比下看getSign返回值是否和第一步keytool命令行的md5是否一样
附加个签名命令行:
jarsigner -verbose -keystore keystore.keystore -signedjar apk_signed.apk app-debug.apk mykey
网友评论