1. View keystore
$ keytool -list -v -keystore debug.keystore
$ keytool -list -v -keystore debug.keystore
Enter keystore password:
************************ WARNING WARNING WARNING *************** **
* The integrity of the information stored in your keystore *
* has NOT been verified! In order to verify its integrity, *
* you must provide your keystore password. *
************************ WARNING WARNING WARNING **************** *
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias ??name: androiddebugkey
Creation date: Apr 8, 2015
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
< p>Owner: CN=Android Debug, O=Android, C=USIssuer: CN=Android Debug, O=Android, C=US
Serial number: 509aeb88
Valid from: Wed Apr 08 20:48:48 CST 2015 until: Fri Mar 31 20:48:48 CST 2045
Certificate fingerprints:
MD5: 38 :43:E1:B6:AB:F2:7F:80:93:CD:E5:EF:75:B9:A5:6C
SHA1: 9D:53:DB:6C:DA:D4 :08:B3:D4:A6:E5:26:17:BD:80:FA:5A:E4:4F:AB
SHA256: D5:FF:04:4A:A2:F8:A4 :EA:2A:44:53:28:0C:20:16:45:E8:71:AC:B1:74:76:F6:B4:01:90:86:83:73:E0:B0:8A
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false< /p>
SubjectKeyIdentifier [
KeyIdentifier [
0000: B2 FF B2 0D 9C 54 BA BA A2 EF E3 BA E2 47 90 7F .....T.. .....G..
0010: 17 8A 35 A8 ..5.
]
]
** *******************************************
2. Check the signatures of third-party applications or system applications
Open the apk to be viewed, extract the META-INF folder and get the CERT.RSA file
$ keytool -printcert - file META-INF/CERT.RSA
Open the apk to be viewed, extract the META-INF folder and get the CERT.RSA file
$ keytool -printcert - file META-INF/CERT.RSA
Owner: CN=Android Debug, O=Android, C=US
Issuer: CN=Android Debug, O=Android, C=US
Serial number: 514ab2e1
Valid from: Thu Mar 21 15:12:33 CST 2013 until: Sat Mar 14 15:12:33 CST 2043
Certificate fingerprints:
MD5: E0:F4:90:EE:CD:77:17:0E:B8:C4:AC:64:B2:F6:FC:83
SHA1: 7F:E5:11:D8:37:4F:DA:D7:75:EA:A5:8C:47:06:85:95:6D:1D:3F:2B
Signature algorithm name: SHA1withRSA
Version: 3
3. Sign the blank package (note the alias value)
jarsigner -verbose -keystore [keystorePath] -signedjar [apkOut ] [apkIn] [alias]
jarsigner command format: -verbose output details -keystore keystore location -signedjar file to be generated file to be signed keystore file
The keystorePath parameter represents the absolute path of the keyStore, such as D:\keystore
The apkOut parameter represents the signed apk path, such as D:\signed.apk
The apkin parameter represents the Tencent Application Center The default name of the downloaded unsigned apk is tap_unsign.apk
The alias parameter represents the alias name used for signing (filled in when creating the keyStore), such as timdong
$ jarsigner -verbose -keystore debug.keystore -signedjar test2.apk tap_unsign1.apk timdong
Enter Passphrase for keystore:
adding: META-INF/MANIFEST.MF
adding: META -INF/ANDROIDD.SF
adding: META-INF/ANDROIDD.RSA
signing: res/drawable/ic_launcher.png
signing: res/layout /main.xml
signing: AndroidManifest.xml
signing: resources.arsc
signing: classes.dex