Current location - Quotes Website - Signature design - How to check the signature of apk keystore
How to check the signature of apk keystore

1. View keystore

$ keytool -list -v -keystore debug.keystore

$ keytool -list -v -keystore debug.keystore

Enter keystore password:

************************ WARNING WARNING WARNING *************** **

* The integrity of the information stored in your keystore *

* has NOT been verified! In order to verify its integrity, *

* you must provide your keystore password. *

************************ WARNING WARNING WARNING **************** *

Keystore type: JKS

Keystore provider: SUN

Your keystore contains 1 entry

Alias ??name: androiddebugkey

Creation date: Apr 8, 2015

Entry type: PrivateKeyEntry

Certificate chain length: 1

Certificate[1]:

< p>Owner: CN=Android Debug, O=Android, C=US

Issuer: CN=Android Debug, O=Android, C=US

Serial number: 509aeb88

Valid from: Wed Apr 08 20:48:48 CST 2015 until: Fri Mar 31 20:48:48 CST 2045

Certificate fingerprints:

MD5: 38 :43:E1:B6:AB:F2:7F:80:93:CD:E5:EF:75:B9:A5:6C

SHA1: 9D:53:DB:6C:DA:D4 :08:B3:D4:A6:E5:26:17:BD:80:FA:5A:E4:4F:AB

SHA256: D5:FF:04:4A:A2:F8:A4 :EA:2A:44:53:28:0C:20:16:45:E8:71:AC:B1:74:76:F6:B4:01:90:86:83:73:E0:B0:8A

Signature algorithm name: SHA256withRSA

Version: 3

Extensions:

#1: ObjectId: 2.5.29.14 Criticality=false< /p>

SubjectKeyIdentifier [

KeyIdentifier [

0000: B2 FF B2 0D 9C 54 BA BA A2 EF E3 BA E2 47 90 7F .....T.. .....G..

0010: 17 8A 35 A8 ..5.

]

]

** *******************************************

2. Check the signatures of third-party applications or system applications

Open the apk to be viewed, extract the META-INF folder and get the CERT.RSA file

$ keytool -printcert - file META-INF/CERT.RSA

Open the apk to be viewed, extract the META-INF folder and get the CERT.RSA file

$ keytool -printcert - file META-INF/CERT.RSA

Owner: CN=Android Debug, O=Android, C=US

Issuer: CN=Android Debug, O=Android, C=US

Serial number: 514ab2e1

Valid from: Thu Mar 21 15:12:33 CST 2013 until: Sat Mar 14 15:12:33 CST 2043

Certificate fingerprints:

MD5: E0:F4:90:EE:CD:77:17:0E:B8:C4:AC:64:B2:F6:FC:83

SHA1: 7F:E5:11:D8:37:4F:DA:D7:75:EA:A5:8C:47:06:85:95:6D:1D:3F:2B

Signature algorithm name: SHA1withRSA

Version: 3

3. Sign the blank package (note the alias value)

jarsigner -verbose -keystore [keystorePath] -signedjar [apkOut ] [apkIn] [alias]

jarsigner command format: -verbose output details -keystore keystore location -signedjar file to be generated file to be signed keystore file

The keystorePath parameter represents the absolute path of the keyStore, such as D:\keystore

The apkOut parameter represents the signed apk path, such as D:\signed.apk

The apkin parameter represents the Tencent Application Center The default name of the downloaded unsigned apk is tap_unsign.apk

The alias parameter represents the alias name used for signing (filled in when creating the keyStore), such as timdong

$ jarsigner -verbose -keystore debug.keystore -signedjar test2.apk tap_unsign1.apk timdong

Enter Passphrase for keystore:

adding: META-INF/MANIFEST.MF

adding: META -INF/ANDROIDD.SF

adding: META-INF/ANDROIDD.RSA

signing: res/drawable/ic_launcher.png

signing: res/layout /main.xml

signing: AndroidManifest.xml

signing: resources.arsc

signing: classes.dex