1. Add system permissions in the configuration file: Android: shareduserid = "android.uid.system".
2. Get the character information of the signature information:
String signature _ key =
Try {
package info package info = context . getpackagemanager()。 getPackageInfo(pkgName,
PackageManager。 Get _ signature);
Signature [] Signature =
packageInfo.signatures
SignatureKey.parseSignature (signature [0]). toByteArray());
} catch(NameNotFoundException e){
e . printstacktrace();
} catch (NullPointerException e) {
e . printstacktrace();
}
(1). where, packageInfo gets the signature information string of the specified package name. One more thing: in programs, we usually use
List list =
mpackagemanager . getinstalledpackages(0); Get all the information of the installation package, including the application name, package name and size. ....
(2).
Where []signatures is a string array of stored signatures. We usually use the first signature [0] as the signature information of the application. There is a question here, why do you get an array list of strings instead of a string? Some developers use:
StringBuilder builder = new StringBuilder();
Used for (signature: signature
){
builder . append(sign . tocharsstring());
builder . append("/n ");
} Get all the signature information. I verified it here, and signed it.
The length of is 1, so the signature information of the specified apk is signatures[0].
As for the second method, it remains to be discovered.
3. Get the MD5 value of the signature
Public static final string getmd5string (byte [] paramaryofbyte)
{
char[] asciiTable = { 48,49,50,5 1,52,53,54,55,56,57,
97, 98, 99, 100, 10 1, 102 }; Coding of numbers and characters corresponding to ASCII table
attempt
{
MessageDigest md5MessageDigest =
message digest . getinstance(" MD5 ");
MD5 messagedigest . update(paramArrayOfByte); //
Byte []
temp byte = MD 5 messagedigest . digest();
int i =
tempByte.length
char[] tempChar = new char[i *
2];
int j = 0;
int k =
0;
while (true) { //
Converts a binary array into a string.
if(j & gt; = i)
{
Return a new
string(tempChar);
}
int m
= tempByte[j];
int n = k +
1;
tempChar[k]= ascii table[(0xF & amp; m & gt& gt& gt
4)];
k = n +
1;
tempChar[n]= ascii table[(m & amp;
0xF)];
j++;
}
}
Capture (exception e)
{
e . printstacktrace();
}
return
null
}
(1). This parameter is the signed byte array obtained in the previous step.
4. Obtain the public key, signature algorithm and signature serial number.
Public static void parseSignature(byte[] signature)
{
attempt
{
Certified factory
Certificate factory =
certificate factory . getinstance(" x . 509 ");
x509 certificate cert =(x509 certificate)cert factory . generate certificate(new
ByteArrayInputStream (signature));
String public key =
cert.getPublicKey()。 toString(); //public key
String symbol number =
cert.getSerialNumber()。 toString();
system . out . println(" sign name:"+
cert . getsigalgname()); //Algorithm name
System.out.println("pubKey:" +
pubKey);
system . out . println(" sign number:"+
sign number); //certificate serial number
system . out . println(" subjectDN:"+cert . get subjectDN()。 toString());
} catch (certificate exception e)
{
e . printstacktrace();
}
}
5. Check the signature information of APK by computer.
View signatures of third-party applications or system applications.
Open the apk to be viewed with winrar, unzip the META-INF folder, and obtain the certificate. RSA file.
1.keytool
-printcert -file meta INF/CERT. Republic of South Africa (Republic of South Africa)
The command is: keytool -printcert -file
Path of < lt signature file RSA >;
2. jarsigner-verify-verbose-certs superuser. apk
This project failed verification.