Android应用签名
本文主要记录下自己在平时用到的android应用签名相关的一些方法.
1: apk文件获取PackageInfo
public static PackageInfo getPackageInfo(Context c, File pkgFile, int flag) {
try {
PackageInfo pi = c.getPackageManager().getPackageArchiveInfo(pkgFile.getAbsolutePath(), flag);
return pi;
} catch (Throwable throwable) {
Log.e("xxxxx", "getPackageInfo: ", throwable);
}
return null;
}
使用该方法需要传入一个APK文件,然后返回一个PackageInfo对象,该对象包含了APK文件的详细信息,包括包名、版本号、应用名称、图标等信息。
flags:标志位,用于指定要获取的信息类型,例如版本号、签名等。
2: 根据包名获取PackageInfo
public static PackageInfo getPackageInfo(Context c, String pkgName, int flag) {
try {
return c.getPackageManager().getPackageInfo(pkgName, flag);
} catch (Throwable e) {
Log.e("xxxxx", "getPackageInfo: ", throwable);
}
return null;
}
使用该方法需要传入指定包名。
3: 获取getSHA1
public static String getSHA1(byte[] sig) {
final char[] hexArray = "0123456789ABCDEF".toCharArray();
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
byte[] digest = md.digest(sig);
char[] hexChars = new char[digest.length * 2];
for (int j = 0; j < digest.length; j++) {
int v = digest[j] & 0xFF;
hexChars[j * 2] = hexArray[v >>> 4];
hexChars[j * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars);
} catch (Throwable e) {
Log.e("xxxxx", "getSHA1: ", throwable);
}
return "";
}
4: 对比两个应用的签名是否一致
/**
* @param currentPkg
* @param comparePkg
* @return true: 签名一致
*/
public static boolean compareSign(PackageInfo currentPkg, PackageInfo comparePkg) {
try {
Signature[] sign1 = currentPkg.signatures;
Signature[] sign2 = comparePkg.signatures;
byte[] bytes = sign1[0].toByteArray();
byte[] bytes1 = sign2[0].toByteArray();
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] digest1 = md.digest(bytes);
byte[] digest2 = md.digest(bytes1);
return Arrays.equals(digest1, digest2);
} catch (Throwable e) {
Log.e("xxxxx", "compareSign: ", e);
}
return true;
}