http://blog.csdn.net/wulianghuan/article/details/18400581
http://blog.csdn.net/wulianghuan/article/details/18400581
http://blog.csdn.net/wulianghuan/article/details/18400581
http://blog.csdn.net/wulianghuan/article/details/18400581
获取APK的签名信息
- private String showUninstallAPKSignatures(String apkPath) {
- String PATH_PackageParser = "android.content.pm.PackageParser";
- try {
- // apk包的文件路径
- // 这是一个Package 解释器, 是隐藏的
- // 构造函数的参数只有一个, apk文件的路径
- // PackageParser packageParser = new PackageParser(apkPath);
- Class pkgParserCls = Class.forName(PATH_PackageParser);
- Class[] typeArgs = new Class[1];
- typeArgs[0] = String.class;
- Constructor pkgParserCt = pkgParserCls.getConstructor(typeArgs);
- Object[] valueArgs = new Object[1];
- valueArgs[0] = apkPath;
- Object pkgParser = pkgParserCt.newInstance(valueArgs);
- MediaApplication.logD(DownloadApk.class, "pkgParser:" + pkgParser.toString());
- // 这个是与显示有关的, 里面涉及到一些像素显示等等, 我们使用默认的情况
- DisplayMetrics metrics = new DisplayMetrics();
- metrics.setToDefaults();
- // PackageParser.Package mPkgInfo = packageParser.parsePackage(new
- // File(apkPath), apkPath,
- // metrics, 0);
- typeArgs = new Class[4];
- typeArgs[0] = File.class;
- typeArgs[1] = String.class;
- typeArgs[2] = DisplayMetrics.class;
- typeArgs[3] = Integer.TYPE;
- Method pkgParser_parsePackageMtd = pkgParserCls.getDeclaredMethod("parsePackage",
- typeArgs);
- valueArgs = new Object[4];
- valueArgs[0] = new File(apkPath);
- valueArgs[1] = apkPath;
- valueArgs[2] = metrics;
- valueArgs[3] = PackageManager.GET_SIGNATURES;
- Object pkgParserPkg = pkgParser_parsePackageMtd.invoke(pkgParser, valueArgs);
- typeArgs = new Class[2];
- typeArgs[0] = pkgParserPkg.getClass();
- typeArgs[1] = Integer.TYPE;
- Method pkgParser_collectCertificatesMtd = pkgParserCls.getDeclaredMethod("collectCertificates",
- typeArgs);
- valueArgs = new Object[2];
- valueArgs[0] = pkgParserPkg;
- valueArgs[1] = PackageManager.GET_SIGNATURES;
- pkgParser_collectCertificatesMtd.invoke(pkgParser, valueArgs);
- // 应用程序信息包, 这个公开的, 不过有些函数, 变量没公开
- Field packageInfoFld = pkgParserPkg.getClass().getDeclaredField("mSignatures");
- Signature[] info = (Signature[]) packageInfoFld.get(pkgParserPkg);
- MediaApplication.logD(DownloadApk.class, "size:"+info.length);
- MediaApplication.logD(DownloadApk.class, info[0].toCharsString());
- return info[0].toCharsString();
- } catch (Exception e) {
- e.printStackTrace();
- }
- return null;
- }
获取程序自身的签名:
- private String getSign(Context context) {
- PackageManager pm = context.getPackageManager();
- List<PackageInfo> apps = pm.getInstalledPackages(PackageManager.GET_SIGNATURES);
- Iterator<PackageInfo> iter = apps.iterator();
- while(iter.hasNext()) {
- PackageInfo packageinfo = iter.next();
- String packageName = packageinfo.packageName;
- if (packageName.equals(instance.getPackageName())) {
- MediaApplication.logD(DownloadApk.class, packageinfo.signatures[0].toCharsString());
- return packageinfo.signatures[0].toCharsString();
- }
- }
- return null;
对比2个方法的返回值来判断APK升级包的签名是否一致,一致就提示可以安装。
2.获取指定已安装完整签名信息,包括MD5指纹:
- public void getSingInfo() {
- try {
- PackageInfo packageInfo = getPackageManager().getPackageInfo("com.sina,weibo", PackageManager.GET_SIGNATURES);
- Signature[] signs = packageInfo.signatures;
- Signature sign = signs[0];
- parseSignature(sign.toByteArray());
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- public void parseSignature(byte[] signature) {
- try {
- CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
- X509Certificate cert = (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(signature));
- String pubKey = cert.getPublicKey().toString();
- String signNumber = cert.getSerialNumber().toString();
- System.out.println("signName:" + cert.getSigAlgName());
- System.out.println("pubKey:" + pubKey);
- System.out.println("signNumber:" + signNumber);
- System.out.println("subjectDN:"+cert.getSubjectDN().toString());
- } catch (CertificateException e) {
- e.printStackTrace();
- }
- }
3.如何查看指定证书的指纹
D:>keytool -list -alias 在导出时程序的别名(-alias 这个命令,好像不用也行,没有试,反正我一直都在使用) -keystore tangshan.keystore(导出时使用的证书名称) -storepass 123456-keypass 123456 出的结果为: 在导出时程序的别名, 2011-7-29, PrivateKeyEntry, 认证指纹 (MD5): 90:13:AF:46:0A:DC:5C:6C:77:0E:AA:AF:DA:8A:AB:72