http://www.zhihu.com/question/20749413
http://www.cnblogs.com/tanlon/archive/2012/07/09/2583661.html
http://blog.csdn.net/wulianghuan/article/details/18400581
原理: 1、签名过的包会在apk中生成META-INF文件夹,并创建CERT.RSA、CERT.SF、MANIFEST.MF
* 3个文件,其中CERT.SF、MANIFEST.MF文件保存了对apk中文件的SHA1数字签名,
* 那么在apk安装校验时,改变后的文件摘要信息与MANIFEST.MF的检验信息不同,于是程序就不能成功安装。
* 2、在安装时只能使用公钥才能解密它。解密之后,将它与未加密的摘要信息进行对比,如果相符,则表明内容没有被异常修改。
* 3、生成MANIFEST.MF没有使用密钥信息,生成 CERT.SF 文件使用了私钥文件。
* 那么我们可以很容易猜测到,CERT.RSA文件的生成肯定和公钥相关。CERT.RSA文件中保存了公钥、所采用的加密算法等信息。
* 4、Android签名机制不能阻止APK包被修改,但修改后的再签名无法与原先的签名保持一致。
* 5、APK包加密的公钥就打包在APK包内,且不同的私钥对应不同的公钥
* 。换句话言之,不同的私钥签名的APK公钥也必不相同。所以我们可以根据公钥的对比, 来判断私钥是否一致。
方式一(需要知道keystore)
-------------------------------------------------------------------------------------------------------------------------
当前路径下包含用于对app签名的test.keystore文件,且keystore密码为123456,别名为openapi,别名密码为6543(http://sourceforge.net/directory/os:windows/freshness:recently-updated/?q=md5 )
keytool -exportcert -alias openapi -keypass 654321 -keystore ./test.keystore -storepass 123456 | md5sum
keytool -list -v -keystore keystorefile -storepass 123456
-------------------------------------------------------------------------------------------------------------------------
方式二
-------------------------------------------------------------------------------------------------------------------------
假定安装了JDK,如果想查HelloWorld.apk所使用的签名的fingerprint,可以这样做:
1. 查找apk里的rsa文件
(Windows)
> jar tf HelloWorld.apk |findstr RSA
(Linux)
$ jar tf HelloWorld.apk |grep RSA
META-INF/CERT.RSA
2. 从apk中解压rsa文件
jar xf HelloWorld.apk META-INF/CERT.RSA
3. 获取签名的fingerprints
keytool -printcert -file META-INF/CERT.RSA
...
Certificate fingerprints:
MD5: BC:6D:BD:6E:49:69:2A:57:A8:B8:28:89:04:3B:93:A8
SHA1: 0D:DF:76:F4:85:96:DF:17:C2:68:1D:3D:FF:9B:0F:D2:A1:CF:14:60
Signature algorithm name: SHA1withRSA
Version: 3
...
4. 清理工作,删除rsa文件
(Windows)
rmdir /S /Q META-INF
(Linux)
rm -rf META-INF
如果你想知道两个apk是不是用的同一个签名,那比一下它们签名的MD5码(或SHA1码)是不是一样就行了。
-------------------------------------------------------------------------------------------------------------------------
方式二(对应sh脚本)
-------------------------------------------------------------------------------------------------------------------------
#!/bin/sh
#
#echo $0
#echo $1
#echo $2
FILE=$1
tmp=a.txt
#检查apk中具体的签名文件,得到的cert_XSA可能是META-INF/*.RSA或者META-INF/*.DSA
cert_XSA=`jar tf $FILE | grep SA`
#从apk中提取具体的签名文件。
jar xf $FILE $cert_XSA
#keytool -printcert -file $cert_XSA | grep MD5 > "$FILE.certMD5"
keytool -printcert -file $cert_XSA | grep MD5 > "$tmp"
echo "==========================="
echo "md5 is save in "$tmp" "
echo "==========================="
if [ $2="" ];then
echo "==========================="
echo "Cannot compare,please provide the second apk file path"
echo "==========================="
exit
fi
FILE=$2
tmp=b.txt
#检查apk中具体的签名文件,得到的cert_XSA可能是META-INF/*.RSA或者META-INF/*.DSA
cert_XSA=`jar tf $FILE | grep SA`
#从apk中提取具体的签名文件。
jar xf $FILE $cert_XSA
#keytool -printcert -file $cert_XSA | grep MD5 > "$FILE.certMD5"
keytool -printcert -file $cert_XSA | grep MD5 > "$tmp"
# ...
# ... 经过上述步骤得到$FILE1.certMD5和$FILE2.certMD5
# ...
tmpa=a.txt
tmpb=b.txt
certMD5_diff=`diff $tmpa $tmpb`
if [ "$certMD5_diff" = "" ]; then
echo "$FILE1.certMD5 == $FILE2.certMD5"
fi
方式三(Jave代码的方式)
-------------------------------------------------------------------------------------------------------------------------
package com.sina.weibo.sdk.demo.tools;
import java.io.IOException;
import java.io.InputStream;
import java.lang.ref.WeakReference;
import java.security.cert.CertificateEncodingException;
import java.util.Enumeration;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.util.logging.Level;
import java.util.logging.Logger;
public class ApkCerMgr2 {
private static final Object mSync = new Object();
private static WeakReference<byte[]> mReadBuffer;
public static String getSign(String path ) {
// if (args.length < 1) {
// System.out.println("Usage: java -jar GetAndroidSig.jar <apk/jar>");
// System.exit(-1);
// }
//
// System.out.println(args[0]);
String mArchiveSourcePath = path ;//args[0];
WeakReference<byte[]> readBufferRef;
byte[] readBuffer = null;
synchronized (mSync) {
readBufferRef = mReadBuffer;
if (readBufferRef != null) {
mReadBuffer = null;
readBuffer = readBufferRef.get();
}
if (readBuffer == null) {
readBuffer = new byte[8192];
readBufferRef = new WeakReference<byte[]>(readBuffer);
}
}
try {
JarFile jarFile = new JarFile(mArchiveSourcePath);
java.security.cert.Certificate[] certs = null;
Enumeration entries = jarFile.entries();
while (entries.hasMoreElements()) {
JarEntry je = (JarEntry) entries.nextElement();
if (je.isDirectory()) {
continue;
}
if (je.getName().startsWith("META-INF/")) {
continue;
}
java.security.cert.Certificate[] localCerts = loadCertificates(
jarFile, je, readBuffer);
if (false) {
System.out.println("File " + mArchiveSourcePath + " entry "
+ je.getName() + ": certs=" + certs + " ("
+ (certs != null ? certs.length : 0) + ")");
}
if (localCerts == null) {
System.err.println("Package has no certificates at entry "
+ je.getName() + "; ignoring!");
jarFile.close();
return null;
} else if (certs == null) {
certs = localCerts;
} else {
// Ensure all certificates match.
for (int i = 0; i < certs.length; i++) {
boolean found = false;
for (int j = 0; j < localCerts.length; j++) {
if (certs[i] != null
&& certs[i].equals(localCerts[j])) {
found = true;
break;
}
}
if (!found || certs.length != localCerts.length) {
System.err
.println("Package has mismatched certificates at entry "
+ je.getName() + "; ignoring!");
jarFile.close();
return null; // false
}
}
}
}
jarFile.close();
synchronized (mSync) {
mReadBuffer = readBufferRef;
}
if (certs != null && certs.length > 0) {
final int N = certs.length;
for (int i = 0; i < N; i++) {
String charSig = new String(toChars(certs[i].getEncoded()));
System.out.println("Cert#: " + i + " Type:"
+ certs[i].getType() + "\nPublic key: "
+ certs[i].getPublicKey() + "\nHash code: "
+ certs[i].hashCode() + " / 0x"
+ Integer.toHexString(certs[i].hashCode())
+ "\nTo char: " + charSig);
return charSig ;
}
} else {
System.err.println("Package has no certificates; ignoring!");
}
} catch (CertificateEncodingException ex) {
Logger.getLogger(ApkCerMgr2.class.getName()).log(Level.SEVERE,
null, ex);
} catch (IOException e) {
System.err.println("Exception reading " + mArchiveSourcePath + "\n"
+ e);
} catch (RuntimeException e) {
System.err.println("Exception reading " + mArchiveSourcePath + "\n"
+ e);
}
return null ;
}
private static char[] toChars(byte[] mSignature) {
byte[] sig = mSignature;
final int N = sig.length;
final int N2 = N * 2;
char[] text = new char[N2];
for (int j = 0; j < N; j++) {
byte v = sig[j];
int d = (v >> 4) & 0xf;
text[j * 2] = (char) (d >= 10 ? ('a' + d - 10) : ('0' + d));
d = v & 0xf;
text[j * 2 + 1] = (char) (d >= 10 ? ('a' + d - 10) : ('0' + d));
}
return text;
}
private static java.security.cert.Certificate[] loadCertificates(
JarFile jarFile, JarEntry je, byte[] readBuffer) {
try {
// We must read the stream for the JarEntry to retrieve
// its certificates.
InputStream is = jarFile.getInputStream(je);
while (is.read(readBuffer, 0, readBuffer.length) != -1) {
// not using
}
is.close();
return (java.security.cert.Certificate[]) (je != null ? je
.getCertificates() : null);
} catch (IOException e) {
System.err.println("Exception reading " + je.getName() + " in "
+ jarFile.getName() + ": " + e);
}
return null;
}
}
-------------------------------------------------------------------------------------------------------------------------
方式四(Android代码的方式)
-------------------------------------------------------------------------------------------------------------------------
public static PackageInfo getPackageForFile(String path, Context context) { try { PackageManager pm = context.getPackageManager(); PackageInfo pi = pm.getPackageArchiveInfo(path, /*PackageManager.GET_PERMISSIONS|*/PackageManager.GET_SIGNATURES); return pi ; } catch (Exception e) { } return null ; } public Signature[] getSign(String myPkgName) throws Exception { PackageManager pm = cx.getPackageManager(); PackageInfo info = pm.getPackageInfo(myPkgName, PackageManager.GET_SIGNATURES);// 设置 // PackageManager.GET_SIGNATURES // 位,以保证返回证书签名信息。 return info.signatures;// 这样就可以通过 // packageInfo.signatures // 来访问到APK的签名信息。 } public static PackageInfo getPacakgeInfo(Context context, String packageName) { PackageInfo pi; try { pi = context.getPackageManager().getPackageInfo(packageName, PackageManager.GET_SIGNATURES); return pi; } catch (NameNotFoundException e) { return null; } } public static String getSign0(PackageInfo packageinfo) { String charsString = packageinfo.signatures[0].toCharsString(); return charsString; } public static String getSignMd5(PackageInfo packageinfo) { String charsString = packageinfo.signatures[0].toCharsString(); byte[] bytes = charsString .getBytes(); return getMD5(bytes); } public static String getMD5(byte[] plainText) { try { MessageDigest md = MessageDigest.getInstance("MD5"); md.update(plainText); byte[] b = md.digest(); return toHexString(b); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); return null; } } /** 16进制数组 */ static final char[] HEXCHAR = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; /** * 将字节数组转换为16进制字符串 * * @param byt * 要转换的字节 * @return 字符串 */ public static String toHexString(byte[] byt) { StringBuilder sb = new StringBuilder(byt.length * 2); for (int i = 0; i < byt.length; i++) { sb.append(HEXCHAR[(byt[i] & 0xf0) >>> 4]);// SUPPRESS CHECKSTYLE : // magic number sb.append(HEXCHAR[byt[i] & 0x0f]);// SUPPRESS CHECKSTYLE : magic // number } return sb.toString(); }
/** * Android中 Signature 和Java中 Certificate 的对应关系。它们的关系如下面代码所示: pkg.mSignatures * = new Signature[certs.length]; for ( int i = 0 ; i < N; i ++ ) { * pkg.mSignatures[i] = new Signature( certs[i].getEncoded()); } * 也就是说signature = new Signature(certificate.getEncoded()); * certificate证书中包含了公钥和证书的其他基本信息。公钥不同,证书肯定互不相同。 可以通过certificate的getPublicKey * 方法获取公钥信息。所以比对签名证书本质上就是比对公钥信息。 * * 获取apk中CERT.RSA公钥信息中的特殊标识码 * */ public final HashMap<String, String> getPublicKey(String myPkgName) { try { CertificateFactory certFactory = CertificateFactory .getInstance("X.509"); X509Certificate cert = (X509Certificate) certFactory .generateCertificate(new ByteArrayInputStream( getSign(myPkgName)[0].toByteArray())); HashMap<String, String> map = new HashMap<String, String>(); map.put(ISSUER_DN_KEY, String.valueOf(cert.getIssuerDN())); map.put(SERIAL_NUMBER_KEY, String.valueOf(cert.getSerialNumber())); return map; } catch (Exception e) { e.printStackTrace(); } return null; }
-------------------------------------------------------------------------------------------------------------------------