些SDK提供方需要我们提供打包APK时使用的包名和签名文件(xxxxxx.jks这个文件)MD5值,然后SDK服务端应该会进行比对保证商户调用的合法性。不然光靠包名是可以伪造的,怎么获取签名文件的MD5值?
方法一:
原先通过命令keytool -list -v -keystore test.jks 可以查看md5值,但是发现现在查看不了,只有SHA1和SHA256的
方法二:改成从androidstudio查看
在app的build.gradle中配置你们签名文件,怎么生成签名文件?
build-->Generate signed bundle\APK-->next -->Create new
android{
signingConfigs {
release {
keyAlias 'test'
storePassword '666666'
keyPassword '666666'
storeFile file('E:\\test.jks')
}
debug {
keyAlias 'test'
storePassword '666666'
keyPassword '666666'
storeFile file('E:\\test.jks')
}
}
}
右侧gradle Tasks里面双击signingReport就可以查看签名文件的MD5值了
获取后去掉 :
方法三:从PackageInfo类中获取
package com.chinapay.umsfacesdkdemo.utils; import android.content.Context;import android.content.pm.PackageInfo;import android.content.pm.PackageManager;import android.content.pm.Signature;import android.util.Log; import java.security.MessageDigest;import java.util.ArrayList;import java.util.HashMap; public class AppSigning { public final static String MD5 = "MD5"; public final static String SHA1 = "SHA1"; public final static String SHA256 = "SHA256"; private static HashMap> mSignMap = new HashMap<>(); public static ArrayList getSignInfo(Context context, String type) { if (context == null || type == null) { return null; } String packageName = context.getPackageName(); if (packageName == null) { return null; } if (mSignMap.get(type) != null) { return mSignMap.get(type); } ArrayList mList = new ArrayList(); try { Signature[] signs = getSignatures(context, packageName); for (Signature sig : signs) { String tmp = "error!"; if (MD5.equals(type)) { tmp = getSignatureByteString(sig, MD5); } else if (SHA1.equals(type)) { tmp = getSignatureByteString(sig, SHA1); } else if (SHA256.equals(type)) { tmp = getSignatureByteString(sig, SHA256); } mList.add(tmp); } } catch (Exception e) { Log.e("e", e.getMessage()); } mSignMap.put(type, mList); return mList; } public static String getSha1(Context context) { String res = ""; ArrayList mlist = getSignInfo(context, SHA1); if (mlist != null && mlist.size() != 0) { res = mlist.get(0); } return res; } public static String getMD5(Context context) { String res = ""; ArrayList mlist = getSignInfo(context, MD5); if (mlist != null && mlist.size() != 0) { res = mlist.get(0); } return res; } public static String getSHA256(Context context) { String res = ""; ArrayList mlist = getSignInfo(context, SHA256); if (mlist != null && mlist.size() != 0) { res = mlist.get(0); } return res; } private static Signature[] getSignatures(Context context, String packageName) { PackageInfo packageInfo = null; try { packageInfo = context.getPackageManager().getPackageInfo(packageName, PackageManager.GET_SIGNATURES); return packageInfo.signatures; } catch (Exception e) { Log.e("e", e.toString()); } return null; } private static String getSignatureString(Signature sig, String type) { byte[] hexBytes = sig.toByteArray(); String fingerprint = "error!"; try { MessageDigest digest = MessageDigest.getInstance(type); if (digest != null) { byte[] digestBytes = digest.digest(hexBytes); StringBuilder sb = new StringBuilder(); for (byte digestByte : digestBytes) { sb.append((Integer.toHexString((digestByte & 0xFF) | 0x100)).substring(1, 3)); } fingerprint = sb.toString(); } } catch (Exception e) { Log.e("e", e.toString()); } return fingerprint; } private static String getSignatureByteString(Signature sig, String type) { byte[] hexBytes = sig.toByteArray(); String fingerprint = "error!"; try { MessageDigest digest = MessageDigest.getInstance(type); if (digest != null) { byte[] digestBytes = digest.digest(hexBytes); StringBuilder sb = new StringBuilder(); for (byte digestByte : digestBytes) { sb.append(((Integer.toHexString((digestByte & 0xFF) | 0x100)).substring(1, 3)).toUpperCase()); sb.append(":"); } fingerprint = sb.substring(0, sb.length() - 1).toString(); } } catch (Exception e) { Log.e("e", e.toString()); } return fingerprint; }} 调用上面的 String md5=AppSigning.getMD5(MainActivity.this)就可以了
来源地址:https://blog.csdn.net/u012028250/article/details/129709475
