您所在的位置: 首页 > 最新热文 > 计算机探索

    获得从Android应用程序的证书指纹指纹、应用程序、证书、Android

    2023-09-12 08:39:50 作者:[源来凯始玺欢你]

    如何从这个程序里面得到应用证书的指纹? 我要检查,如果应用程序被烧焦我自己的证书,或者如果它被重新包装/黑客攻击。

    How to get app certificate's fingerprint from inside of this app? I want to check if application is singed with my own certificate or if it was repacked / hacked.

    我找到了解决方案的一部分在这里:从Android的应用程序获取证书。所以,现在的问题是:如何检查证书的指纹

    I found part of solution here: Get Certificate from Android Application. So question now is: how to check certificate's fingerprint.

    推荐答案

    我把它放在这里 - 函数给出了相同的结果,keytool做的。

    I put it here - the function gives the same result as keytool does it.

    private String getCertificateSHA1Fingerprint() {
    PackageManager pm = mContext.getPackageManager();
    String packageName = mContext.getPackageName();
    int flags = PackageManager.GET_SIGNATURES;
    PackageInfo packageInfo = null;
    try {
        packageInfo = pm.getPackageInfo(packageName, flags);
    } catch (PackageManager.NameNotFoundException e) {
        e.printStackTrace();
    }
    Signature[] signatures = packageInfo.signatures;
    byte[] cert = signatures[0].toByteArray();
    InputStream input = new ByteArrayInputStream(cert);
    CertificateFactory cf = null;
    try {
        cf = CertificateFactory.getInstance("X509");
    } catch (CertificateException e) {
        e.printStackTrace();
    }
    X509Certificate c = null;
    try {
        c = (X509Certificate) cf.generateCertificate(input);
    } catch (CertificateException e) {
        e.printStackTrace();
    }
    String hexString = null;
    try {
        MessageDigest md = MessageDigest.getInstance("SHA1");
        byte[] publicKey = md.digest(c.getEncoded());
        hexString = byte2HexFormatted(publicKey);
    } catch (NoSuchAlgorithmException e1) {
        e1.printStackTrace();
    } catch (CertificateEncodingException e) {
        e.printStackTrace();
    }
    return hexString;
}

public static String byte2HexFormatted(byte[] arr) {
    StringBuilder str = new StringBuilder(arr.length * 2);
    for (int i = 0; i < arr.length; i++) {
        String h = Integer.toHexString(arr[i]);
        int l = h.length();
        if (l == 1) h = "0" + h;
        if (l > 2) h = h.substring(l - 2, l);
        str.append(h.toUpperCase());
        if (i < (arr.length - 1)) str.append(':');
    }
    return str.toString();
}

    上一篇:添加标签内片段的Andr​​oid?片段、标签、oid、Andr

    下一篇:安卓:当检测滚动型触底触底

    相关推荐
     
    猜您喜欢
    瞅音菩萨是男是女,瞅音真身是男子_瞅音变性缘故详解

    瞅音菩萨是男是女,瞅音真身是男子_瞅音变

    精彩图集
    精彩推荐
    图片推荐

    探秘家(tanmijia.com),深层探秘世界自然奇观未解之谜,揭秘宇宙空间、人类、生物未解之谜,世界传闻、奇闻异事ufo未解之谜。有效真实科学探索天下奇观猎奇世界。

    © 2016-2021 探秘家. All Rights Reserved 浙ICP备20029812号-3