【Android】一个获取Android应用签名摘要的App工具

将APK发布到应用商店或接入第三方的SDK时,有时需要提供APK的签名摘要信息,可以通过摘要算法MD5或SHA-1来获取签名的摘要,除了获取自己的APK签名,也可以获取手机上其他已安装的APK签名,只需要传入其他APK的包名即可.

private static final char[] HEX_CHAR = {    '0', '1', '2', '3', '4', '5', '6', '7',    '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};/** 获取签名的MD5摘要 */public String[] signatureDigest() {   pkgInfo = mContext.getPackageManager().getPackageInfo(               mContext.getPackageName(), PackageManager.GET_SIGNATURES);    int length = pkgInfo.signatures.length;    String[] digests = new String[length];    for (int i = 0; i < length; ++i) {        Signature sign = mPkgInfo.signatures[i];        try {            MessageDigest md5 = MessageDigest.getInstance("MD5");            byte[] digest = md5.digest(sign.toByteArray()); // get digest with md5 algorithm            digests[i] = toHexString(digest);        } catch (NoSuchAlgorithmException e) {            e.printStackTrace();            digests[i] = null;        }    }    return digests;}/** 将字节数组转化为对应的十六进制字符串 */private String toHexString(byte[] rawByteArray) {    char[] chars = new char[rawByteArray.length * 2];    for (int i = 0; i < rawByteArray.length; ++i) {        byte b = rawByteArray[i];        chars[i*2] = HEX_CHAR[(b >>> 4 & 0x0F)];        chars[i*2+1] = HEX_CHAR[(b & 0x0F)];    }    return new String(chars);}

应用示例如下，输入手机上已安装的Apk包名（自动提示会列出匹配的所有包名），显示该Apk的签名MD5摘要：

完整代码可以从github上获取，Apk包可以在这里获取。

How to get app signature?|StackOverFlow 这篇文章提供了获取APK签名和证书的示例代码.

获取指定包名的APK签名，并输出签名的hash值：

Signature[] sigs = context.getPackageManager().getPackageInfo(    context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;for (Signature sig : sigs){        Log.i("MyApp", "Signature hashcode : " + sig.hashCode());}

获取已安装的APK的签名,并从签名中生成X.509证书信息.

final PackageManager packageManager = context.getPackageManager();final List<PackageInfo> packageList = packageManager.getInstalledPackages(PackageManager.GET_SIGNATURES);for (PackageInfo p : packageList) {    final String strName = p.applicationInfo.loadLabel(packageManager).toString();    final String strVendor = p.packageName;    sb.append("<br>" + strName + " / " + strVendor + "<br>");    final Signature[] arrSignatures = p.signatures;    for (final Signature sig : arrSignatures) {        /*        * Get the X.509 certificate.        */        final byte[] rawCert = sig.toByteArray();        InputStream certStream = new ByteArrayInputStream(rawCert);        final CertificateFactory certFactory;        final X509Certificate x509Cert;        try {            certFactory = CertificateFactory.getInstance("X509");            x509Cert = (X509Certificate) certFactory.generateCertificate(certStream);            sb.append("Certificate subject: " + x509Cert.getSubjectDN() + "<br>");            sb.append("Certificate issuer: " + x509Cert.getIssuerDN() + "<br>");            sb.append("Certificate serial number: " + x509Cert.getSerialNumber() + "<br>");            sb.append("<br>");        }        catch (CertificateException e) {            // e.printStackTrace();        }    }}