不建议使用GET_SIGNATURES
不建议使用GET_SIGNATURES
提问于 2018-10-19 18:27:04
我想在我的Android应用程序中与Facebook分享内容,我需要一个密钥哈希.但是我不能在我的logcat上看到logcat,因为GET_SIGNATURES被否决了.有没有办法看我的哈希?
这里是代码
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
printhashkey();
}
public void printhashkey(){
try {
PackageInfo info = getPackageManager().getPackageInfo(
"com.capstone.facebookshare",
PackageManager.GET_SIGNATURES);
for (Signature signature : info.signatures) {
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(signature.toByteArray());
Log.d("KeyHash:", Base64.encodeToString(md.digest(), Base64.DEFAULT));
}
} catch (PackageManager.NameNotFoundException e) {
} catch (NoSuchAlgorithmException e) {
}
}
}回答 2
Stack Overflow用户
发布于 2018-10-19 18:33:07
使用证书 for API 28。
Stack Overflow用户
发布于 2020-05-08 07:29:14
获得包签名:
private static List<String> getSignatures(@NonNull PackageManager pm, @NonNull String packageName) {
try {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
PackageInfo packageInfo = pm.getPackageInfo(packageName, PackageManager.GET_SIGNING_CERTIFICATES);
if (packageInfo == null
|| packageInfo.signingInfo == null) {
return null;
}
if(packageInfo.signingInfo.hasMultipleSigners()){
return signatureDigest(packageInfo.signingInfo.getApkContentsSigners());
}
else{
return signatureDigest(packageInfo.signingInfo.getSigningCertificateHistory());
}
}
else {
@SuppressLint("PackageManagerGetSignatures")
PackageInfo packageInfo = pm.getPackageInfo(packageName, PackageManager.GET_SIGNATURES);
if (packageInfo == null
|| packageInfo.signatures == null
|| packageInfo.signatures.length == 0
|| packageInfo.signatures[0] == null) {
return null;
}
return signatureDigest(packageInfo.signatures);
}
} catch (PackageManager.NameNotFoundException e) {
return null;
}
}将签名转换为十六进制字符串列表:
private static String signatureDigest(Signature sig) {
byte[] signature = sig.toByteArray();
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
byte[] digest = md.digest(signature);
return BaseEncoding.base16().lowerCase().encode(digest);
} catch (NoSuchAlgorithmException e) {
return null;
}
}
private static List<String> signatureDigest(Signature[] sigList) {
List<String> signaturesList= new ArrayList<>();
for (Signature signature: sigList) {
if(signature!=null) {
signaturesList.add(signatureDigest(signature));
}
}
return signturesList;
}将包签名与您的白名单进行比较:
private static boolean verifyAppSignature(Context context) {
//you should load approvedSignatures from a secure place not plain text
List<String> approvedSignatures = new ArrayList<>();
approvedSignatures.add("Your whitelist #1");
approvedSignatures.add("Your whitelist #2");
List<String> currentSignatures = getSignatures(context.getPackageManager(), context.getPackageName());
if(currentSignatures!=null && currentSignatures.size()>0) {
//first checking if no unapproved signatures exist
for (String signatureHex : currentSignatures) {
if (!approvedSignatures.contains(signatureHex)) {
return false;
}
}
//now checking if any of approved signatures exist
for (String signatureHex : currentSignatures) {
if (approvedSignatures.contains(signatureHex)) {
return true;
}
}
}
return false;
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/52898066
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号