查看apk簽名

用shell寫了一個查看apk簽名的腳本。代碼很少也很簡單

#!/bin/bash
mypath=`pwd`
filepath=""
mkdir .temp_for_certificate
cd .temp_for_certificate
count=0
while [ -n "$1" ] 
do 
    count=$[$count+1]
    echo "(#$count) "`basename "$1"`":"
    if [ `expr substr "$1" 1 1` = "/" ] #絕對路徑
    then
        filepath="$1"
    else #相對路徑
        filepath="$mypath/$1"
    fi
    path=`jar tf "$filepath" | grep RSA` #查找apk中RSA文件
    jar xf $filepath $path #把RSA文件解壓出來
    keytool -printcert -file $path #查看指紋證書
    rm -r $path #刪除之前解壓的文件
    echo "--------------------------------------------"
    shift 
done 
cd ..
rm -r .temp_for_certificate （將其保存到文件，命名為getcertificate）

使用方法：

getcertificate Superuser.apk Skype3.0.apk輸出：

(#1) Superuser.apk:

所有者:CN=Adam Shanks, OU=Android, O=SoupCoconut, L=FWB, ST=Florida, C=US
簽發人:CN=Adam Shanks, OU=Android, O=SoupCoconut, L=FWB, ST=Florida, C=US
序列號:4c614057
有效期: Tue Aug 10 20:04:39 CST 2010 至Sat Dec 26 20:04:39 CST 2037
證書指紋:
MD5:D2:42:30:AA:BE:81:62:30:FE:B4:0E:F1:CF:11:B0:C0
SHA1:5F:11:3F:C2:C2:0A:7C:9B:D9:28:19:22:6A:32:A1:90:4B:75:EF:8B
簽名算法名稱:SHA1withRSA
版本: 3
--------------------------------------------
(#2) Skype3.0.apk:

所有者:CN=Skype, OU=Mobile Client, O=Skype, L=London, C=GB
簽發人:CN=Skype, OU=Mobile Client, O=Skype, L=London, C=GB
序列號:4c0e1962
有效期: Tue Jun 08 18:20:18 CST 2010 至Fri Jul 20 18:20:18 CST 2040
證書指紋:
MD5:37:5F:1A:56:C5:2A:51:FF:35:F3:6C:C5:A6:69:54:EC
SHA1:77:18:07:D1:B8:41:4D:69:89:E7:D8:EF:0B:97:97:24:3B:93:1F:95
簽名算法名稱:SHA1withRSA
版本: 3
--------------------------------------------
 

查看簽名也可以使用jarsigner

jarsigner -verify -verbose -certs Superuser.apk jarsigner詳細用法詳見幫助