用shell写了一个查看apk签名的脚本。代码很少也很简单
#!/bin/bash
mkdir .temp_for_certificate
cd .temp_for_certificate
count=0
while [ -n "$1" ]
do
count=$[$count+1]
echo "(#$count) "`basename "$1"`":"
echo ""
path=`jar tf "$1" | grep RSA` #查找apk中RSA文件
jar xf $1 $path #把RSA文件解压出来
keytool -printcert -file $path #查看指纹证书
rm -r $path #删除之前解压的文件
echo "--------------------------------------------"
shift
done
cd ..
rm -r .temp_for_certificate
(将其保存到文件,命名为getcertificate)
使用方法:
getcertificate Superuser.apk Skype3.0.apk
输出:
(#1) Superuser.apk:
所有者:CN=Adam Shanks, OU=Android, O=SoupCoconut, L=FWB, ST=Florida, C=US
签发人:CN=Adam Shanks, OU=Android, O=SoupCoconut, L=FWB, ST=Florida, C=US
序列号:4c614057
有效期: Tue Aug 10 20:04:39 CST 2010 至Sat Dec 26 20:04:39 CST 2037
证书指纹:
MD5:D2:42:30:AA:BE:81:62:30:FE:B4:0E:F1:CF:11:B0:C0
SHA1:5F:11:3F:C2:C2:0A:7C:9B:D9:28:19:22:6A:32:A1:90:4B:75:EF:8B
签名算法名称:SHA1withRSA
版本: 3
--------------------------------------------
(#2) Skype3.0.apk:
所有者:CN=Skype, OU=Mobile Client, O=Skype, L=London, C=GB
签发人:CN=Skype, OU=Mobile Client, O=Skype, L=London, C=GB
序列号:4c0e1962
有效期: Tue Jun 08 18:20:18 CST 2010 至Fri Jul 20 18:20:18 CST 2040
证书指纹:
MD5:37:5F:1A:56:C5:2A:51:FF:35:F3:6C:C5:A6:69:54:EC
SHA1:77:18:07:D1:B8:41:4D:69:89:E7:D8:EF:0B:97:97:24:3B:93:1F:95
签名算法名称:SHA1withRSA
版本: 3
--------------------------------------------
查看签名也可以使用jarsigner
jarsigner -verify -verbose -certs Superuser.apk
jarsigner详细用法详见帮助
