署名认证相关知识

命令：

生成keystone（存放一组证书和私钥的地方）

keytool -genkey -alias（别名） hello -keyalg  RSA -validity 20000 -keystore hello.keystore

 

查看keystore 信息

keytool -list  -v -keystore hello.keystore -storepass 123456  

 

缺省情况下，-list 命令打印证书的 MD5 指纹。而如果指定了 -v 选项，将以可读格式打印证书，如果指定了 -rfc 选项，将以可打印的编码格式输出证书。

keytool -list  -rfc -keystore  hello.keystore -storepass 123456

 

证书的导出：

keytool -export -alias test -keystore  hello.keystore -file  test.crt -storepass 123456

 

证书的导入

keytool -import -alias rootcert -file root.crt  -keystore hello.keystore

 

证书条目的删除：

keytool -delete -alias ceatecert1 -keystore .keystore -storepass 123456

 

 

使用jdk的jarsigner工具对apk文件签名

 jarsigner -verbose -keystore hello.keystore TestApk.apk test

 

 

签名后可以使用如下命令验证是否签名成功： 

 jarsigner -verify to_sign.apk 

如果需要查看更详细的验证信息，可修改为：

 jarsigner -certs -verbose -verify to_sign.apk 

 

 

 

 

 

 

 

获取证书信息相关方法:

package com.nec.test;



import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

import android.app.Activity;
import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageParser;
import android.os.Bundle;
import android.os.Environment;
import android.util.DisplayMetrics;
import android.util.Log;

public class TestApkActivity extends Activity {
    /** Called when the activity is first created. */
	private static final String FILENAME = "cacerts.bks";
	
	private static final String FILENAME_CERT = "ca.crt"; //test.crt \ ca.crt

	private List<PublicKey>  listKey = new ArrayList<PublicKey>();
	private File file;
	static final String IN_FILE_NAME = "c:\\Documents and Settings\\2172980000522\\TestApk.apk";
	static final String OUT_FILE_NAME = "c:\\Documents and Settings\\2172980000522\\TestApk.Zip";
	 private final static String PATH = "/sdcard/fcding.apk"; // TestApk.apk 

    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
//        readCacerts(FILENAME);
        try {
			readCert(FILENAME_CERT);
		} catch (Exception e1) {
			// TODO Auto-generated catch block
			e1.printStackTrace();
		}
        TestApkActivity activity  = new TestApkActivity();
        PackageInfo pi =  activity.parsePackage(PATH, PackageManager.GET_SIGNATURES);
        String issuerDN = null;  
		String subjectDN = null;  
		String publickey = null;  
        

		try {  
			byte[] signature = pi.signatures[0].toByteArray();  
			// String hash = md5(signature);  
			CertificateFactory certFactory =  
	        CertificateFactory.getInstance("X.509");  
			X509Certificate cert = (X509Certificate)  
			certFactory.generateCertificate(  
					new ByteArrayInputStream(signature));  

			issuerDN = cert.getIssuerDN().toString();  
			Log.d("TRACK", issuerDN);  
			subjectDN = cert.getSubjectDN().toString();  
			Log.d("TRACK", subjectDN);  
			publickey = cert.getPublicKey().toString();  
			Log.d("TRACK", publickey);  
		System.out.println("====================++++++++++++++++++++"+listKey.contains(cert.getPublicKey())	);
			
		} catch (CertificateException e) {  
			e.printStackTrace();  
		}  
      
    	
    }
    
    
    
      private PackageInfo parsePackage(String archiveFilePath, int flags){
    	          PackageParser packageParser = new PackageParser(archiveFilePath);
    	          DisplayMetrics metrics = new DisplayMetrics();
    	          metrics.setToDefaults();
    	          final File sourceFile = new File(archiveFilePath);
    	          PackageParser.Package pkg = packageParser.parsePackage(
    	                  sourceFile, archiveFilePath, metrics, 0);
    	          if (pkg == null) {
    	             return null;
    	         }
    	         packageParser.collectCertificates(pkg, 0); 
    	         return PackageParser.generatePackageInfo(pkg, null, flags, 0, 0);
    	     }
      
      
      private  void  readCert(String fileName) throws  Exception{
    	  try {
    		  CertificateFactory cf = CertificateFactory.getInstance("X.509");
        	  InputStream in = getAssets().open(fileName);

        	   Certificate c = cf.generateCertificate(in);
        	   PublicKey publicKey = c.getPublicKey();
        	   listKey.add(publicKey);
        	   System.out.println("********---------------**********"+publicKey.toString());
		} catch (Exception e) {
			e.printStackTrace();
		}
    	
      }
      
      private void readCacerts(String filename) {
  		try {
  			InputStream inputStream = getAssets().open(filename);
  			KeyStore keyStore = KeyStore.getInstance("bks");
  			keyStore.load(inputStream, null);
  			file = new File(Environment.getExternalStorageDirectory(), "a.txt");
  			getApplication().openFileOutput("a.txt", Context.MODE_APPEND);
  			FileOutputStream outputStream = new FileOutputStream(file);
  			copyStream(keyStore, outputStream);
  			Log.i(TAG, "File create Success");
  		} catch (Exception e) {
  				e.printStackTrace();
  		}
  	}

  	private void copyStream(KeyStore keyStore, OutputStream fileOutputStream)
  			throws Exception {
  		Enumeration<String> enumeration = keyStore.aliases();
  		while (enumeration.hasMoreElements()) {
  			String element = enumeration.nextElement();
  			Certificate certificate = keyStore.getCertificate(element);
  			listKey.add(certificate.getPublicKey());
  			String content = certificate.toString();
  			System.out.println("================"+content);
  			fileOutputStream.write(content.getBytes());
  		}
  	}
}

 

http://www.blogjava.net/zh-weir/archive/2011/07/19/354663.html

    APk  签名 调用隐藏包