署名认证相关知识
命令:
生成keystone(存放一组证书和私钥的地方)
keytool -genkey -alias(别名) hello -keyalg ?RSA -validity 20000 -keystore hello.keystore
?
查看keystore 信息
keytool -list ?-v -keystore hello.keystore -storepass 123456 ?
?
缺省情况下,-list?命令打印证书的?MD5?指纹。而如果指定了?-v?选项,将以可读格式打印证书,如果指定了?-rfc?选项,将以可打印的编码格式输出证书。
keytool -list? -rfc -keystore ?hello.keystore?-storepass 123456
?
证书的导出:
keytool -export -alias test -keystore ?hello.keystore -file ?test.crt -storepass 123456
?
证书的导入
keytool -import -alias rootcert -file root.crt ?-keystore hello.keystore
?
证书条目的删除:
keytool -delete -alias ceatecert1 -keystore .keystore -storepass 123456
?
?
使用jdk的jarsigner工具对apk文件签名
?jarsigner -verbose -keystore hello.keystore TestApk.apk test
?
?
签名后可以使用如下命令验证是否签名成功:?
?jarsigner -verify to_sign.apk?
如果需要查看更详细的验证信息,可修改为:
?jarsigner -certs -verbose -verify to_sign.apk?
?
?
?
?
?
?
?
获取证书信息相关方法:
package com.nec.test;import java.io.ByteArrayInputStream;import java.io.File;import java.io.FileInputStream;import java.io.FileOutputStream;import java.io.InputStream;import java.io.OutputStream;import java.security.KeyStore;import java.security.PublicKey;import java.security.cert.Certificate;import java.security.cert.CertificateException;import java.security.cert.CertificateFactory;import java.security.cert.X509Certificate;import java.util.ArrayList;import java.util.Enumeration;import java.util.List;import android.app.Activity;import android.content.Context;import android.content.pm.PackageInfo;import android.content.pm.PackageManager;import android.content.pm.PackageParser;import android.os.Bundle;import android.os.Environment;import android.util.DisplayMetrics;import android.util.Log;public class TestApkActivity extends Activity { /** Called when the activity is first created. */private static final String FILENAME = "cacerts.bks";private static final String FILENAME_CERT = "ca.crt"; //test.crt \ ca.crtprivate List<PublicKey> listKey = new ArrayList<PublicKey>();private File file;static final String IN_FILE_NAME = "c:\\Documents and Settings\\2172980000522\\TestApk.apk";static final String OUT_FILE_NAME = "c:\\Documents and Settings\\2172980000522\\TestApk.Zip"; private final static String PATH = "/sdcard/fcding.apk"; // TestApk.apk @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main);// readCacerts(FILENAME); try {readCert(FILENAME_CERT);} catch (Exception e1) {// TODO Auto-generated catch blocke1.printStackTrace();} TestApkActivity activity = new TestApkActivity(); PackageInfo pi = activity.parsePackage(PATH, PackageManager.GET_SIGNATURES); String issuerDN = null; String subjectDN = null; String publickey = null; try { byte[] signature = pi.signatures[0].toByteArray(); // String hash = md5(signature); CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) certFactory.generateCertificate( new ByteArrayInputStream(signature)); issuerDN = cert.getIssuerDN().toString(); Log.d("TRACK", issuerDN); subjectDN = cert.getSubjectDN().toString(); Log.d("TRACK", subjectDN); publickey = cert.getPublicKey().toString(); Log.d("TRACK", publickey); System.out.println("====================++++++++++++++++++++"+listKey.contains(cert.getPublicKey()));} catch (CertificateException e) { e.printStackTrace(); } } private PackageInfo parsePackage(String archiveFilePath, int flags){ PackageParser packageParser = new PackageParser(archiveFilePath); DisplayMetrics metrics = new DisplayMetrics(); metrics.setToDefaults(); final File sourceFile = new File(archiveFilePath); PackageParser.Package pkg = packageParser.parsePackage( sourceFile, archiveFilePath, metrics, 0); if (pkg == null) { return null; } packageParser.collectCertificates(pkg, 0); return PackageParser.generatePackageInfo(pkg, null, flags, 0, 0); } private void readCert(String fileName) throws Exception{ try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); InputStream in = getAssets().open(fileName); Certificate c = cf.generateCertificate(in); PublicKey publicKey = c.getPublicKey(); listKey.add(publicKey); System.out.println("********---------------**********"+publicKey.toString());} catch (Exception e) {e.printStackTrace();} } private void readCacerts(String filename) { try { InputStream inputStream = getAssets().open(filename); KeyStore keyStore = KeyStore.getInstance("bks"); keyStore.load(inputStream, null); file = new File(Environment.getExternalStorageDirectory(), "a.txt"); getApplication().openFileOutput("a.txt", Context.MODE_APPEND); FileOutputStream outputStream = new FileOutputStream(file); copyStream(keyStore, outputStream); Log.i(TAG, "File create Success"); } catch (Exception e) { e.printStackTrace(); } } private void copyStream(KeyStore keyStore, OutputStream fileOutputStream) throws Exception { Enumeration<String> enumeration = keyStore.aliases(); while (enumeration.hasMoreElements()) { String element = enumeration.nextElement(); Certificate certificate = keyStore.getCertificate(element); listKey.add(certificate.getPublicKey()); String content = certificate.toString(); System.out.println("================"+content); fileOutputStream.write(content.getBytes()); } }}??
?