该文章详细介绍了如何通过Java的keytool工具以及Python脚本,从pk8和x509.pem文件生成jks存储,查看jks的SHA256摘要,以及从APK中提取并查看其SHA256签名信息。
1.pk8和x509.pem生成jks
https://blog.youkuaiyun.com/laipigui905/article/details/112347159
2.查看jks sha256
- keytool -list -v -keystore xxx.jks
- 输入密钥
3.查看apk sha256
- 解压apk
- keytool -printcert -file xxx\META-INF\CERT.RSA
4.通过python查看一个apk的签名
# -*- coding: utf-8 -*-
#coding:utf-8
from cProfile import run
import os
from subprocess import call
import sys
import zipfile
# 解压出来的路径
def getExtractPath(apkPath):
return apkPath + "_files/"
# 解压apk
def un_zip(apk_path, extract_path):
print("unzip:", apk_path)
zip_file = zipfile.ZipFile(apk_path)
if os.path.isdir(extract_path):
pass
else:
os.mkdir(extract_path)
for names in zip_file.namelist():
zip_file.extract(names, extract_path)
zip_file.close()
# 获取签名信息
def getSignatureSha256(extractPath):
certRSAPath = extractPath + "/META-INF/CERT.RSA"
outputPath = extractPath + "/sign.txt"
cmd = "keytool -printcert -file " + certRSAPath + " > " + outputPath
call("keytool -printcert -file " + certRSAPath)
return os.system(cmd)
# 读取sha256
def readSignatureSha256(extractPath):
outputPath = extractPath + "/sign.txt"
for line in open(outputPath):
if(line.__contains__("SHA256")):
return line.strip()
argv = sys.argv[1:]
print(argv)
apkPath = argv[0]
extractPath = getExtractPath(apkPath)
un_zip(apkPath , extractPath)
getSignatureSha256(extractPath)
sha256 = readSignatureSha256(extractPath)
print(sha256)
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
