logo标签列表

GET_SIGNATURES已弃用。

androidandroid-studio
9
我正在尝试在我的Android应用程序中分享内容到Facebook,我需要一个Key Hash...但我无法在我的logcat上查看HashKey,因为GET_SIGNATURES已被弃用...是否有任何方法可以查看我的hashkey?
以下是代码:
public class MainActivity extends AppCompatActivity {

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        printhashkey();
    }



    public void printhashkey(){

        try {
            PackageInfo info = getPackageManager().getPackageInfo(
                    "com.capstone.facebookshare",
                    PackageManager.GET_SIGNATURES);

            for (Signature signature : info.signatures) {
                MessageDigest md = MessageDigest.getInstance("SHA");
                md.update(signature.toByteArray());
                Log.d("KeyHash:", Base64.encodeToString(md.digest(), Base64.DEFAULT));
            }
        } catch (PackageManager.NameNotFoundException e) {

        } catch (NoSuchAlgorithmException e) {

        }

    }
}
这个回答解决了你的问题吗?在API 28中如何使用PackageInfo.GET_SIGNING_CERTIFICATES? - Nimrod Dayan
这里是完整的解决方案 https://dev59.com/fm855IYBdhLWcg3wXS8I#68718505 - Faizan Haidar Khan
2个回答
11
1
在这行代码中 for (Signature signature : info.signatures) ... signatures 也已经过时了。 - James1234
这是Android Pie。 - Vlad
5

获取软件包签名:

private static List<String> getSignatures(@NonNull PackageManager pm, @NonNull String packageName) {
            try {
                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
                    PackageInfo packageInfo = pm.getPackageInfo(packageName, PackageManager.GET_SIGNING_CERTIFICATES);
                    if (packageInfo == null
                            || packageInfo.signingInfo == null) {
                        return null;
                    }
                    if(packageInfo.signingInfo.hasMultipleSigners()){
                        return signatureDigest(packageInfo.signingInfo.getApkContentsSigners());
                    }
                    else{
                        return signatureDigest(packageInfo.signingInfo.getSigningCertificateHistory());
                    }
                }
                else {
                    @SuppressLint("PackageManagerGetSignatures")
                    PackageInfo packageInfo = pm.getPackageInfo(packageName, PackageManager.GET_SIGNATURES);
                    if (packageInfo == null
                            || packageInfo.signatures == null
                            || packageInfo.signatures.length == 0
                            || packageInfo.signatures[0] == null) {
                        return null;
                    }
                    return signatureDigest(packageInfo.signatures);
                }
            } catch (PackageManager.NameNotFoundException e) {
                return null;
            }
        }

将签名转换为十六进制字符串列表:

        private static String signatureDigest(Signature sig) {
            byte[] signature = sig.toByteArray();
            try {
                MessageDigest md = MessageDigest.getInstance("SHA1");
                byte[] digest = md.digest(signature);
                return BaseEncoding.base16().lowerCase().encode(digest);
            } catch (NoSuchAlgorithmException e) {
                return null;
            }
        }
        private static List<String> signatureDigest(Signature[] sigList) {
            List<String> signaturesList= new ArrayList<>();
            for (Signature signature: sigList) {
                if(signature!=null) {
                    signaturesList.add(signatureDigest(signature));
                }
            }
           return signturesList;
        }

与您的白名单比较软件包签名:

    private static boolean verifyAppSignature(Context context) {
        //you should load approvedSignatures from a secure place not plain text
        List<String> approvedSignatures = new ArrayList<>();
        approvedSignatures.add("Your whitelist #1");
        approvedSignatures.add("Your whitelist #2");

        List<String> currentSignatures = getSignatures(context.getPackageManager(), context.getPackageName());
        if(currentSignatures!=null && currentSignatures.size()>0) {
            //first checking if no unapproved signatures exist
            for (String signatureHex : currentSignatures) {
                if (!approvedSignatures.contains(signatureHex)) {
                    return false;
                }
            }
            //now checking if any of approved signatures exist
            for (String signatureHex : currentSignatures) {
                if (approvedSignatures.contains(signatureHex)) {
                    return true;
                }
            }
        }
        return false;
    }
signatureDigest 是什么? - Saurabh Padwekar
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接