How do I get the signature checksum of my APK?

About

Asked 30/6, 2017 at 0:25 Answered 30/6, 2017 at 9:17

Solved android provisioning device-policy-manager device-owner android-for-work

I would like to use the signature checksum instead of the package checksum when provisioning a device with a device owner app. The app will be downloaded from an http server.

This post is great when using EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM: Checksum Error while provisioning Android Lollipop

But I would like to use EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM. See: https://developer.android.com/reference/android/app/admin/DevicePolicyManager.htm

The provisioning app and device owner app will both on be running on Android O.

How do I get the signature checksum of my app that I can use in my key/value pair for NFC?

Chlori answered 30/6, 2017 at 0:25 Comment(0)

Try this

keytool -list -printcert -jarfile [path_to_your_apk] | grep -Po "(?<=SHA256:) .*" | xxd -r -p | openssl base64 | tr -d '=' | tr -- '+/=' '-_'

In details:

keytool -list -printcert -jarfile [path_to_your_apk] extracts informations about the certificate of the APK,
grep -Po "(?<=SHA256:) .*" | xxd -r -p takes the SHA256 hash and converts it to binary,
openssl base64 encodes it with base64,
tr -d '=' | tr -- '+/=' '-_' makes it URL-safe (+ is encoded as -, / is encoded as _ and the padding character = is removed).

Candiecandied answered 30/6, 2017 at 9:17 Comment(5)

Your first step returns, "Not a signed jar file". – Chlori 30/6, 2017 at 22:7

I am signing my APK with the V2 signing scheme since these apps will only be run on Android O or greater. If I sign them with the V1 signing scheme, this method works great! I think this is a good and valid answer for the V1 scheme. I will open a new question more specific for the V2 scheme. – Chlori 30/6, 2017 at 23:9

For reference, here is the new question about V2 signing that has been answered. – Candiecandied 2/7, 2017 at 9:13

When I run this command it run and did not give any error but nothing is shown in result C:\Program Files\Java\jdk-11.0.1\bin>keytool -list -printcert -jarfile "TestDPC_4005.apk" | "C:\Program Files\Git\usr\bin\grep.exe" -Po "(?<=SHA256:) .*" | "C:\Program Files\Git\usr\bin\xxd.exe" -r -p | "C:\Program Files\Git\usr\bin\openssl.exe" base64 | "C:\Program Files\Git\usr\bin\tr.exe" -d '=' | "C:\Program Files\Git\usr\bin\tr.exe" -- '+/=' '-_' – Oday 22/2, 2019 at 6:59

Is the URL required the https or http is okay. – Fruity 4/9, 2020 at 6:36

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags