发布出去的APP,签名是必须要的,为什么要签名?

签名是为了证明APP的所有权是归公司所有。

签名可以是CA认证的证书签名文件,也可以是自签名的文件。

下面提供一种签名后的APP,在代码里获取签名信息的方式。

该签名信息可以用于app加解密时的唯一密钥,或者在此基础上进行二次加工的结果作为密钥。既保证了密钥的安全性,也保证的密码的强度。

获取签名信息

    public static String getPublicKeyStrFromPackage() {
        PublicKey publicKey = getPublicKeyFromPackage();
        return publicKey != null ? publicKey.toString() : "";
    }

    public static PublicKey getPublicKeyFromPackage() {
        String packageName = IGlobalAppContainer.getInstance().getContext().getPackageName();
        PublicKey publicKey = null;

        try {
            PackageInfo packageInfo = IGlobalAppContainer.getInstance().getContext().getPackageManager().getPackageInfo(packageName, 64);
            Signature[] signs = packageInfo.signatures;
            Signature sign = signs[0];
            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
            X509Certificate cert = (X509Certificate)certFactory.generateCertificate(new ByteArrayInputStream(sign.toByteArray()));
            publicKey = cert.getPublicKey();
            Log.d("public key = " + publicKey);
        } catch (CertificateException | NameNotFoundException var7) {
            var7.printStackTrace();
        }

        return publicKey;
    }

通过签名信息进行加解密(仅供参考)

加密:

    public static String encryptByPublicKey(String content) throws Exception {
        String publicKey = getPublicKeyStrFromPackage();
        if (!TextUtils.isEmpty(publicKey)) {
            int start = !publicKey.contains("modulus=") ? 0 : publicKey.indexOf("modulus=") + 8;
            int end = publicKey.indexOf(",publicExponent=");
            publicKey = publicKey.substring(start, end);
        }

        publicKey = MD5Tools.getMD5(publicKey);
        return encrypt(content, publicKey);
    }

解密:


    public static String decryptByPublicKey(String content) {
        try {
            String publicKey = getPublicKeyStrFromPackage();
            if (!TextUtils.isEmpty(publicKey)) {
                int start = !publicKey.contains("modulus=") ? 0 : publicKey.indexOf("modulus=") + 8;
                int end = publicKey.indexOf(",publicExponent=");
                publicKey = publicKey.substring(start, end);
            }

            publicKey = MD5Tools.getMD5(publicKey);
            return decrypt(content, publicKey);
        } catch (NoSuchAlgorithmException var4) {
            Log.w("解密失败! " + var4.toString());
            return content;
        }
    }