我正在将我的 CI 过程从生成 APK 文件切换到 App Bundle。我的管道中的一个阶段将在生成已签名的二进制文件后,转储签名并验证 APK 上的签名,以确保在继续之前正确签名。
> apksigner verify --print-certs my-signed-binary.apk
Signer #1 certificate DN: CN=<NAME>, OU=<GROUP>, O=<COMPANY>, L=<CITY>, ST=<STATE>, C=<COUNTRY>
Signer #1 certificate SHA-256 digest: <DIGEST1>
Signer #1 certificate SHA-1 digest: <DIGEST2>
Signer #1 certificate MD5 digest: <DIGEST3>
一旦生成,是否有等同于在整个 App Bundle 上转储签名的方法?
我尝试使用 jarsigner,但最终输出了数百行。
> jarsigner -verbose -verify -certs my-signed-binary.aab
...
smk 12 Wed Dec 31 16:00:00 PST 1969 base/assets.pb
>>> Signer
X.509, CN=<NAME>, OU=<GROUP>, O=<ORGANIZATION>, L=<CITY>, ST=<STATE>, C=<COUNTRY> (myapp)
[certificate is valid from 5/31/13 1:27 PM to 10/16/40 1:27 PM]
smk 85 Wed Dec 31 16:00:00 PST 1969 base/native.pb
>>> Signer
X.509, CN=<NAME>, OU=<GROUP>, O=<ORGANIZATION>, L=<CITY>, ST=<STATE>, C=<COUNTRY> (myapp)
[certificate is valid from 5/31/13 1:27 PM to 10/16/40 1:27 PM]
smk 2075002 Wed Dec 31 16:00:00 PST 1969 base/resources.pb
>>> Signer
X.509, CN=<NAME>, OU=<GROUP>, O=<ORGANIZATION>, L=<CITY>, ST=<STATE>, C=<COUNTRY> (myapp)
[certificate is valid from 5/31/13 1:27 PM to 10/16/40 1:27 PM]
542451 Tue Jan 01 00:00:00 PST 1980 META-INF/MYAPP.SF
1390 Tue Jan 01 00:00:00 PST 1980 META-INF/MYAPP.RSA
s k 542352 Tue Jan 01 00:00:00 PST 1980 META-INF/MANIFEST.MF
>>> Signer
X.509, CN=<NAME>, OU=<GROUP>, O=<ORGANIZATION>, L=<CITY>, ST=<STATE>, C=<COUNTRY> (myapp)
[certificate is valid from 5/31/13 1:27 PM to 10/16/40 1:27 PM]
s = signature was verified
m = entry is listed in manifest
k = at least one certificate was found in keystore
i = at least one certificate was found in identity scope
- Signed by "CN=<NAME>, OU=<GROUP>, O=<ORGANIZATION>, L=<CITY>, ST=<STATE>, C=<COUNTRY>"
Digest algorithm: SHA-256
Signature algorithm: SHA256withRSA, 2048-bit key
jar verified.
这个(“签名者...”)的最后一部分是整个 App Bundle 的签名吗?有没有比用 sed 破解这个输出更简单的方法来获取 App Bundle 的签名?
最佳答案
我使用了 keytool,我认为它会产生正确的结果
keytool -printcert -jarfile my-signed-binary.aab
关于jarsigner - 如何转储 Android App Bundle 的签名?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58043824/