Last active
June 27, 2018 19:36
-
-
Save jvehent/627b9fe3db436d761974608e664b95c3 to your computer and use it in GitHub Desktop.
Extract the SHA256 fingerprint of an APK signing cert. Run with $ ./extract_apk_cert_sha256.sh <something.apk>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| [ ! -r "$1" ] && echo "usage: $0 <apk>" && exit 1 | |
| tmpdir="$(mktemp -d)" | |
| tmpcrt="$(mktemp)" | |
| # unzip the apk into a temporary directory | |
| unzip -qq "$1" -d "$tmpdir" | |
| # extract the public cert from the pkcs7 detached signature | |
| openssl pkcs7 -print_certs \ | |
| -in "$tmpdir/META-INF/SIGNATURE.RSA" -inform DER \ | |
| -out "$tmpcrt" | |
| # calculate the sha256 of the DER form of the cert | |
| echo -n "sha256 of signing cert: " | |
| openssl x509 -in "$tmpcrt" -inform PEM -outform DER | \ | |
| openssl dgst -sha256 -hex | \ | |
| awk '{print $2}' | \ | |
| sed 's/..\B/&:/g' | \ | |
| tr [a-z] [A-Z] | |
| rm -rf "$tmpdir" "$tmpcrt" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment