Last active
February 23, 2025 22:13
-
-
Save ottosch/a80f993a08eb76dbc35bb4df72db847a to your computer and use it in GitHub Desktop.
Outputs apk's signing certificate hash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 1024-bit key | |
| keytool -printcert -jarfile apk_file 2>/dev/null | grep SHA256 | cut -f2- -d':' | tr -cd '[[:xdigit:]]:'; echo | |
| # 4096-bit key | |
| apksigner verify -v --print-certs --min-sdk-version 24 apk_file | grep "certificate SHA-256" | |
| # One-liner example for Signal | |
| test $(apksigner verify -v --print-certs --min-sdk-version 24 Signal-Android-website-prod-universal-release-7.33.2.apk | grep -m1 "certificate SHA-256" | cut -d':' -f2 | tr -cd '[:xdigit:]') = $(echo -n "4B:E4:F6:CD:5B:E8:44:08:3E:90:02:79:DC:82:2A:F6:5A:54:7F:EC:C2:6A:BA:7F:F1:F5:20:3A:45:51:8C:D8" | tr -cd '[:xdigit:]' | tr '[:upper:]' '[:lower:]') && echo "passed" || echo "failed" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment