Shell脚本查看apk签名信息

用shell写了一个查看apk签名的脚本。代码很少也很简单

支持递归目录查询

#!/bin/bash
 
#使用方法 ./getcertificate.sh xx.apk
 
get_signature() {
    path=`jar tf "$1" | grep RSA` #查找apk中RSA文件
    jar xf $1 $path #把RSA文件解压出来
    keytool -printcert -file $path #查看指纹证书
    rm -r $path #删除之前解压的文件
}
 
mypath=`pwd`
filepath=""
if [ -d .temp_for_certificate ]
then
    echo ".temp_for_certificate is exist,remove it first!"
    exit
fi
 
mkdir .temp_for_certificate
cd .temp_for_certificate
count=0
while [ -n "$1" ] 
do 
    if [ `expr substr "$1" 1 1` = "/" ] #绝对路径
    then
        filepath="$1"
    else #相对路径
        filepath="$mypath/$1"
    fi
    if [ -d $filepath ]
    then
        all_apk=`find $filepath -name "*.apk"`
        for apk_path in $all_apk
        do
            count=$[$count+1]
            echo "(#$count) "`basename "$apk_path"`":"
            filepath=$apk_path
            get_signature "$filepath"
            echo "-----------------------------------------------------------"
        done
    else
        count=$[$count+1]
        echo "(#$count) "`basename "$1"`":"
        get_signature "$filepath"
        echo "-----------------------------------------------------------"
    fi
    shift
done 
cd ..
rm -r .temp_for_certificate
echo "done!"

使用方法：

Leo-MBP:a kangyi$ ./getcertificate.sh test1.apk test2.apk

输出：

(#1) Superuser.apk:

所有者:CN=Adam Shanks, OU=Android, O=SoupCoconut, L=FWB, ST=Florida, C=US
签发人:CN=Adam Shanks, OU=Android, O=SoupCoconut, L=FWB, ST=Florida, C=US
序列号:4c614057
有效期: Tue Aug 10 20:04:39 CST 2010 至Sat Dec 26 20:04:39 CST 2037
证书指纹:
MD5:D2:42:30:AA:BE:81:62:30:FE:B4:0E:F1:CF:11:B0:C0
SHA1:5F:11:3F:C2:C2:0A:7C:9B:D9:28:19:22:6A:32:A1:90:4B:75:EF:8B
签名算法名称:SHA1withRSA
版本: 3
--------------------------------------------
(#2) Skype3.0.apk:

所有者:CN=Skype, OU=Mobile Client, O=Skype, L=London, C=GB
签发人:CN=Skype, OU=Mobile Client, O=Skype, L=London, C=GB
序列号:4c0e1962
有效期: Tue Jun 08 18:20:18 CST 2010 至Fri Jul 20 18:20:18 CST 2040
证书指纹:
MD5:37:5F:1A:56:C5:2A:51:FF:35:F3:6C:C5:A6:69:54:EC
SHA1:77:18:07:D1:B8:41:4D:69:89:E7:D8:EF:0B:97:97:24:3B:93:1F:95
签名算法名称:SHA1withRSA
版本: 3

脚本也支持递归目录，比如

Bash代码:

xxx-MBP:a kangyi$ ./getcertificate.sh app/A.apk app/Dir1 app/Dir2/  

查看签名也可以使用jarsigner

Bash代码 ：

jarsigner -verify -verbose -certs Superuser.apk  

jarsigner详细用法详见帮助