I would like to use the signature checksum instead of the package checksum when provisioning a device with a device owner app. The app will be downloaded from an http server.
This post is great when using EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM: Checksum Error while provisioning Android Lollipop
But I would like to use EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM. See: https://developer.android.com/reference/android/app/admin/DevicePolicyManager.htm
The provisioning app and device owner app will both on be running on Android O.
How do I get the signature checksum of my app that I can use in my key/value pair for NFC?
Try this
keytool -list -printcert -jarfile [path_to_your_apk] | grep -Po "(?<=SHA256:) .*" | xxd -r -p | openssl base64 | tr -d '=' | tr -- '+/=' '-_'
In details:
keytool -list -printcert -jarfile [path_to_your_apk]
extracts informations about the certificate of the APK,grep -Po "(?<=SHA256:) .*" | xxd -r -p
takes the SHA256 hash and converts it to binary,openssl base64
encodes it with base64,tr -d '=' | tr -- '+/=' '-_'
makes it URL-safe (+
is encoded as -
, /
is encoded as _
and the padding character =
is removed).