I previously posted a question on how to get the signature checksum of my APK here: How do I get the signature checksum of my APK?
The answer is perfect if an app is signed with the v1 signature scheme or the combination v1/v2 signature schemes. (Jar and Full APK Signatures)
However, since my app will only be running on Android O or greater (it is a device specific app), I will only be signing it with the APK signature scheme v2 (v2 scheme).
I will be using EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM. See: https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html for details.
How do I get the APK (v2) signature checksum of my app that I can use in my key/value pair for NFC provisioning a device owner app?
To build on the example How do I get the signature checksum of my APK? you mentioned:
apksigner verify -print-certs [path to your apk] | grep -Po "(?<=SHA-256 digest:) .*" | xxd -r -p | openssl base64 | tr -d '=' | tr -- '+/=' '-_'
The "signature checksum" you're referring to is the URL-safe Base64 encoded SHA-256 digest of the APK's signing cert. apksigner verify --print-certs
prints the various digests of the APK's signing certs, regardless of whether the APK is JAR signed, APK Signature Scheme v2-signed, or both.
apksigner
is distributed via Android SDK Build Tools 24.0.3
and newer (except for 26.0.0
which is accidentally missing apksigner
). https://developer.android.com/studio/command-line/apksigner.html