How to obtain the APK signature and verify consistency in the PHP program

In the PHP program, how to obtain the APK signature and verify whether the APK signature is consistent recently? in this way, the APK software uploaded by the developer is consistent with the original APK signature, this protects the rights and interests of genuine APK software. At the same time, we should avoid software such as cracking and localization, and cover genuine online versions. Therefore, it is necessary to implement this function.

I don't know much about JAVA. I started to wonder if I could solve this problem through PHP technology. However, no good solution was found by searching for various materials.

Finally, I first learned about JAVA's packet signature principle, and then found the answer through JAVA, which eventually solved this problem. However, this solution is not what I expect. I hope there will be more concise implementation methods. if you have a better solution, you can leave a message to me. Hope to communicate more.

The following describes how to compare the APK signature. the general steps are summarized as follows, and I will explain them separately:
1. install JDK on the server and use the keytool command to take effect.
2. the fingerprint of the two APK packages is obtained respectively.
3. determine whether the same software is used by comparing the fingerprint information.

Now you can follow the above ideas to perform the operation. Let's proceed:

Step 1: install JDK on the CentOS server to enable the keytool command to take effect.

A. download the JDK version suitable for your company's servers.
Address: http://www.oracle.com/technetwork/java/javase/downloads/jdk-6u29-download-513648.html

When I tested, the download was: jdk-6u29-linux-x64.bin.

[root@web-1 home]# wget http://download.oracle.com/otn-pub/java/jdk/6u29-b11/jdk-6u29-linux-x64.bin

B. install and configure JDK.

[root@web-1 home]# ./jdk-6u29-linux-x64.bin [root@web-1 home]# mv jdk1.6*  /usr/local/java[root@web-1 home]# cat >> /etc/profile  << EFF########################################JAVA_HOME=/usr/local/javaJRE_HOME=\$JAVA_HOME/jreCLASSPATH=:\$JAVA_HOME/lib:\$JRE_HOME/libPATH=\$JAVA_HOME/bin:\$JRE_HOME/bin:\$PATH

Or:
Unzip-p mumayidianzishichang_Mumayi_Market_V1.4_mumayi_91db5.apk META-INF/CERT. RSA | keytool-printcert | grep SHA1
The output is as follows:
[Root @ web-1] # unzip-p mumayidianzishichang_Mumayi_Market_V1.4_mumayi_91db5.apk META-INF/CERT. RSA | keytool-printcert | grep MD5
MD5: 19: 2A: 5C: 11: 3E: 72: A0: A1: A1: 10: A3: BE: C3: 9C: D5: 32
[Root @ web-1 1] # unzip-p mumayidianzishichang_Mumayi_Market_V1.4_mumayi_91db5.apk META-INF/CERT. RSA | keytool-printcert | grep SHA1
SHA1: 91: 83: AF: 08: B5: 00: 88: 85: E6: 4C: E9: 41: 4E: 3B: 06: EC: 51: E8: F8: 83
Signature algorithm name: SHA1withRSA