I'm working with the Play Integrity API and I'm looking at the SHA-256 digest in the app integrity part of the verdict.
Here is what the doc says about this digest:
// The sha256 digest of app certificates.
// This field is populated iff appRecognitionVerdict != UNEVALUATED.
certificateSha256Digest: ["6a6a1474b5cbbb2b1aa57e0bc3"]
The goal of this verdict part is to verify the app integrity and I assume that this digest has been generated from the version of the app to be evaluated. However, I don't know how to decide it is a valid one.
I would expect that if I find the certificate that is used to sign the app, and I use gradle to generate a signing report, it would include the SHA-256 digest of the certificate, but the SHA-256 generated by ./gradlew signingReport doesn't match the one returned in the verdict.
Am I missing something here? How to find what SHA-256 digests are valid?
In my android application, I used facebook login. It is first time ever I used it.
The login functionality is working fine in release apk file. Also, I have generated key hash by using keytool, openssl:-
keytool -exportcert -alias "MyAppAlias" -keystore "Path to keystore" |
openssl sha1 -binary | openssl base64
I added the generated key hash in App settings on my Facebook developer account. Now when I am generating Signed apk, Facebook login is working fine, but after publishing the same apk on Play Store, Facebook login is not working, it's simply redirecting to activity from where it was called(My App's login activity) without any crashes or not responding message.
Thanks.
Finally, I resolved the issue.
Reason Behind this issue
While publishing an App to play store, I did APP SIGNING from Google Play, hence new SHA-1 key was created there.
To see this key, go to Google Play Console, select your app, then Release Management -> App Signing
On this page, I got new SHA-1 key under section "App signing certificate
"
So, the point is Google Play Signing creates a new certificate as shown in above image.
In Facebook developer account, we need to add Key hashes generated by our keystore. But in this case, we also need to add Key hash corresponds to this APP SIGNING certificate. Now the question is, how to get key hash for this certificate/SHA-1 fingerprint?
How to create Key Hash from SHA-1 key of Google Play APP SIGNING?
To generate key hash from SHA-1 key, execute a small Java program,
// GOOGLE PLAY APP SIGNING SHA-1 KEY:- 65:5D:66:A1:C9:31:85:AB:92:C6:A2:60:87:5B:1A:DA:45:6E:97:EA
byte[] sha1 = {
0x65, 0x5D, 0x66, (byte)0xA1, (byte)0xC9, 0x31, 0x85, (byte)0xAB, (byte)0x92, (byte)0xC6, (byte)0xA2, 0x60, 0x87, 0x5B, 0x1A, (byte)0xDA, 0x45, 0x6E, (byte)0x97, (byte)0xEA
};
System.out.println("keyhashGooglePlaySignIn:"+ Base64.encodeToString(sha1, Base64.NO_WRAP));
Output:-
keyhashGooglePlaySignIn: ZV1dkSgxvc2p4aCtFx9tcaQr8N4=
Copy this key hash and paste it to Facebook Developer account settings for your app. This is how my problem got solved.
Thanks all developers for comments. :)
I improved #vChamps answer a bit. just pass the SHA1 string to below function
public void hashFromSHA1(String sha1) {
String[] arr = sha1.split(":");
byte[] byteArr = new byte[arr.length];
for (int i = 0; i< arr.length; i++) {
byteArr[i] = Integer.decode("0x" + arr[i]).byteValue();
}
Log.e("hash : ", Base64.encodeToString(byteArr, Base64.NO_WRAP));
}
echo SHA1_here | xxd -r -p | openssl base64
Does the same work as the above code.
Copy Paste the SHA1 key here to Reduce all the Headache.Link
Internallly its converting Hex to Base 64.
Kotlin code:
import android.util.Base64
import android.util.Log
fun hashFromSHA1(sha1: String) {
val arr = sha1.split(":".toRegex()).dropLastWhile { it.isEmpty() }.toTypedArray()
val byteArr = ByteArray(arr.size)
for (i in arr.indices) {
byteArr[i] = Integer.decode("0x" + arr[i])!!.toByte()
}
Log.e("hash : ", Base64.encodeToString(byteArr, Base64.NO_WRAP))
}
To get the hash based on the Google Play signIn, just convert the SHA-1 key from Play Console to base64 and them paste into Developer Facebook android config.
You can use this online converter: http://tomeko.net/online_tools/hex_to_base64.php?lang=en
If you already have your SHA1 key you can use the online converter tool - to generate your hash code here
Make sure to enable Facebook in Sign-in providers Firebase.
enter App ID & App secret
copy OAuth Redirect URIs and paste facebook console Client OAuth settings ==>Valid OAuth Redirect URIs
App live mode should be on
When I run from directly eclipse it successfully work but when I export sign in application package and install exported app then it will give following errors:
invalid key hash.the hash key uR+29vKBjrnn3baLc4CBwhtmJdk does not match any stored key hash.configure your app key hashes at http://developers.facebook.com/APPID
When I put this uR+29vKBjrnn3baLc4CBwhtmJdk in release key then give error like....configure your app key hashes at http://developers.facebook.com/APPID
So what is issues here and hash key n release key different in every time?
You need to create a new Key for your application and it will be created using the Sha1 key of your signed application.The new sha1 key is generated whenever you create a new signed application.Use that sha key
During the process of signing, output similar to that outlined below will appear within the Console panel:
[2013-06-13 10:34:39 - ReleaseTest] New keystore C:\Users\nadags\Documents\AndroidReleaseAPK\ReleaseTest.apk has been created.
[2013-06-13 10:34:39 - ReleaseTest] Certificate fingerprints:
[2013-06-13 10:34:39 - ReleaseTest] MD5 : FA:65:D--------------
[2013-06-13 10:34:39 - ReleaseTest] SHA1: D1:E-------------------
or it will also appear on the popup where you will name your build finally before signing it.
Use this SHA1 to create new key at facebook developer console and include that in your app.
After you have followed the above procedure, do not right click and run the project again from eclipse, that will make the app to load from its default sha1 key. After you sign the app, manually copy paste the signed .apk to your device. That will make it work.
Note:-
For signing your app in android studio and obtaining new key,you can use THIS and THIS .
I have created a game in unity3d and made an android build. But when I wanted to upload it on google play store, I got the liscence key and this message,
Does anybody know where I can put that licence key? When you look into Developer console there is Licence key
"Base64-encoded RSA public key to include in your binary. Please remove any spaces."
How to use this key?
Please help
Have a look at Playersettings in the Build Window
Locate the Publishing Settings under PlayerSettings
Create a new keystore by selecting a keystore name and password (confirm the password)
Select "Create a new key" under Key Alias
A new window opens; enter the necessary information.
Select the newly created key.
Build ( Run); your app is now signed.
source:
http://forum.unity3d.com/threads/android-signing.62137/
Just Sign Your Application From Build Setting->Player Setting ->publishing Settings Create a new Keystore and keep it to yourself.
I have been trying to obtain a public map api key for my Android app. However the public key that I receive from Google does not work.
I have been using the following steps:
Obtaining Release Public Map API Key
1.Obtain Private Key:
Use Export of Eclipse to sign release application and create new keystore
2.Obtain MD5 certificate:
using alias and keystore set up
use keytool in Java directory: keytool -list -alias poly_alias -keystore
copy MD5 certificate
3.Obtain API Map Key:
Visit http://code.google.com/android/maps-api-signup.html and enter MD5 certificate
copy key
4.Use New Map API Key:
insert new map key for string in strings.xml for string mapApiKey
Does anyone have any suggestions on what I am doing wrong?
You were sketchy on the last step, so you may want to look at the final two steps on this page:
http://code.google.com/android/add-ons/google-apis/mapkey.html#finalsteps.
If it still doesn't work, you may want to explain what is happening, and change the values, but you may want to show an example of one of your layout files and the android manifest, to see if you may have made a typo or something.
You are following instructions for using the release signing key. Make sure you are building your APK in release mode. Normally, you build in debug mode and would use a Maps API key based on the debug signing key.