UNIFIED APK SIGNING METHOD AND SYSTEM THEREOF

摘要

Disclosed are a unified APK signing method and system thereof, comprising: a receipt institution generates a first public and private key pair and a second public and private key pair, and utilizes the first private key to sign the second public key to generate a receipt institution work public key certificate; the first public key is distributed to terminal devices to generate respective receipt institution root public key certificates to be pre-installed in the terminal device; the receipt institution generates receipt institution signature information according to a signed source file and the receipt institution work public key certificate, calculates the signed source file and the receipt institution signature information to generate a Hash value, fills with the Hash value to generate a signed file, encrypts the signed file using a second private key to generate receipt institution signature data, and downloads the signed APK file to the terminal device; the terminal device checks the validity of the receipt institution work public key certificate using the receipt institution root public key certificate, and then extracts the second public key to decrypt the receipt institution signature data to obtain a Hash value, calculates an authentication Hash value, and determines whether the Hash value is equal to the authentication Hash value; if yes, then allowing the installation and operation of an original APK file.