How to generate HASH_OF_YOUR_APP

talsec / Free-RASP-Flutter

Flutter library for improving app security and threat monitoring on Android and iOS mobile devices.

https://github.com/talsec/Free-RASP-Community

MIT License

194 stars 22 forks source link

How to generate HASH_OF_YOUR_APP #2

Closed prajwal27 closed 3 years ago

prajwal27 commented 3 years ago

The Readme file mentions HASH_OF_YOUR_APP

androidConfig: AndroidConfig(
        expectedPackageName: 'YOUR_PACKAGE_NAME',
        expectedSigningCertificateHash: 'HASH_OF_YOUR_APP',
        supportedAlternativeStores: ["com.sec.android.app.samsungapps"],
      ),

How do we generate this?

talsec-app commented 3 years ago

HASH_OF_YOUR_APP is a hash of the certificate of the key which was used to sign the application. This hash is then encoded in Base64 form.
You can imagine it like: base64(sha256(certificate))
To generate base64 form of hash, you can use util functions provided for freeRASP for Android.
More about app signing here.