keytool with Android Facebook SDK

Blundell picture Blundell · Jun 26, 2011 · Viewed 11.6k times · Source

I just want some confirmation.

I'm developing on windows

I'm attempting to integrate facebook into an app and the SDK documentation says I need to 'export a signature'

From here: http://developers.facebook.com/docs/guides/mobile/#android

So it says run this command:

 keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64

First I had to download openssl: OpenSSL

Now the command above, I assume should be converted to:

"C:\path\to\java\keytool" -exportcert -alias your_alias -keystore "C:\path\to\your\keystore\keystore.name" | "C:\path\to\openssl_install\bin\openssl" sha1 -binary |"C:\path\to\openssl_install\bin\openssl" base64
  • So you want the keytool that is installed in your latest Java install folder?
  • You want the alias to be the name of the alias you use for a normal apk creation in eclipse?
  • You want the keystore to be the one you use when exporting android apps?
  • You want openssl to be the one you just installed

So once I've done this it asks for a password: (it shows the password as I'm typing it)

If I enter a correct password I get

'zR2tey1h9kqPRSW/yEYEr0ruswyD=' (changed for public)

but if I enter an incorrect password it still returns me a code in the form of

'ga0RGNYHvTR5d3SVDEfpQQAPGJ1='?

So yeah, was just looking for a confirmation that I'm doing the right thing, and this is the output expected

Answer

Mina Samy picture Mina Samy · Jun 26, 2011

the best way to get your hash is by running the following code:

try {
            PackageInfo info = getPackageManager().getPackageInfo(getPackageName(), PackageManager.GET_SIGNATURES);
            for (Signature signature : info.signatures) {
                MessageDigest md;

                    md = MessageDigest.getInstance("SHA");
                    md.update(signature.toByteArray());
                    String something = new String(Base64.encode(md.digest(), 0));
                    Log.e("hash key", something);
        } 
        }
        catch (NameNotFoundException e1) {
            // TODO Auto-generated catch block
            Log.e("name not found", e1.toString());
        }

             catch (NoSuchAlgorithmException e) {
                // TODO Auto-generated catch block
                 Log.e("no such an algorithm", e.toString());
            }
             catch (Exception e){
                 Log.e("exception", e.toString());
             }

when extracting the hash with windows cmd,git bash or cygwing terminal, the three tools give different result.

the most accurate is the code above