Generate Hash Keys properly for Android SMS Retriever API

Prishan Maduka
4 min readDec 18, 2020

--

As you all know, Android SMS Retriever API plays a dominant role in android apps now a days. You can learn more regarding this by following this link. Google SMS Retriever API

According to Android SMS Retriever API, every message should follow a specific format which must include “One time code” and “11 character hash string” as shown in the below

Your verification code : 123456FA+9qCX9VSu

This code(FA+9qCX9VSu) is the 11 character hash code which is used to identify the application uniquely. This key is different for debug builds, release builds and play-store builds for the same app depending on the key-store file.

In this article we are going to cover how to generate required hash keys for debug build, release builds and play store releases in react-native. To generate hash keys, Google has provided a script to get the hash key from key-store file.

SMS_RETRIEVER_HASH_KEY_GENERATOR

Save this to a .sh file.

1) For Debug Builds

If you are using the react-native library “react-native-sms-retriever-api”, there is a method to get the hash code for the debug.keystore.

getHash():Promise<string[]>

Gets the hash code for the application which should be added at the end of message. This is just a one time process.

But here we are going to know about how to use cmd to get the job done.

First of all find the application’s debug.keystore file and make a copy and place it where you saved the sms_retriever_hash_v9.sh file. Then use the following command to retrieve the hash key for debug releases of your application.

./sms_retriever_hash_v9.sh — package “com.your.packagename” — keystore /path/to/debug.keystore

This will return the debug hash code

First 8 bytes encoded by base64: FA+9qCX9VSuSMS Retriever hash code: FA+9qCX9VSu

2) For Release Builds

First generate your upload.keystore file.

Windows

Go to C:\Program Files\Java\jdkx.x.x_x\bin and run the following command

keytool -genkeypair -v -keystore upload.keystore -alias my-key-alias -keyalg RSA -keysize 2048 -validity 10000

This will prompt to enter the password for the keystore file. Enter a password and make sure to remember this for the future purposes.

Mac OS

First find where the JDK is and run the following command to navigate to the path

cd /your/jdk/path

Then use the following command with sudo permission to generate the upload keystore file and be sure to remember the password that you entered.

sudo keytool -genkey -v -keystore upload.keystore -alias my-key-alias -keyalg RSA -keysize 2048 -validity 10000

Now your upload.keystore file is ready and you can proceed the same in the method 1 to generate the 11 character hash code.

./sms_retriever_hash_v9.sh — package “com.your.packagename” — keystore /path/to/upload.keystore

NOTE — By using this you can retrieve the hash key. You can use this in release builds, but when you upload your .aab file or apk files to playstore this hash code won’t be work and One Time Code doesn’t pick from your application. In this case you have to follow different set of approach to achieve this.

3) For Play-store Releases

Login to your play console and go to your app. Then select Release->Setup->App Signing

Then you can see Download Certificate link in the right corner as shown in the image below

Download deployment_cert.der file

This will download a file named ‘deployment_cert.der’ and you cannot use this directly to generate hash code. At first you must generate .jks file using the following command

keytool -importcert -alias <ALIAS USED TO GENERATE JKS FILE> -file deployment_cert.der -keystore certificate.jks -storepass <PASSWORD FOR JKS FILE>

Then this will prompt “Trust this certificate? [no]:” message and provide ‘Yes’ as the answer. Then your certificate will be added to the keystore and you can find the file generated “certificate.jks”.

Now as the final step you can use the certificate.jks file and the following command.

keytool -exportcert -alias <ALIAS USED TO GENERATE JKS FILE> -keystore certificate.jks | xxd -p | tr -d "[:space:]" | echo -n <PACKAGE NAME> `cat` | shasum -a 256 | tr -d "[:space:]-" | xxd -r -p | base64 | cut -c1-11

Then this will prompt to enter the store password used for generating .jks file. Enter the password to get the hash code.

Enter keystore password:  <PASSWORD FOR JKS FILE>

Now finally you can get the hash code as follows

FA+9qCX9VSu

In this we have covered how to generate upload keystore files, how to get deployment_cer files and to generate .jks files as well. So that’s all for this article.

Thank you for reading this article and hope to see you soon with new one.

--

--