I’ve only recently stopped be a lazy bum and started checking the hash of files I download, so it might be I’m doing something wrong, but I get a different SHA256 for the Proton Calendar APK than the one published on the page.
It should be: DC:C9:43:9E:C1:A6:C6:A8:D0:20:3F:34:23:EE:42:BC:C8:B9:70:62:8E:53:CB:73:A0:39:3F:39:8D:D5:B8:53
I get: C9886B25449CBCBEB2592227F0F662CAE5972B312CC787F255BD097FCEA25E2E
Double-checked on both phone and pc (and I’ve reported it to Proton) but could one of you fellas be so kind and check as well while I wait from the customer support reply?
The SHA256 fingerprint that is displayed on Proton’s website is not the SHA256 of the APK itself, but the SHA256 certificate fingerprint that can be found inside the APK file. Withtin the APK file there is a file named CERT.RSA, this is the certificate used for signing.
You can check the (SHA256) certificate fingerprint with a tool like keytool, apksigner or openssl.