[android-developers] Re: Possible to check .apk signature?

I tried an experiment where I put the packaged app signature into
cloud-based storage and compared it at app startup. But a good pirate
could find the place where my code is doing that and patch it out.

On Oct 6, 3:44 pm, DanH <danhi...@ieee.org> wrote:
> Supposedly PackageInfo.signatures[0] gives you the signature.
> However, there's a Catch22:  You can't get the signature until the app
> is packaged, and you can't modify the app to insert the signature
> after it's been packaged.
>
> It would be better if one could get the public key used to sign the
> package, but that's apparently not accessible.
>

--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en