How can an android app calculate its own md5 checksum when already installed? Tried googling but all results were about another app calculating others' checksums.
How would that be useful? To compare with something, the expected checksum needs to be in the APK. But if someone changed your APK (repackaged, etc.), they can also easily change the expected value as well. You could get it from a server, but it's not too hard to disable this as well if they are messing with your package.
Additionally, some tools will patch the code in Dalvik cache directly and thus change what your app does without ever touching the APK.
Generally, you just get the path to the APK, read as binary and calculate using MessageDigest
. You can use the PackageManager
to get app info and then ApplicationInfo#sourceDir gives you the location of the package. BTW, this might not work with paid apps on JB (4.1 and later), because you don't have permission to read the actual APK (this is the result of 'forward locking', aka 'app encryption').
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With