Getting package name and signatures from uid/pid of application in native client

Question

This is my first project on android platform, and I’m not comfortable this environment yet.

I need to write a native application that can derive application package name and signatures of it out of [user id of the app and, pid of running instance of the app].

I’ve skimmed through the android app framework, and found that PackageManger has the ability to get package signatures. “..getPackageManager().getPackageInfo(packageName, GET_SIGNATURES)..”

but, this shows possibility of getting signatures from package name in Java application. as I said, our input parameters are only user id / running instance process id of the application. and also I need native client not java application.

My question can be devided into followings.

1. Is there any way of getting package name from uid and pid of running application in native program? If native client is not possible, Methods with Java are welcome too.

2. Is there any way of getting signatures from package name? As I said I’ve found java solution for it.

3. Is it possible for native client to use Binder service? Will this method help my problems? if so, how?

thanks in advance!

Answer 1

A1: I assume it is possible to scan application directories for package name and then try to match the associated user id in native code. In Java you can just use getPackageForUid().

A2: Haven't seen anything native to do this. Accessing arbitrary .apk files should in fact not be possible on a non-rooted phone.

A3: "Probably not" and "probably not" and: I don't see how. Binding to a remote service does not provide authentication information of the service; even if it did: How to validate the signature without access to the signed content, i.e. the .apk.

Edit:

The pm tool, as mentioned here, might help.