Menu
Is there some way to retrieve information about the apk signature at runtime?
For example I have the same App signed with 2 different signatures: app-1.apk and app-2.apk and I'd like to be able of differentiate both apk in run time. Is that possible?
My goal is to implement a licensing system using a external server and based on the version code of the application and the signature.
529
Sign an APKSpecify a KeyStore file using the --ks option. Specify the private key file and certificate file separately using the --key and --cert options, respectively. The private key file must use the PKCS #8 format, and the certificate file must use the X. 509 format.
APK Signature Scheme v2 is a whole-file signature scheme that increases verification speed and strengthens integrity guarantees by detecting any changes to the protected parts of the APK.
Step 1: Go to Build -> Generate Signed Bundle or APK, a pop up will arise. Choose APK in the pop-up and click on Next.
Verifying an APK signature The correct way to verify an APK file is to use apksigner . apksigner is part of the Android build tools, therefore you may find multiple versions installed, one for each build-tools version installed.
You can access apk signature using PackageManager. PackageInfo flag defined in Package Manager return information about the signatures included in the package.
Signature[] sigs = context.getPackageManager().getPackageInfo(context.getPackageName(),PackageManager.GET_SIGNATURES).signatures;
for (Signature sig : sigs)
{
Log.i("App", "Signature : " + sig.hashCode());
}
http://developer.android.com/reference/android/content/pm/PackageManager.html
142
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
