I need some info about the android.content.pm.Signature object.
Currently I do the following to get the certificate used to sign the
package:
---8<---8<---8<---
ByteArrayInputStream is;
CertificateFactory cf;
try {
cf = CertificateFactory.getInstance("X.509");
}
catch(CertificateException e) {
tv.setText("Cannot create CertificateFactory instance:\n" +
e.getMessage());
return;
}
Certificate cert;
is = new ByteArrayInputStream(sigs[0].toByteArray());
try {
cert = cf.generateCertificate(is);
}
catch(CertificateException e) {
text += "Cannot generate certificate from input stream:\n" +
e.getMessage() + "\n";
continue;
}
--->8--->8--->8---
Is that the correct way to do this?
I don't know what additional information are stored in the Signatrue
object and if this additional information can affect the creation of
the Certificate instance. I think the object containes the signed
hashes of the Package but how can I retrieve and check these?
In addition how can I get information about the type of certificate
used ("x509", PGP, ...)
Thanks for help
Lutz
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
-~----------~----~----~----~------~----~------~--~---
