Supposedly PackageInfo.signatures[0] gives you the signature. However, there's a Catch22: You can't get the signature until the app is packaged, and you can't modify the app to insert the signature after it's been packaged.
It would be better if one could get the public key used to sign the package, but that's apparently not accessible. On Oct 6, 5:21 pm, "Raymond C. Rodgers" <[email protected]> wrote: > Until now, I haven't really concerned myself with app piracy; I only > have one app under my belt for Android, it's in beta and it's free. I'm > about to start development on another app and looking to use ProGuard > for obfuscation and LVL as I would like to make it a paid app, and I've > been wondering something ever since the news that LVL had been > circumvented months ago. Is it possible to check the .apk's signature > from within the API? If not currently, perhaps Google might add some > code to Android itself or to the API to enable LVL to make sure that the > .apk signature matches the signature that Android Market already has on > file? > > Just a thought, not even necessarily a feasible one. > Raymond -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
