Verify android library's (aar) signature on runtime?

41 views
Skip to first unread message

Muhammad Ahmad

unread,
Jan 21, 2019, 11:06:58 AM1/21/19
to seek-for-android

I am developing an Android library which I am going to distribute to my business partners. I have signed it with my key store and I want to verify the signature on runtime to see if my library is recompiled using a different signature. But the normal way to verify the signature

PackageManager pm = ctx.getPackageManager();
(PackageInfo packageInfo = pm.getPackageInfo(ctx.getPackageName(), 
PackageManager.GET_SIGNATURES);)

in case of APK is not working as it returns only the application's signature and not the signature I signed my library with. Is there a way to do this?

Reply all
Reply to author
Forward
0 new messages