Open GoogleCodeExporter opened 9 years ago
Interesting but I don't know how we could create such a checksum.
Original comment by kevin.gaudin
on 5 Apr 2012 at 9:13
I believe that adding Developer's signature fingerprint could be enough (if
somebody modifies your code, he/she needs to sign it with his/her certificate).
Here is sample code snippet.
try {
PackageManager pm = context.getPackageManager();
String packageName = context.getPackageName();
int flags = PackageManager.GET_SIGNATURES;
PackageInfo packageInfo = null;
try {
packageInfo = pm.getPackageInfo(packageName, flags);
} catch (PackageManager.NameNotFoundException e) {
Log.e(GlobalLogTag.TAG, "Error getting package info ...", e);
return false;
}
Signature[] signatures = packageInfo.signatures;
// cert = DER encoded X.509 certificate:
byte[] cert = signatures[0].toByteArray();
InputStream input = new ByteArrayInputStream(cert);
CertificateFactory cf = null;
try {
cf = CertificateFactory.getInstance("X509");
} catch (CertificateException e) {
Log.e(GlobalLogTag.TAG, "Error getting X509 certificate factory...", e);
return false;
}
X509Certificate c = null;
try {
c = (X509Certificate) cf.generateCertificate(input);
} catch (CertificateException e) {
Log.e(GlobalLogTag.TAG, "Error getting X509 certificate ...", e);
return false;
}
Log.d(GlobalLogTag.TAG, "Certificate for: " + c.getSubjectDN());
Log.d(GlobalLogTag.TAG, "Certificate issued by: " + c.getIssuerDN());
Log.d(GlobalLogTag.TAG, "The certificate is valid from " + c.getNotBefore() + " to " + c.getNotAfter());
Log.d(GlobalLogTag.TAG, "Certificate SN# " + c.getSerialNumber());
Log.d(GlobalLogTag.TAG, "Generated with " + c.getSigAlgName());
StringBuffer hexString = new StringBuffer();
try {
MessageDigest md = MessageDigest.getInstance("SHA1");
byte[] publicKey = md.digest(c.getPublicKey().getEncoded());
for (int i = 0; i < publicKey.length; i++) {
String appendString = Integer.toHexString(0xFF & publicKey[i]);
if (appendString.length() == 1) hexString.append("0");
hexString.append(appendString);
}
certificateHash = hexString.toString();
Log.d(GlobalLogTag.TAG, "Certificate HASH: " + certificateHash);
} catch (NoSuchAlgorithmException e1) {
Log.e(GlobalLogTag.TAG, "Error getting certificate hash...", e1);
return false;
}
return true;
} catch (Throwable e) {
Log.e(GlobalLogTag.TAG, "Error getting certificate info...", e);
return false;
}
}
Original comment by tom.huba...@gmail.com
on 6 Apr 2012 at 7:43
Original issue reported on code.google.com by
tom.huba...@gmail.com
on 14 Mar 2012 at 3:42