The signature and the cert are two different things -- the cert contains the public key. If one could access the public key and sign the network interactions with that then the system would be insensitive to upgrades, vs the server having to keep track of every signature ever released.
On Oct 3, 3:33 am, Dianne Hackborn <[email protected]> wrote: > It is the binary certificates that the app is signed with. Hopefully you > are only signing with one cert, so there is only one Signature in the array. > > As for how to use it -- well it is the raw cert. You can get it as the raw > binary data, or as encoded ASCII > characters:http://developer.android.com/reference/android/content/pm/Signature.html > > For what to do with it... up to you. You can just do a raw comparison with > the binary data to see that it is your cert. Or do other more tricky stuff > (take the data, stuff it away, do things that depend on it in various ways, > who knows). > > > > On Sat, Oct 2, 2010 at 2:05 AM, Dianne Hackborn <[email protected]> wrote: > > On Fri, Oct 1, 2010 at 2:11 PM, DanH <[email protected]> wrote: > > >> What you really want to be sure of is that the application is signed > >> with your certificate. (Of course, I've not yet found a way to access > >> that info.) > > >http://developer.android.com/reference/android/content/pm/PackageMana..., > > int)<http://developer.android.com/reference/android/content/pm/PackageMana...)> > > >http://developer.android.com/reference/android/content/pm/PackageMana... > > >http://developer.android.com/reference/android/content/pm/PackageInfo... > > > -- > > Dianne Hackborn > > Android framework engineer > > [email protected] > > > Note: please don't send private questions to me, as I don't have time to > > provide private support, and so won't reply to such e-mails. All such > > questions should be posted on public forums, where I and others can see and > > answer them. > > -- > Dianne Hackborn > Android framework engineer > [email protected] > > Note: please don't send private questions to me, as I don't have time to > provide private support, and so won't reply to such e-mails. All such > questions should be posted on public forums, where I and others can see and > answer them. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
