You do a CRC32 over the actual application file, *.apk. Open the file and get the byte stream. Now it's tricky to do that and than hardcore the CRC32 number in your app because it will change the value of the app computed CRC32 value. That is why he suggested to store it in a remote server...
For example: CRC value of the apk = 0xABCDABCD You would store that on your server 0xABCDABCD and use it to make sure nothing was changed inside the app... -Moto On Sep 28, 2:30 am, Asker <mallorc...@gmail.com> wrote: > Hi, > > Following the examples given by Johns Trevor in order to secure > Android LVL Applications (http://android-developers.blogspot.com/ > 2010/09/securing-android-lvl-applications.html), I've been stucked on > one only particular issue. > > Indeed, here is the matter: > The most obvious mechanism is to use a lightweight hash function, such > as CRC32, and build a hash of your application’s code. You can then > compare this checksum with a known good value. You can find the path > of your application’s files by calling context.GetApplicationInfo() — > just be sure not to compute a checksum of the file that contains your > checksum! (Consider storing this information on a third-party server.) > > Howether, I can't find what I must use in my code to detect an > "unwanted" modification inside it. > java.util.zip.CRC32 crc32 = new java.util.zip.CRC32(); > crc32.update(whatPutInHere); > > I've tried many method related to context.GetApplicationInfo() but no > one seems to deliver something that change as soon as the code is > modified. > > Has someone already succeed on CRC32 checksum implementation? > > Regards. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
