Hi. I've posted this on Android Security as well, but that group does not appear to have as much activity, so I'm hoping someone here can help me. Actually I guess my question belongs in this group anyway, even though it touches on some of the security aspects of android packages.
My goal is to access the certificate that was used to sign the apk package; and ordinarily, I would do that from inside the program like this Certificates[] signingCertificates = getClass().getProtectionDomain().getCodeSource().getCertificates(); Unfortunately it appears that getProtectionDomain() returns null on android - according to the specs http://developer.android.com/reference/java/lang/Class.html#getProtectionDomain%28%29 this method might return null (to converse space?), but only for system classes. Since I'm calling this from one of my own classes, I would expect to get a non-null value, but unfortunately not :( I have tried from the emulator, and from an application deployed on my phone using adb through a USB cable. I'm using the latest SDK (2.2) and targeting android 1.6. So I guess I have two questions, the first being: why does getProtectionDomain return null, and have anyone had any success using this method from inside an android application. And the second: Is there some other way to access the certificate that a given apk package was signed with (I can live with the restriction that only a given package can know its own certificate). Kind regards Brian Graversen -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
