Is there any way to verify an Android's application signature's signer? By this I mean that I need to check if an application was signed by an organization that I trust to and that all public certificates in the chain representing this organization are valid.
I've looked at PackageManager already, but could not get anything from there except signature's bytes and I'm not sure what the format of that signature is or if I can derive signer information from those bytes. Any pointers are highly appreciated. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
