I would like to programmatically perform a check on the APK's signature at runtime. I own a keystore on my development workstation, so I could know (dunno how) the public key I'm signing an APK with.

Once I know what the public key will be after signage, I would like to put in the source code and check if the currently running application matches the key.

Is it possible? If so, how do I obtain the public key from an Eclipse-generated keystore?

Thanks.

You could try this, it should work

Signature[] sigs = getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;
    for (Signature sig : sigs)
    {
        // log the sig here
    }

I think I have the same situation like you have. Here is my original solution.

You may have a try on it.

Signature sig = context.getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES).signatures[0];
Signature releaseSig = context.getPackageManager().getPackageAchiveInfo("/mnt/sdcard/myReleaseApk.apk", PackageManager.GET_SIGNATURES).signatures[0];
return sig.hashCode() == releaseSig.hashCode;