What does PackageInfo.signatures return?

2019-04-13 04:04发布

Why there are multiple signatures in this value? Are these values the public key of the package?

Can I uniquely identify a package using this signature instead of reading the files under META-INF, or calculating an MD5 on the whole APK file?

1条回答
地球回转人心会变
2楼-- · 2019-04-13 04:23

According to @hackbod, this is all the public keys the APK was signed with

Despite its name, the contents of PackageInfo.signatures is the public keys your app is signed with. This absolutely, positively does not change between builds. This is the pure identify of the developer of the app.

Reference: https://groups.google.com/d/msg/android-developers/fPtdt6zDzns/MDqie6k7qo0J

查看更多
登录 后发表回答