There is a package I found: android.content.pm. The overview starts
with "Contains classes for accessing information about an application
package, including information about its activities, permissions,
services, signatures, and providers."
I am looking to verify the signature of a file downloaded into a
Context's cach directory before:
- using it in the constructor of DexClassLoader, loader
- & running (loader.loadClass("classNm")).newInstance()
Think Java Webstart with a stub & impl version of an Activity. I want
the signer of the stub & downloaded impl to match. Everything works,
but I feel I should be adding this check before going to production.
Am I now looking closer to the right place?
On Oct 28, 4:30 pm, jcpalmer <jcpal...@rochester.rr.com> wrote:
> Noticed in the java.security.CodeSource java doc online that the class
> overview says:
> "Legacy security code; do not use. "
>
> Has something changed? Is not in my aging disk version of the doc
> (should upgrade but that is not the point)
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
