我试图在运行时比较我的APK的签名验证与原始签名密钥"相同!",我遵循这个答案,所以它不能杀死我的应用程序,因为它是相同的!,但它会杀死应用程序,因为它不是同一个,并显示吐司。
这就是代码
public void checkSignature(final Context context) {
try {
signatures = context.getPackageManager()
.getPackageInfo(context.getPackageName(),
PackageManager.GET_SIGNATURES).signatures;
if (signatures[0].toString() != SIGNATURE_KEY) {
// Kill the process without warning. If someone changed the certificate
// is better not to give a hint about why the app stopped working
android.os.Process.killProcess(android.os.Process.myPid());
Toast.makeText(getApplicationContext(), "Not working", Toast.LENGTH_LONG).show();
}
} catch (PackageManager.NameNotFoundException ex) {
// Must never fail, so if it does, means someone played with the apk, so kill the process
android.os.Process.killProcess(android.os.Process.myPid());
}
}
我使用该代码在运行时多次获得签名代码,每次都给我相同的!"当我点击按钮时就会发生"
ClipboardManager clipboard = (ClipboardManager) getSystemService(CLIPBOARD_SERVICE);
ClipData clip = ClipData.newPlainText("Release", signatures[0].toCharsString());
clipboard.setPrimaryClip(clip);
这段代码有什么问题使得比较过程不能正常工作? 使用!=运算符比较字符串。这将字符串作为链接而不是对象进行比较。你应该使用。equals()。编辑:同样用于正确比较签名:
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(signatures[0].toByteArray());
String signature = Base64.encodeToString(md.digest(), Base64.DEFAULT);
if (!signature.equals(SIGNATURE_KEY)){
//do your logic
}