we have apps use same web services, , need way uniquely identify app calling web services.
what ended doing sending hash signature of app along other parameters. code signature similar 1 https://stackoverflow.com/a/25524657/17648.
then have table hashes stored can use later compare calls web service , find out app called method.
by doing don`t need create switch statements when calling web service.
this working ok now, want make sure hash signatures same version release of apk , same phone/tablet installed.
the code in answer hashing public key keystore, that's in signatures field. if use sha-256 hash algorithm, same value if dump hashes of keystore through java 7+'s keytool command.
this leads 2 potential problems:
you should same value app signed same signing keystore. distinguish between apps, need use different signing keystores. might doing anyway.
the exact format of
byte[]ofsignatureundocumented, technically. possible might change in future. so, might need version-dependent logic sometime down road.
imho, algorithm not better using getpackagename(), using application id.
Comments
Post a Comment