Retrieve the apk signature at runtime for Android

Question

Is there some way to retrieve information about the apk signature at runtime?

For example I have the same App signed with 2 different signatures: app-1.apk and app-

Answer 1

You can access apk signature using PackageManager. PackageInfo flag defined in Package Manager return information about the signatures included in the package.

Signature[] sigs = context.getPackageManager().getPackageInfo(context.getPackageName(),PackageManager.GET_SIGNATURES).signatures;    
for (Signature sig : sigs)
{
    Log.i("App", "Signature : " + sig.hashCode());
}

http://developer.android.com/reference/android/content/pm/PackageManager.html

Answer 2

This might be a different approach, but why don't you just implement a custom permission, that is signature based? Then you could use the package manager (or a broadcast) to find out if the permission was granted.

If it is, then both signatures are the same, if not they are different.