I'm currently developing a .AAR android library and I would like to sign the released library with my own key so that I can determine if a fake aar with the same name and functionality has been released by mine or not.
I also want to be able to check the authenticity of my library programmatically, even if a fakely-build one, is forging just part of the functionality of my aar file.
we are publishing this library to some of our business partners and they are going to integrate it into their apps and publish them to public markets.
Current Scenario: Using PackageInfo returns the key of APP code nor the library code.
We need: First Sign AAR library and return its signature if someone uses this library in its code.
Note: Tried jarsigner but it's verification by some external command, I need internally return in code.
I also want to be able to check the authenticity of my library programmatically, even if a fakely-build one, is forging just part of the functionality of my aar file.
we are publishing this library to some of our business partners and they are going to integrate it into their apps and publish them to public markets.
Current Scenario: Using PackageInfo returns the key of APP code nor the library code.
We need: First Sign AAR library and return its signature if someone uses this library in its code.
Note: Tried jarsigner but it's verification by some external command, I need internally return in code.
Facebook
Twitter
Instagram