Untitled

import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.PackageManager.NameNotFoundException;
import android.content.pm.Signature;

public class TamperCheck {

//we store the hash of the signture for a little more protection
private static final String APP_SIGNATURE = "1038C0E34658923C4192E61B16846";

  /**
	 * Query the signature for this application to detect whether it matches the
	 * signature of the real developer. If it doesn't the app must have been
	 * resigned, which indicates it may been tampered with.
	 *
	 * @param context
	 * @return true if the app's signature matches the expected signature.
	 * @throws NameNotFoundException
	 */
	public boolean validateAppSignature(Context context) throws NameNotFoundException {

		PackageInfo packageInfo = context.getPackageManager().getPackageInfo(
				getPackageName(), PackageManager.GET_SIGNATURES);
    //note sample just checks the first signature
		for (Signature signature : packageInfo.signatures) {
			// SHA1 the signature
			String sha1 = getSHA1(signature.toByteArray());
			// check is matches hardcoded value
			return APP_SIGNATURE.equals(sha1);
		}

		return false;
	}

  //computed the sha1 hash of the signature
  public static String getSHA1(byte[] sig) {
  		MessageDigest digest = MessageDigest.getInstance("SHA1", "BC");
			digest.update(sig);
			byte[] hashtext = digest.digest();
			return bytesToHex(hashtext);
	}

  //util method to convert byte array to hex string
  public static String bytesToHex(byte[] bytes) {
  	final char[] hexArray = { '0', '1', '2', '3', '4', '5', '6', '7', '8',
				'9', 'A', 'B', 'C', 'D', 'E', 'F' };
		char[] hexChars = new char[bytes.length * 2];
		int v;
		for (int j = 0; j < bytes.length; j++) {
			v = bytes[j] & 0xFF;
			hexChars[j * 2] = hexArray[v >>> 4];
			hexChars[j * 2 + 1] = hexArray[v & 0x0F];
		}
		return new String(hexChars);
	}


}