Android校验应用签名是否被篡改

1.获取应用签名并校验MD5或者SHA1

/**
     * 检测签名
     */
    private boolean checkSignature() {
        Context context = WXApplication.getInstance();
        try {
            PackageInfo packageInfo = context.getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES);
            Signature[] signatures = packageInfo.signatures;

            if (signatures != null) {
                for (Signature signature : packageInfo.signatures) {
                    //获取MD5或者SHA1
                    MessageDigest md = MessageDigest.getInstance("MD5");
                    md.update(signature.toByteArray());

                    String currentSignature = bytesToHexString(md.digest()).toUpperCase();

                    if ("YOUR SIGENATURE".equals(currentSignature)) {
                        return true;
                    }
                }
            } else {
                LogUtil.i("signatures ==null");
            }

        } catch (NameNotFoundException e) {
            e.printStackTrace();
            LogUtil.e(e);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            LogUtil.e(e);
        }

        return false;
    }

/**
 * byte转16进制String
 *
 * @param src 数据源
 * @return string
 */
public String bytesToHexString(byte[] src) {
    StringBuilder stringBuilder = new StringBuilder();
    if (src == null || src.length <= 0) {
        return "";
    }

    for (byte by : src) {
        int v = by & 0xFF;
        String hv = Integer.toHexString(v);
        if (hv.length() < 2) {
            stringBuilder.append(0);
        }
        stringBuilder.append(hv);
    }
    return stringBuilder.toString();
}