Reputation: 94108
Does an android cryptography provider need to be signed?
In Java SE from Oracle, it is required for a provider of cryptographic functions to be signed. This signing needs to occur using a private key belonging to a certificate that has been signed by Oracle. If the .jar of the provider is not signed, then the provider cannot be plugged into the Java Cryptography Architecture (JCA) as a Java Cryptography Extension (JCE).
Does Android 4.0-4.4 require the providers to be signed as well? If so, are there specific regulations to creating a key/certificate pair that is used for signing?
Upvotes: 3
Views: 122
Answers (1)
Reputation: 2042
No, it does not. Your application is the only thing running in the Android sandbox, so the SecurityManager interface doesn't make any sense. As a caveat, you shouldn't load and run untrusted code (see the Android docs on SecurityManager)
Upvotes: 2
Related Questions
- What reasons does it have to sign apk?
- Android Security application signing
- Signing android application
- Android Application APK signing?
- Software Signing
- Do android libraries need to be signed?
- Signing Android apk?
- Android Application Signing
- Android Signed Apps
- Question about Signing Application for Android