There's a scenario, when your Android app connect to your server, there're some secret keys like authentication key, the keys for encrypting the data you send to the server and the keys for decrypting you get from the server.. etc. You don't want users to reverse engineering your apk and find those keys easily, we've got two ways to hide your secret keys.
Using this program to encrypt your secret keys, you post those encrypted strings to your android project. Then, fill in the parameters generated by this program in your project for decryption to decrypt the messages.
Step1. Fill in your secret keys![]()
RSA (Rivest–Shamir–Adleman) is one of the first public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and distinct from the decryption key which is kept secret (private). I need to generate an RSA public key from a modulus and exponent and I'm unable to find any resources where someone has done this successfully. I can't even find a way to do it in Apples documentation. Java Code Examples for java.security.spec.RSAPublicKeySpec. The following code examples are extracted from open source projects. You can click to vote up the examples that are useful to you. In the RSA algorithm the public key is build using the modulus and the public exponent, which means that we can always derive the public key from the private key. OpenSSL can easily do this with the rsa module, producing the public key in PEM format. How to generate public/private key in C#. Asymmetric cryptography also known as public-key encryption uses a public/private key pair to encrypt and decrypt data. In.NET, the RSACryptoServiceProvider and DSACryptoServiceProvider classes are used for asymmetric encryption.
Step2. Run Main.java
You'd get logs in your consult like that:
Step3. Add the decryption method to your project![]()
When you add new secret keys, you must refill modulus, exponent and the other encrypted keys, because you get different RSA KeyPair(private key and public key) every execution.
Greenhorn
posted 13 years ago
Hello everyone,
I'm stuck. I try to implement a XML data signature validation using the javax.xml.crypto.* packages from SUN. Differently to the examples provided with the download, my public key is not included in the xml file. I found no example how to read this: <RSAKeyValue> <Modulus>vnh1DktYlAnQw3sa31D7z01CAkG9SJlFnPGSgGw8BFJmtW6QuRu7XW+VoAei4xPVg2IzvS24CWH3xNJ4rIj2aBvyHiQbp7Td+pmwRirUPfYOzo7RGSLQLV1TO7Af3RvIkLpmqlHFdUXyWf0vGaVkag9FRHLUp3V4OY8RazM2ftM=</Modulus> <Exponent>AQAB</Exponent> </RSAKeyValue> with Java and get a RSAPublicKey Object in the end. Btw: the key is generated with an .NET application, but as I understand it, this should not be any problem. Any suggestion? TIA Tobias
Ranch Hand
posted 13 years agoHi,Generate Rsa Public Key From Modulus Exponent Java 10If you are trying to validate a signature, then you don't need to read the key per se. You can validate the <Signature> node directly without worrying about the key. Follow the *validate* examples that come along with the Sun JWSDP 2.0 (xmldsig folder). If you still need the key for some reason, you can construct a PublicKey, by creating a RSAPublicKeySpec object from the 'modulus' and 'exponent' in the XML. You have to use a KeyFactory for that. I have a working example, in case you needed more details.By the way, were you able to accomplish what you were trying (sign in .NET and validate in Java)? I am curious, as I am tryng the same thing and my signature is correctly validating in .NET (signature was created in .NET) but its not validating in Java using the javax.xml.crypto API. If you have any idea why, can you please reply back ASAP.
Originally posted by Tobias Schr�er:
Hello everyone, I'm stuck. I try to implement a XML data signature validation using the javax.xml.crypto.* packages from SUN. Differently to the examples provided with the download, my public key is not included in the xml file. I found no example how to read this: <RSAKeyValue> <Modulus>vnh1DktYlAnQw3sa31D7z01CAkG9SJlFnPGSgGw8BFJmtW6QuRu7XW+VoAei4xPVg2IzvS24CWH3xNJ4rIj2aBvyHiQbp7Td+pmwRirUPfYOzo7RGSLQLV1TO7Af3RvIkLpmqlHFdUXyWf0vGaVkag9FRHLUp3V4OY8RazM2ftM=</Modulus> <Exponent>AQAB</Exponent> </RSAKeyValue> with Java and get a RSAPublicKey Object in the end. Btw: the key is generated with an .NET application, but as I understand it, this should not be any problem. Any suggestion? TIA Tobias
Greenhorn
posted 13 years ago
Originally posted by Akshay Shrivastava: Hi, If you are trying to validate a signature, then you don't need to read the key per se. You can validate the <Signature> node directly without worrying about the key. Follow the *validate* examples that come along with the Sun JWSDP 2.0 (xmldsig folder). That's what I was using. But here, the public key is provided within the signatured Xml file. In my file, the key is intentionally not included in the file. If you still need the key for some reason, you can construct a PublicKey, by creating a RSAPublicKeySpec object from the 'modulus' and 'exponent' in the XML. You have to use a KeyFactory for that. I have a working example, in case you needed more details. That would be great. By the way, were you able to accomplish what you were trying (sign in .NET and validate in Java)? I am curious, as I am tryng the same thing and my signature is correctly validating in .NET (signature was created in .NET) but its not validating in Java using the javax.xml.crypto API. If you have any idea why, can you please reply back ASAP. As you can guess, I have not succeeded yet. Ok, I had little time to try in the last days. If I do, I'd let you know. Tobi
Greenhorn
posted 13 years ago
I just started working with the Java XMLDSIG libraries in the JWSDP and have been having trouble generating a signature withOUT the KEYINFO element and information. You mention having your problem because you were reading a signed XML file without the KEYINFO element. Were you able to accomplish this with the Java libraries or did you do it in .NET?
I've tried passing a null KeyInfo object to my XML signer in Java and it somehow still grabs the public key out of my certificate. I've only ever passed it a private key from that certificate, so I'm a bit confused by this. My other concern is that a HOW-TO article written by Sun states that you MUST provide the KEYINFO element; however, that directly contradicts both the W3C Recommendation and their own API. If you have any suggestions or could point me in the right direction, I'd appreciate it. Thanks, Tony
Greenhorn
posted 13 years ago
Generate Rsa Public Key From Modulus Exponent Java 4
My apologies for jumping the gun. I've figured out why it appeared to be adding the public key anyways.
Sorry! Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |