android - Confirm APK identity with keystore -

-

i building android application communicates online webservice. plan on releasing application's source code on github. production version, utilize personal webservice want allow digitally signed apk connect.

is possible request apk's keystore , confirm username/password keystore?

if not possible how else can produce functionality?

edit:

i have read class certificate looks might able user public/private keys confirm identity. still unsure of implementation

i use -- 

    static public string getpackagefingerprint( context ctx ) {         packagemanager pm = ctx.getpackagemanager();         string packagename = ctx.getpackagename();         int flags = packagemanager.get_signatures;          packageinfo packageinfo = null;          try {                 packageinfo = pm.getpackageinfo(packagename, flags);         } catch (namenotfoundexception e) {                 return "";         }         signature[] signatures = packageinfo.signatures;          byte[] cert = signatures[0].tobytearray();          inputstream input = new bytearrayinputstream(cert);          certificatefactory cf = null;         try {                 cf = certificatefactory.getinstance("x509");           } catch (certificateexception e) {                 return "";         }         x509certificate c = null;         try {                 c = (x509certificate) cf.generatecertificate(input);         } catch (certificateexception e) {                 return "";         }           try {             messagedigest md = messagedigest.getinstance("sha1");             byte[] publickey = md.digest(c.getpublickey().getencoded());               stringbuffer hexstring = new stringbuffer();             (int i=0;i<publickey.length;i++) {                 string appendstring = integer.tohexstring(0xff & publickey[i]);                 if(appendstring.length()==1)hexstring.append("0");                 hexstring.append(appendstring);                 }               return hexstring.tostring();          } catch (nosuchalgorithmexception e1) {             return "";         }      }

the problem see approach determine package fingerprint or package , send web-service. better possibility use challenge-response mechanism: web-service sends unique session-token, app encrypts or digests using shared algorithm, , sends encrypted token service verification. of course, wouldn't want publish algorithm github.


Comments

Post a Comment

Popular posts from this blog

java - Run a .jar on Heroku -

-
i trying run .jar file on heroku, , can't find instructions anywhere on how this. have read wants me compile uploading heroku. possible, , if is, how this? if helps, trying run minecraft craftbukkit server, , don't have pom.xml file yet. you didn't provide details i'll try give , people reaches question way it. first of all, create heroku account , create heroku application (assumed have done that). second, need generate application jar , upload heroku. so, open terminal , install heroku cli (assuming unix terminal): $ sudo npm install -g heroku-cli you need have npm , nodejs installed, can check link: https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-16-04 once done that, can use npm update node version acceptable heroku-cli: $ sudo npm install -g n $ sudo n 7.10.0 and run: $ sudo npm install -g heroku-cli in order deploy jars, need install deploy plugin: $ sudo heroku plugins:install heroku-cli-deploy ...
Read more

java - Jtable duplicate Rows -

-
Image
when add new rows in jtable duplicate rows many times this method update jtable public final void tableaucomande(){ ((defaulttablemodel)tabcommande.getmodel()).getdatavector().clear(); session s=hibernateutil.getsessionfactory().opensession(); criteria cr1= s.createcriteria(commande.class); list <commande> lcs=cr1.list() ; criteria cr2= s.createcriteria(lignecommande.class); list <lignecommande> lck=cr2.list() ; if(lcs.size()!=0 && lck.size()!=0) { (commande lc:lcs) { for(lignecommande lig:lck){ ((defaulttablemodel)tabcommande.getmodel()).addrow(new object[]{ lc.getid_cmd(),lc.getnumcmd(),lc.getdate_cmd(),lc.getclient().getnomprenom(), lig.getproduit().getlib_prd(),lig.getquantite(),lig.getproduit().getid_prd() }); } } // tabcommande.setrowselectioninterval(tabcommande.getrowcount()-1,tabcommande.getrowcount()-1); } } this code add add data rows displaye...
Read more

validation - How to pass paramaters like unix into windows batch file -

-
i need pass various parameters .cmd file unix format file.cmd -configuration=value -source=value -flag but, try this: startlocal @echo off cls setlocal set cmdline=%* set configuration= set source= set badargs= set validation= goto main :splitargs echo splitargs(%*) if "%*" neq "" ( /f "tokens=1,2,* delims== " %%i in ("%*") call :assignkeyvalue %%i %%j & call :splitargs %%k ) goto :eof :assignkeyvalue echo assignkeyvalue(%1, %2) if /i %1==-configuration ( set configuration=%2 ) else if /i %1==-source ( set source=%2 ) else ( rem append unrecognised [key,value] badargs echo unknown key %1 set badargs=%badargs%[%1, %2] ) goto :eof :validate echo validating set validation=fail if defined configuration ( echo -configuration ok if defined source ( echo -source ok if not defined badargs ( set validation=success ) ) ) goto :eof :main cl...
Read more