[android-developers] Verify a xmldsig message!
Dear... I need to verify a xmldsig signature in a message. I have a xml in plain text and a SignatureValue and publickey(X509) in base64. How to validate this message in Android 4.o? Thanks -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Public Key to XMLDSIG sign
Dear... I need to create a app to generate XML DSIG compliance signature . My first options, obviously, is use a magic Java class that sign XML in one pass, but not exist in Android. Then, I need create a code to: 1 - read a certificate into keystore; 2 - extract private key and public key; 3 - generate a canonicalized (c14N) data from XML; 4 - generate the digest value (SHA1); 5 - sign the digest; 6 - insert tags in the original XML. My problem is in the pass 2... I extract public key from certificate, but It is not equal to the PublicKey XML DSIG generated by other aplications. Is it a Android problem? Or my code is incorrect? My code: key = ks.getKey(alias, "password".toCharArray()); if (key instanceof PrivateKey) { cert = ks.getCertificate(alias); publicKey = cert.getPublicKey(); privateKey = (PrivateKey) key; KeyPair kp = new KeyPair(publicKey, privateKey); mLog.setText("PRIVATEKEY -->" + Base64.encodeToString(kp.getPrivate() .getEncoded(), Base64.NO_WRAP)); mLog.setText(mLog.getText() + "\n\nPUBLICKEY -->" + Base64.encode(kp.getPublic().getEncoded(),Base64.NO_WRAP)); } } Thanks in advance! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: USB Touchscreen support, why is it so hard?
I have same problem with my usb printer. I think that MK802 Usb do not support this kind of connections! Em domingo, 30 de dezembro de 2012 01h26min07s UTC-2, Zxanatos C. Omyda escreveu: > > I am trying to find a developer that understands USB devices. Basically I > have a MK802 Android 4.0 device. I am trying to connect a USB Resistive > touchscreen to it, but it does nothing. I here that Google stripped that > out to keep Android light, since most devices now use capacitive screens. > How would I go about finding a developer to add resistive touchscreen back > into my devices. > > Basically I am using these for a Google powered car system. It features a > MK802 in each seat, a MK808 for shared use. As of now they work great in > the car, except the touchscreens will not work. > > Any help or advice would be great. I have searched all mighty Google, but > all the information is fragmented or not understandable to me. The MK802, > and MK808 are rooted if that makes a difference. > > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Public Key to XMLDSIG sign
Thanks Nikolay, I think you are right because the publickey that returned from android contains extra HEX code before and after the code generated by my other application. However, i don't understood how to work your code. Can you help me again? Thanks a lot. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Public Key to XMLDSIG sign
I finally discovered what kind of public key I need: is a PEM format like below. How I do this? Thanks -BEGIN CERTIFICATE- MIIDuDCCAqACCQDxZX5jygcxvzANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMC VE4xEDAOBgNVBAgMB1RVTklTSUUxDTALBgNVBAcMBFNGQVgxFTATBgNVBAoMDElu ZXNDb21wYWdueTETMBEGA1UECwwKU2VydmV1cldlYjEXMBUGA1UEAwwOaW5lc2Rv bWFpbmUudG4xKDAmBgkqhkiG9w0BCQEWGWJlbGhvdWNoZXQuaW5lc0BnbWFpbC5j b20wHhcNMTMwMTA5MTQwMzE1WhcNMTQwMTA5MTQwMzE1WjCBnTELMAkGA1UEBhMC VE4xEDAOBgNVBAgMB1RVTklTSUUxDTALBgNVBAcMBFNGQVgxFTATBgNVBAoMDElu ZXNDb21wYWdueTETMBEGA1UECwwKU2VydmV1cldlYjEXMBUGA1UEAwwOaW5lc2Rv bWFpbmUudG4xKDAmBgkqhkiG9w0BCQEWGWJlbGhvdWNoZXQuaW5lc0BnbWFpbC5j b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtGJbgWuUOyQ4Kgfbb VsPO+5/xnBSZlPb7CnW/IHfibcQ+29EALFVp/cpZfn4WdPtQGjSU7cFY7wcoOLnl vDWB5B4JLJHiUnTnvQT3GA1toJFkj0wqOgggfpq/ia5wCREqd7JnVfCJ/kA77M4e fl5ArmObwe1XQy+DRYk67rx1NZ2c2eiEcwUj/v+puF+xJzVpdCg93dbEhTf9A7t2 loqESsBiX2CVaMtLLUK3y+g8etKL51m/PZHVXDMwJTkoje9X3cjh133YuxScMqVm jL40p1/vHAhtkVbnned0yjLPKLH+pCI4mB285WCY7Tn6UupBZG4ttzHFdQpdq0E4 UNsFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBANRPF1TcksXetiscM6qxd9CmgV9/ atkLghMNd/EU6H3E8HB1WPhvo9bdTO+uz1lUJW3vrDpOhp/cU+P1k9cplD8k9Mml 5EK0sJbS63Gl7J3h7U9QDwQ9EIU5eOanhi19wBs775LU6aqXXDE/nzE+XSoEvV0A IMlmqd7Yo0VRqqdD0Pg9ih7MD583ApnRDXzxzvbL6ioHnRyrrtWPfMtA0Eqbcwsg Povq7vL7jdqgx4HD/a8mlvKvM4y4khZox4wr8uJq/KtcbFy4BRsk7BwQVcssAyDR LXNr/u/mb7fhMj9fTNh2GGbNPjspvctAp3WIlkZeSLFZhA/QolutsnJ2nKc= -END CERTIFICATE- Em quinta-feira, 10 de janeiro de 2013 12h33min01s UTC-2, Nikolay Elenkov escreveu: > > On Thu, Jan 10, 2013 at 10:03 PM, mbarbiero > > > wrote: > > Thanks Nikolay, I think you are right because the publickey that > returned > > from android contains extra HEX code before and after the code generated > by > > my other application. > > > > However, i don't understood how to work your code. Can you help me > again? > > There is nothing to do. That code is just to illustrate that Android > does things > slightly differently and that is why you get a different representation > for the > same key. > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Public Key to XMLDSIG sign
Em quinta-feira, 10 de janeiro de 2013 21h21min36s UTC-2, mbarbiero escreveu: > > I finally discovered what kind of public key I need: is a PEM format like > below. > How I do this? > Thanks > -BEGIN CERTIFICATE- > MIIDuDCCAqACCQDxZX5jygcxvzANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMC > VE4xEDAOBgNVBAgMB1RVTklTSUUxDTALBgNVBAcMBFNGQVgxFTATBgNVBAoMDElu > ZXNDb21wYWdueTETMBEGA1UECwwKU2VydmV1cldlYjEXMBUGA1UEAwwOaW5lc2Rv > bWFpbmUudG4xKDAmBgkqhkiG9w0BCQEWGWJlbGhvdWNoZXQuaW5lc0BnbWFpbC5j > b20wHhcNMTMwMTA5MTQwMzE1WhcNMTQwMTA5MTQwMzE1WjCBnTELMAkGA1UEBhMC > VE4xEDAOBgNVBAgMB1RVTklTSUUxDTALBgNVBAcMBFNGQVgxFTATBgNVBAoMDElu > ZXNDb21wYWdueTETMBEGA1UECwwKU2VydmV1cldlYjEXMBUGA1UEAwwOaW5lc2Rv > bWFpbmUudG4xKDAmBgkqhkiG9w0BCQEWGWJlbGhvdWNoZXQuaW5lc0BnbWFpbC5j > b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtGJbgWuUOyQ4Kgfbb > VsPO+5/xnBSZlPb7CnW/IHfibcQ+29EALFVp/cpZfn4WdPtQGjSU7cFY7wcoOLnl > vDWB5B4JLJHiUnTnvQT3GA1toJFkj0wqOgggfpq/ia5wCREqd7JnVfCJ/kA77M4e > fl5ArmObwe1XQy+DRYk67rx1NZ2c2eiEcwUj/v+puF+xJzVpdCg93dbEhTf9A7t2 > loqESsBiX2CVaMtLLUK3y+g8etKL51m/PZHVXDMwJTkoje9X3cjh133YuxScMqVm > jL40p1/vHAhtkVbnned0yjLPKLH+pCI4mB285WCY7Tn6UupBZG4ttzHFdQpdq0E4 > UNsFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBANRPF1TcksXetiscM6qxd9CmgV9/ > atkLghMNd/EU6H3E8HB1WPhvo9bdTO+uz1lUJW3vrDpOhp/cU+P1k9cplD8k9Mml > 5EK0sJbS63Gl7J3h7U9QDwQ9EIU5eOanhi19wBs775LU6aqXXDE/nzE+XSoEvV0A > IMlmqd7Yo0VRqqdD0Pg9ih7MD583ApnRDXzxzvbL6ioHnRyrrtWPfMtA0Eqbcwsg > Povq7vL7jdqgx4HD/a8mlvKvM4y4khZox4wr8uJq/KtcbFy4BRsk7BwQVcssAyDR > LXNr/u/mb7fhMj9fTNh2GGbNPjspvctAp3WIlkZeSLFZhA/QolutsnJ2nKc= > -END CERTIFICATE- > > Em quinta-feira, 10 de janeiro de 2013 12h33min01s UTC-2, Nikolay Elenkov > escreveu: >> >> On Thu, Jan 10, 2013 at 10:03 PM, mbarbiero >> wrote: >> > Thanks Nikolay, I think you are right because the publickey that >> returned >> > from android contains extra HEX code before and after the code >> generated by >> > my other application. >> > >> > However, i don't understood how to work your code. Can you help me >> again? >> >> There is nothing to do. That code is just to illustrate that Android >> does things >> slightly differently and that is why you get a different representation >> for the >> same key. >> > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] BouncyCastle signature value does not match with dotNET signature value.
Hi... I have a problem in SHA1withRSA signature using BouncyCastle on Android: BouncyCastle signature value does not match with dotNET signature value. I tryed to use many algorithms like "SHA1withRSA", "SHA1withRSAAndMGF1" or "SHA1withRSA/ISO9796-2" with no satisfactory results. If I use the same message, same algorithm and the same private key, the result must be identical in dotNet and BoucyCastle... is it? Whats wrong in my code??? *Getting the privateKey:* ... ks = KeyStore.getInstance("PKCS12"); ... key = ks.getKey(alias, senha.toCharArray()); if (key instanceof PrivateKey) { privateKey = (PrivateKey) key; } *Signature method: * public String signer(String txt, String alg) throws Exception { Signature signer = Signature.getInstance(alg, new BouncyCastleProvider()); signer.initSign(privateKey); signer.update(txt.getBytes("UTF-8")); return Base64.encodeToString(signer.sign(), Base64.NO_WRAP); } ps. My app must use XMLDSIG protocol to send XML to a government's webservice. Thanks in advance. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Em domingo, 13 de janeiro de 2013 10h22min21s UTC-2, mbarbiero escreveu: > > Hi... > I have a problem in SHA1withRSA signature using BouncyCastle on Android: > BouncyCastle signature value does not match with dotNET signature value. > I tryed to use many algorithms like "SHA1withRSA", "SHA1withRSAAndMGF1" or > "SHA1withRSA/ISO9796-2" with no satisfactory results. > If I use the same message, same algorithm and the same private key, the > result must be identical in dotNet and BoucyCastle... is it? > Whats wrong in my code??? > > *Getting the privateKey:* > ... > ks = KeyStore.getInstance("PKCS12"); > ... > key = ks.getKey(alias, senha.toCharArray()); > if (key instanceof PrivateKey) { > privateKey = (PrivateKey) key; > } > > *Signature method: > * > public String signer(String txt, String alg) throws Exception { > Signature signer = Signature.getInstance(alg, new BouncyCastleProvider()); > signer.initSign(privateKey); > signer.update(txt.getBytes("UTF-8")); > return Base64.encodeToString(signer.sign(), Base64.NO_WRAP); > } > > > ps. My app must use XMLDSIG protocol to send XML to a government's > webservice. > > Thanks in advance. > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Hi Jason... Thanks for your contact. Firstly, please excuse my poor english... my first language is portuguese. I sent a XML Dsig packet with message + DigestValue + SignatureValue + PublicKey to a government's webservice. The SignatureValue is generated using BouncyCastle and SHA1withRSA. The return message say that signature value is incorrect. When I signed a XML document with a dotNet app the SignatureValue is diferent and the XML is recieved without error. I think that the error is in return format from ".sign" method, but I am not sure! > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Em domingo, 13 de janeiro de 2013 18h17min29s UTC-2, jason_gates escreveu: > > Hi, > Thank you for the response :) So, the private key is not part of the > issue, right? Wouldn't your private key only be used to decode a message > sent from the web service to you? Per your message, that's not your issue. > > Your saying the remote web service is rejecting the message you are > sending, I assume you are using the public key of the web service to encode > the message (you are sending)? Is that correct? > -> I sign the XML with my PrivateKey and send a copy of my PublicKey. The access to webservice is in HTTPS. > Have you compared the xml sent from both clients (android and doNet). Is > the result of that verification, the only difference is the > "SignatureValue"? In other words, the xml structure from both clients are > identical. > > -> Yes, SignatureValue is the unique difference. Do you have a stack trace from the server that we can translate? I'm just > trying to see if there are any more clues. > -> Unfortunately not! > > What I've found is, different versions of the BouncyCastle library are > incompatible. If you encode a value with an earlier version of BouncyCastle > and then try to decode the value with a later version of BouncyCastle, an > exception is raised. > > Do you have access to the source code of your "doNet" client. Can you see > which library (and version) the other client is using and which algorithm > (the algorithm should be published). > -> Tomorow I'll seek the source code and post here Thanks. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Hi Nikolay and Jason... Your summary is correct Nikolay: I sign with privatekey to verify the sender. * did you normalize properly? - Yes... I use a very simple plain text, without especial characters, CR, TAB or LF. * does the raw (byte array) signature match? - I'm not sure about this, but the digestvalues in dotNet and BoucyCastle are identical. - A question: How to cipher digestvalue directly with the privatekey? * are you using the same options for Base64? There are subtle variations here (padding character, line breaks, etc.). - The signatures values are very different. I replace the tag in BC file by dotNet signature value and the webservice returns OK. It's a mystery!!! Below, the two exemples of the signature. Thanks in advance. SIGNED IN dotNet: abchttp://www.w3.org/2000/09/xmldsig#";>http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />http://www.w3.org/2000/09/xmldsig#enveloped-signature"; />http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; />http://www.w3.org/2000/09/xmldsig#sha1"; />fjyUo6F4wLkBrMK558cee+TAmZA=DgzsYBd3CMN+imXKTBmErbw9aHE53ZATtCz5j/116x6lUPRABgSQ0rqcdnjmB7VJLI/eY6HgXGhYZf+pr/9ncBS+dTPcMt8c99enG+Ndhn+sWqUA7DI9X+Qzwv+LMG/USCKX/1dXl1vts7DQQChSLz+yydIvjHWfm/p51WLAvsDqCnmuNzCE70myli3DTsgv04Gll3nYOtfN6EZNUlliAJ5qrGrv0tTpjfiohKyqD5ddwO3ruSh2lLt7XEOa2SIvNvK7hPbhQ5HmKMuWx4Yyn1Arp6+Yd0gcUjhcIZUk1bmU4UkF1a+bOszPFNqPPvWaY0Mr8cznmTdDQEbRj7UjRQ==MIIHszCCBZugAwIBAgIQMjAxMjA5MTgxMjQwMDY0NDANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMCQlIxEzARBgNVBAoTCklDUC1CcmFzaWwxNjA0BgNVBAsTLVNlY3JldGFyaWEgZGEgUmVjZWl0YSBGZWRlcmFsIGRvIEJyYXNpbCAtIFJGQjEuMCwGA1UEAxMlQXV0b3JpZGFkZSBDZXJ0aWZpY2Fkb3JhIFNFUlBST1JGQiB2MzAeFw0xMjA5MTgxNDQ5MzdaFw0xMzA5MTgxNDQ2NDhaMIIBCDELMAkGA1UEBhMCQlIxEzARBgNVBAoTCklDUC1CcmFzaWwxNjA0BgNVBAsTLVNlY3JldGFyaWEgZGEgUmVjZWl0YSBGZWRlcmFsIGRvIEJyYXNpbCAtIFJGQjERMA8GA1UECxMIQ09SUkVJT1MxEzARBgNVBAsTCkFSQ09SUkVJT1MxFjAUBgNVBAsTDVJGQiBlLUNOUEogQTExFDASBgNVBAcTC1BBU1NPIEZVTkRPMQswCQYDVQQIEwJSUzFJMEcGA1UEAxNAQUxGQVNJRyBTRVJWSUNPUyBFTSBURUNOT0xPR0lBIERBIElORk9STUFDQU8gTFREQTowNzg1ODQzMzAwMDEyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJxKyImLfI+bCbnCt+2y+5fDMc3VemFQwd9gEFH0l9IBqqfQGrxjahm4H7owwJP1ODCQmZQKhu1StkPztST3DKMZMV1BHkUX67019DcBKwnHctuyDSOMRuM7M8YIslK80rWbPD6Em3WbGy9knFeNT6Zk+5gdYw1fPBR/WGG4/pcoXtCIwe2vW3GxJbuAspjBXGBwAoQv703VX4YWlfv5N3r5IWdx9cX4hJnZoou1Nf+6ggRw1iaLXwWvGGBJIZ2Y2xW03iKZch6d1e7yEE/CiOyXW+bXpywRpHDpAFR61z4e0Gq70FzNOespM2VBRTWLh9izSA0d22Te1IB7i36pBB0CAwEAAaOCApIwggKOMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUsWexHeccrndCFK1/ngkO5oWwt64wDgYDVR0PAQH/BAQDAgXgMGAGA1UdIARZMFcwVQYGYEwBAgEKMEswSQYIKwYBBQUHAgEWPWh0dHBzOi8vY2NkLnNlcnByby5nb3YuYnIvYWNzZXJwcm9yZmIvZG9jcy9kcGNhY3NlcnByb3JmYi5wZGYwgbUGA1UdEQSBrTCBqqA9BgVgTAEDBKA0BDIyNDEyMTk4MjAwMTM1MjU1MDY2MDAwMDAwMDAwMDAwMDAwMDIwODEyODUzMjhTSlNSU6AiBgVgTAEDAqAZBBdDQVNTSU8gRkVSTkFORE8gSEFFUlRFUqAZBgVgTAEDA6AQBA4wNzg1ODQzMzAwMDEyMaAXBgVgTAEDB6AOBAwwMDAwMDAwMDAwMDCBEXNwY0BjZGwtcGYuY29tLmJyMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCBwAYDVR0fBIG4MIG1MDSgMqAwhi5odHRwOi8vY2NkLnNlcnByby5nb3YuYnIvbGNyL2Fjc2VycHJvcmZidjMuY3JsMDWgM6Axhi9odHRwOi8vY2NkMi5zZXJwcm8uZ292LmJyL2xjci9hY3NlcnByb3JmYnYzLmNybDBGoESgQoZAaHR0cDovL3JlcG9zaXRvcmlvLmljcGJyYXNpbC5nb3YuYnIvbGNyL3NlcnByby9hY3NlcnByb3JmYnYzLmNybDBOBggrBgEFBQcBAQRCMEAwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jY2Quc2VycHJvLmdvdi5ici9jYWRlaWFzL2Fjc2VycHJvcmZidjMucDdiMA0GCSqGSIb3DQEBCwUAA4ICAQARRZtKyK3I47YbRJJD2PsVFJOmOfgZmK2mt4+3zYwXlHJuAcnQ1PMq+j7UCxT/Tc/KnxEsM2yTA335YLsCpI5L30I3p/Pn2tRLyt8FXmgElcJx6GQpDfsBSm/G+tYoo5DpmQEWmXBoGT2WLNfSQXCfXESNRspuyQ8Ce9d6hzpUdBcfssBK2GVisAIefKqpwEdJUEzhnxajFfnOBWPlNpmT1eE9fJ2y5rd5ycYYY9NxBv2axWLg26eBzBQ0+3XF7etUUZ+v0BU1DeV8DNqtBslUdTorI5cPbtu4LqNMg2xwRT8CY225pvO9TQtJLKZ5lCjWLs6KNjTNIPAuyKVaPeybn7uJ9l8iGFATNAM5BqmFyhXK2Ydyf6AafxIPfr+T1ioSNFDFqruQjDRiGUthzAEA/XN3Hmb0a3ZuboRUyblpsj84MxWfh4G/r4JR8pO+pwJ8er0B+ocHrX14rW74NaYwCq458BvUXp3cNjjQTf82Aq7ooeenrCZx6e7WVpuDEKNVvIbLlTuZxsI4Yd561UHcaUzwL0xiVZs+qMK8LN50Q1BXrsLD266CsBSeE1A1WHKLHCijyaNTjjje7h3ctEyE1jwIKsQPkgEUuDdyjFefgEyXWuznq0XtvSzHiA3mfHP7nC6hmfQsAGr3uzzByOZIQU9BurRIEBjbs3MG5sdiTQ== SIGNED by BC: abchttp://www.w3.org/2000/09/xmldsig#";>http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>http://www.w3.org/2000/09/xmldsig#sha1"/>fjyUo6F4wLkBrMK558cee+TAmZA=B736cDNT+51fz2jV6mnrA2VXftXp32ZeCr3OHAkQjscYvWtB6QC+6jpdHxxfL2iPqX0939XsBm53SvgxU3S+2/KXexukVTv00zMQqVAjYPw8o5atfcVtDqwSLNQgGQeS4Ex0TGd0GvD5dw/N7AarUtMBUQLtjckMokyseX+q/rHBQwfS/njrEPYiCfvn4WXf//D5SdpM7wipeAdd4vk1aWgGmLLYEheo+ZMtypCNF3vedPVSx7sXNJE187Nf+BVIZVXx7qD/FBvVW+UXhK0KURMladf3lCPt1CzONYFSEOBPIPwE9u8ktC23pRK57oUqwvINS6HtTCxQVG+tzk5LUw== MIIHszCCBZugAwIBAgIQMjAxMjA5MTgxMjQwMDY0NDANBgkqhkiG9w0BAQsFADCB ijELMAkGA1UEBhMCQlIxEzARBgNVBAoTCklDUC1CcmFzaWwxNjA0BgNVBAsTLVNl Y3JldGFyaWEgZGEgUmVjZWl0YSBGZWRlcmFsIGRvIEJyYXNpbCAtIFJGQjEuMCwG A1UEAxMlQXV0b3JpZGFkZSBDZXJ0aWZpY2Fkb3JhIFNF
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
I read the certificate form a .pfx file and extract keys: PUBLICKEY cert = ks.getCertificate(alias); X509Certificate X509 = (X509Certificate) cert; publicKey = cert.getPublicKey(); PRIVATEKEY key = ks.getKey(alias, senha.toCharArray()); if (key instanceof PrivateKey) { privateKey = (PrivateKey) key; } I know that the publicKey is correct because they match with dotNET file. In the new version of my app i verify the privateKey using the code below. Signature signer = null; signer = Signature.getInstance("SHA1withRSA"); signer.initSign( privateKey ); signer.update(msg.getBytes("UTF-8")); byte[] theSignature = null; theSignature = signer.sign(); Log.d("theSignature ---> ", theSignature.toString()); Signature sig = null; sig = Signature.getInstance("SHA1withRSA"); sig.initVerify(publicKey); sig.update(msg.getBytes("UTF-8")); boolean verifies = false; verifies = sig.verify(theSignature); if(verifies){ Log.d("SIGNATURE OK","SIGNATURE OK"); Log.d("Signature ",Base64.encodeToString(theSignature, Base64.NO_PADDING)); }else{ Log.d("SIGNATURE NÃO OK","SIGNATURE NÃO OK"); The message in Log is "SIGNATURE OK", then I presume that privateKey is OK too. If this is right, then the error must be in format of theSignature. Maybe the signature have a header or footer like public key (-BEGIN CERTIFICATE-) that interfer in the Base64.encodeToString. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
My ideia was that the header is in signature, not in Base64. -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Nikolay, Bob and Jason ... Thank for your attention. This problem XMLDSIG seems simple, but is now driving me crazy. The root of the problem is that I need to develop for Android. If it were in JAVA 6 the documentation is very complete: http://docs.oracle.com/javase/6/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Anybody know about Santuario Apache in Android? Is a JSR105 implementation. I tried install but recieved a error: "Conversion to Dalvik format failed with error 1 Santuario Unknown Android Packaging Problem" Em terça-feira, 15 de janeiro de 2013 15h39min43s UTC-2, jason_gates escreveu: > > Hi, > No problem. Sorry I couldn't provide more help :) > > You've got a challenge that requires a lot of patience :) Hang in there. > It's not you, it's just a big challenge. It happens to all of us. > > I found an additional link, might > help:http://msdn.microsoft.com/en-us/library/ms996502.aspx > > You'll solve it :) > Jason > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Nikolay... One more question: If the private key used to sign is incorrect, the command "$ openssl rsautl -verify -in s2.bin -pubin -inkey pub1.pem -raw -hexdump" result in error or in incorrect message? I need confirm if used privatekey is correct. Thanks and, please, escuse my ignorance! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Em quarta-feira, 16 de janeiro de 2013 10h06min13s UTC-2, Nikolay Elenkov escreveu: > > > On Jan 16, 2013 9:01 PM, "mbarbiero" > > wrote: > > > > Nikolay... > > > > One more question: If the private key used to sign is incorrect, the > command "$ openssl rsautl -verify -in s2.bin -pubin -inkey pub1.pem -raw > -hexdump" result in error or in incorrect message? > > > > It will result in garbage, not properly structured data. > > > I need confirm if used privatekey is correct. > > > > It seems it is correct. > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Hi... I tested the canonical form and Sha1 hash code using a .net code to confirm the values. A strig format of is OK. Considering that PrivateKey is OK too, my suspects are, now, the byte code send to sign and the convertion to base64 of the results. Maybe little-endian x big-endian can explain this! CODE .NET: XmlDsigC14NTransform t = new XmlDsigC14NTransform(); t.LoadInput(myDoc); Stream s = (Stream)t.GetOutput(typeof(Stream)); SHA1 sha1 = SHA1.Create(); byte[] hash = sha1.ComputeHash(s); Best regards mBarbiero -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Hi Nikolay... In the XMLs that I post the DigestValue (SHA1) is the same of the DigestValue of canonicalized .net. I will try to create a program in Java pure to test if problem is in Android implementation. What you think about? Em quinta-feira, 17 de janeiro de 2013 13h25min25s UTC-2, Nikolay Elenkov escreveu: > > On Thu, Jan 17, 2013 at 11:11 PM, mbarbiero > > > wrote: > > Hi... > > I tested the canonical form and Sha1 hash code using a .net code to > confirm > > the values. A strig format of is OK. > > Not too clear what you are saying here. Is the SHA1 of the canonical form > of > the two 's the same in both Java and C#? XML you posted above > suggests otherwise. > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Hi.. The text that I sign is too sample: abc Without tabs, cr or especial chars. mBarbiero Em quinta-feira, 17 de janeiro de 2013 15h19min06s UTC-2, Kostya Vasilyev escreveu: > > Windows (dot net) and Unix (android) default to different ways to > represent line breaks. > > Are line breaks in the xml you're signing encoded the same way on both > sides? > 17.01.2013 20:24 пользователь "mbarbiero" > > > написал: > >> Hi Nikolay... >> >> In the XMLs that I post the DigestValue (SHA1) is the same of the >> DigestValue of canonicalized .net. >> >> I will try to create a program in Java pure to test if problem is in >> Android implementation. What you think about? >> >> Em quinta-feira, 17 de janeiro de 2013 13h25min25s UTC-2, Nikolay Elenkov >> escreveu: >>> >>> On Thu, Jan 17, 2013 at 11:11 PM, mbarbiero >>> wrote: >>> > Hi... >>> > I tested the canonical form and Sha1 hash code using a .net code to >>> confirm >>> > the values. A strig format of is OK. >>> >>> Not too clear what you are saying here. Is the SHA1 of the canonical >>> form of >>> the two 's the same in both Java and C#? XML you posted >>> above >>> suggests otherwise. >>> >> >> -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
Re: [android-developers] Re: BouncyCastle signature value does not match with dotNET signature value.
Thanks Nikolay. The tests with .net confirm that BouncyCastle signature process is OK. I will try to sign SignedInfo -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [android-developers] USB host
You tried the process shown in http://stackoverflow.com/questions/11183792/android-usb-host-and-hidden-devices? One question more.. are you brazilian or portuguese? -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [android-developers] USB host
Sou brasileiro... No nosso grupo de desenvolvedores o pessoal que mais entende de USB é o que usa Android para controlar o Arduino. Talvez seja melhor procurar uma solução nos grupos do Arduino. Marco Em sexta-feira, 1 de março de 2013 08h48min14s UTC-3, Marta Ribeiro escreveu: > > Yes yes, that was one of the first things I checked. > > Portuguese. > > On Friday, March 1, 2013 11:20:06 AM UTC, mbarbiero wrote: >> >> You tried the process shown in >> http://stackoverflow.com/questions/11183792/android-usb-host-and-hidden-devices >> ? >> >> One question more.. are you brazilian or portuguese? >> > -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Web service + SSL + KSOAP2 + .pfx
I need to access a web service using a client certificate in a .pfx file and KSOAP2 2.6.5. Any idea??? Thanks in advance! -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Access web service over SSL with client certificate (KSOAP)
Dear developers... I need to access a very secure web service that requires authentication with server *AND client certificates*. The big problem (to me) is *how to define client certificate in the SSL packet*. I use o Ksoap but don't found documentation about SSL and certificates. Any idea? -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [android-developers] Access web service over SSL with client certificate (KSOAP)
Thanks Ranuka... I'll try. mbarbiero Em sábado, 6 de abril de 2013 09h51min29s UTC-3, android developer escreveu: > > try these > > http://blog.callistaenterprise.se/2011/11/24/creating-self-signed- > certificates-for-u<http://blog.callistaenterprise.se/2011/11/24/creating-self-signed-certificates-for-use-on-android/> > > se-on-android/<http://blog.callistaenterprise.se/2011/11/24/creating-self-signed-certificates-for-use-on-android/> > > http://blog.callistaenterprise.se/2011/11/24/android > -tlsssl-mutual-authentication/ > > Thanks & Regards, > Renuka > > > On Sat, Apr 6, 2013 at 5:48 PM, mbarbiero > > wrote: > >> Dear developers... >> >> I need to access a very secure web service that requires authentication >> with server *AND client certificates*. The big problem (to me) is *how >> to define client certificate in the SSL packet*. >> I use o Ksoap but don't found documentation about SSL and certificates. >> >> Any idea? >> >> -- >> -- >> You received this message because you are subscribed to the Google >> Groups "Android Developers" group. >> To post to this group, send email to >> android-d...@googlegroups.com >> To unsubscribe from this group, send email to >> android-developers+unsubscr...@googlegroups.com >> For more options, visit this group at >> http://groups.google.com/group/android-developers?hl=en >> --- >> You received this message because you are subscribed to the Google Groups >> "Android Developers" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to android-developers+unsubscr...@googlegroups.com . >> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> > > -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Trust chain certificates to access https service in Android
Dear... I need to access a server with a public certificate created by a government institute. I loaded the server certificate in .DER format, but it does not load a trust chain of this certificate (message: Trust anchor for certification path not found). The root CA is not in System CA Trust Store. How to load a trust chain? Is possible to load a p7b file in the Android? My code: public void carregaCertificado(String nmArquivo) throws CertificateException, KeyStoreException, IOException { { FileInputStream fis = null; fis = new FileInputStream(nmArquivo); BufferedInputStream bis = new BufferedInputStream(fis); CertificateFactory cf = CertificateFactory.getInstance("X.509"); while (bis.available() > 0) { Certificate cert = cf.generateCertificate(bis); ksServer.setCertificateEntry(nmArquivo, cert); } } } Thanls mbarbiero -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] How to create JAR libs in Android
I need to create a JAR lib (like KSOAP or Spongycastle) to distribute but I dont find documentation! Is it possible? Can anybody help me? Thanks mBarbiero -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [android-developers] How to create JAR libs in Android
Thanks for your response Roland, but I use KSOAP in my APP and it is a JAR file. Must be a secret to generate this kind of lib. -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Re: How to create JAR libs in Android
Thanks Piren... Using your comment and the post in http://stackoverflow.com/a/6859020/2267621 I could use libs on my project! Thanks again! mbarbiero Em quinta-feira, 25 de abril de 2013 04h05min59s UTC-3, Piren escreveu: > > You can use regular Ant Build commands to package your app code into a > JAR, or use the new build system for that ( > http://tools.android.com/tech-docs/new-build-system/user-guide). > > The simplest way though is just to mark your project as Android Library > and pull the resulting JAR (they modified ADT to automatically create JAR a > long while ago). Just notice that these libraries are very constrained in > using resources and some instances of Switch statements. Future android > builds are supposed to fix this by using the R files a bit differently. > > On Wednesday, April 24, 2013 3:42:52 PM UTC+3, mbarbiero wrote: >> >> I need to create a JAR lib (like KSOAP or Spongycastle) to distribute but >> I dont find documentation! >> Is it possible? >> Can anybody help me? >> Thanks >> mBarbiero >> > -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Re: How to create JAR libs in Android
Em quarta-feira, 24 de abril de 2013 09h42min52s UTC-3, mbarbiero escreveu: > > I need to create a JAR lib (like KSOAP or Spongycastle) to distribute but > I dont find documentation! > Is it possible? > Can anybody help me? > Thanks > mBarbiero > -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[android-developers] Re: How to create JAR libs in Android
Piren... One question more... when I configure proguard obfuscation, the jar file are obfuscate too? Thanks mbarbiero Em quinta-feira, 25 de abril de 2013 04h05min59s UTC-3, Piren escreveu: > > You can use regular Ant Build commands to package your app code into a > JAR, or use the new build system for that ( > http://tools.android.com/tech-docs/new-build-system/user-guide). > > The simplest way though is just to mark your project as Android Library > and pull the resulting JAR (they modified ADT to automatically create JAR a > long while ago). Just notice that these libraries are very constrained in > using resources and some instances of Switch statements. Future android > builds are supposed to fix this by using the R files a bit differently. > > On Wednesday, April 24, 2013 3:42:52 PM UTC+3, mbarbiero wrote: >> >> I need to create a JAR lib (like KSOAP or Spongycastle) to distribute but >> I dont find documentation! >> Is it possible? >> Can anybody help me? >> Thanks >> mBarbiero >> > -- -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-developers+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.