[erlang-questions] verify google play signature in erlang
Ingela Andin
ingela.andin@REDACTED
Wed Oct 29 14:20:17 CET 2014
Hi!
2014-10-29 6:05 GMT+01:00 Xiaobin Xu <xuxb1979@REDACTED>:
> hi,
>
> I tried to implement google play store signature verification in
> erlang this morning, I think i can use public_key:verify(Msg, DigestType,
> Signature, Key) -> boolean() to do my job, but I don't know how to generate
> a public key from encoded public key provided by play store.
>
>
It depends on what encoding you have? There is public_key:pem_decode that
handles PEM-encoding. (Basically Base64 encoded ASN-1 DER blobs rapped in
some
header/footer lines)
When you have a ASN-1 DER blob you can use public_key:der_decode(ASN1-type,
DER) to get the erlang record for that ASN-1 type.
Regards Ingela Erlang/OTP team - Ericsson AB
In case of java, we can do this:
>
> byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.
> DEFAULT);
>
> KeyFactory keyFactory = KeyFactory.getInstance(
> KEY_FACTORY_ALGORITHM);
>
> return keyFactory.generatePublic(new X509EncodedKeySpec(
> decodedKey));
>
>
>
> Thanks,
>
> Xiaobin, Xu
>
>
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20141029/9abd7099/attachment.htm>
More information about the erlang-questions
mailing list