[erlang-questions] verify google play signature in erlang
Xiaobin Xu
xuxb1979@REDACTED
Thu Oct 30 04:32:28 CET 2014
Hi, Ingela,
According to google, the key is "Base64-encoded RSA public key”.
After add header/footer, I’m able to generate public key record now.
Thank you for your kindly help.
Best regards,
Xiaobin Xu
2014-10-29 21:20 GMT+08:00 Ingela Andin <ingela.andin@REDACTED>:
> Hi!
>
> 2014-10-29 6:05 GMT+01:00 Xiaobin Xu <xuxb1979@REDACTED>:
>
>> hi,
>>
>> I tried to implement google play store signature verification in
>> erlang this morning, I think i can use public_key:verify(Msg, DigestType,
>> Signature, Key) -> boolean() to do my job, but I don't know how to generate
>> a public key from encoded public key provided by play store.
>>
>>
> It depends on what encoding you have? There is public_key:pem_decode that
> handles PEM-encoding. (Basically Base64 encoded ASN-1 DER blobs rapped in
> some
> header/footer lines)
>
> When you have a ASN-1 DER blob you can use
> public_key:der_decode(ASN1-type, DER) to get the erlang record for that
> ASN-1 type.
>
>
> Regards Ingela Erlang/OTP team - Ericsson AB
>
>
> In case of java, we can do this:
>>
>> byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.
>> DEFAULT);
>>
>> KeyFactory keyFactory = KeyFactory.getInstance(
>> KEY_FACTORY_ALGORITHM);
>>
>> return keyFactory.generatePublic(new X509EncodedKeySpec(
>> decodedKey));
>>
>>
>>
>> Thanks,
>>
>> Xiaobin, Xu
>>
>>
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20141030/5a34068f/attachment.htm>
More information about the erlang-questions
mailing list