[erlang-questions] verify google play signature in erlang

Xiaobin Xu xuxb1979@REDACTED
Thu Oct 30 04:32:28 CET 2014


Hi, Ingela,


     According to google, the key is "Base64-encoded RSA public key”.

    After add header/footer, I’m able to generate public key record now.


    Thank you for your kindly help.


     Best regards,

     Xiaobin Xu

2014-10-29 21:20 GMT+08:00 Ingela Andin <ingela.andin@REDACTED>:

> Hi!
>
> 2014-10-29 6:05 GMT+01:00 Xiaobin Xu <xuxb1979@REDACTED>:
>
>> hi,
>>
>>     I tried to implement google play store signature verification in
>> erlang this morning, I think i can use public_key:verify(Msg, DigestType,
>> Signature, Key) -> boolean() to do my job, but I don't know how to generate
>> a public key from encoded public key provided by play store.
>>
>>
> It depends on what encoding you have?  There is public_key:pem_decode that
> handles PEM-encoding. (Basically Base64 encoded ASN-1 DER blobs rapped in
> some
> header/footer lines)
>
> When you have a ASN-1 DER blob you can use
> public_key:der_decode(ASN1-type, DER)  to get the erlang record for that
> ASN-1 type.
>
>
> Regards Ingela Erlang/OTP team - Ericsson AB
>
>
>      In case of java, we can do this:
>>
>>             byte[] decodedKey = Base64.decode(encodedPublicKey, Base64.
>> DEFAULT);
>>
>>             KeyFactory keyFactory = KeyFactory.getInstance(
>> KEY_FACTORY_ALGORITHM);
>>
>>             return keyFactory.generatePublic(new X509EncodedKeySpec(
>> decodedKey));
>>
>>
>>
>>      Thanks,
>>
>>       Xiaobin, Xu
>>
>>
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20141030/5a34068f/attachment.htm>


More information about the erlang-questions mailing list