Differences
This shows you the differences between two versions of the page.
|
smd:laboratoare:07 [2022/04/22 22:34] florin.mihalache [Task 6 - Sign the application (1p)] |
smd:laboratoare:07 [2022/04/27 23:37] (current) florin.mihalache [Task 8 - Generate and Verify HMAC (2p)] |
||
|---|---|---|---|
| Line 211: | Line 211: | ||
| In this task will see how Android applications are signed: | In this task will see how Android applications are signed: | ||
| + | * Create a new application (with an empty activity). | ||
| * Using the steps presented in the lab create a key and keystore and generate the signed APK of the application. | * Using the steps presented in the lab create a key and keystore and generate the signed APK of the application. | ||
| * Use adb tool to install the APK. | * Use adb tool to install the APK. | ||
| Line 230: | Line 231: | ||
| </note> | </note> | ||
| - | Add an **EditText** and a **Button** in the first activity. When the user types a text and presses the button, it will send the text to a second activity through an intent (**putExtra**). In the second activity, get the message from the Intent and display it in the **TextView**. | + | Add an activity to the project. Include an **EditText** and a **Button** in the first activity. When the user types a text and presses the button, it will send the text to the second activity through an intent (**putExtra**). In the second activity, get the message from the Intent and display it in the **TextView**. |
| In the first activity generate a symmetric key using [[https://developer.android.com/reference/javax/crypto/KeyGenerator|KeyGenerator]] for //HmacSha256// algorithm. Save this key in a Singleton (that can be accessed from both activities). Then generate the HMAC of the text introduced by the user (using [[https://developer.android.com/reference/javax/crypto/Mac.html|MAC]] with HmacSha256 algorithm) and send the HMAC along with the initial message (through the Intent). In the second activity, obtain the HMAC from the Intent, obtain the Singleton, get the symmetric key and recompute the HMAC. If the HMAC is valid (equal with the recomputed one), Display the message "Data is unmodified". | In the first activity generate a symmetric key using [[https://developer.android.com/reference/javax/crypto/KeyGenerator|KeyGenerator]] for //HmacSha256// algorithm. Save this key in a Singleton (that can be accessed from both activities). Then generate the HMAC of the text introduced by the user (using [[https://developer.android.com/reference/javax/crypto/Mac.html|MAC]] with HmacSha256 algorithm) and send the HMAC along with the initial message (through the Intent). In the second activity, obtain the HMAC from the Intent, obtain the Singleton, get the symmetric key and recompute the HMAC. If the HMAC is valid (equal with the recomputed one), Display the message "Data is unmodified". | ||
