This shows you the differences between two versions of the page.
smd:laboratoare:08 [2021/05/13 19:47] adriana.draghici [Task 3 - Generate and Verify HMAC (4p)] |
smd:laboratoare:08 [2021/05/13 19:51] (current) adriana.draghici [Lab 8 - Cryptography 2] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Lab 8 - Cryptography 2 ====== | ====== Lab 8 - Cryptography 2 ====== | ||
- | <note important>This page hasn't been updated yet for the 2021 semester and may contain outdated information</note> | ||
===== Objectives ===== | ===== Objectives ===== | ||
* Protect the app's APK using signing | * Protect the app's APK using signing | ||
* Use Android's KeyStore to generate and store cryptographic keys and use them to sign an app | * Use Android's KeyStore to generate and store cryptographic keys and use them to sign an app | ||
- | * Verify message integrity using HMAC(hash-based message authentication code) | + | * Verify message integrity using HMAC (hash-based message authentication code) |
* generate HMAC to sign a message | * generate HMAC to sign a message | ||
* verify HMAC to check that the received message was not modified | * verify HMAC to check that the received message was not modified | ||
Line 56: | Line 55: | ||
==== Task 3 - Generate and Verify HMAC (4p) ==== | ==== Task 3 - Generate and Verify HMAC (4p) ==== | ||
+ | |||
+ | <note tip> | ||
+ | Hash-based message authentication code (HMAC) is a mechanism for verifying the authenticity and integrity of a message. | ||
+ | You can compute it using a hashing crypto algorithm (e.g. SHA-2 family HMAC) and a secret symmetric key. In Android you can use the standard Java API (javax.crypto) for computing it. | ||
+ | </note> | ||
Add an activity to the project. Include an **EditText** and a **Button** in the first activity. When the user types a text and presses the button, it will send the text to the second activity through an intent (**putExtra**). In the second activity, get the message from the Intent and display it in the **TextView**. | Add an activity to the project. Include an **EditText** and a **Button** in the first activity. When the user types a text and presses the button, it will send the text to the second activity through an intent (**putExtra**). In the second activity, get the message from the Intent and display it in the **TextView**. |