Differences
This shows you the differences between two versions of the page.
| — |
smd:laboratoare:old:07 [2019/03/06 14:59] (current) adriana.draghici created |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ===== Lab 07. Cryptography ===== | ||
| + | === Task 1 - Generate a signed APK (2p) === | ||
| + | |||
| + | Create a new application (with an empty activity). Create a key and keystore. Generate the signed APK of the application. Use adb tool to install the APK. | ||
| + | |||
| + | Hint: [[https://developer.android.com/studio/publish/app-signing.html#sign-apk|Sign an APK]] | ||
| + | |||
| + | === Task 2 - Generate and Verify HMAC (4p) === | ||
| + | |||
| + | Develop an application with 2 activities. Include an **EditText** and a **Button** in the first activity. When the user types a text and presses the button, it will send the text to the second activity through an intent (**putExtra**). In the second activity, get the message from the Intent and display it in the **TextView**. | ||
| + | |||
| + | In the first activity generate a symmetric key using **KeyGenerator** for HmacSha256 algorithm. Save this key in a Singleton (that can be accessed from both activities). Then generate the HMAC of the text introduced by the user (using **Hmac** with HmacSha256 algorithm) and send the HMAC along with the initial message (through the Intent). In the second activity, obtain the HMAC from the Intent, obtain the Singleton, get the symmetric key and recompute the HMAC. If the HMAC is valid (equal with the recomputed one), Display the message "Data is unmodified". | ||
| + | |||
| + | Hint: Send data and HMAC as byte arrays in the Intent.\\ | ||
| + | Hint: Use Arrays.equals() for byte arrays comparison. | ||
| + | |||
| + | === Task 3 - Encrypt and Decrypt Data (4p) === | ||
| + | |||
| + | In the first activity generate another symmetric key using **KeyGenerator** for AES algorithm (or use the same key from Task 2). Save the key in the Singleton. Encrypt the text typed by the user using **Cipher** with algorithm AES/CBC/PKCS5Padding. Send the ciphertext through the Intent to the second activity (instead of the plain text). Also send the initialization vector (IV). In the second activity, extract the ciphertext and IV from the Intent, decrypt the ciphertext using **Cipher** and display it in the TextView. | ||
| + | |||
| + | Hint: In the first activity, compute the MAC and then encrypt the data. In the second activity, decrypt the data and then verify the MAC.\\ | ||
| + | Hint: Send ciphertext, IV and HMAC as byte arrays in the Intent.\\ | ||
| + | Hint: Use **doFinal** to directly encrypt and decrypt (no need for update + doFinal). | ||
