0

I am trying to secure the connection between Android app and Java Web Service with RSA private/public.key. Let me tell you whole scenario. When android app is downloaded and installed on mobile device,just one time it makes a connection to web service for getting public.key. And after that android app will use this public.key for all comunication with web service. I have succed to encrypt with public.key and decrypte with private key in same application so far. But now I need to distribute public key to my android device clients and let them to save this public.key file and use it. Let me tell yu about my second scenario. I need also update these private and public key for example every 2 months. How can I inform clients about public key is updated and send them new public.key Thank you.
Below code is for requesting public.key. I can get in Inputstream but can not create public.key and write content inside it.

    public ConnectService(String sngUrl,Context context){
    try {
        URL url = new URL(sngUrl);
        URLConnection conection = url.openConnection();
        conection.connect();

        InputStream input = new BufferedInputStream(url.openStream(), 8192);
        System.out.println(convertStreamToString(input));

        String dirPath = context.getFilesDir().getAbsolutePath() + File.separator + "key";
        File keyDir = new File(dirPath);
        if (!keyDir.exists())
            keyDir.mkdirs();

        OutputStream output = new FileOutputStream(keyDir+"/public.key");

        byte data[] = new byte[1024];
        while ((input.read(data)) != -1) {
            output.write(data);
        }

        output.flush();
        output.close();
        input.close();

    } catch (Exception e) {
        System.out.println("HATA: "+e.getMessage());
        e.printStackTrace();
    }
}

    EXCEPTION : java.io.FileNotFoundException: /data/data/com.shoponway/files/key/public.key
4

1 回答 1

0

关于代码,试试这个:

OutputStream output = new FileOutputStream(new File(dirPath+"/public.key"));

关于更新公钥,是的,客户端可以在连接到互联网后自动下载它和/或他们可以在应用程序启动后检查密钥是否更新。

编辑:这是我用来在文件上写东西的东西

fw = new FileWriter(new File(Environment.getExternalStorageDirectory().getPath()
           + "/myFolder/public.key"));
...
while(something){
    fw.write(blaBla);
}
fw.flush();
fw.close();

以下部分确保 SDCard:

Environment.getExternalStorageDirectory().getPath()

你可以相应地改变它。

于 2013-03-21T12:55:45.783 回答