I am trying to secure the connection between Android app
and Java Web Service
with RSA private/public.key
. Let me tell you whole scenario. When android app is downloaded and installed on mobile device,just one time it makes a connection to web service for getting public.key. And after that android app will use this public.key for all comunication with web service. I have succed to encrypt with public.key and decrypte with private key in same application so far. But now I need to distribute public key to my android device clients and let them to save this public.key file and use it. Let me tell yu about my second scenario. I need also update these private and public key for example every 2 months. How can I inform clients about public key is updated and send them new public.key Thank you.
Below code is for requesting public.key. I can get in Inputstream but can not create public.key and write content inside it.
public ConnectService(String sngUrl,Context context){
try {
URL url = new URL(sngUrl);
URLConnection conection = url.openConnection();
conection.connect();
InputStream input = new BufferedInputStream(url.openStream(), 8192);
System.out.println(convertStreamToString(input));
String dirPath = context.getFilesDir().getAbsolutePath() + File.separator + "key";
File keyDir = new File(dirPath);
if (!keyDir.exists())
keyDir.mkdirs();
OutputStream output = new FileOutputStream(keyDir+"/public.key");
byte data[] = new byte[1024];
while ((input.read(data)) != -1) {
output.write(data);
}
output.flush();
output.close();
input.close();
} catch (Exception e) {
System.out.println("HATA: "+e.getMessage());
e.printStackTrace();
}
}
EXCEPTION : java.io.FileNotFoundException: /data/data/com.shoponway/files/key/public.key