Home / Questions / 15843
Accepted
Pablo Ezequiel Inchausti
Asked: 2020-07-05 08:53:02 +0800 CST 2020-07-05 08:53:02 +0800 CST

How to securely store the base64EncodedPublicKey key of an Android app?

  • 772

In Android Developer, when we want to integrate the In-app Billing Version 3 library, we find the recommendation that the application's base64 keys should not be stored flat in the code:

/* base64EncodedPublicKey should be YOUR APPLICATION'S PUBLIC KEY (that you got from the Google Play developer console). This is not your developer public key, it's the app-specific public key.

Instead of just storing the entire literal string here embedded in the program, construct the key at runtime from pieces or use bit manipulation (for com.probarnocuestanada, XOR with some other string) to hide the actual key. The key itself is not secret information, but we don't want to make it easy for an attacker to replace the public key with one of their own and then fake messages from the server. */

String base64EncodedPublicKey = "CONSTRUCT_YOUR_KEY_AND_PLACE_IT_HERE";

As per Android's recommendation, they should be "obfuscated" in some way to be a bit more secure.

Could someone recommend some way on how to safely store the base64EncodedPublicKey of an app in Android?

android

3 Answers

  1. Best Answer

    Your application's fingerprint is a unique value that can be obtained programmatically. This value only exists on the developer's own PC (for signing APKs) or at runtime in the app.

    That value can be used as the encryption key; for get It:

    public String getCertificateSHA1Fingerprint(Context context) {
    PackageManager pm = context.getPackageManager();
    String packageName = context.getPackageName();
    int flags = PackageManager.GET_SIGNATURES;
    PackageInfo packageInfo = null;
    try {
        packageInfo = pm.getPackageInfo(packageName, flags);
    } catch (PackageManager.NameNotFoundException e) {
        e.printStackTrace();
    }
    Signature[] signatures = packageInfo.signatures;
    byte[] cert = signatures[0].toByteArray();
    InputStream input = new ByteArrayInputStream(cert);
    CertificateFactory cf = null;
    try {
        cf = CertificateFactory.getInstance("X509");
    } catch (CertificateException e) {
        e.printStackTrace();
    }
    X509Certificate c = null;
    try {
        c = (X509Certificate) cf.generateCertificate(input);
    } catch (CertificateException e) {
        e.printStackTrace();
    }
    String hexString = null;
    try {
        MessageDigest md = MessageDigest.getInstance("SHA1");
        byte[] publicKey = md.digest(c.getEncoded());
        hexString = byte2HexFormatted(publicKey);
    } catch (NoSuchAlgorithmException | CertificateEncodingException e1) {
        e1.printStackTrace();
    }
    return hexString;
}

private String byte2HexFormatted(byte[] arr) {
    StringBuilder str = new StringBuilder(arr.length * 2);
    for (int i = 0; i < arr.length; i++) {
        String h = Integer.toHexString(arr[i]);
        int l = h.length();
        if (l == 1) h = "0" + h;
        if (l > 2) h = h.substring(l - 2, l);
        str.append(h.toUpperCase());
        if (i < (arr.length - 1)) str.append(':');
    }
    return str.toString();
}

    With the fingerprint of your app:

    import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;

import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;

public class AES {

    public static SecretKey generateKey(String key) throws NoSuchAlgorithmException {
        MessageDigest digest = MessageDigest.getInstance("SHA-1");
        byte[] passphrase = null;
        try {
            passphrase = digest.digest(key.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }

        passphrase = Arrays.copyOf(passphrase, 16);
        return new SecretKeySpec(passphrase, "AES");
    }

    public static String encrypt(String message, String key) throws Exception {
        byte[] data = message.getBytes("UTF-8");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, generateKey(key));
        byte[] encryptData = cipher.doFinal(data);

        return byteArrayToHexString(encryptData);
    }

    public static String decrypt(String v, String key) throws Exception {
        byte[] tmp = hexStringToByteArray(v);
        SecretKeySpec spec = new SecretKeySpec(generateKey(key).getEncoded(), "AES");
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, spec);
        String result;
        try {
            result = new String(cipher.doFinal(tmp), StandardCharsets.UTF_8);
        } catch (IllegalBlockSizeException e) {
            result = v;
        }

        return result;

    }

    public static byte[] hexStringToByteArray(String s) {
        int len = s.length();
        byte[] data = new byte[len/2];

        for(int i = 0; i < len; i+=2){
            data[i/2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) + Character.digit(s.charAt(i+1), 16));
        }

        return data;
    }

    final protected static char[] hexArray = {'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};
    public static String byteArrayToHexString(byte[] bytes) {
        char[] hexChars = new char[bytes.length*2];
        int v;

        for(int j=0; j < bytes.length; j++) {
            v = bytes[j] & 0xFF;
            hexChars[j*2] = hexArray[v>>>4];
            hexChars[j*2 + 1] = hexArray[v & 0x0F];
        }

        return new String(hexChars);
    }
}

    To save the text, you can do it as a preference:

        public String getSecret() {
        SharedPreferences prefs = getSharedPreferences("com.example.test", Context.MODE_PRIVATE);
        String val = prefs.getString("secret", null);
        return val;
    }

    public void setSecret(String secret) {
        SharedPreferences.Editor editor = getSharedPreferences("com.example.test", Context.MODE_PRIVATE).edit();
        editor.putString("secret", secret).apply();
    }

    Summary:

    String sha1 = getCertificateSHA1Fingerprint(this); // obtenemos huella digital
String message = "hello_world";
String encrypted = AES.encrypt(message, sha1); // encripta texto

setSecret(encrypted);
String secret = getSecret();
Log.e("TEST", secret);

String decrypted = AES.decrypt(secret, sha1);
Log.e("TEST", decrypted);

    This code is used in the AndroidStringObfuscator library , which automates this task.

    • 2

  2. As a rule, no method is foolproof, but there are several alternatives that make it more difficult to obtain that key.

    The best alternative : Have the key on the server. This way you can't get the key by decompiling the app. The downside is that it requires connectivity to work.

    Calculate the key : This is what @Pablo Ezequiel mentions using strings and algorithms to build the key in real time. Being Base64 it could be something as simple as saving the decoded value, ideally separated in different places.

    Shared preferences/SQLite : These are the most basic alternatives, the key is not in the code but a willing person can retrieve these values.

    String in the code : This is the worst option since anyone who can decompile the APK can find this exposed value, even if the app has been obfuscated using proguard.

    • 1

  3. Google recommendations in its Security and Design guide highlight what is interesting in this case:

    If possible, you should perform signature verification on a remote server and not on a device. Implementing the verification process on a server makes it difficult for attackers to break the verification process by reverse engineering your .apk file. If you transfer security processing to a remote server, make sure the handshake between the device and the server is secure.

    hide your code

    You should hide your integrated billing code so that it is difficult for an attacker to reverse engineer the security protocols and other components of the application. At a minimum, we recommend running a stealth tool like Proguard on your code.

    Note: If you use Proguard to hide your code, you must add the following line to your Proguard configuration file: -keep class com.android.vending.billing.**

    Protect your Google Play public key

    To keep your public key safe from malicious users and hackers, don't embed it in any code as a literal string. Instead, it builds the string at runtime from pieces or uses bit manipulation (eg XOR with some other string) to hide the actual key. The key itself does not represent secret information, but it will not be convenient for a hacker or malicious user to easily replace the public key with another.

    Searching by SO In app billing security I have found how to implement an encryption system in XOR

    public static String xorEncrypt(String input, String key) {
    byte[] inputBytes = input.getBytes();
    int inputSize = inputBytes.length;

    byte[] keyBytes = key.getBytes();
    int keySize = keyBytes.length - 1;

    byte[] outBytes = new byte[inputSize];
    for (int i=0; i<inputSize; i++) {
        outBytes[i] = (byte) (inputBytes[i] ^ keyBytes[i % keySize]);
    }

    return new String(Base64.encode(outBytes, Base64.DEFAULT));
}

public static String xorDecrypt(String input, String key) {
    byte[] inputBytes = Base64.decode(input, Base64.DEFAULT);
    int inputSize = inputBytes.length;

    byte[] keyBytes = key.getBytes();
    int keySize = keyBytes.length - 1;

    byte[] outBytes = new byte[inputSize];
    for (int i=0; i<inputSize; i++) {
        outBytes[i] = (byte) (inputBytes[i] ^ keyBytes[i % keySize]);
    }

    return new String(outBytes);
}

    I haven't tried them yet

    • 1