Android Question Private/Public keys and CSR

iCAB

Well-Known Member
Licensed User
Hi All

Does anyone have an example on how to generate Private/Public key pair and a CSR request in code.
I have a requirement to communicate with a secure server, that requires the above.

Thanks in advance

iCAB
 

iCAB

Well-Known Member
Licensed User
Hi Erel
Thanks for your reply. What I am looking for is this:
1. We have a requirement to communicate with a secure server
2. The process requires that we generate a Public/Private key pair from within the app
3. Use the Public/Private to generate Certificate Sign Request using an https call made to the server which includes the csr string, plus some additional info
4. The server (after authenticating the request), replies with a signed certificate which we should auto install after receiving

Unfortunately, I can't post the document in here due to an NDA, but if you like I can PM you the page.

Thanks
iCAB
 

iCAB

Well-Known Member
Licensed User
I see it is a different thing. You can generate asymmetric keys with Encryption library. You will need to learn the exact format required.
I am wondering if you know how to generate a CSR request using the keys?, is this a standard thing or server specific?

Thanks
iCAB
 

iCAB

Well-Known Member
Licensed User
Hi Guys, I am going to break this into few steps hoping to collect feedback from different users to get to the bottom of it:

The first step requires generating a key pair, and specifically mentions the following:

"When creating a pair of keys, you must specify that the private key is to be used to produce a signature, while the public key must be used
to ensure non-repudiation
."


Then I need to use the key pair to request a digital certificate, and i need to provide the following info:
CN=, O= , OU=, L=, S=, C=, ( then it says: Key length Length of the public and private keys. 256 bits (ECDSA P-256) )


Can someone provide a sample code that shows how to generate a key pair that meet the above requirement and how to use to generate the CSR.
 

OliverA

Expert
Licensed User
How to generate the Private/Public key you want: https://developer.android.com/refer...-key-pair-for-signingverification-using-ecdsa

An example of how to create a CSR: https://www.journaldev.com/223/java-generate-csr-program. Note: This example uses a RSA key pair, but it should be adaptable to using a elliptical curve key pair. This method's signature - generatePKCS10(String CN, String OU, String O, String L, String S, String C) - seems to use all the info that is required by your cert.

I know this is not 100% the answer you are looking for, but it looks like what you are trying to do is doable and either lots of testing will get you there or someone else with some more crypto chops can take this info and supply you with an answer.
 

iCAB

Well-Known Member
Licensed User
Hi Oliver
Thanks for your valuable feedback

One big problem in here: I have basic knowledge of Java and the same is true for asymmetric cryptography. So if you put the 2 together, you will see the challenge with the above links. Needless to say that this is first step only, on top which I have to build the code to sign the messages and make sure that we can securely communicate with server. We also need to auto install the certificate returned by the server and I guess reload it every time before we issue any calls to the server (this is at least my understanding at this point)

So I was hoping to find some B4A code, perhaps using keyPairGenerator and build on top of it (or even better a solution that can be used with B4I as well )

I will definitely review the above, but I am hoping that someone already have implemented this and can save me the agony.

Thanks again.
iCAB
 
Top