[android-developers] Re: Public Key

Why "stupid"? A private key scheme isn't secure unless you use a
public key exchange to pass the private key. And if data only needs
to flow up there's no point in establishing the private key. (Though
one can end-run the whole issue and use SSL.)

On Mar 14, 5:10 am, Marcin Orlowski <webnet.andr...@gmail.com> wrote:
> On 14 March 2011 11:03, Nymann <per.nymann.joergen...@gmail.com> wrote:
>
> > Is there anyway to get access to the certificate/public key that I
> > have signed the android application with inside the android code.I
> > would like to use the key for crypting information ?
>
> No. But you can add it to your app as any other raw resource and
> access later. But, doing that would be *extremely stupid*. And if you
> are going to use crypto in your app, then maybe choose symetric
> algorithm? Using pkey based encryption and releasing pkey later on is
> definitely no-no-no-way to go.
>
> --
> Regards,
> Marcin Orlowski
>
> Tray Agenda -http://bit.ly/trayagenda

--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en