StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POAndroid In App Billing: securing application public key
primarykey
Id
14352758
data
AcceptedAnswerId
14353659
AnswerCount
6
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2013-01-16T06:47:53.177
FavoriteCount
21
LastActivityDate
2017-11-29T12:57:39.727
LastEditDate
2013-01-16T07:05:18.617
LastEditorUserId
640731
OwnerUserId
640731
ParentId
0
PostTypeId
1
Score
59
ViewCount
18682
LastEditorDisplayName
text
Body
From Android In App Billing version 3 (TrivialDrive)sample application coming with sdk <h3>MainActivity.java</h3> <pre><code>/* base64EncodedPublicKey should be YOUR APPLICATION'S PUBLIC KEY * (that you got from the Google Play developer console). This is not your * developer public key, it's the *app-specific* public key. * * Instead of just storing the entire literal string here embedded in the * program, construct the key at runtime from pieces or * use bit manipulation (for example, XOR with some other string) to hide * the actual key. The key itself is not secret information, but we don't * want to make it easy for an attacker to replace the public key with one * of their own and then fake messages from the server. */ String base64EncodedPublicKey = "CONSTRUCT_YOUR_KEY_AND_PLACE_IT_HERE"; </code></pre> Well I am not sure I understand this security measure. I know how to get the application public key (which is already base 64 encoded) from Google Play Developer Console. What I am not understanding is this part <pre><code> /* Instead of just storing the entire literal string here embedded in the * program, construct the key at runtime from pieces or * use bit manipulation (for example, XOR with some other string) to hide * the actual key */ </code></pre> As far as I know, this public key is a constant string, which is given from Google during application upload process. How can we create the same key programmatically using any bit manipulation process? Has someone done it before? Is there any sample code on how to do this?
Tags
<android><security><bit-manipulation><in-app-billing><public-key>
Title
Android In App Billing: securing application public key
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USKrishnabhadra
UserOwnerUserId
1. USKrishnabhadra
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
2. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 POAndroid In App Billing: securing application public key
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
2. VO
 singulars
 PostPostId
 POAndroid In App Billing: securing application public key
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
3. VO
 singulars
 PostPostId
 POAndroid In App Billing: securing application public key
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.