I am working on google maps in android . google map is opening by using debug.keystore on my local system but issue is that when i build signed apk then google map not show.however i have also generate SHA1 key from my app keystore then generate new api key but still google map not showing please help as soon as possible
From google docs:
In release mode, you sign your app with your own certificate:
Create a keystore. A keystore is a binary file that contains a set of
private keys. You must keep your keystore in a safe and secure place.
Create a private key. A private key represents the entity to be
identified with the app, such as a person or a company.
So you don't have to generate a new api key. Just generate a new SHA1 for your private key file. After that you have to add it's SHA1 hash into google maps android api section that you have already generated a api key from google developer console.
Because you shouldn't change your manifest file for 2 api keys. Just you have to add SHA1 hashes for both keys. (debug.keystore and your own key file)
Here's a screenshot:
Sorry for bad censor :)
Related
I have this app which uses Google Services json file configured with a SHA1 of a debug key, and then build the Signed Build with a new key and used that release.apk to install the app. But the sign in part isn't working now in the release version of the app.
So now my question is, should the Google services json file be configured using the SHA1 of the signed key?? Ignore the formatting since I'm using this from mobile.
Based on the document: Setting Up Google Play Games Services
Specify client ID settings
You should create two client IDs, one with the release certificate fingerprint and another with the debug certificate fingerprint. Make sure to use the same package name for both. This allows Google Play games services to recognize calls from your linked APKs that are signed with either certificate. For more information about certificate signing for Android, see Signing Your Application.
Check this SO post, it talked about the difference of the clientID for debug and release version. Lastly, check the documents : Prepare for Release and Sign Your App for a detailed instruction of preparing your app for release.
Their is no bug with regard to the maps. I already signed the apk with release keystore ,
the API Keys are registered in my account
It perfectly works in any devices.
What's the problem is when it is uploaded with the client account in google play store
and downloaded in their device, the map displays white.
Question:
1.Does it affect the application if the API keys are registered to my account and the one who upload the app is not my account ?
Answer:
The API key is associated with the apk package and it's keystore and not a user account.
First you need to create a keystore for you app. Refer to http://developer.android.com/tools/publishing/app-signing.html
Next go to https://console.developers.google.com/project and create a project (if don't have one already).
On your project page go to API's & auth > APIs enable Google Maps Android API v2
Next go to API's & auth > Credentials and create a new Key for Android applications. Follow those instructions careful and you it will generate you an API to use on your manifest. (Remember to use the keystore you used to sign your app for play store and not your debug keystore)
More info:
https://developers.google.com/console/help/new/#generatingdevkeys
Good luck
I also face this problem . you need to
signed your application with the system from which you generate SHA-1
fingerprint for Google Api
.
Check Your API Key whether it is the same with the one in Console and in your Manifest.
My Java app needs to handle encrypted files. This is the workflow:
Customer encrypts files (RSA encryption for example) and uploads them to Amazon S3.
My Java app picks up the files from AS3.
My Java app decrypts the files.
My Java app creates other files using decrypted ones.
My Java app encrypts new files with different key and uploads to AS3.
Customer picks up the files.
Customer decrypts the files.
Amazon S3 provides the Java classes for download/upload, decryption/encryption. This API takes as input java.security.KeyPair. I am unsure how the customer should supply the key to My Java app, so that the app can get the key as java.security.KeyPair?
What would be the proper way to exchange the keys between Customer and App? Which key file format could be used?
Ussually, assymmetric encryption/decryption works like this:
You generate a private/public key pair. The private key should be held secret and should not be sent around etc. The public key can be given to the customer without security concerns.
Now the customer encrypts his files with this public key. The encrypted file can only be decrypted with the private key. So the user can send the file to you (over Amazon S3 in your case).
You receive the file and decrypt it with your private key.
Now you have got a file from the customer. To be able to send back encrypted messages, you need another public/private key pair. This time, the customer must be the only one knowing the private key. He can - for instance - put the public key in his file that he has sent to you. Anyway, somehow you need to get a public key from him. With that key, you encrypt your files and send them to Amazon S3. The user picks them up and decrypts them with his private key.
So, the customer must not give you a java.security.KeyPair, because those contain the private key. It's unsafe to send the private key. But he can send you the public key as a java.security.PublicKey. I think the best way would be to send it to you either within the file he supplies anyway, or within a separate file that he uploads at the same time and besides the supplied file.
The problem is that you don't have a method of distributing trust yet. Fortunately there is one that works reasonably well: TLS. TLS certificates are stored within the browser (and in the JRE, if you require a thick client instead).
Your key pair should be generated locally (or on a secured machine and imported). The private key should be kept safe the whole time. The customer connects to your site using TLS, and downloads your public key. Then the customer uploads the public key of his key pair. This can be performed during some setup/configuration phase.
Now the customer can encrypt files for you, and you can encrypt files for the customer. Note that TLS already provides encryption (confidentiality). So what you have gained is that files are protected during storage, after they have been transported. Once you have trust in the public key (and a trustworthy system) you could send files over plain HTTP.
Adding a signature is pretty important, otherwise anybody can replace the files in storage. Some audit logging is probably required as well, otherwise files may be removed.
Other schemes are possible (I prefer a PGP scheme for file encryption/decryption), but they require out of band communication of the keys. Note that this is just the basic scheme, there are a lot of pitfalls, but working out a specific security architecture for you application is clearly off topic.
I am able to display my Google Map properly in my MapView when I sign my application with my debug keystore. When I try and sign it with a release keystore, the map appears but as blank tiles, no map tiles.
How can I get my release build to show the maps?
Double check your API keys.. if all looks fine and its still not working sign the app with a new key and corresponding new API key :-).
Your maps API key is matched with the keystore used to sign you app. Before signing your app with your release keystore, go over to http://code.google.com/android/maps-api-signup.html and generate a new API key.
I need to connect to an external webservice from my Java application running on Tomcat 6. I have an SSL certificate for my domain purchased and installed on my server. Now I need to connect to an external service and use my certificate private key to digitally sign any data going to the service using SHA-256 hash and 128-bit salt length. How can I use the private key to create this signature? Can I pick any values for the salt? Will they be able to decrypt it using my public key from the SSL certificate?
Can I use the Bouncy Castle library for this? Any code or tutorials on the subject would be appreciated.
The JCA documentation provides an example for using Signature (under Generating and Verifying a Signature Using Generated Keys. You'd use SHA256withRSA instead of SHA1withDSA, as it's supported by the SunRsaSignProvider (assuming it's an RSA key). You shouldn't need BouncyCastle for this.
If you want to use BouncyCastle, you'd need to do something along these lines (I've haven't tried this particular code):
AsymmetricKeyParameter keyParam = PrivateKeyFactory.createKey(...);
// You might need to cast to private key to RSAPrivateKey
// and get its attributes manually here.
SHA256Digest digest = new SHA256Digest();
RSADigestSigner signer = new RSADigestSigner(digest);
signer.init(true, keyParam);
signer.update(... data to sign, start, length, ...);
byte[] signature = signer.generatedSignature();
(If you're doing this from within a webapp, you'd also need the webapp to be able to gain access to this private key, which may be a security risk should the webapp be compromised. It might be worth considering using a different key/certificate, even self-signed, if the remote party is willing to accept it.)
I would highly recommend using a webservice stack for this:
For eg. an approach for WS-Security client using Apache CXF - http://cxf.apache.org/docs/ws-security.html
One more good reference: http://www.jroller.com/gmazza/entry/cxf_x509_profile