0

I'm writing both a server and an Android client application. The Android client sends measurements to the server. In order to ensure the data integrity, a digital signature is appended to each measurement.

Since I need everything to be Gson-compatible, storing the public key itself is not possible. I'm storing the G, P, Q and Y factors instead.

Here's a snippet from the request class:

    public PublicKey getPublicKey() {
    try {
        DSAPublicKeySpec keySpec = new DSAPublicKeySpec(publicKeyY, publicKeyP,
                                                        publicKeyQ, publicKeyG);
        KeyFactory fact = KeyFactory.getInstance("DSA");
        PublicKey pubKey = fact.generatePublic(keySpec); // A
        return pubKey;
    } catch (Exception e) {
        e.printStackTrace();
        return null;
    }
}

public void setPublicKey(PublicKey publicKey) {
    try {
        KeyFactory fact = KeyFactory.getInstance("DSA");
        DSAPublicKeySpec pub = fact.getKeySpec(publicKey, DSAPublicKeySpec.class); // B
        publicKeyG = pub.getG();
        publicKeyP = pub.getP();
        publicKeyQ = pub.getQ();
        publicKeyY = pub.getY();
    } catch (Exception e) {
        e.printStackTrace();
    }
}

The constructor makes use of the setPublicKey-method. When I create such request on the client side and send it to the server, both result in an exception.

On the client:

 java.lang.RuntimeException: not implemented yet DSA Public Key
             y: 2f9286201b266f38d682e99814612f7d37c575d3a210de114bdf02092f4a835109f28a590cfc568bb6525d59b8275fe791f3ddf20e85df44fd2e8622289f6dbc27c73d31d1769feae19573df22a9ca8ef80a9f7230b0b4a2671cc03fdb2788b55b4e9a68a7a5a93a214cc5aa39ccb5155a13354870d45a38760a80fd34333073
  class java.security.spec.DSAPublicKeySpec
    at org.bouncycastle.jce.provider.JDKKeyFactory.engineGetKeySpec(JDKKeyFactory.java:148)
    at java.security.KeyFactory.getKeySpec(KeyFactory.java:210)

Next thing in the stack trace points at the rule I marked as B

On the server:

java.lang.NullPointerException
    at sun.security.provider.DSAPublicKey.<init>(DSAPublicKey.java:74)
    at sun.security.provider.DSAPublicKeyImpl.<init>(DSAPublicKeyImpl.java:46)
    at sun.security.provider.DSAKeyFactory.engineGeneratePublic(DSAKeyFactory.java:86)
    at java.security.KeyFactory.generatePublic(KeyFactory.java:304)
    at sensserve.protocol.StartSessionRequest.getPublicKey(StartSessionRequest.java:66)

Nextly pointing to the rule A.

I absolutely have no clue what I did wrong and what these messages mean. How can I solve these? Anyone who can tell me what I'm doing wrong?

Thanks a lot.

gleerman
  • 1,793
  • 4
  • 24
  • 38

1 Answers1

0

You should be able to store the public key in Base64 encoded from and still get valid JSON. You should be able to use DSAPublicKeySpec directly without calling getKeySpec() which apparently is not implemented in Bouncy Castle (Android's JCE provider). Not sure why you are getting NPE on the server, maybe wrong format. BTW, it will probably be easier if you are dealing with a single provider, so you might want to use Bouncy Castle on the server as well.

Nikolay Elenkov
  • 52,576
  • 10
  • 84
  • 84
  • Thanks for your comment, it helped me for exchanging the public key's. However, the verification still doesn't work. I think your last sentence may have something to do with it. I made a separate topic about it: http://stackoverflow.com/questions/10601507/bouncycastle-on-the-server-side-with-android-phones-as-clients Would you mind having a look as well? – gleerman May 15 '12 at 13:16