Android Question How protection api key in app

Pooya1

Pooya1

Active Member
Licensed User
Hello
My app connect to api for give my product and show their
I need send api key to api in each request
I used sign key "Certificate fingerprints hash" for api key (exist in signature section)
But i search about sign key in google and i understood that hacker can get sign key information
So How do i can protect api key looklike other apps in Google Store?

Thanks Dige
 
Sort by date Sort by votes
lemonisdead

lemonisdead

Well-Known Member
Licensed User
Longtime User
If you can rely on an external server you could encrypt/decrypt the key received from a server ; using your own complex algorithm. Or you could take a look at Informatix Pro Bundle which contains a steganography library.
 
Upvote 0
Pooya1

Pooya1

Active Member
Licensed User
lemonisdead said:
If you can rely on an external server you could encrypt/decrypt the key received from a server ; using your own complex algorithm. Or you could take a look at Informatix Pro Bundle which contains a steganography library.
Click to expand...
Yes i encrypt it in server and get it in app
But for decrypt it,i have to use key for decrypt and i cannot set key in source
How do steganography library working? if it is good so i buy it
 
Upvote 0
DonManfred

DonManfred

Expert
Licensed User
Longtime User
Pooya1 said:
How do steganography library working?
Click to expand...
Maybe this helps here
F5Steg

Author: F. Leneuf-Magaud/Informatix
Version: 1.2
  • F5Steg
    • Events:
      • ArrayExtracted (SecretMessage() As Byte)
      • Embedded (OutFileName As String)
      • StringExtracted (SecretMessage As String)
    • Functions:
      • EmbedArray (InFileName As String, OutFileName As String, SecretMessage As Byte(), JpgQuality As Int, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the application signature and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • EmbedArray2 (InFileName As String, OutFileName As String, SecretMessage As Byte(), JpgQuality As Int, Password As String, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the specified password and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • EmbedString (InFileName As String, OutFileName As String, SecretMessage As String, JpgQuality As Int, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the application signature and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • EmbedString2 (InFileName As String, OutFileName As String, SecretMessage As String, JpgQuality As Int, Password As String, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the specified password and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • ExtractToArray (FileName As String, EventPrefix As String)
        Extracts and decrypts the array of bytes hidden in the given JPEG file with the application signature.
        When done, an ArrayExtracted event is raised.
      • ExtractToArray2 (FileName As String, Password As String, EventPrefix As String)
        Extracts and decrypts the array of bytes hidden in the given JPEG file with the specified password.
        When done, an ArrayExtracted event is raised.
      • ExtractToString (FileName As String, EventPrefix As String)
        Extracts and decrypts the string hidden in the given JPEG file with the application signature.
        When done, a StringExtracted event is raised.
      • ExtractToString2 (FileName As String, Password As String, EventPrefix As String)
        Extracts and decrypts the string hidden in the given JPEG file with the specified password.
        When done, a StringExtracted event is raised.
 
Upvote 0
Pooya1

Pooya1

Active Member
Licensed User
DonManfred said:
Maybe this helps here
F5Steg

Author: F. Leneuf-Magaud/Informatix
Version: 1.2
  • F5Steg
    • Events:
      • ArrayExtracted (SecretMessage() As Byte)
      • Embedded (OutFileName As String)
      • StringExtracted (SecretMessage As String)
    • Functions:
      • EmbedArray (InFileName As String, OutFileName As String, SecretMessage As Byte(), JpgQuality As Int, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the application signature and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • EmbedArray2 (InFileName As String, OutFileName As String, SecretMessage As Byte(), JpgQuality As Int, Password As String, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the specified password and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • EmbedString (InFileName As String, OutFileName As String, SecretMessage As String, JpgQuality As Int, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the application signature and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • EmbedString2 (InFileName As String, OutFileName As String, SecretMessage As String, JpgQuality As Int, Password As String, EventPrefix As String)
        Encrypts and hides the specified secret message in the given image (bmp, png or jpg).
        The encryption is done with the specified password and the resulting image is a JPEG file.
        When done, an Embedded event is raised.
      • ExtractToArray (FileName As String, EventPrefix As String)
        Extracts and decrypts the array of bytes hidden in the given JPEG file with the application signature.
        When done, an ArrayExtracted event is raised.
      • ExtractToArray2 (FileName As String, Password As String, EventPrefix As String)
        Extracts and decrypts the array of bytes hidden in the given JPEG file with the specified password.
        When done, an ArrayExtracted event is raised.
      • ExtractToString (FileName As String, EventPrefix As String)
        Extracts and decrypts the string hidden in the given JPEG file with the application signature.
        When done, a StringExtracted event is raised.
      • ExtractToString2 (FileName As String, Password As String, EventPrefix As String)
        Extracts and decrypts the string hidden in the given JPEG file with the specified password.
        When done, a StringExtracted event is raised.
Click to expand...
Oh my god it is very professional
I see application signature in your library for encryption
I understand that application signature maybe hacked,isn't it?
And do you have sample in your bundle if i buy it?
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Beja
  • Question
Android Question Requesting users to use their own API key!
Replies
1
Views
524
JohnC
JohnC
Michael2150
  • Question
Android Question How safe is my API keys?
Replies
11
Views
2K
DonManfred
DonManfred
A
  • Question
Android Question How can I get the API key to get recognized?
Replies
17
Views
2K
AkaiYon1003
A
Derek Johnson
  • Question
Android Question Exposing API Key when using Geocoding API
Replies
4
Views
2K
Erel
Erel
Sai Main Seng Kham
  • Question
Android Question How To Use API Key
Replies
6
Views
3K
Sai Main Seng Kham
Sai Main Seng Kham
Top