1

I'm currently designing a new REST API which I'm considering requiring message signing. At a high level the model is like this:

  1. The API consumer is given an API Key and Secret
  2. The API consumer uses the Secret to create a message digest HMAC of the message it sends into the API.

I've been considering using SHA256 for the signing, but want to be sure it will work with:

  1. Android/Java
  2. iOS
  3. all other major platform, etc.

I realize SHA-1 has good support, but I really need to use something stronger, if possible.

President James K. Polk
  • 40,516
  • 21
  • 95
  • 125
Paul Fryer
  • 9,268
  • 14
  • 61
  • 93
  • If you find a platform without existing support for it, is there a reason you think it would be difficult to port on your own? – mah Nov 18 '13 at 21:29
  • I don't know how difficult it would be to port an implementation of SHA-256 from one platform to another, haven't really looked into it. Just starting the research with this thread. – Paul Fryer Nov 18 '13 at 21:32
  • 1
    http://en.wikipedia.org/wiki/SHA-2 has a pseudocode routine for it that's small, and also indicates libraries for quite a number of libraries… looks unlikely that you would need to do your own port. – mah Nov 18 '13 at 21:38
  • SHA256 not 265 perhaps? – Peter Lawrey Nov 18 '13 at 22:03
  • @mah: Indeed, the Bouncycastle Java library includes a reasonably compact implementation and a liberal license so that it would be nothing to copy&paste it into a standalone class. – President James K. Polk Nov 19 '13 at 01:31
  • Look into [CHAP](http://en.wikipedia.org/wiki/Challenge-Handshake_Authentication_Protocol) for authentication, it avoids replay attacks. This is similar to what you are doing but instead of sending a secret an random number is sent that is different each time. – zaph Nov 04 '14 at 23:18

2 Answers2

3

SHA256 is supported by CommonCrypto in iOS. Java supports it via MessageDigest.getInstance("SHA-256"), Android as well (Java). And lets not forget Windows Phone where it's supported as well. That's pretty major in my opinion.

As you already pointed out you shouldn't use SHA1 as it's not secure enough anymore.

Blacklight
  • 3,809
  • 2
  • 33
  • 39
-1

SHA-256withRSA is NOT supported in older android versions (verified the same in Android 4.0.3, 4.1.1). I have experienced this problem while using JSCEP. The digest algorithm returned by SCEP server is SHA-256. But SHA-256withRSA is not present in any default SecurityProviders in those android versions. Found a relevant link: Which versions of Android support which package signing algorithms?

This link shows that SHA-256withRSA was added later: https://android-review.googlesource.com/44360

Community
  • 1
  • 1
garnet
  • 551
  • 5
  • 12