views:

20

answers:

1

Hello Community,

I need to send data from an Air application, using a certificate. This certificate is to be provided by the user through a USB Key.

I've got a lot of questions regarding this.

  1. Is it possible to do what I'm looking for?
  2. If yes, is it possible to do that only with the Flex/Air sdk or should I use Java or some other language to load the certificate?
  3. Would anyone have a link where I can learn some more about this? I've been looking through the web, but haven't really found anything useful...

Thanks for any help you can provide.

Regards. BS_C3

+1  A: 

For the certificate stuff, you may take a look at the as3crypto library, which is doing an awesome work in implementing various cryptographic and security related algorithms in AS3. I've used this particular library to do data signing and verification, using an external X.509 certificate.

The implementation in this library is pretty straightforward, and you shouldn't be confused about it, if you are a little familiar with cryptography and the whole keys/signing/certificates world.

[Edit] If you are not, you might want to take a look at the Digital Signature page on Wikipedia, which is a pretty good introduction to this world. Also, because the AS3 implementation of RSA is quite slow, if you want to sign a large number of data, you may want to sign hash of the data instead of the real data. For the practical code to do this kind of stuff, there is some code sample in the demo of the library.

Also, as you mention that your certificate is coming from an USB drive, you should be aware that using AIR 2.0, you might be able to monitor plugging and unplugging of mass storage devices. That might be cool for your application.

Tyn
Thanks a lot for your answer and reactivity.Actually, I'm not really familiar with cryptography and all that stuff, but I guess I have no other choice than looking into it =)
BS_C3
I've added some links you may use that might help you get started on that way. I'm by no mean an expert in cryptography, but what you are trying to do (which is actually what I did) should not be too hard to put in place.
Tyn
Well, thanks again for your help =)
BS_C3