I’m trying to set up a web service so that it will download zip files periodically, based on a file that tells it if more are ready.
That’s simple enough (I’m sure), but what I’d like to do is to sign these zip files with a digital signature (I have a public/private certificate prepared), and to get the WP7 app to verify it before using it.
How can I do this? It doesn’t even seem like WP7 supports asymmetric encryption. What’s my best option?
EDIT:
Speaking of which, ARE there any asymmetric encryption methods? If so, it would be good if I could use them to further secure my data.
Dustin Horne as created an Open Source Cryptography library for Silverlight and made it available on http://scrypt.codeplex.com/
It doesn’t claim support for WP7 but would probably be a very good starting point for further investigation.
However, what are you trying to achieve by signing the zip?
If it’s just coming from your own server and you want to confirm data intergrity, would a hash of the contents not be sufficient to confirm it’s as you created it on your server?
If you’re trying to protect the contents of the zip from prying eyes would transmission only over HTTPS and a protected access to the resource not be sufficient?