Jump to content

How to encrypt API application ID keys in Flex?

Alejandro Ramirez's Photo
Posted Apr 13 2012 07:55 AM

I am writing a mobile application using the Flickr API and Adobe Flex (or Apache Flex, whatever you wanna call it).

I read that it is a bad idea to put the key in the SWF file because there are apparently several tools to decompile SWF files and someone could steal the API Key.

Any recommendations?


Alejandro Ramirez
Digital Photography Club

2 Replies

+ 1
  marcocasario's Photo
Posted May 18 2012 02:28 AM


You can use the AS3 Crypto library :AS3Crypto

As3 Crypto is a cryptography library written in Actionscript 3 that provides several common algorithms. This version also introduces a TLS engine (TLS is commonly known as SSL.)

Protocols: TLS 1.0 support (partial)
Certificates: X.509 Certificate parsing and validation, built-in Root CAs.
Public Key Encryption: RSA (encrypt/decrypt, sign/verify)
Secret Key Encryption: AES, DES, 3DES, BlowFish, XTEA, RC4
Confidentiality Modes: ECB, CBC, CFB, CFB8, OFB, CTR
Hashing Algorithms: MD2, MD5, SHA-1, SHA-224, SHA-256
Paddings available: PKCS#5, PKCS#1 type 1 and 2
Other Useful Stuff: HMAC, Random, TLS-PRF, some ASN-1/DER parsing

Read this tutorial My link


Marco Casario
My Books: http://www.amazon.co...io/e/B002BMGEVO
LinkedIn : http://www.linkedin....in/marcocasario
 : May 18 2012 08:29 AM
Thanks Marco! I will check it out tonight!
Alejandro Ramirez
Digital Photography Club