Giter VIP home page Giter VIP logo

keymaster's Introduction

keymaster

An Android app that implements the role of a "keymaster" in a conversation with anything in the role of "gatekeeper".

A subsystem of ADILOS

Functions:

  1. PIN protection
  2. Create a new cryptographic key with a unique name
  3. Show public version of key as QR code
  4. Show private version of key as BIP38-encrypted content in QR code
  5. Use selected key to create a response to a challenge from a "gatekeeper"
  6. scan, parse and validate a QR code of a gatekeeper challenge
  7. produce and display a QR code of the valid response

Dependencies:

** Android **

  • developed on Ice Cream Sandwich
  • expected to work on at least 95% of Android devices

** Java **

  • developed on Oracle JDK 1.8 on Ubuntu64
  • tested on Samsung Galaxy Nexus

** libsecp256k1 **

  • github.com/bitcoin-core/secp256k1
  • must be cross-compiled to armeabi

** Scrypt 1.4.0 **

  • com.lambdaworks
  • github.com/wg/scrypt

** Google's ZXing library **

  • github.com/zxing/zxing

Pros:

  1. optical-channel
  2. replace physical stuff with virtual keys
  3. no network connection needed
  4. aproprietary, open-source
  5. no third-party required to operate

Cons:

  1. C code called via JNI needs cross-compilation

Where to Start:

Build the C code (needs Android SDK+NDK)

  • download secp256k1 from github
  • cross-compile for target platform using NDK
  • run: keymaster/app/src/main/jni/make.sh

keymaster's People

Watchers

James Cloos avatar Bryan avatar

keymaster's Issues

Bug in BIP38

keymaster uses COMPRESSED secp256k1 public keys.

BIP38 encryption includes a calculation of a bitcoin address and implicitly requires UNCOMPRESSED keys.

Replace keymaster/cryptils package with the updated bitsanity/cryptils project library.

Signed APK build fails due to scrypt jar

Root cause: wg/scrypt#50

Pure-java implementation of scrypt has poor performance so the author also includes shared-object binary files to be used through JNI:

lib/x86_64/darwin/libscrypt.dylib
lib/x86_64/freebsd/libscrypt.so
lib/x86_64/linux/libscrypt.so

Building the APK throws
com.android.tools.build.bundletool.exceptions.BundleFileTypesException$FileUsesReservedNameException: File 'root/lib/x86_64/darwin/libscrypt.dylib' uses reserved file or directory name 'lib'.

keymaster only uses the pure-java part so the offending objects can be removed from the jar.

Play Rejected

Google rejected due to violation of ad policy. The app relies on a separate app called ZXIng available free/open-source from the Playstore. The app tries to run this using the Intent mechanism, and if it is not found it redirects the user automatically to the ZXIng on Play which is mislabeled "Shopping" and this is the source of confusion.

Update to make it more obvious to the user this dependency and redirect them to Play by choice.

Includes newlines in QR code

Keymaster does not set the Base64.NO_WRAP flag in call to Base64.encodeToString() so the result can contain newlines.

This should be fixed in keymaster but also kgagent and gatekeeper implementations should be prepared to strip out whitespace and newlines.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.