{"id":21655811,"url":"https://github.com/hollowman6/nfc-android","last_synced_at":"2026-05-19T00:08:03.408Z","repository":{"id":105227037,"uuid":"562139423","full_name":"HollowMan6/NFC-Android","owner":"HollowMan6","description":"Aalto University CS-E4300 Network Security D Project 1","archived":false,"fork":false,"pushed_at":"2022-11-29T15:00:38.000Z","size":4321,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-25T06:26:08.286Z","etag":null,"topics":["android","nfc-reader","ticketing-system"],"latest_commit_sha":null,"homepage":"https://nfc-android.azurewebsites.net/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HollowMan6.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-11-05T12:38:05.000Z","updated_at":"2023-02-28T22:06:03.000Z","dependencies_parsed_at":null,"dependency_job_id":"6c4be484-955f-4662-89b6-08c272e2bb84","html_url":"https://github.com/HollowMan6/NFC-Android","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HollowMan6%2FNFC-Android","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HollowMan6%2FNFC-Android/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HollowMan6%2FNFC-Android/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HollowMan6%2FNFC-Android/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HollowMan6","download_url":"https://codeload.github.com/HollowMan6/NFC-Android/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244554134,"owners_count":20471173,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","nfc-reader","ticketing-system"],"created_at":"2024-11-25T08:36:08.022Z","updated_at":"2026-05-19T00:08:03.367Z","avatar_url":"https://github.com/HollowMan6.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NFC-Android\n\n[Back-end](../../tree/backend)\n\n[Documentation and Slides](../../tree/demo)\n\n[Wipe Card](../../tree/wipe)\n\nHide Secret:\n\n```bash\n./gradlew hideSecretFromPropertiesFile -PpropertiesFileName=credentials.properties\n```\n\n## Features\n- [X] Issue tickets with constant number of rides (5).\n- [X] Validate the ticket (check expiry time and remaining rides, decrement remaining rides).\n- [X] The tickets are valid for a certain time (normally one day, use 2 minute for testing) from the time when they were issued.\n- [X] Start the validity period only when the ticket is used for the first time (if initial counter value equals to the current counter value, set expiry time).\n- [X] If the tickets have expired or they have been fully used, reformat the card and issue a new ticket.\n- [X] Issue additional rides (+5) to a card without erasing any still valid ticket.\n- [X] Move the master-key to the Android keystore instead of in an XML file on the reader device.\n- [X] Implement both client and server authentication between cloud and Android App. (API master secret hides with [hidden-secrets-gradle-plugin](https://github.com/klaxit/hidden-secrets-gradle-plugin)).\n- [X] Implement logging of the ticket events to cloud.\n- [X] Implement blacklisting of tickets in the cloud, so that detected forgeries can be added to the blacklist, which is downloaded to the ticker reader. The reader device should be able to work without Internet connectivity, but it should make use of the cloud connection when available.\n- [X] Implement master-key fetching from the cloud, and compare it to the Android keystore cached one. If any difference is found, report it to the cloud.\n\n## Details\n### Application data structure \n\n#### Tag block\n- 4 -\u003e application tag\n- 5 -\u003e version\n\n#### static ticket data block\n- 6 -\u003e max ride number (counter limit), initial counter\n- 7 -\u003e expiration time\n#### Other 2 ticket blocks\n- 8 -\u003e expected counter\n- 9 -\u003e last check-in time\n- 10 -\u003e hmac\n---\n- 11 -\u003e expected counter\n- 12 -\u003e last check-in time\n- 13 -\u003e hmac\n\n#### Logs block\n- 30,31 -\u003e timestamp, remaining ride, type\n- 32,33 -\u003e timestamp, remaining ride, type\n- 34,35 -\u003e timestamp, remaining ride, type\n- 36,37 -\u003e timestamp, remaining ride, type\n- 38,39 -\u003e timestamp, remaining ride, type\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhollowman6%2Fnfc-android","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhollowman6%2Fnfc-android","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhollowman6%2Fnfc-android/lists"}