Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/eriknellessen/Virtual-Keycard

Decrypt and sign your e-mails with your smartphone instead of using a contactless smartcard
https://github.com/eriknellessen/Virtual-Keycard

android smartcard

Last synced: 18 days ago
JSON representation

Decrypt and sign your e-mails with your smartphone instead of using a contactless smartcard

Awesome Lists containing this project

README

        

# Welcome

This software system allows you to decrypt and sign your e-mails with your smartphone instead of using a contactless smartcard. The smartphone communicates with your PC via NFC (as a contactless smartcard would).

![Alt text](overview.png?raw=true "Overview of the involved components")

The associated bachelor's thesis can be found here:
http://sar.informatik.hu-berlin.de/research/publications/SAR-PR-2014-08/SAR-PR-2014-08_.pdf

Warning: This is just proof-of-concept code and should _NOT_ be used in
production environments

# Tested platforms:

* Android 4.4 Kitkat on Nexus 5
* Android 4.4 Kitkat on LG G2 Mini

The Android app only works on Android 4.4 Kitkat and higher.

# Building

[![Build Status](https://gitlab.com/eriknellessen/Virtual-Keycard/badges/master/pipeline.svg)](https://gitlab.com/eriknellessen/Virtual-Keycard/-/pipelines?ref=master)[![Code Coverage](https://gitlab.com/eriknellessen/Virtual-Keycard/badges/master/coverage.svg)](https://gitlab.com/api/v4/projects/15583775/jobs/artifacts/master/download?job=debugTests)[![Code Quality](https://img.shields.io/badge/code%20quality-download%20report-blue)](https://gitlab.com/api/v4/projects/15583775/jobs/artifacts/master/download?job=code_quality)

To create this app, eclipse was used.

To use the app, build it using the makefile in the following way:

```sh
make ANDROID_SDK_ROOT=$ANDROID_SDK_ROOT
```

I used adt-bundle-linux-x86-20131030 as SDK. The OS on which I build the app is Debian Jessie (32 Bit).

# Installing

Executing the command

```sh
make Android-install
```

will install the app on your smartphone. Make sure it is connected to your PC and USB debugging is enabled!

# Using

For usage, see page 48 and following of the bachelor's thesis.

To get a certificate onto the smartphone, you may use the Makefile.

This will create the PKCS15 files on the smartphone:

```sh
make create-pkcs15-files
```

This will generate a 2048 Bit RSA Key on the smartphone:

```sh
make generate-key
```

This will show you the slot id, which you might need for the next step if it is not 01:

```sh
make show-slot-and-id
```

This will create a Certificate Signing Request. You may specify the information for the distinguished name and the slot, if necessary:

```sh
make create-csr
```

So in the end you could do something like:

```sh
make create-csr SLOT=02 COMMON_NAME="Erik Nellessen" [email protected]
```

You can have a look at the CSR by executing:
```sh
make show-csr
```

Now you need to sign the certificate signing request with a CA. The Makefile target creates a demo CA using openssl. After that, it signs the certificate. You may specify the path to your openssl.cnf in the OPENSSL_CONF environment variable.

```sh
make get-cert
```

The last step is to store the certificate on the smartphone:
```sh
make store-certificate
```

Now you can configure Thunderbird/Icedove as described in the bachelor's thesis on page 51 and start decrypting/signing e-mails!

Have fun!