Download Latest Version
skce-v2.0-build-169.zip (82.1 MB)
Get an email when there's a new version of StrongKey CryptoEngine
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| fidotutorial-build-124-netbeans.zip | 2016-05-11 | 1.3 MB | |
| fidotutorial-build-124-eclipse.zip | 2016-05-11 | 295.3 kB | |
| U2fSoftwareTokenAndroidClient-build-125.zip | 2016-02-22 | 18.5 MB | |
| README-U2fSoftwareTokenAndroidClient-build-125.txt | 2016-02-22 | 3.4 kB | |
| README-FIDOU2FSimulator-v2.0-build-122.txt | 2016-02-14 | 1.5 kB | |
| SAKA30-ReleaseNotes.pdf | 2016-02-14 | 522.0 kB | |
| FIDOU2FTokenSimulator-src-build-122.zip | 2016-02-14 | 78.7 kB | |
| FIDOU2FTokenSimulator.jar-build-122.zip | 2016-02-14 | 13.5 kB | |
| skce-v2.0-build-124.zip | 2016-02-14 | 62.4 MB | |
| skce-src-v2.0-build-124.zip | 2016-02-14 | 2.7 MB | |
| README-skce-v2.0-build-124.txt | 2016-02-14 | 3.5 kB | |
| Totals: 11 Items | 85.8 MB | 0 | |
StrongKey CryptoEngine Android Client - from StrongAuth, Inc. ------------------------------------------------------------- This is Build 125 of a sample Android Client App that uses a software-based U2F Token Simulator implemented in the app. It can be used to test the 2.0 release of the StrongKey CryptoEngine (SKCE). This is the first iteration of a sample app to demonstrate how an Android app might be used to communicate with the SKCE, a FIDO Certified U2F server. While production implementations of Android apps are most likely to use secure physical U2F devices using a Trusted Execution Environment (TEE) or other Secure Element-based tokens, the software Token allows relying parties to build apps that can be prepared to communicate with the SKCE while FIDO Alliance implementers build their implementations of tokens that will work with wireless protocols (BLE/NFC). This release of the Android app has the following features: - It can communicate with https://demo.strongauth.com, StrongAuth's FIDO U2F server on the internet. This server has a self-signed certificate, so the TLS connection is wired (in code) to trust the certificate in the cacerts truststore built into the app. To port the app to use with another FIDO implementation wil require changing the SKCE webservice calls to whatever the other server supports; - It can execute the Register and Authenticate functions of the FIDO U2F protocol using the SKCE webservices; - It has been tested with a Nexus 5 Emulator in the current version of Android Studio (on a Centos Linux 7.0) desktop with JDK8U72; - It does not store any private-keys on the Emulator, but encrypts the keys with a TEST encryption key and sends it to the FIDO server as the "key-handle" for storage; - It permits multiple registrations for the same username and overwrites existing key-handles. This is not normal FIDO behavior but useful for testing so application testing can focus on getting the application working quickly. Future releases of this app will bring it in line with standard hardware tokens and not permit the registration of new keys on the same token for a specific username and origin combination; - It requires the following SpongyCastle JAR files to build and work (https://rtyley.github.io/spongycastle/). You may choose to either use Maven to pull them into the project or download and place them in U2fSoftwareTokenAndroidClient/app/libs folder before building: -rw-rw-r--. 1 anoor emp 2716822 Feb 18 20:44 core-1.54.0.0.jar -rw-rw-r--. 1 anoor emp 1320088 Feb 18 20:44 prov-1.54.0.0.jar - The SHA256 digests of the zip-file is: 90a06c79e56374ac022f5db1084da6c8d88aeb235912db412940d4d88935a338 U2fSoftwareTokenAndroidClient-build-125.zip - To use the app, type in any username you choose for the Username field, and https://demo.strongauth.com for the FIDO Server field. You must Register a user before using the Authenticate button. The Studio log window for the Android Monitor will display some useful information as it progresses, but other than the success or failure message-text on the UI, there's isn't very much by way of a UI. If you have questions, post them on the forum at this site and we'll get back to you as soon as possible. We're interested in your feedback. Thank you for your interest and support. StrongAuth, Inc.