Android-Password-Store
Android-Password-Store copied to clipboard
android-password-store
Support OpenPGP hardware keys
Integrate hwsecurity to delegate decryption operations to OpenPGP security keys. This has been tested with NFC and USB hardware.
The integration point is a new callback to CryptoHandler.decrypt that provides the encrypted session key and expects the decrypted PGPSessionKey in return. The implementation then delegates as much as possible to hwsecurity's OpenPGPSecurityKeyDialogFragment.
Importing is handled by creating GnuPG-compatible stub keys, so no change to key storage is required, and it should be possible to import a secret keychain with stub keys that was exported from GnuPG. The import activity also prompts to "pair" a hardware key when importing a public key, so one could download their key from a keyserver and have hardware support without too much work.
Future improvements:
- Support import from keyservers, so the only manual step in the best case would be to insert a hardware key.
- The hwsecurity dialog is kind of ugly and doesn't fit well with Material 3.
- Most of hwsecurity is unneeded for this implementation, so a new library could be much slimmer and more modernized.
- It would be nice to view and manage hardware devices in the key management UI.
TODOs:
- [x] PGPainless callback API: https://github.com/pgpainless/pgpainless/pull/322
- [x] APS hwsecurity fixes: https://github.com/android-password-store/hwsecurity/pull/2
- [ ] Find a way to defer the password dialog until needed by PGPainless, as OpenPGP keys aren't password-protected.
- [ ] Test ECDH decryption
Thanks for pushing this up! Realistically I will only be able to review it in a few days, but I've left some notes about your suggestions for future improvements.
- Support import from keyservers, so the only manual step in the best case would be to insert a hardware key.
I don't think I'd want that, keyservers are a fairly cursed domain that I don't wish to include in the app.
- The hwsecurity dialog is kind of ugly and doesn't fit well with Material 3.
I'll see if I can do something about that
- Most of hwsecurity is unneeded for this implementation, so a new library could be much slimmer and more modernized.
Let's avoid additional maintenance burden if it's not strictly necessary.
This is a bigger issue now for some Android users since OpenKeychain has stopped working on some versions of Android 13. https://github.com/pgpainless/pgpainless/pull/323 has been merged, does that hopefully unblock some things relevant to this PR?
This is a bigger issue now for some Android users since OpenKeychain has stopped working on some versions of Android 13. pgpainless/pgpainless#323 has been merged, does that hopefully unblock some things relevant to this PR?
It was never really blocking the PR since we've been using a source dependency for the relevant PGPainless branch, the larger body of work here is to refine the user experience and ensure all edge cases are properly handled. This branch is also fairly out of date so I'm going to spend some time today rebasing it, but there are much more important things for me to work on so this PR is still on the back burner.
I've rebased the branch and preserved the previous state here in case there are any newly introduced errors in the rebase.
Are there any plans to continue this draft or to replace it with a new MR? Currently the new v2 has a regression, since the old OpenKeychain integration supported hardware keys.
Are there any plans to continue this draft or to replace it with a new MR? Currently the new v2 has a regression, since the old OpenKeychain integration supported hardware keys.
As of right now, no. There is an upper limit on how much I can do alone and this does not currently fit into my availability. I do intend for this to be merged at some point but cannot promise any timeline for it.