Skip to content

cryptographic-id/cryptographic-id-flutter

BranchesTags

Repository files navigation

Cryptographic ID

Attest the trustworthiness of a device using asymmetric cryptography

Get it on Google Play Get it on F-Droid

Use cases

Attest the state of a Linux computer

When your computer is in a trustworthy state, you can generate a private key hidden in the TPM2 of your computer. This private key can be sealed with the current state of the computer (PCRs). Then the computer can only sign a message with this key when it is in the correct state according to the PCRs. For example, you can seal the key against the secure boot state (PCR7). If your computer is booting an operating system signed by another vendor, the TPM2 cannot unseal the private key. So if your computer can generate a correct signature, it is in this known state. You can create a sealed private key and create such a signature with cryptographic-id-rs. This is similar to tpm2-totp but uses asymmetric cryptography. This means you do not need to keep the verification code secure. You can share it safely with the world.

Verify the identity of a phone

You can generate a private key when your phone is in a trustworthy state. If your phone can create a correct signature, you know it is the same phone. Since the operating system can access the private key, the security guarantees are much weaker than with a TPM2. So the verification is just as secure as your phone. If you use Graphene OS, also have a look at Auditor.

Verify that a person is in possession of a private key

This works as well as the section above but has the same shortcomings. It can be used to verify someone in person when he sends his public key to you in advance over a secure channel.

Setup development environment

Install the dart protobuf plugin:

flutter pub global activate protoc_plugin

Generate the protobuf dart files:

git submodule update --init --recursive
mkdir -p .dart_tool/flutter_gen/protobuf/
protoc --proto_path=lib/cryptographic-id-protocol --dart_out=.dart_tool/flutter_gen/protobuf lib/cryptographic-id-protocol/cryptographic_id.proto

Build

You can build the app via

flutter build apk

Development

To run the app in development mode on your phone, run

flutter build

Release

Android

If you don't have a keystore yet, create one:

../path/to/android-studio/jre/bin/keytool \
	-genkeypair -v \
	-keystore path/to/keystore.jks \
	-keyalg RSA -keysize 4096 -validity 20000 -alias cryptoid

Create android/key.properties:

storePassword=...
keyPassword=...
keyAlias=cryptoid
storeFile=path/to/keystore.jks

Create release:

flutter build apk --release

Contributing

Please use flutter analyze before opening a pull request.

Screenshots

Overview dark

Show id

Signature recent

Signature past

Signature invalid

Signature unknown

Sign id

Overview light

About

This is a mirror of https://gitlab.com/cryptographic_id/cryptographic-id-flutter/

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

17 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages