The main goal of the Netwatch team is to use the security features of the Android platform, namely the Android Keystore system, to provide a way for the enmeshed Crypto Abstraction Layer to interact with mobile devices. The Android Keystore system lets you store cryptographic keys in a secure container to make them more difficult to extract from the device. Sensitive operations are delegated to a secure processor reached through some kernel interface. The resulting architecture looks like this:
The overall goal of the project is to create a Rust-based wrapper that connects the HSM (Android Keystore) with the Crypto-Abstraction Layer provided by j&s-soft.
Note: This repository only houses the prototype designed to demonstrate the functionality of the android CAL implementation. To view the actual implementation, go to the official CAL fork repository page.
- Encryption & Decryption
- Verification & Signing
- Device attestation
- Rust Programming Language: Install the latest version of Rust on your system. You can install Rust through rustup.
- Android Studio with the NDK and CMAKE SDK tools enabled.
- Clone the repository:
git clone https://github.com/cep-sose2024/netwatch.git- Install
cargo-ndk
cargo install cargo-ndk- Add android toolchain:
rustup target add armv7-linux-androideabi- Navigate to the prototype wrapper directory:
cd netwatch/prototype_rust_wrapper- Build the library:
cargo ndk -t arm64-v8a -o ../prototype_new/app/src/main/jniLibs build- Run the prototype Java application using Android Studio.
We welcome contributions from the community. Please submit a pull request if you detect any bugs, have ideas for enhancements, or would like to add new functionality.
This project is released under the MIT License.
- Special thanks to j&s-soft for providing the Crypto Abstraction Layer.