Skip to content

Latest commit

 

History

History
106 lines (81 loc) · 4.93 KB

README.adoc

File metadata and controls

106 lines (81 loc) · 4.93 KB

Yubico Mobile SDK (YubiKit) for Android

YubiKit is an Android library provided by Yubico to enable YubiKey support in Android apps. Both USB and NFC-enabled YubiKeys are supported.

Note
Version 2.0 breaks compatibility with 1.0. See the migration guide for some pointers on migrating.

For more information on the various concepts and features used in this SDK, see our YubiKey Concepts overview.

The library includes a YubiKit Android Demo application, which provides a complete example of integrating and using the features of this library in an Android app. While this demo is written in Kotlin, the library itself is written in Java, and can be used by both Java and Kotlin.

Changes to this library are documented in the NEWS file.

About

The SDK is split up into multiple modules. Each module has its own documentation and can be used independently of the others. All YubiKit modules include javadoc and additional resources deployed with the library archive. Refer to the javadoc documentation detailed about the APIs methods, properties, and parameters. The SDK is versioned as a whole: You should not mix YubiKit modules with different version numbers. The modules are:

Core

The core module defines the main SDK concepts and provides interfaces for interacting with a YubiKey, as well as common utilities used by the various other modules. All other modules depend on this.

Android

This module provides concrete implementations for the interfaces in core, the YubiKitManager class which is used to get a reference to a YubiKey, as well as various reusable UI elements.

Fido

This module adds FIDO2 support. Current implementation supports Webauthn Level 2 and CTAP 2.1 for managing FIDO credentials on YubiKeys.

Management

This module provides the ability to read out metadata from a YubiKey, such as its serial number, and firmware version. It also allows changing the configuration of a YubiKey, to enable/disable other applications, etc.

YubiOTP

This module lets you configure the YubiOTP application. This includes configuring the two "keyboard slots", and using the Challenge-Response functionality.

OpenPGP

This module lets you use the OpenPGP smart card application on a YubiKey and execute operations such as OpenPGP PIN management, key import and generation (including RSA4096, ECDSA and Curve25519 on supported YubiKeys), encryption, decryption, signature and signature verification.

OATH

This module lets you configure and use the OATH application on a YubiKey. It can store and use up to 32 OATH (TOTP or HOTP) credentials.

PIV

This module lets you configure and use the PIV application on a YubiKey. It supports importing, generating, and using private keys. Reading and writing data objects such as X.509 certificates, and managing access (PIN, etc).

Support

This module contains helper functionality such as getting information about YubiKeys.

Getting Started

A good place to get started is to clone the repository and try out the included demo app. To integrate the SDK into your app, add the desired dependencies to your Gradle configuration, and proceed with the instructions provided with the modules you are using, starting with the Android module.

Support

If you run into any issues during the development process, please fill out a developer support ticket and our team will be happy to assist you.

FAQ

Q1. Does YubiKit work with all versions of Android?

A1. All YubiKit modules should work on Android API 19+. Yubico typically tests and supports n-1 per https://en.wikipedia.org/wiki/Android_version_history.

Q2. How can I debug my app on Android when a YubiKey takes up the USB port?

A2. Set up Android Debug Bridge (adb) debugging over WiFi: https://developer.android.com/studio/command-line/adb#wireless

Q3. Why is the USB device permissions prompt shown every time the YubiKey is connected?

A3. This is an Android limitation. Android handles these permissions at the OS level. The only workaround is to use an intent filter, as described in the Android Developers Guide USB Host Overview. However, if you apply this filter to remove the permissions prompt, then you cannot prevent your app from launching automatically whenever the YubiKey is connected.

Q4. Does the YubiKit support both USB and NFC?

A4. Yes. The Android module provides functionality to detect and connect to YubiKeys over both USB and NFC.

Additional Resources