Support for Yubichallenge with KeepassXC DB

[jskvbinmv]

Databases created with KeepassXC and secured with password and Yubikey Challenge Response don't trigger the yubichallenge app. Instead they open the file browser dialogue.

Please add funcionality for KeePassXC databases and Challenge Response

[JRussell]

Challenge Response fix would be fantastic! If you need any early testers let me know. I use a Yubikey 4(no NFC) and would love to eventually have support for that. I'm in the beta group for KP2A also.

[RinnosukeETQW]

Add me to the list of people who have a yubikey 4 and would like USB-OTG support. keepass2android is the only reason I'm not using my yubikey for keepass at the moment.

[andmib]

Also very interested in giving this a shot. How will we know when/if this is implemented? I'm eager to protect my KeepassXC database with challenge-response.

[whereisaaron]

@JRussell @RinnosukeETQW doesn't inserting a non-NFC yubikey suppress the Android on-screen keyboard? Or are you using Android as a desktop and don't care about that?

[RinnosukeETQW]

@whereisaaron nope, fully able to use on screen keyboard with a USB yubikey inserted here, and that's on a note 8

[mvevitsis]

I really want this too.

[PhilippC]

the KeepassXC implementation has been updated so it should now be possible to implement this. Current obstacle is that I simply don't find my Yubikey anymore :-(

[jskvbinmv]

@PhilippC I might be able to help with testing if you tell me how.

[PhilippC]

thanks for the offer, but I'll need a physical device for testing on my own. I'll search, search and search...

[RinnosukeETQW]

If you can't find it, I'm sure there's plenty of people who recently replaced their 4 thanks to the infineon bug that will have an old one. I mean it was a free replacement so why not? The issue with those yubikeys was PGP so yubichallenge should work just the same.

[rmenessec]

@RinnosukeETQW

If you can't find it, I'm sure there's plenty of people who recently replaced their 4 thanks to the infineon bug that will have an old one.

And there was a flaw before that that affected the NEOs, too. I have several older YubiKeys about the place.

[andmib]

@PhilippC I will help pay for a YubiKey 4 NEO. If you give me your info or donate linked or whatnot, I can send (money) over. I'm very interested in seeing this implemented.

[tuxinaut]

@PhilippC @andmib me too

[yubichris]

@PhilippC go to yubi.co/support, let us know what YubiKey model(s) you require, and we'll send them to you :)

[PhilippC]

thanks for your comment, @yubichris . I tried this a while ago but without answer. Hope it will work this time!

[Bassetts]

@PhilippC did you get anywhere with Yubico? If not I am happy to donate either Yubikey(s) or to give a monetary donation towards the model(s) you would require.

[PhilippC]

@Bassetts yes, I have received a Yubikey. I am pretty busy with a few other things during the next weeks so this might still take a bit of time, but I will definitely try to bring it into the 1.05 release.

[IPv777]

+1

[racemouse83]

Awesome, been waiting for this to happen for a long time so I can migrate from not-so-nice KeePass to a-lot-more-nice KeePassXC while still using my YubiKey. :) Not to stress you but do you have any estimate when 1.05 can be in beta? @PhilippC

If there is any testing etc one can help out with, please shout!

Thanks for your awesome app!

[racemouse83]

Interesting commits! Thanks a lot! :) Do you have a time plan when this functionality will be included in an google play beta/release?

[PhilippC]

unfortunately there are some issues in the current implementation leading to data corruption depending on where in the app a change is made (i.e. the save is triggered). Will have to investigate this closer.

[bungabunga]

it looks like this feature is now supported in the newest beta but i still can't open the database with my Yubikey NEO via NFC. there's a button "load OTP auxiliary file" there, perhaps it shouldn't be since i choose "password + challenge response" option? i'm on android 8.0. tnx!

[PhilippC]

unfortunately I did not find a quick fix for the issues noted above. I have thus moved this to the "1.05b" milestone. I will first publish 1.05 to stable channel and then work on 1.05b.

[rmenessec]

Quick question: will the finalized code support KDBX v4 files? Once I realized that KeePassXC had (or added?) v4 support, I replaced all copies of my older databases with new files using KDBX v4, AES-256, with Argon2 (Argon2id?) hashing and 8 or more transform rounds.

At present, I'm only using KeePass2Android to save credentials for a few non-critical sites; and I'm relying on encrypted, cross-platform clipboard functionality or QR codes as necessary to get credentials from KeePassXC on desktop platforms into login forms on Android.

[wbedard]

@rmenessec, not sure if it's final code or not but I've been using a KDBX v4 (AES-256, Argon2 KDF) database as my day-to-day password store with no issues at all since the code was originally committed months ago. So long as it's protected with just a password, it's fully compatible with both keepass2android and KeePassXC.

[RinnosukeETQW]

that commit seems to only use the neo's NFC like before, any word on adding USB support?

[PhilippC]

I just released the first implementation of this to the beta channel (https://play.google.com/apps/testing/keepass2android.keepass2android). Please consider the feature experimental and always have a backup of your database! Please let me know if everything works as expected.

Note that your database must have the KDBX4 format for this to work. (KDBX3 databases have another Challenge-Response-Implementation in KeepassXC which cannot be integrated into KP2A).

[eest9]

Hi, I tried it 3 times with my Yubikey neo, but I failed every single time. After each try this error code occurred.

"wrongly composed key!"

[mario-tux]

I was able to open/modify a database created by keepassxc (converted to format KDBX4) but I was not able to create a new database on the phone using the beta version.

[eest9]

Okay. My fault. It was an ID-10-T Error. (had to update the database)

Now it works like expected! Thanks for all your awsome work! :+1:

[wbedard]

I was unable to open a database I created for the purpose of testing this workflow. The KeePass2Android log file can be found here (https://pastebin.com/LLedVcet) and the test conditions are as follows:

Database creation platform: KeePassXC 2.3.3 on Windows 7 (64-bit) Database properties: encryption - AES-256; KDF - AES-KDF (KDBX4); ~500K transform rounds; master key - password + Yubikey Challenge-Response

Android testing platform: Nexus 6 running Android 8.1 (custom ROM) YubiKey device: YubiKey NEO (NFC) running firmware v3.0.2 Application version: KeePass2Android v1.06-pre1

Let me know if I can provide any add'l useful details. Thanks for all your continued efforts to develop this app!

[PhilippC]

the error you are seeing is "YubiChallenge cancelled". Does this happen when you swipe the Yubikey or do you press the back button?

[wbedard]

I swipe the YubiKey when I get prompted. Once NFC registers, it returns to the app with the toast messages showing.

[rmenessec]

@wbedard, apologies in advance if this is a stupid question. However: when you say "swipe," do you mean "swipe," or are you holding the YubiKey in place for at least 4-6 seconds? I ask only because, if you haven't used the NEO's NFC functionality before on Android, you may not be aware that it can take some time for the NFC transaction to finish.

I use the Yubico Authenticator for Android regularly, and that requires about 4-5 seconds to complete its transaction. Despite the "success" notification sound I get almost immediately from Android, moving the YubiKey away from the phone right away causes Yubico Authenticator to fail to finish its transaction(s), and Authenticator throws an error.

I'm also using a Nexus 6; originally with the stock Google 6.0.1 - 7.1.x firmware; then the 7.1.2 - 8.1.0 (ROM 14.1, 15.1) releases from the LineageOS project.

[wbedard]

@rmenessec Thank you very much for the tips on NFC. When I used the term "swipe", I was mainly referring to the action of moving the YubiKey around until NFC registers it. While I don't have tons of experience working with NFC devices, I've never heard of one taking as long as you mentioned to return a response. However, what you describe would certainty explain the error that KP2A reported in it's log. I will certainly give it another shot taking your advice into account.

[wbedard]

@rmenessec Unfortunately, I still wasn't able to open my test DB. In my experience, it took less than 2 seconds from the time I got the YubiKey in position (little to no "swiping" in this latest test...) to getting back to the app with an error toast. If you have the time, I would welcome you sharing the details of your end-to-end setup that is working for you. Thanks again for sharing your input.

[xfxian]

Did you press the button while in the field? You have to actively press the button on the NEO when using NFC

Am 04.07.2018 21:32 schrieb wbedard notifications@github.com:

@rmenessechttps://github.com/rmenessec Unfortunately, I still wasn't able to open my test DB. In my experience, it took less than 2 seconds from the time I got the YubiKey in position (little to no "swiping" in this latest test...) to getting back to the app with an error toast. If you have the time, I would welcome you sharing the details of your end-to-end setup that is working for you. Thanks again for sharing your input.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/PhilippC/keepass2android/issues/4#issuecomment-402547760, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AAs4miSLD5KZwttuMQyrmxtDbjRaDuRGks5uDRhPgaJpZM4Piper.

[electrofloat]

No you don't. That is a - unfortunately - very common misconception. You don't have to press the "button" on the NEO while using NFC.

The NEO does not get enough power through NFC to power the button.

[wbedard]

@rmenessec As a quick follow-up, your mention of the Yubico Authenticator app got me looking into whether I could get that app to work with my NEO. As it happens, I kept getting a msg about an error communicating with the YubiKey. For now, I've filed a support ticket with Yubico and will let you know if anything noteworthy comes from it.

[rmenessec]

@wbedard, that's good to know.

That is—I'm sorry that it sounds like the NEO might be having issues, but, selfishly, it's good to hear that the problem likely isn't KP2A.

Do you have some other NFC devices you can use to test the NFC interface on your Nexus 6, just to rule out an issue on that end? Some smartcards—like the NEO—are dual-interface units with both the surface contacts and NFC circuitry. (I just tested a couple of my credit cards; they aren't NFC-capable, sadly.)

If you don't have any other NFC devices or tags to test with, I'd recommend getting a few cheap programmable NFC tags; I was able to find a small assortment of NXP Semi NTAG216 stickers a couple of years ago on Amazon for a fairly reasonable price, and I would guess NFC tag prices have only come down since then. (The NTAG216 has 888 bytes user-writable memory; the 213 and 215 have 180 and 540 bytes, respectively.)

I use the tags in combination with NFC Tools / NFC Tasks to automate some simple tasks when my Nexus 6 has the screen locked, and I don't feel like entering my password just to toggle WiFi on/off or similar.

Only NFC Tools is necessary for reading / writing tags, and I don't believe the free version is limited in a way that would make testing difficult. (I only have Tasks installed right now, but I can reinstall Tools and find out.)

There are other NFC read / write apps on the Play Store; some free, but I haven't personally tried them. I also see one F/OSS NFC reading app with NDEF Push supported for phone-to-phone communication, available on F-Droid. I'm also just now seeing Smart Card Emulator and Smart Card Reader, which look fascinating, and might also be useful for testing.

[rmenessec]

@wbedard, one last thing that occurred to me: I have a fairly thin, non-metallic case on my Nexus 6, but it's still thick enough to prevent the NEO from working unless it's positioned very carefully, just above the NFC transceiver. If you have a case—any material, even plastic—on your phone, it could be just thick enough to prevent a good connection between the NEO and your Nexus' NFC transceiver.

[wbedard]

@rmenessec Thanks for the add'l insights. My Nexus 6 doesn't have a case and I've had no problem using smart cards or RFID tags in the past. I also didn't have a problem pulling a full scan on my YubiKey using the NXP TagInfo app, which is a desired step in submitting a trouble ticket with Yubico. I imagine that the issue I am seeing is due to some aspect of the software side of my YubiKey but we'll see what Yubico says.

[rmenessec]

@wbedard, well, shoot. I'm sorry. That does sound like some issue with the NEO. Could be just configuration, though. If there's a hardware issue, I've gotten great support from Yubico in the past; they seem to have excellent warranty coverage. In addition to getting several affected YubiKeys replaced for free in the past when security flaws were revealed in the NEO, they've also replaced one of my 4 Nanos for free when I experienced an apparent hardware issue.

(You're aware of the past security bulletins for the YubiKeys, right? If not, best contact Yubico and get your keys replaced—if affected—in any case. Their security bulletins... all four so far... are listed here.)

[wbedard]

@rmenessec Well, we're starting to make some progress. Yubico got back to me and identified that my NEO was an early "developers" version that didn't have all the JavaCard apps that are now standard on the production versions. They gave me instructions on how to install the OATH app and that allowed me to use my NEO with the Yubico Authenticator app for Android. However, I still am unable to open a test DB in KP2A that requires Chall-Resp. I'm not sure if there's another app that I'm missing or, however unlikely, an residual issue in the KP2A app. Unfortunately, I'm doubtful that I would get as quick and productive a reply from Yubico if I filed another ticket referencing this pre-release 3rd-party app. I'm going to take a break on this for now but I may re-engage once the KeePassXC compatibility has gotten a bit more exposure and testing.

Oh BTW, I am aware of the security vulns which almost certainly apply to my device. I've had my eye on their just-released FIPS 140-2 line of devices and will almost certainly pick one up, which may also solve my issue in this thread.

[rmenessec]

@wbedard, the problem with the YubiKeys is that it's not possible to upgrade the firmware, due to the tamper-resistant design; you can install smart card-compliant apps, yes, but not upgrade the actual firmware. If they somehow got you pre-release hardware by mistake, I'd just ask them to fix the problem by replacing the NEO with a production model.

Just for reference, FIPS 140-2 doesn't guarantee that something will be secure; only that it passed 140-2 testing and certification. Many 140-2 products have later been demonstrated to have quite shocking security flaws. 140-2 itself isn't a feature, nor is it a protocol. It doesn't have any inherent benefits; it merely describes a testing and certification process.

I'm looking at the 140-2 product page now, and all the specifications for the 140-2 keys appear to be identical to the existing 4-series YubiKeys. The only difference I can find is the FIPS certification. If you don't work for a government agency or other entity that requires FIPS compliance, I don't think the FIPS-labeled keys will have any special value to you beyond a regular 4-series.

... Also, I don't see a "YubiKey NEO FIPS."

If you're planning to wait for a new product release, I would give the 140-certified keys a miss and wait for the first YubiKeys that support FIDO2, other than the new FIDO2 "Security Key." Support for FIDO2 is—or will be—a genuine feature and benefit.

... In the meantime, though, I would go ahead and get the existing NEO(s?) replaced; especially if you qualify for no-hassle replacement under their security flaw remediation.

[rmenessec]

@wbedard, one question, to clarify: I saw you mentioned that you have the YubiKey NEO working with KeePassXC, using a KDBX4 database and HMAC-SHA1—is that using the same NEO as the one you're testing against the Nexus 6?

[wbedard]

@rmenessec Yes, I use the same NEO to encrypt my test DB in KeePassXC that I'm trying to use to decrypt it on the Nexus 6. That seems like an odd question...please clarify if I may have missed something subtle.

BTW, yeah, I did notice that the FIPS line doesn't include an NFC model. I'm still interested in that line for use at work but I definitely agree that the FIDO2 certification is far more useful to me in day-to-day use.

[rmenessec]

@wbedard, sorry for the late response. I was toying with the possibility that you might have used different NEOs and thus (possibly) different SHA-1 seeds on the two test platforms, either on purpose or by accident. I was also considering the possibility of getting different results with different firmware revisions on more than one NEO.

(Correct me if I'm wrong, but I don't think that Yubico provide a firmware changelog, so we can't see what might have been fixed... or broken.)

[mabachel]

Hi, I just installed KP2A 1.06-pre1without the caf42d4 commit and ykDroid 1.0 (I cannot install the debug version due to an problem while parsing the package) on my Nexus 5 (hammerhead) with Official LOS 14.1 (14.1-20180628-NIGHTLY-hammerhead) installed.

@pp3345

I might have an idea what's going on, but I am not sure. Can you please try the following APK: https://dev.pp3345.net/ykdroid-debug-signed-3f38214+.apk

It adds some debug output and a small change to NFC handling which might or might not help. In any case, please attach the logcat output from ykDroid after testing.

My database has been created using KeePassXC 2.3.3 under Fedora 28 and uses ChaCha20 and Argon2 (KDBX4) with compression enabled. Its master key is Challenge Response (YubiKey NEO Solt 2 Firmware 3.3.0) only.

In the KP2A app I've choosen "Password + Challenge-Response for Keepass XC" and did not enter any password before hitting the "UNLOCK" button. ykDroid shows up with Slot2 preselected but cannot find my YubiKey. After about 30 seconds I clicked on the back button. LOGCAT yubikey.txt

The same behaviour occurs if I use a database with password + Challenge Response and enter the password before I hit the "UNLOCK" button. LOGCAT yubikey2.txt

With ykDroid uninstalled the behaviour is again the same as in the first and second attempt. LOGCAT yubikey3.txt

NOTE (!) that my YubiKeys NFC might be broken because Yubico Authenticator nor YubiClip are working. Unlock via USB ony my PC with KeePassXC is working though.

If I connect my YubiKey NEO via an OTG cable, Yubico Authenticator and ykDroid recognizes the insertion. Entering the master key password is not possible with the YubiKey conncted because the on-screen keyboard does not open. If I enter the password first, hit "UNLOCK" and then connect the YubiKey it does not work either. One time a button press on the YubiKey tried to switch between Slot 1 and 2. LOGCAT yubikey4.txt

I hope my logs help rather than confuse..

[pp3345]

Thank you for your tests, @mabachel.

Your NFC logs don't show any hint of ykDroid or Android detecting the YubiKey at all. You may test whether NFC is working at all by turning up the (ringtone or media, not sure) volume of your device and swiping the YubiKey over the NFC sensor on the home screen without any apps open. Android should play a sound and nothing else should happen (or a yubico.com page showing the serial number of your YubiKey might open in the browser). You can try the same procedure with any other Android device that supports NFC to test whether the issue is caused by the YubiKey or your Nexus 5, this shouldn't impose any security risks.

Entering the master key password is not possible with the YubiKey conncted because the on-screen keyboard does not open.

This is expected behavior. When no user mode driver (like ykDroid) is attached to the YubiKey, Android (precisely, the Linux kernel) will attach its own default USB-HID driver to which the YubiKey presents itself as a USB keyboard. Thus, Android thinks that there is a hardware keyboard attached and therefore doesn't show the on-screen keyboard.

Note that there is still an issue with the integration of ykDroid in Keepass2Android which causes problems when using USB. This will be fixed when #449 is merged. Nevertheless, the transaction within ykDroid itself should work fine, but your logs (yubikey4.txt) show that the response retrieved from the YubiKey is malformed. This could be caused by a bug in the ykDroid USB driver.

I cannot install the debug version due to an problem while parsing the package

Not sure why that happens, but can you please try this build: https://dev.pp3345.net/ykdroid-3f38214++-debug.apk This build isn't signed, so you'll need to uninstall ykDroid before installing this one. It contains additional debug output both for NFC and USB that should help diagnose the issue. Please attach the logcat output again. Please note that the logcat output from this build will contain both the challenge and possibly the response, so you'll probably want to use an empty database for testing if you don't want to leak the response value.