The idpass-smartshare.aar is an Android library that is used to securely share sensitive data. In the present design, it uses Bluetooth. The payload is encrypted with Authenticated Encryption in a 1-to-1 peer-to-peer communication.
The first app generates a per session connection code in params
. The second app acquires this params
connection code. Such exchange of the params
connection code can be done, but is not limited to, through the use of a QR code. The connection code securely identifies the other peer and its public key used to encrypt the payload. This connection code are ephemeral and is regenerated per session in both ends.
The app must initialized with init
:
String msg = "Hello, World!";
BluetoothSecure obj = new BluetoothSecure();
obj.init(getCurrentActivity(),
(log) -> {
System.out.println(log);
},
(msg) -> {
System.out.println(msg);
}
);
The first app must call getConnectionParameters:
String params = obj.getConnectionParameters();
// Let `params` be known to the other peer, for example, visually through
// the use of a QR code generator
obj.createConnection("dual", () -> {
// a secure Bluetooth connection is created
// anytime, the app may now call BluetoothApi.send
});
The second app must call setConnectionParameters:
// Get the `params` connection code. For example, visually through
// the use of a QR code scanner
obj.setConnectionParameters(params);
obj.createConnection("dual", () -> {
// a secure Bluetooth connection is created
// anytime, the app may now call BluetoothApi.send
});
When a connection is created, either app can send a message by:
obj.send(msg, () -> {
// msg sent
});
The incoming messages, the transfer status of inbound/outbound messages, the connection-related events, and the debug log messages are handled in the callback functions specified in init
. The example test application shows the handling of these events.
The mechanism to communicate the params
connection code is up to the application. Such mechanism would include, but is not limited to, through a QR code.