Skip to content
/ Android-TOTP Public

Android app for TOTP code generation and secure storage of secret data

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

retanar/Android-TOTP

BranchesTags

Repository files navigation

Android TOTP

Authenticator app for generating Time-based One Time Passwords on Android.

App supports adding, removing and editing one time password keys, copying current codes, and exporting/importing data with optional encryption.

Design details

  • Generation is based on RFC 6238, currently only supports SHA-1 as hash algorithm, 30 seconds time step and 6 digit output passwords.
  • Secret values (keys) needed for the TOTP algorithm are stored in an SQLite database encrypted using AES GCM with a 256-bit master key. The master key is generated and stored in a KeyStore using AndroidKeyStore provider. Currently, no user authentication is required to use the master key (it may be added in the future).
  • Exporting can be done without encryption, encrypting only keys or encrypting all data. Data is exported to a json file using kotlinx.serialization library. Encryption uses AES GCM, encryption password is hashed with Argon2id (specifically lambdapioneer's library), IV is stored in the exported file.

Technologies used

  • Kotlin
  • Compose
  • Room with Flow
  • Android Keystore System
  • Hilt
  • kotlinx.serialization

Screenshots

home_screen

How to Build

Requirements:

  • Java SDK of version 19 or lower in JAVA_HOME environment variable - building was tested with Java 17, lower versions may work too.
  • Android SDK in ANDROID_SDK_ROOT environment variable.
  • (Optional) GRADLE_USER_HOME environment variable defines where to store gradle wrapper distributions and some other files. If this variable doesn't exist, Gradle will store its data in <path to user home folder>/.gradle.

Building from command line is described on developer.android.com website here.

On Windows signing also can be done by using a script. It requires any version of build-tools to be installed in Android SDK, and a single signing key named "release-key.jks" in the root. The following commands will build and sign a release apk and put it at app/build/outputs/apk/release/app-release-signed.apk:

.\gradlew.bat clean
.\gradlew.bat assembleRelease
.\sign_release.ps1

To build an apk with IntelliJ / Android Studio, open the project and:

  • For release version - open Build > Generate Signed Bundle / APK and follow the instructions.
  • For debug version - use Build > Build Bundle(s) / APK(s) > Build APK(s) or run assembleDebug task in Gradle.

Generated apk can be found in app/build/outputs/apk folder.

About

Android app for TOTP code generation and secure storage of secret data

Topics

android clean-architecture totp android-keystore hilt

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages