Image Removed

Description

AlisonSDK Mobile is a native library for IOS and Android platform. 

This library generates CAdES digital signatures for strings, and allows installation of digital certificates under a security policy that protect the certificate usage.

This library offers a similar behaviour under both platforms, complying with a common security policy layer. This security policy protects certificate usage, controlled by the certificate issuer.

Platform compatibility

IOS

Download

You can download latest stable release of AlisonSDK-Mobile:

• AlisonMobileIOS
• AlisonMobileDroid
• AlisonCordovaPlugin

Future Releases

It is possible to access future releases of the library to test new features to be implemented.

.

Related Product

Security Policy defines rules to protect certificate usage.

Following fields can be included into a security policy.

This action is executed after reaching the max_try value. 

• lock disables certificate usage for fail_timeout minutes. 
• erase destroy the certificate from the keystore.

Note: a typo was introduced in original library and is maintained by backward compatibility.

Security Level table

.

Methods

List of available methods.

AlisonMobileSDK is a static class used to define some general behaviours of the library and to obtain execution results..

This class must be used to initialize the library before of using any of its methods or classes.

This method must be invoked after OnCreate callback and before of SetContent function. This is required condition to setup the language correctly.

initializeAlisonMobile(	String initializeName, String language, 
					   	boolean notification, Context context, 
						String baseUrl );

it must indicate a unique identifier for the library. This identifier is used to mark those certificates related to this application. 

language of the messages to show to the user. Other values can be used but programmer must extend the language definitions provided by the library.

if none (null) value is defined, then the library uses the OS language.

.

String getLibVersion();

This method can be used to determine the library version. This can be useful under certain development conditions. This is a static method of AlisonMobileSDK.

.

This library is implemented as an general administrator of operation to be performed. Each operation has its own result, which is communicated to the caller throw the corresponding callback.

The function onActivityResult(int requestCode, int resultCode, Intent data) is used as a callback.

Each kind of operation has a specific class, and specific methods to use.

This class can be used to generate a signed authentication token. This token is used to determine the certificate used to login into the application.

authOp = new AlisonAuthOperation(String certAlias);

Receives the certificate alias that identify the certificate.

If none parameter is provided, then the library select automatically the certificate to be used.

.

This class can be used to generate a signed authentication token. This token is used to determine the certificate used to login into the application.

authOp = new AlisonAuthOperation(String certAlias);

.

This class can be used to generate a signed authentication token. This token is used to determine the certificate used to login into the application.

AlisonAuthOperation authOp = new AlisonAuthOperation(String certAlias);

.

This class can be used to generate a signature of a string.

The signature is CAdES format, without data included into it.

signOp = new AlisonSignatureOperation(String text2sign, String certAlias);

If none certAlias is specified, then the last used certificate is selected for this operation.

If there is more than one certificate that can be used, then the select-certificate windows is displayed.

.

AlisonAuthOperation

Detect if some certificate provider (AlisonDesktop) is installed and enabled into the browser.

These methods allow to check if Alison-Desktop is running, and if it is enabled into the browser used. These method must be used after Alison-Desktop initialization returning an error code 20404.

If method initialize() was successful, it's not necessary to call any of these methods.

Available from version 3.0.1+.

isRunning()

Detect if Alison-Desktop is running.

isRunning(): Promise<{ result: boolean }>

isEnabled()

Detect if Alison-Desktop is enabled into the browser used.

isEnabled(): Promise<{ result: boolean }>

enable()

Request AlisonDesktop to ingrate with the browser used.

enable(): Promise<{}>

Note: all these methods depend on security features enabled by browsers, and its accuracy cannot be guaranteed working on any platform and/or browser. 

.

Generates a keyPair and a Certificate Signing Request.

generateCsr({
	keyStore: KeyStore
	options?: {
 		algorithm?: string
		size?: number
		signatureAlgorithm?: string
	}
	securityPolicy?: SecurityPolicy
}): Promise<{ csr: string }>

950519 where to generate the certificate request.

Security requirements to be applied to the keyStore/profile.

alison.generateCsr({
	keyStore: { id: "WIN-ENH" },
	options: { size: 2048 },
	securityPolicy: { exportable: true }
}).then(
	function({ csr }) { 
		// handle success
	},
	function({ code, detail }) {
		// handle failure
	}
)

.

Installs the certificate into the Keystore/profile indicated. Returns 950519

installPkcs7({
	keyStore: KeyStore
	pkcs7: string
	securityPolicy?: SecurityPolicy
}): Promise<{ certificate: WebCertificate }>

Certificate (X.509) and/or Certificate chain (PKCS#7 structure) to be installed (in base64 format). None PEM header must be included.

alison.installPkcs7({
	keyStore: { id: "WIN-ENH" },
	pkcs7: "MIICU5iNXuudGfc="
}).then(
	function({ certificate }) { 
		// handle success
	},
	function({ code, detail }) {
		// handle failure
	}
)

.

Lists ids of available Keystores found in Alison-Desktop.

listKeyStores(): Promise<{
	keyStores: {
		id: string
	}[]
}>

alison.listKeyStores().then(
	function({ keyStores }) { 
		// handle success
	},
	function({ code, detail }) {
		// handle failure
	}
)

.

Returns information about a specific Keystore.

keyStoreInfo(KeyStore): Promise<{ keyStore: KeyStoreInfo }>

alison.getKeystoreInfo({
	id: "CSK"
}).then(
	function({ keyStore }) { 
		// handle success
	},
	function({ code, detail }) {
		// handle failure
	}
)

.

Lists certificates found in Alison-Desktop. Returns array of 950519.

certificateList(): Promise<{
	certificates: WebCertificate[];
}>;

alison.certificateList().then(
	function({ certificates }) { 
		// handle success
	},
	function(response) {
		// handle failure
	}
)

.

Uses a certificate to sign a string.

sign({
    text: string
    certificate: string
    keyStore: KeyStore;
    options?: {
		algorithm?: string;
	  	format?: string;
	 	params?: string;
	}
}): Promise<{ signature: string }>;

algorithm: 'SHA1withRSA', format: 'CAdES', params: ''

KeyStore where the certificate is located.

alison.sign({
	text: 'A43G3RWG224...',
	certificate: 'C22E8C20D6042B2BF6A6E054B7378FEC57414765',
	keyStore: { id: "WIN-ENH" }
}).then(
	function({ signature }) { 
		// handle success
	},
	function(response) {
		// handle failure
	}
)

.

KeyStore {
	id: string
	profile?: string
}

This structure was extended with more information from AlisonJS version 3.0.1 and Alison-Desktop 3.1.x.

KeyStore {
	id: string,
	keyStoreId?: string,
	keyStoreType?: string,
	capabilities?: string,
	friendlyName?: string,
	status: {
		resultStatus: int,
		resultList: []
	},
	profiles?: string
}

A security policy defines behaviour of the keystore or profile, depending each kind of them. Go to this link for a better description of them.

An empty JSON structure must be used to indicate the default one. 

{ }

CapiSecurityPolicy {
	exportable?: boolean;
	protectionLevel?: number;
	title?: string;
	friendlyName?: string;
	description?: string;
}

DeviceSecurityPolicy {
	installDummy?: boolean
	generateOnBoard?: boolean
}

PassSecurityPolicy {
	passMinLength: number
	passComplexity: number
}

Pkcs11SecurityPolicy {
	installDummy?: boolean
	generateOnBoard?: boolean
	passMinLength?: number
	passComplexity?: number
}

CskSecurityPolicy {
	id: string
	passMinLength: number
	passComplexity: number
	passLockCount: number
	passExpiration: number
	lockTimeout: number
	idleTimeout: number
	certExport: number
}

SecurityPolicy =
  | CapiSecurityPolicy
  | CskSecurityPolicy
  | DeviceSecurityPolicy
  | PassSecurityPolicy
  | Pkcs11SecurityPolicy
  | {}

WebCertificate {
	serialNumber: string
	thumbPrint string
	subjectDN: string
	issuerDN: string
	validity: {
		from: string
		left: number
		until: string
		total: number
		isExpired: boolean
	}
}

Generate and Install a certificate.

initializeAlisonMobile(	String initializeName, String language, 
					   	boolean notification, Context context, 
						String baseUrl );

String getLibVersion();

listOp = new AlisonListOperation(Context context, boolean eraseCerts);

ArrayList<WebCertificate> certs= ListCertificates();

authOp = new AlisonAuthOperation(String certAlias);

signOp = new AlisonSignatureOperation(String text2sign, String certAlias);

importOp = new AlisonImportOperation(String certUrl);

importOp = new AlisonRenewOperation(String renewUrl);

int deleteSelectedCertificate(String aliasCert);

int deleteCertificates();

void onActivityResult(int requestCode, int resultCode, Intent data);

String value = data.getStringExtra(String key);