Alison Desktop
- Armando Carratala
- Julio D'Angelo
- Nestor Markowicz
- 1 Description
- 1.1 Platforms
- 1.2 Related Product
- 2 Features
- 3 Integration
- 4 Structures
- 4.1 KeyStore
- 4.2 Profile
- 4.3 ProfileInfo
- 4.4 KeyStore Selector
- 4.5 Certificate Selector
- 4.6 WebCertificate
- 4.7 Result Status
- 5 Download
Description
Alison-Desktop allows the generation of keys and installation of certificates from an external application. It is designed to be accessed from a browser mainly.
Its services can be accessed through its Alison-SDK library, compatible with any browser (IExplorer 11, Edge, Firefox, Chrome, Safari, Opera, Brave).
It can be accessed using Alison-SDK. From Alison-Desktop 3.x a new REST interface is available for generation, installation, and testing.
Platforms
Alison-Desktop was tested on the following platforms:
WINDOWS | MAC-OS | LINUX |
|---|---|---|
Windows 11 | MacOS 14 (Sonoma) | Ubuntu 20.04.1 LTS |
Windows 10 | MacOS 13 (Ventura) | Ubuntu 18.04.3 LTS |
Windows 8 | MacOS 12 (Monterey) | CentOS Linux release 8.5 |
| MacOS 11 (Big Sur) |
|
| MacOS 10.15 (Catalina) |
|
Related Product
AlisonJS SDK
Alison JS allows a developer to integrate Alison Desktop into its pages in an easier way. Go to the AlisonJS SDK documentation.
Alison Wizard
You can obtain the current version of Alison Desktop from ACME Alison Wizard site.
For developers, go to the Alison Desktop documentation.
Features
Related Product
AlisonJS SDK
Alison JS allows a developer to integrate Alison Desktop into its pages in an easier way. Go to the AlisonJS SDK documentation.
Alison Wizard
You can obtain the current version of Alison Desktop from ACME Alison Wizard site.
For developers, go to the Alison Desktop documentation.
Available KeyStore List
The following KeyStores are included on any version of Alison-Desktop (+3.x).
Value | Description |  | ||
|---|---|---|---|---|
WIN-ENH | Native and regular Windows CSP used to generate and store certificates for users. | ✔ | ||
CSK | Proprietary repository, linked to computer hardware to provide a more secure repository | ✔ | ✔ | ✔ |
ETOKEN | Safenet/Gemalto eToken | ✔ | ✔ | |
MTOKEN | Century Longmai mToken | ✔ | ✔ | |
MACOS | Keychain repository of certificates used by OSX | ✔ | ||
FF-NSS | The repository used by Mozilla Firefox | ✔ | ✔ | ✔ |
YUBIKEY | Yubico PIV Required drivers should be downloaded from yubico-piv-tool/Releases/ | ✔ | ✔ | |
EPASS | Feitian ePass. Required drivers could be downloaded from: ePass2003_Full_SDK_20210127.rar | ✔ | ✔ | |
ATHEIDP | Athena IDProtect Key | ✔ | ✔ | |
SAFESIGN | SafeSign IC faq-safesign-identity-client | ✔ | ✔ | |
RIJKSPAS | IDEMIA RIJKSPAS SmartCard | ✔ | ✔ | |
GEMP15-1 | Gemalto Classic Smart Card | ✔ | ✔ | ✔ |
PFX | Repository of the certificate using a PKCS12 file | ✔ | ✔ | ✔ |
MEM | Volatile memory keystore | ✔ | ✔ | ✔ |
It's also possible to add a new PKCS#11 Keystore just by editing the file keystore.user located in the config directory for each user. This file will include new Keystore entries in each new version of Alison-Desktop.
This is a typical entry to define a new Keystore:
KeyStore Entry
{
"id": "ETOKEN",
"status": "enabled",
"icon": "TOKEN",
"friendly_name": "Gemalto eToken",
"capabilities": "SGI",
"extra_params": "allow_empty_pass",
"filter_mask": -1,
"windows": {
"driver_path_x86": "%WINDRIVER%\\eTPKCS11.dll",
"driver_path_x64": "%WINDRIVER%\\eTPKCS11.dll"
},
"osx": {
"driver_path": "/usr/local/lib/libeTPkcs11.dylib"
},
"linux": {
"driver_path": "/usr/lib64/libeTPkcs11.so"
}
}
Integration
Alison Desktop is a certificate provider that can be accessed throw an SDK library or its REST interface (available from Alison-Desktop v3.x).
Alison JS
Go to AlisonJS library documentation.
REST interface
Read and Test this interface from Postman.
Structures
The following definitions and structures are useful for a better understanding of the interface, library and how to use it.
Some structures share attributes like:
Field | Description |
|---|---|
serialNumber | Certificate Serial Number, in string format, with a hexadecimal number [0..9,a..f] (only lowercase letters). |
thumbPrint | Certificate thumbPrint, SHA1 algorithm, and hexadecimal values [0..9,a..f]. |
keyStoreId | KeyStore where the certificate is installed. |
profileName | Indicates on which profile the certificate is installed. Some types of keyStore have a unique profile (like WIN-ENH or MACOS), so in those cases, this value may be optional. |
providerId | When you have initialized the library to work with other providers different than Alison-Destkop. |
A complete list of KeyStoreId is available on each distribution of Alison-Desktop or Alison-Server.
Users can add their own KeyStoreId following the instruction of Alison-Desktop.
KeyStore
KeyStore is the basic unit of identification of certificate repositories.
Each type of keyStore has a definition that includes a unique identifier, and other attributes used by the library for better representation.
KeyStoreInfo JSON structure
{
"id": "keyStore Identifier",
"friendlyName" : "keyStore friendly name",
"keyStoreType": "type of keystore",
"providerId": "Certificate provider (usually Alison-Desktop)",
"capabilities": "string representing capabilities of this keystore to Generate, Import, Export or Sign",
"profiles" : [ Profile list included inside this keyStore ],
"status": "keystore status, with the ResultStatus structure described later",
}
Some of these fields are available from Alison-Desktop version 3.1.0+.
.
Profile
Each KeyStore has one or more Profiles. This depends on the Keystore type. Some keyStores only have one profile.
Each profile is identified by its profileName, which may depend on the type of KeyStore.
Some of the profileName can remain constant over time, as is the case with PFX, CSK, or MACOS, but others can dynamically change between one execution and another.
Each profile contains certificates installed within it. By looking at the attributes of a profile, you can find how many certificates you have installed (-1 represents that the attribute has not been evaluated), and how many of them are dummy certificate installations (temporarily created to keep the private key, but not functional).
ProfileInfo
The information contained in a KeyStore is represented by a JSON structure called KeyStoreInfo. The structure has the following information:
Profile JSON information
{
"id": "{{profileId}}",
"name": "{{profileName}}",
"friendlyName": "{{friendlyName}}",
"status": {
{{status}}
},
"issuedCerts": -1,
"dummyCerts": -1,
"details": {
{{profileDetails}}
}
}
Field | Description |
|---|---|
id | profileId is utilized to identify a specific profile. It's composed by KeyStoreId#>profileName |
name | Name of the profile. It depends on the Keystore type. |
friendlyName | Friendly name of the profile. Usually the name of the device, for example. |
status | Status of the profile in ResultStatus format. |
issuedCerts | The number of certificates installed in the profile. -1 when this value was not evaluated. |
dummyCerts | The number of dummy certificates installed in the profile. -1 when this value was not evaluated. |
details | Details of the profile. |
KeyStore Selector
It's used to indicate a unique KeyStore and a profile into it.
Some methods, like the migration of certificates between Keystores, use a KeyStoreSelector to indicate the target Keystore where to move the certificate.
KeyStore Selector Structure
Certificate Selector
This structure is used to reference a unique certificate managed by Alison-Desktop or Alison-Server.
Certificate Selector Structure
Result Status
This structure is used to represent the status of several elements (Keystore, profile, etc).
Result Status Structure
Field | Description |
|---|---|
resultStatus | It's an integer value, where 0 represents that there is no error, 1 is used to alert about some special condition, which must be taken into consideration, (for example, that a cryptographic device is almost full), and 2 indicates an error on the Keystore (for example, if it is locked) |
resultList | It's a list of pair key-values (code, detail), where code contains a warning or error code, and detail may contain information about the code. |
ErrorCode responses
Error code responses are returned with the following structure:
ErrorCode response structure
Download
You can download the last published version of Alison-Desktop by accessing ACME Alison Wizard.
You also can access the current development Alison-Desktop version for each platform.