====== KeePassNFC User Guide ====== ===== Overview ===== KeepassNFC is an applet in javacard platform that it can protect the secret key of KeePass database . It was based on the project smartcard_crypto_applet and can be run on javacard platform with JCRE version 2.2.x or above. KeePass is a famous software about password management . ===== Preparation ===== ==== Hardware ==== * [[https://javacardos.com/store/javacard-jc30m48cr.php|JC30M48CR Card]] * Android phone(NFC supported) ==== Software ==== * [[https://javacardos.com/tools/pyresman.html|pyResMan]] or [[https://javacardos.com/tools/|pyApduTool]] * [[https://github.com/JavaCardOS/KeepassNFCApplet/releases|KeepassNFC.cap]] * [[https://github.com/JavaCardOS/KeePassNFC/releases|KeePassNFC-JavaCardOS-1.0.apk]] * [[https://github.com/JavaCardOS/keepassdroid/releases|KeePassDroid-JavaCardOS-1.0.apk]] This Demo use [[https://javacardos.com/tools/|pyApduTool]] as an example. ===== Usage ===== ==== * Download and Install applet ==== Start [[https://javacardos.com/tools/|pyApdutool]] and click “Reader…” . In the pop-up dialog box, select “Feitian R502 Contact Reader 0” and press “OK”, then click “Connect” button to connect the card .\\ {{:k_001.png?600|}} Switch to “Manager” tab, click “Cap File…” to select KeePassNFC CAP file.\\ {{:k_002.png?600|}} Click “Download” button to download the CAP file into the card, after downloading successfully, click “Install” and in the new dialog box, press “OK” to install the applet.\\ {{:k_003.png?600|}} ==== * Initialization ==== Click “Select” to make the applet selected. \\ {{:k_004.png?600|}} Switch to “Apdu” tab, send command B0 75 00 00 00 to generate keypair, as the figure shows below:\\ Note: \\ This may need to wait for a few seconds. \\ Please use [[https://javacardos.com/tools/|pyApduTool]], [[https://javacardos.com/tools/pyresman.html|pyResMan]] or other APDU tools. \\ {{:k_005.png?600|}} ==== * Create Password Database ==== Here we will take Google account as an example. Please send [[https://github.com/JavaCardOS/keepassdroid/releases|KeePassDroid-JavaCardOS-1.0.apk]] and [[https://github.com/JavaCardOS/KeePassNFC/releases|KeePassNFC-JavaCardOS-1.0.apk]] to your phone and install. Start [[https://github.com/JavaCardOS/keepassdroid/releases|KeePassDroid app]], create password databas, type the file name, click “Create” as shown below:\\ {{:k_006.png?300|}} Type the password and click “OK”. \\ {{:k_007.png?300|}} Click “Add entry”, create key file.\\ {{:k_008.png?300|}} Open the key file, enter file name, Google account username and password, URL, then press “Save”.\\ {{:k_009.png?300|}}\\ {{:k_010.png?300|}} ==== * Encrypt Key ==== Enable NFC function of your phone.\\ Start [[https://github.com/JavaCardOS/KeePassNFC/releases|KeePassNFC APP]], click Database file icon and select the created keyfile. Select “Use a password” and enter your password, then click “Write NFC”.\\ {{:k_011.png?300|}} Put [[https://javacardos.com/store/javacard-jc30m48cr.php|JC30M48CR]] card close to your phone and write encrypted key into card. It indicates that write operation is successful when you see the message "Tag written successfully". This process may take a few seconds. \\ {{:k_012.png?300|}} Note: Please use the phone with Android OS. ==== * Decrypt Key ==== Enable NFC function of your phone.\\ Put [[https://javacardos.com/store/javacard-jc30m48cr.php|JC30M48CR ]] card close to your phone , select [[https://github.com/JavaCardOS/KeePassNFC/releases|KeePassNFC APP]] In the pop-up box.\\ {{:k_013.png?300|}} Open KeePass database ([[https://github.com/JavaCardOS/keepassdroid/releases|KeePassDroid]] will start automatically) and click the KeePass database file (google.kdbx) . {{:k_014.png?300|}}\\ {{:k_015.png?300|}} It will inform you about the username and password automatically at notification bar. Just click the separate information to copy the username and password.\\ {{:k_016.png?300|}} Now we will do a test to verify the key file by logging in Google.\\ Start Chrome and click “sign in”. At notification bar, click username and it will copy username to clipboard, switch to the Google Login page and paste the username in the “Email or phone” input box .\\ {{:k_017.png?300|}}\\ {{:k_018.png?300|}} Click “NEXT”, follow the operations above to paste password,then you can login successfully.