mirror of https://github.com/beemdevelopment/Aegis.git synced 2025-06-11 00:49:37 +00:00

A free, secure and open source app for Android to manage your 2-step verification tokens.

2fa android authenticator encryption fingerprint hotp otp secure totp

Find a file

Alexander Bakker 8c658ac930 Use the old encode method for passwords over 64 bytes and repair the slot (#98 ) Commit `afb9e59711` fixed a bug where the password encode function would add null bytes to the end of the output. Luckily (I thought), PBKDF2 produces collisions for inputs with trailing null bytes and thus scrypt does this as well, so we could safely change that function to remove the null bytes without any impact. Unfortunately, that doesn't hold up if the password is over 64 bytes in size. So after that change, the KDF started producing different keys than before for such passwords and thus some users could no longer unlock their vault. This patch addresses the issue by using the old password encode function for passwords over 64 bytes and repairing the affected password slot.		2019-05-26 23:52:20 +02:00
app	Use the old encode method for passwords over 64 bytes and repair the slot (#98 )	2019-05-26 23:52:20 +02:00
docs	Add a document detailing Aegis' security design and vault format	2019-04-16 20:21:15 +02:00
gradle/wrapper	Update gradle	2019-02-26 19:35:03 +01:00
metadata/en-US	Fix bold in full_description.txt for F-Droid	2019-04-17 00:00:10 +02:00
scripts	Add simple example script to decrypt an Aegis vault	2019-04-16 20:21:15 +02:00
testdata	Update testdata file to use 'test' as the password	2019-04-03 15:03:56 +02:00
.gitignore	Add .idea/ and release/ to .gitignore	2019-03-27 01:03:55 +01:00
build.gradle	Update gradle	2019-03-23 18:16:32 +01:00
gradle.properties	Migrated project to AndroidX	2018-09-25 16:26:57 +02:00
gradlew	Initial commit	2016-08-15 21:29:41 +02:00
gradlew.bat	Initial commit	2016-08-15 21:29:41 +02:00
LICENSE	Initial commit	2016-08-15 21:29:41 +02:00
README.md	Update README.md	2019-04-18 17:02:56 +02:00
settings.gradle	Request storage permissions in the intro	2017-12-13 19:00:22 +01:00

README.md

Aegis

Aegis is a free, secure and open source 2FA app for Android.

Aegis' security design and vault format is described in detail in this document.

Features

Free and open source
Secure
- Encryption (AES-256)
  - Password (scrypt)
  - Fingerprint (Android Keystore)
- Screen capture prevention
- Tap to reveal ability
Multiple ways to add new entries
- Scan QR code
- Enter details manually
- Import from files
  - andOTP
  - FreeOTP
  - Aegis
- Import from apps (requires root):
  - Google Authenticator
  - Steam
Supported algorithms:
- HOTP (RFC 4226)
- TOTP (RFC 6238)
- Steam (RFC 6238 with custom encoding)
Compatible with Google Authenticator
Organization
- Custom or default icons
- Drag and drop
- Custom groups
- Advanced entry editing
Material design with multiple themes:
- Light theme
- Dark theme
- Amoled / true dark theme
Export (plaintext or encrypted)

Screenshots

Downloads

Aegis is available on the Google Play Store and on F-Droid.

Verification

APK releases on Google Play and GitHub are signed using the same key. They can be verified using apksigner:

apksigner verify --print-certs --verbose aegis.apk

The output should look like:

Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true

The certificate fingerprints should correspond to the ones listed below:

Owner: CN=Beem Development
Issuer: CN=Beem Development
Serial number: 172380c
Valid from: Sat Feb 09 14:05:49 CET 2019 until: Wed Feb 03 14:05:49 CET 2044
Certificate fingerprints:
   MD5:  AA:EE:86:DB:C7:B8:88:9F:1F:C9:D0:7A:EC:37:36:32
   SHA1: 59:FB:63:B7:1F:CE:95:74:6C:EB:1E:1A:CB:2C:2E:45:E5:FF:13:50
   SHA256: C6:DB:80:A8:E1:4E:52:30:C1:DE:84:15:EF:82:0D:13:DC:90:1D:8F:E3:3C:F3:AC:B5:7B:68:62:D8:58:A8:23

Libraries

TextDrawable by Amulya Khare
FloatingActionButton by Dmytro Tarianyk
AppIntro by Paolo Rotolo
Krop by Avito Technology
SpongyCastle by Roberto Tyley
Swirl by Matthew Precious
CircleImageView by Henning Dodenhof
barcodescanner by Dushyanth
libsu by John Wu

License

This project is licensed under the GNU General Public License v3.0. See the LICENSE file for details.

Attribution

The icon is largely based on a design by Freepik from Flaticon.