News.EOS.WiKi Bilingual News & Info Of EOS

EOSIO™发布Alpha版本:EOSIO SDL的Android Keystore插件/EOSIO™ Alpha Release: Android Keystore Plugin for the EOSIO SDK for Java

E

译文/Translated:

Block.one致力于为构架在EOSIO之上的应用提供更大范围的安全方案。敏感数据需要安全的储存和检索方式,对于一个兴盛的区块链应用生态系统而言,捍卫私钥安全至关重要。我们最新发布的软件整装待发,用以处理Android设备上私钥的安全问题。

我们此前发布了用于Swift和Java(用以支持移动平台上EOSIO区块链应用的快速发展)的软件开发工具箱(SDK)。此次alpha版本发布了构架于EOSIO Java SDK之上的Android Keystore Signature Provider(Android钥匙库签名提供程序),让开发人员能够在Android操作系统的移动应用中制造硬件支撑的keystore。若无硬件可用,密钥将默认为处于安全的软件容器环境。

优化私钥管理的工具

过去,作为整个开发社区的指南,我们引进了签名提供程序的概念,用以实现更安全的私钥操作。这些插件演示了如何在不暴露私钥的情况下通过签署交易来限制漏洞。最终,通过正确的实施和工具,开发人员能够通过避免不必要的私钥操作来优化用户体验。

Android Keystore插件让开发人员能够将加密密钥储存于设备的安全容器中,让其更加难以提取。一旦密钥位于Keystore中,他们将被用以签署交易,而不会暴露给外部应用。

此间意图在于一旦密钥储存于的Android设备中(设备支持支持硬件支撑的keystores),除了安全硬件,没人能够看到私钥,即便是使用者也不能。与计算机备份、密码管理器甚至一张纸等替代方案相比,此硬件解决方案应提供卓越的安全性。

此Android Keystores插件与此前我们发布的Apple’s Secure Enclave支持插件类似,在该插件中它允许开发人员将私钥储藏在设备中,并由插件管理钥匙和交易签名。此措施与设备内生物识别身份验证相结合,为私钥管理提供了一种简单且更安全的选项。

为用户提供更精简的交易签署方式而不暴露他们的私钥即将改进用户体验、提升安全性,并有助于加速区块链应用的实施。依据Android Keystore Signature Provider插件库的指南学习如何使用EOSIO Java SDK 从Android Keystore中提取并转换公钥。

保持连接

为了能更高为日益发展的EOS社区区块链开发人员服务,Block.one致力于打造一个用以提供社区反馈的开放平台。若您想要贡献自己的力量,并与我们的团队密切合作,为开发人员们改进EOSIO,您可以联系我们的开发者团队,发送邮件至:developers@block.one

加入我们的EOSIO邮件清单,随时关注我们最新的新闻、事件和EOSIO发布内容。

重要事项:此间提供的所有材料均受此重要通知影响,您必须自行熟悉其间条款。通知包含了与我们软件、发布内容、商标、第三方资源以及前瞻性声明相关的重要信息、限制条件以及制约因素。通过访问我们任一材料,您接收并同意此通知的条款。

原文/Original:

Block.one is committed to supporting a wider range of security solutions for applications built on EOSIO. Sensitive data requires secure methods for storage and retrieval, and for a thriving blockchain application ecosystem, safeguarding private keys is essential. Our latest software release is geared towards seeking to address security for private keys on Android devices.

We previously released software development kits (SDKs) for Swift and Java that support the rapid development of EOSIO blockchain applications on mobile platforms. This alpha release of our Android Keystore Signature Provider builds upon our EOSIO SDK for Java, allowing developers to engineer a hardware-backed keystore into mobile applications on Android operating systems. If a hardware option is unavailable, the keys will default down to a secure software container environment. 

Tools that Improve Private Key Management

In the past, we introduced the concept of signature providers as a guide for the development community at large to adopt better security practices for private keys. These plugins demonstrate how it is possible to limit vulnerabilities by signing transactions without exposing private keys. Ultimately, with the right implementation and tooling, developers can improve the experience of users by avoiding unnecessary handling of private keys.

The Android Keystore plugin allows developers to store cryptographic keys in a secure container on the device making them more difficult to extract. Once keys are in the Keystore, they can be used to sign transactions without exposing them to external applications.

The intention is that no-one  can see the private key except the secured hardware, not even the user, once the keys are stored inside an Android device that supports the hardware-backed keystore. This hardware solution should offer superior security as opposed to alternatives like computer backups, password managers, or even a piece of paper.

This plugin for Android Keystore is similar to the support we released in the past for Apple’s Secure Enclave, in that it allows developers to store private keys on the device and the plugin manages keys and transaction signing. This measure, coupled with in-device biometric authentication, provides a simple, more secure option for private key management.

Providing a more streamlined method for users to sign transactions without exposing their private keys will improve user experience and security, helping to accelerate the adoption of blockchain applications. Follow the instructions in the Android Keystore Signature Provider plugin repository to learn how to extract and convert public keys from Android Keystore using the EOSIO SDK for Java library.

Stay Connected

In order to better serve a growing community of EOSIO blockchain developers, Block.one is committed to creating an open forum for community feedback. If you would like to offer input and work more closely with our team to improve EOSIO for developers, you can send our developer relations team an email at developers@block.one.

Join our EOSIO mailing list to stay up to date on the latest news, events, and releases for EOSIO.

. . .

Important Note: All material is provided subject to this important notice and you must familiarize yourself with its terms. The notice contains important information, limitations and restrictions relating to our software, publications, trademarks, third-party resources and forward-looking statements. By accessing any of our material, you accept and agree to the terms of the notice.

原文链接/Original URL:

About the author

By user
News.EOS.WiKi Bilingual News & Info Of EOS

Recent Posts