Keyfile on NFC chip

Dec 4, 2014 at 8:24 PM
Edited Dec 4, 2014 at 8:26 PM
It would be great to be able to supply a (part of a) complex key directly through a NFC chip.

The cleanest method would be to be able to store a keyfile on an NFC chip, which could be read directly from Keepass2Android. This way it would be possible to conveniently use complex keys (either keyfile alone or keyfile+password), while still seperating the keyfile from the database/device.

Currently one could already store a plain/text string on a NFC fob and copy&paste it to the password field, but this has clipboard issues. Another possibility to read a (part of a) password from NFC might be to add NFC-reading functions to the Keepass2Android keyboard, which would insert it into the password field, to be further modified if necessary.

But I would think just being able to read a keyfile directly from NFC would be the most transparent method.
Dec 7, 2014 at 4:46 AM
Dec 7, 2014 at 9:35 AM
For as far as I have been able to find out and allow supplying the location of a keyfile through nfc, not the key data itself.
Dec 9, 2014 at 3:57 AM
and you can encrypt your password with random data on the NFC key!
Dec 10, 2014 at 8:43 AM
That's what the app does indeed, it allows one to store an encrypted (and if chosen, also password protected) password on an NFC chip. However, for interoperability/key management would be more straightforward if the user could to use the keyfile + password facilities present by default in Keepass. Also this approach would give the user more flexibility in how to set up the key (keyfile+password) etc.

Is it possible to have the keyfile on NFC provided by a plugin in Keepass2Android? Otherwise it might be possible to add/create some mimetype or uri link for this?
Dec 10, 2014 at 7:57 PM
You can create an Android app which provides the NFC contents as a "ContentProvider" including support for the ACTION_GET_CONTENT intent, so you can select the app's data from Keepass2Android.
Dec 17, 2014 at 10:01 PM
Edited Dec 17, 2014 at 10:02 PM
I will look into it, but as it would be my first App, first Android-related code, first Java-related code etc it would take a while to arrive at a confidence-inspiring nfc-keepaas2android 'broker', if I get that far at all...