This is a Compose Multiplatform project targeting Android, iOS.
This is a ISO/IEC 18013-5:2021 proximity reader for requesting credentials built using the Multipaz SDK. It includes a backend component for certifying reader authentication keys.
Learn more about Multipaz…
Learn more about Compose Multiplatform…
Learn more about Kotlin Multiplatform…
This is not an official or supported Google product.
- backend contains the server-side for Multipaz Identity Reader. An instance of this is deployed at https://identityreader.multipaz.org/.
- libbackend contains most of the code used in
backend. It's available as a library to easier facilitate unit-testing with front-end code. - libfrontend contains business-logic and non-UI code for the frontend. This code is
used by both
composeAppandSwiftIdentityReader. - composeApp contains the Compose Multiplatform application.
- iosApp contains the Xcode project for running the Compose Multiplatform application.
- SwiftIdentityReader contains a Swift application intended to have the same
functionality as
composeApp. This is experimental and in the future may either be deleted or graduate to the same level of support ascomposeApp.
You can generate PKCS#12 files
for reader keys using the multipazctl and openssl command-line tools.
First create a reader root for a fictional Relying Party Utopia Brewery:
$ multipazctl generateReaderRoot --subject_and_issuer 'CN=Utopia Brewery Reader CA,O=Utopia Brewery,C=ZZ'
- Generated self-signed reader root cert and private key with curve P384
- Wrote reader root private key to reader_root_private_key.pem
- Wrote reader root cert to reader_root_certificate.pemthen create a reader certificate for user Bob Bobson, an employee of Utopia Brewery:
$ multipazctl generateReaderCert --subject 'CN=Bob Bobson,O=Utopia Brewery,C=ZZ'
- Generated Reader cert and private key with curve P256
- Loaded reader root cert from reader_root_certificate.pem
- Loaded reader root private key from reader_root_private_key.pem
- Wrote reader private key to reader_private_key.pem
- Wrote reader cert to reader_certificate.pemFinally, create the PKCS#12 file like this:
$ openssl pkcs12 -export -out reader_key_and_certchain.p12 -inkey reader_private_key.pem -in reader_certificate.pem -certfile reader_root_certificate.pem
Enter Export Password:
Verifying - Enter Export Password:twice entering a passphrase to protect the key. The resulting file can be sent to Bob Bobson (sharing the passphrase out of band) and they can install it into the Multipaz Identity Reader.