Can I use it on Android?

[kmille]

Hey,
thanks for your tool! I would like to use it on my Android device. What's the easiest way? A termux package or building it directly for arm? Can you add build instructions for building it for arm? Thanks!

[str4d]

I have no idea if this plugin will work on Android, but it would be neat if it did!

We use the pcsc crate for YubiKey device access, which in turn uses the pcsc-lite library and pcscd daemon on Linux systems. So whether or not it works comes down primarily to how that library behaves on Android.

Here are the "simple" parts of getting this working on Android:

• rustup target add x86_64-linux-android
• cargo build --target x86_64-linux-android
• Put the resulting age-plugin-yubikey binary somewhere into the PATH of the age or rage binary that you are using on your Android device.

And the likely hard parts:

• You need to ensure that the pcsc crate builds against a version of the pcsc-lite library that supports Android. I have no idea if pcsc-lite natively supports it yet, or if you'd need a patched version.
• There are probably some shenanigans needed to get your phone to recognise your YubiKey via a USB-OTG adapter.
• The age implementation needs plugin support. If you're using age or rage directly then it should Just Work. But if you're using some app that handles age decryption via a library, it will depend on whether that library exposes plugin support. My age Rust library does expose it (which I then make use of in rage), but I have not tested that on Android either.

[kmille]

The docs state that there i s not native support for PIV on Android. But HMAC-SHA1 Challenge-Response is also not supported but I use it successfully with NFC and Keepass2Android (maybe it's because I have installed ykdroid.

[daniellandau]

I'm using it on an Ubuntu chroot without any issues, works like a charm. I do pcscd --foreground & and pkill pcscd since I don't have a daemon manager running in the chroot.