### Cert.setCert Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certs.html Installs a user certificate on the server. ```APIDOC ## Cert.setCert ### Description Installs a user certificate on the server. ### Method Cert.setCert ### Endpoint Cert.setCert ### Parameters None specified. ### Request Example None specified. ### Response #### Success Response (200) - User certificate installed on the server. #### Response Example None specified. ``` -------------------------------- ### Install Certificate Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Installs a certificate into a key container on a mobile device or external storage. Requires user key set identifier, certificate details, request identifier, and crypto provider credentials. ```swift public func installCertificate( kid: String, cert: DSSCertificate, rid: String, cred: DSSCryptoProviderInfoCreds) async throws ``` -------------------------------- ### installCertificate Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Installs a certificate into the key container on a mobile device or external storage. ```APIDOC ## installCertificate ### Description Installs a certificate into the key container on a mobile device or external storage. ### Method `public func installCertificate(kid: String, cert: DSSCertificate, rid: String, cred: DSSCryptoProviderInfoCreds) async throws` ### Parameters #### Path Parameters - **kid** (String) - Required - Идентификатор набора ключей пользователя - **cert** (DSSCertificate) - Required - Сведения и содержимое сертификата, который требуется установить - **rid** (String) - Required - Идентификатор запроса на сертификат - **cred** (DSSCryptoProviderInfoCreds) - Required - Учётные данные для криптопровайдера (NFC) ``` -------------------------------- ### Install Certificate - iOS Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certreq.html Installs a newly issued certificate onto the device and associates it with the signing key. Requires the certificate request object and the issued certificate content. ```swift Cert.installCertificate(certificateRequest, certificate.getContent()) ``` -------------------------------- ### Install Certificate (Android) Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html This method installs a certificate into a key container on a mobile device or external storage and sends it to the server for synchronization. It may display a UI for password entry to access authentication keys. ```java public void installCertificate( @NonNull Context context, @NonNull Certificate certificate, @NonNull byte[] crtBytes, @NonNull String pin, @NonNull final SdkCallback sdkCallback ) ``` -------------------------------- ### Cert.installCertificate Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certs.html Installs a user certificate into the key container on the mobile device and registers it on the server. ```APIDOC ## Cert.installCertificate ### Description Installs a user certificate into the key container on the mobile device and registers the certificate on the server. ### Method Cert.installCertificate ### Endpoint Cert.installCertificate ### Parameters None specified. ### Request Example None specified. ### Response #### Success Response (200) - Certificate installed and registered. #### Response Example None specified. ``` -------------------------------- ### Apply Custom Appearance Source: https://dss.cryptopro.ru/docs/mobilesdk/customization/ios.html This example demonstrates how to create a custom color theme and font set, then apply them globally to the SDK's appearance. ```swift var whiteTheme = DSSPublicColorStyle.getLight()//Берем за основу текущий набор из светлой темы whiteTheme.button.primary = .systemIndigo whiteTheme.button.disabledText = .systemPurple whiteTheme.bg.app = .systemGray6 whiteTheme.text.primary = .systemOrange let font: DSSPublicCustomFont = .init(prefix: "Inter")//Шрифт, который используется в КриптоПро DSS SDK по умолчанию let appearance = DSSPublicAppearance(color: whiteTheme, font: font)//Создаем класс DSSPublicAppearance, который является набором цветом и шрифтов DSSPublicAppearance.to(appearance: appearance)//Задаем наши измененные цвета ``` -------------------------------- ### Example Base64 Encoded ExtensionsData Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certreq.html This is an example of the final Base64 encoded string for the `ExtensionsData` key, which should contain a UTF-8 string of a JSON list of `CertExtensionData` objects. ```text W3siT2lkIjoiMS4yLjY0My4xMDAuMTE0IiwiVmFsdWUiOiJBZ0VB... ``` -------------------------------- ### Check If Certificate Installed Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Verifies if a given certificate is installed in the key container on the mobile device. Returns a boolean value indicating the installation status. ```swift public func checkIfInstalled(kid: String, certificate: DSSCertificate) -> Bool ``` -------------------------------- ### Install Certificate - Android Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certreq.html Installs a newly issued certificate onto the device and associates it with the signing key. Requires the certificate request object and the issued certificate content. ```java Cert.installCertificate(context, certificateRequest, certificate.getContent()) ``` -------------------------------- ### listKeys() Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/SigningKey.html Retrieves a list of all signing keys installed on the current mobile device. ```APIDOC ## listKeys() ### Description Retrieves a list of signing keys installed on the current mobile device. ### Method `public func listKeys() -> [DSSSigningKeyInfo]` ### Returns - **[DSSSigningKeyInfo]** - An array containing information about the signing keys (key containers) installed on the mobile device. ``` -------------------------------- ### checkIfInstalled Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html Checks if a certificate is installed in the key container on the mobile device. ```APIDOC ## checkIfInstalled ### Description Checks if a certificate is installed in the key container on the mobile device. ### Method ``` public boolean checkIfInstalled( @NonNull Context context, @NonNull Certificate certificate) ``` ### Parameters #### Path Parameters - **context** (Context) - Required - The Android context. - **certificate** (Certificate) - Required - Information about the certificate. ### Returns #### Success Response - **Boolean** - True if the certificate is installed, False otherwise. ``` -------------------------------- ### setCert Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html Installs a digital signature verification key certificate. This method is used to set a certificate that has already been obtained. ```APIDOC ## setCert ### Description Installs a digital signature verification key certificate. This method is used to set a certificate that has already been obtained. ### Method Signature ```java public void setCert( @NonNull Context context, @NonNull String kid, @NonNull String crt, @NonNull final SdkCertificateCallback sdkCallback) ``` ### Parameters #### Path Parameters - **kid** (String) - Required - User's key set identifier. - **crt** (String) - Required - Certificate encoded in base64. - **sdkCallback** (SdkCertificateCallback) - Required - Callback interface. ### Returns - **cert** (Certificate) - Information about the created certificate request. ``` -------------------------------- ### installCertificate Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html Installs a certificate into a key container on a mobile device or external storage and sends it to the server for synchronization. This method may display UI for password input to access authentication keys. ```APIDOC ## installCertificate ### Description Installs a certificate into a key container on a mobile device or external storage and sends it to the server for synchronization. This method may display UI for password input to access authentication keys. ### Method public void installCertificate ### Parameters #### Path Parameters * **context** (Context) - Required - Android context. * **certificate** (Certificate) - Required - Information about the certificate request to be installed. * **crtBytes** (byte[]) - Required - The certificate to be installed. * **sdkCallback** (SdkCallback) - Required - Callback interface. #### Query Parameters * **pin** (String) - Optional - PIN code for the private key container. ### Response #### Success Response (No specific return parameters mentioned for success, relies on callback.) ``` -------------------------------- ### Install Certificate Externally Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html Installs a certificate from an external source (e.g., NFC) onto the mobile device and sends it for server synchronization. This method may display a password entry UI for authentication. ```java public void installCertificateExternal( @NonNull Context context, @NonNull String kid, @NonNull SigningKeyInfo signingKeyInfo, @NonNull Certificate certificate, SdkCertificateCallback sdkCertificateCallback ) ``` -------------------------------- ### Example OperationDescription Caption Source: https://dss.cryptopro.ru/docs/mobilesdk/android/structs/Operation.html An example of a serialized JSON object for the 'caption' field in OperationDescription. It shows sample values for server, date, user login, certificate ID, session ID, operation type, and organization label, along with their corresponding display names. ```json { "values": { "server": "Мой сервер ЭП", "date": "24.09.2024 13:53:27", "login": "test_user", "certid": "707189", "sessionid": "imytcney", "optype": "Подпись", "orgnamelabel": " " }, "keys": { "server": "Сервер ЭП", "date": "Время", "login": "Логин пользователя", "certid": "Идентификатор сертификата", "sessionid": "Идентификатор запроса", "optype": "Операция", "orgnamelabel": "Организация" } } ``` -------------------------------- ### installCertificateExternal Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Installs a certificate from external storage (NFC, USB) to the mobile device and sends it to the server for synchronization. ```APIDOC ## installCertificateExternal ### Description Installs a certificate into the mobile device from external storage (NFC, USB) and sends it to the server for synchronization. ### Method `public func installCertificateExternal(kid: String, crt: DSSCertificate, keyInfo: DSSSigningKeyInfo, silent: Bool = false) async throws -> DSSCertificate` ### Parameters #### Path Parameters - **kid** (String) - Required - Идентификатор набора ключей пользователя - **crt** (DSSCertificate) - Required - Сведения и содержимое сертификата, который требуется установить - **keyInfo** (DSSSigningKeyInfo) - Required - Сведения о ключевом контейнере (ключе подписи), установленном на мобильное устройство - **silent** (Bool) - Optional - Флаг для скрытия/отображения диалоговых окон SDK. Используется только для создания усиленной неквалифицированной электронной подписи (silent mode). Не используется по умолчанию ``` -------------------------------- ### Example CpMyDssRootCerts.json Configuration Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/intro.html This JSON file configures the root and intermediate certificates for establishing a trusted TLS connection with the CryptoPro DSS server. The 'root' field contains Base64 encoded certificates. ```json { "version":1, "root": ["MIIFxzCCBXSgAwIBAgIRAdSExQ … 15ktc8p00v+A9Erolsd5Ig=="], "intermediate": [] } ``` -------------------------------- ### listExternalKeys() Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/SigningKey.html Retrieves a list of signing keys installed on external media (e.g., NFC). ```APIDOC ## listExternalKeys() ### Description Retrieves a list of signing keys installed on external media (NFC). ### Method `public func listExternalKeys() async throws -> [DSSExternalKeyCertificateModel]` ### Returns - **[DSSExternalKeyCertificateModel]** - An array containing information about the signing keys installed on external media. ``` -------------------------------- ### Set Certificate Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html Installs a provided certificate, encoded in base64, into the user's key set. This method is used to provision a new certificate. ```java public void setCert( @NonNull Context context, @NonNull String kid, @NonNull String crt, @NonNull final SdkCertificateCallback sdkCallback) ``` -------------------------------- ### Implement DSSPublicSystemFont Source: https://dss.cryptopro.ru/docs/mobilesdk/customization/ios.html An example implementation of DSSPublicFontProtocol using system fonts. This class provides access to standard system font weights. ```swift public class DSSPublicSystemFont: DSSPublicFontProtocol { public init() { } public func bold(size: CGFloat) -> UIFont { return .systemFont(ofSize: size, weight: .bold) } public func medium(size: CGFloat) -> UIFont { return .systemFont(ofSize: size, weight: .medium) } public func semiBold(size: CGFloat) -> UIFont { return .systemFont(ofSize: size, weight: .semibold) } public func regular(size: CGFloat) -> UIFont { return .systemFont(ofSize: size, weight: .regular) } } ``` -------------------------------- ### Get Authentication List Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/other.html Retrieves the list of registered authentication keys on the device. An empty list indicates no keys are registered, and the user is presented with the initial scenario selection screen. ```javascript Auth.getAuthList() ``` -------------------------------- ### _init (Async) Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/CryptoProDSS.html Asynchronously initializes the CryptoPro DSS SDK and returns the initialization status. ```APIDOC ## _init (Async) ### Description Initializes the CryptoPro DSS SDK asynchronously. ### Method `public func _init() async -> CSPInitCode` ### Returns - **result** (CSPInitCode): - **init_ok**: Initialization was successful. - **init_certs_not_installed**: Failed to install certificates during initialization. - **init_lockScreen_not_installed**: The lock screen is not installed. - **init_device_rooted**: The device is rooted (running with superuser privileges). ``` -------------------------------- ### Get APK File Path Source: https://dss.cryptopro.ru/docs/mobilesdk/android/integrity.html Use this ADB command to retrieve the full path of an installed APK file on the Android device. This path is required to download the APK to your PC. ```bash adb shell pm path <Полное наименование apk-файла> ``` -------------------------------- ### Check If Certificate Installed Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Cert.html Verifies if a certificate is already installed in the key container on the mobile device. ```java public boolean checkIfInstalled( @NonNull Context context, @NonNull Certificate certificate) ``` -------------------------------- ### _init (Completion Handler) Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/CryptoProDSS.html Initializes the CryptoPro DSS SDK using a completion handler to report the initialization status. ```APIDOC ## _init (Completion Handler) ### Description Initializes the CryptoPro DSS SDK. The result is returned via a completion handler. ### Method `public func _init(completion: @escaping (_ result: CSPInitCode) -> Void)` ### Returns - **result** (CSPInitCode): - **init_ok**: Initialization was successful. - **init_certs_not_installed**: Failed to install certificates during initialization. - **init_lockScreen_not_installed**: The lock screen is not installed. - **init_device_rooted**: The device is rooted (running with superuser privileges). ``` -------------------------------- ### Initialize CryptoPro DSS SDK (Callback) Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/CryptoProDSS.html Initializes the CryptoPro DSS SDK using a completion handler. Check the result for initialization status. ```swift public func _init(completion: @escaping (_ result: CSPInitCode) -> Void) ``` -------------------------------- ### Initiate Registration with Auth.kinit() Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/qr.html Sends a registration request to the server. The SDK will display a UI for setting a new password for the authentication keys obtained from the server. Requires a push address. ```javascript Auth.kinit() ``` -------------------------------- ### addNewDevice Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Auth.html Initializes a new user device and binds it to a specified CryptoPro DSS user account. ```APIDOC ## addNewDevice ### Description Initializes a new user device. ### Method Signature ```java public void addNewDevice( @NonNull Context context, @NonNull DssUser dssUser, @NonNull RegisterInfo registerInfo, @NonNull KeyProtectionType keyProtectionType, @NonNull String uid, @Nullable String password, @NonNull final SdkDssUserCallback authCallback) ``` ### Parameters #### Parameters - **dssUser** (DSSUser) - Required - User details. - **registerInfo** (RegisterInfo) - Required - Information about the user's registered device. - **keyProtectionType** (ProtectionType) - Required - Method of protecting the authentication vector. - **uid** (String) - Required - The identifier of the CryptoPro DSS user to which the mobile device will be bound. - **password** (string) - Optional - PIN code for accessing the authentication vector (only in non-UI mode). - **callback** (SdkDssUserCallback) - Required - Callback interface. ### Return Values - **kid** (string) - The identifier of the registered user device. ``` -------------------------------- ### Initialize CryptoPro DSS SDK (Async) Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/CryptoProDSS.html Initializes the CryptoPro DSS SDK asynchronously. The returned CSPInitCode indicates the success or failure of the initialization. ```swift public func _init() async -> CSPInitCode ``` -------------------------------- ### Install Certificate External Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Installs a certificate from external storage (NFC, USB) to the mobile device and sends it to the server for synchronization. The 'silent' parameter affects dialog visibility for enhanced non-qualified electronic signatures. ```swift public func installCertificateExternal( kid: String, crt: DSSCertificate, keyInfo: DSSSigningKeyInfo, silent: Bool = false) async throws -> DSSCertificate ``` -------------------------------- ### List Installed Packages on Android Source: https://dss.cryptopro.ru/docs/mobilesdk/android/integrity.html Execute this command in the Android Debug Bridge (ADB) shell to list all installed packages on an Android device. This helps in identifying the exact package name of the application you need to verify. ```bash adb shell pm list packages ``` -------------------------------- ### CryptoProDSS.init Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/CryptoProDSS.html Initializes the CryptoPro DSS SDK. This method performs SDK usage condition checks and may display a warning screen if the device is deemed unsafe. It also handles certificate installation and checks for root access or spy programs. ```APIDOC ## CryptoProDSS.init ### Description Initializes the CryptoPro DSS SDK. This method performs SDK usage condition checks and may display a warning screen if the device is deemed unsafe. It also handles certificate installation and checks for root access or spy programs. ### Method Signature ```java public static void init(@NonNull Context context, @NonNull final SdkCryptoProDssInitCallback sdkInitCallback) ``` ### Parameters #### Path Parameters - **context** (Context) - Required - The application context. - **sdkInitCallback** (SdkCryptoProDssInitCallback) - Required - The callback interface for initialization results. ### Return Values - **initOk**: Initialization was successful. - **initCertNotInstalled**: Failed to install certificates during initialization. - **initLockScreenNotInstalled**: Lock screen is not installed. - **initDeviceRooted**: The device is running with superuser privileges. - **initDeviceHasSpyPrograms**: Suspicious applications are installed on the device. - **initCspNotInitialized**: Error initializing the crypto provider. ### Notes - The method initializes the SDK and verifies the terms of SDK usage. - If the method determines that it is unsafe to use the SDK on the current device, a corresponding warning screen will be displayed, allowing the user to permit or deny SDK usage. - The following initialization methods are deprecated and should not be used: `init(@NonNull Context activity, @Nullable HashMap trustedApps, @NonNull final SdkInitCallback sdkInitCallback)` and `init(@NonNull Context context, @NonNull final SdkCryptoProDssInitCallback sdkInitCallback)`. ``` -------------------------------- ### Filter Installed Packages Source: https://dss.cryptopro.ru/docs/mobilesdk/android/integrity.html This command uses `adb` to list installed packages and pipes the output to `findstr` for filtering. It helps in quickly locating a specific application's package name by searching for a part of its APK file name. ```bash adb shell pm list packages -f | findstr <Часть наименования apk-файла> ``` -------------------------------- ### Initialize CryptoPro DSS SDK Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/ios_embed.html Call this code snippet shortly after your application launches to initialize the SDK. It handles various initialization states, printing a message indicating success or the reason for failure. ```swift SDKFramework.shared._init() { res in var message: String = "Инициализация SDK" switch res { case .init_ok: //MARK:- Успешная инициализация message = "SDK успешно инициализирован" case .init_lockScreen_not_installed: //MARK:- На устройстве не настроен экран блокировки message("SDK инициализирован") case .init_certs_not_installed: //MARK:- Корневые сертификаты не установлены message = "Ошибка инициализации SDK" case .init_device_rooted: //MARK:- Устройство имеет права суперпользователя message = "Ошибка инициализации SDK" } print(message) } ``` -------------------------------- ### DSSOperationDescription Caption Example Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Structs/DSSOperation.html This example shows the structure of the 'caption' field within DSSOperationDescription, which is a serialized JSON object containing 'values' and 'keys' dictionaries. The 'keys' dictionary provides display names for parameters, while the 'values' dictionary holds their actual values. ```json { "values": { "server": "Мой сервер ЭП", "date": "24.09.2024 13:53:27", "login": "test_user", "certid": "707189", "sessionid": "imytcney", "optype": "Подпись", "orgnamelabel": " " }, "keys": { "server": "Сервер ЭП", "date": "Время", "login": "Логин пользователя", "certid": "Идентификатор сертификата", "sessionid": "Идентификатор запроса", "optype": "Операция", "orgnamelabel": "Организация" } } ``` -------------------------------- ### Initialize Authentication Process Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/alias.html Initiates the authentication process. This is the first step in the registration sequence. ```javascript Auth.init() ``` -------------------------------- ### Initialize CryptoProDSS SDK Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/CryptoProDSS.html Initializes the CryptoProDSS SDK. This method performs security checks on the device and may display a warning screen if the device is deemed unsafe. It requires a context and a callback for initialization status. ```java public static void init( @NonNull Context context, @NonNull final SdkCryptoProDssInitCallback sdkInitCallback ) ``` -------------------------------- ### Auth.kinit Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/intro.html Initiates registration using a QR code. This method saves authentication keys locally and transitions them to the 'Created' status. ```APIDOC ## Auth.kinit ### Description Initiates the registration process using a QR code. This method saves authentication keys on the user's device and sets their status to 'Created'. It can be used in scenarios with or without an activation code. ### Method Not specified (assumed to be a method call within the SDK) ### Endpoint N/A ### Parameters May accept a parameter for the type of key protection (e.g., password, biometrics). ### Request Example N/A ### Response Not specified. Likely indicates the initiation of QR-based registration. ``` -------------------------------- ### QR Code Initialization (kInit) Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Auth.html Initializes an unconfirmed mobile device using a QR code to obtain an initial authentication vector. Requires DSSRegisterInfo, DSSProtectionType, and DSSAuthKeyType. An optional activation code and password for silent mode can be provided. ```swift public func kInit( registerInfo: DSSRegisterInfo, keyProtectionType: DSSProtectionType, activationCode: String? = nil, Password: String? = nil, authKeyType: DSSAuthKeyType?) async throws -> String ``` -------------------------------- ### Get Authentication List Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Auth.html Retrieves information about registered users and their devices. This is a static method. ```java public static List getAuthList(@NonNull Context context) throws Exception ``` -------------------------------- ### QR-Code Based Device Initialization with Auth.kinit Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Auth.html Initializes an unconfirmed mobile device in CryptoPro DSS using a QR code to obtain an initial authentication vector. This method can optionally use an activation code and may display a UI for password entry. ```java public void kinit( @NonNull Context context, @NonNull DssUser dssUser, @NonNull RegisterInfo registerInfo, @NonNull KeyProtectionType keyProtectionType, @Nullable String activationCode, @Nullable String password, @NonNull final SdkResultCallback sdkDssUserCallback) ``` -------------------------------- ### Configure Biometric Protection at Global and App Levels Source: https://dss.cryptopro.ru/docs/mobilesdk/cases/passpolicy.html Use these cmdlets to set the `DenyOSProtection` parameter. Global settings apply to the entire Identity Center, while app-level settings override global ones for a specific mobile application. `1` enables OS protection, `0` disables it. ```powershell # Global level Set-DssIdsMyDssProperties -DisplayName <Имя экземпляра ЦИ> -DenyOSProtection <1 или 0> # Mobile application level Set-DssIdsMobileAppConfiguration -SystemId -DenyOSProtection <1 или 0> ``` -------------------------------- ### Get Certificate List Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Retrieves a list of certificate requests and verification key certificates for a user. ```swift public func getCertList(kid: String) async throws -> [DSSCertificate] ``` -------------------------------- ### init Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/Auth.html Performs anonymous user registration on the server using a unique identifier. It creates an unconfirmed mobile device in CryptoPro DSS and obtains an authentication vector for it. ```APIDOC ## init ### Description Performs anonymous user registration on the server (in the scenario with a unique identifier). Creates an unconfirmed mobile device (unbound) in CryptoPro DSS with an authentication vector for it. ### Method Signature ```java public void init( @NonNull Context context, @NonNull DssUser dssUser, @NonNull RegisterInfo registerInfo, @NonNull KeyProtectionType keyProtectionType, @Nullable String password, @NonNull final SdkDssUserCallback sdkDssUserCallback) ``` ### Parameters #### Parameters - **dssUser** (DSSUser) - Required - User details. - **registerInfo** (RegisterInfo) - Required - Information about the user's registered device. - **keyProtectionType** (ProtectionType) - Required - Method of protecting the authentication vector. - **password** (string) - Optional - PIN code for accessing the authentication vector (only in non-UI mode). - **callback** (SdkDssUserCallback) - Required - Callback interface. ### Return Values - **kid** (string) - The identifier of the registered user device. ### Notes This method displays a UI for entering a new password to protect authentication keys. ``` -------------------------------- ### Device Registration Flow Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/other.html This snippet outlines the sequence of SDK calls for registering a new device using an existing one. ```APIDOC ## Device Registration Flow ### Description This describes the sequence of SDK method calls for registering a new device using an already linked device. ### Sequence for New Device Registration: 1. **Initiate New Device Registration:** Call `Auth.addNewDevice()` on the new device. 2. **Confirm Authentication Keys:** Call `Auth.confirm()` on the new device. 3. **Display QR Code for Confirmation:** Call `Auth.checkStatus(true)` on the new device to get the QR code for the existing device. 4. **Check New Device Status:** Call `Auth.checkStatus(false)` on the new device periodically until the status becomes 'Active'. ### Sequence for Confirming Device Addition (on Existing Device): 1. **Update User Devices:** Call `Policy.getUserDevices()` to refresh the list of devices and identify the new device requiring approval. 2. **Scan New Device's QR Code:** Call `Auth.scanQR()` to scan the QR code presented by the new device. 3. **Confirm New Device Addition:** Call `Auth.confirmNewDevice()` to approve or reject the new device registration request. ``` -------------------------------- ### Initialize CryptoPro DSS SDK in Android Source: https://dss.cryptopro.ru/docs/mobilesdk/android/android_embed.html Call this Kotlin function to initialize the SDK. It checks if the SDK is already initialized and uses a callback to handle success or failure. The initialization is asynchronous and may display a security screen. ```kotlin private fun initDss() { if (!CryptoProDss.isInitialized()) { CryptoProDss.init(requireActivity(),object : SdkCryptoProDssInitCallback{ override fun onInitSuccess(p0: Constants.CSPInitCode?) { // TODO: успешная инициалзиация. Можно работать с SDK //viewModel.notifyInitializationEnded() } override fun onInitFailed(p0: Constants.CSPInitCode?) { // TODO: произошла ошибка инициализации SDK //viewModel.notifyInitializationEnded() } }) } else { // TODO: SDK уже был инициализирован // viewModel.notifyInitializationEnded() } } ``` -------------------------------- ### Get Authentication List Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Auth.html Retrieves a list of registered users and their associated devices. Returns an array of DSSUser objects. ```swift public func getAuthList() throws -> [DSSUser] ``` -------------------------------- ### listExternalKeys Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/SigningKey.html Retrieves a list of signing keys installed on external storage, such as NFC devices. It uses a callback to return the results. ```APIDOC ## Method listExternalKeys ### Description Retrieves a list of signing keys installed on external storage, such as NFC devices. The results are returned via a provided callback interface. ### Signature ```java public void listExternalKeys(@NonNull Context context, @NonNull final SdkListExternalKeysCallback callback) ``` ### Parameters #### Path Parameters - **context** (Context) - Required - The Android context. - **callback** (SdkListExternalKeysCallback) - Required - The callback interface to handle the results. ### Returns - **Map** - A map containing information about signing keys installed on external storage and their associated certificates. ``` -------------------------------- ### Implement DSSPublicCustomFont Source: https://dss.cryptopro.ru/docs/mobilesdk/customization/ios.html An example implementation of DSSPublicFontProtocol for custom fonts. This class loads fonts by name, prefixed with a specified string. ```swift public class DSSPublicCustomFont: DSSPublicFontProtocol { let prefix: String public init(prefix: String) { self.prefix = prefix } public func bold(size: CGFloat) -> UIFont { guard let font = UIFont(name: "\(self.prefix)-Bold", size: size) else { return .systemFont(ofSize: size) } return font } public func medium(size: CGFloat) -> UIFont { guard let font = UIFont(name: "\(self.prefix)-Medium", size: size) else { return .systemFont(ofSize: size) } return font } public func semiBold(size: CGFloat) -> UIFont { guard let font = UIFont(name: "\(self.prefix)-SemiBold", size: size) else { return .systemFont(ofSize: size) } return font } public func regular(size: CGFloat) -> UIFont { guard let font = UIFont(name: "\(self.prefix)-Regular", size: size) else { return .systemFont(ofSize: size) } return font } } ``` -------------------------------- ### normalInit Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Auth.html Performs anonymous user registration on the server for scenarios involving a unique identifier. It creates an unconfirmed mobile device and provides an authentication vector. ```APIDOC ## normalInit ### Description Anonymous user registration on the server (in the scenario with a unique identifier). Creates an unconfirmed mobile device (without binding) in CryptoPro DSS, obtaining an authentication vector for it. ### Method ```swift public func normalInit(registerInfo: DSSRegisterInfo, keyProtectionType: DSSProtectionType, authKeyType: DSSAuthKeyType, password: String? = nil) async throws -> String ``` ### Parameters #### Request Body - **registerInfo** (DSSRegisterInfo) - Information about the user's registered device. - **keyProtectionType** (DSSProtectionType) - Method of protecting the authentication vector. - **authKeyType** (DSSAuthKeyType) - SDK usage mode depending on supported authentication keys. The supported authentication key type can be obtained by calling the getParamDSS method in the Server Interaction Policy parameters: isCryptoKeySdkAuthSupported, isDssSdkAuthSupported. - **password** (String?) - PIN code for accessing the authentication vector (only for silent mode operation). ### Returns - **device.kid** (String) - The identifier of the key set on the user's device. ``` -------------------------------- ### Get Current Protection Type Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Auth.html Retrieves the current protection type for a user's account using their key identifier. ```swift public func currentProtectionType(kid: String) throws -> DSSProtectionType ``` -------------------------------- ### Get Certificate List - iOS Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certreq.html Retrieves a list of certificates and certificate requests. Use this to select objects with type 'req'. ```swift Cert.getCertList() ``` -------------------------------- ### Add New Device Initialization Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Auth.html Initializes a new user device, associating it with a CryptoPro DSS user ID. Requires DSSRegisterInfo, DSSProtectionType, and the user's unique identifier (uid). A password for accessing the authentication vector can also be provided. ```swift public func addNewDevice(registerInfo: DSSRegisterInfo, keyProtectionType: DSSProtectionType, uid: String, password: String? = nil) async throws ``` -------------------------------- ### Get Certificate List - Android Source: https://dss.cryptopro.ru/docs/mobilesdk/certs/certreq.html Retrieves a list of certificates and certificate requests. Use this to select objects with type 'req'. ```java Cert.getCertList(context) ``` -------------------------------- ### createUnsignedCert Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Cert.html Creates an unsigned certificate request and sends it to the server for synchronization. This is the first step in obtaining a new certificate. ```APIDOC ## createUnsignedCert ### Description Creates an unsigned certificate request and sends it to the server for synchronization. This is the first step in obtaining a new certificate. ### Method Asynchronous function call ### Parameters #### Path Parameters - **kid** (String) - Required - The user's key set identifier. - **caId** (Int) - Required - The identifier of the CA handler. - **tId** (String) - Required - The identifier of the certificate template. - **dn** ([String: String]) - Required - The subject's distinguished name in the format {"OID of name component", "Value of name component"}. #### Optional Parameters - **reqParams** ([String: String]?) - Optional - Additional parameters for the certificate request. - **silent** (Bool) - Optional - A flag to control the visibility of SDK dialogs. Defaults to false. ### Response #### Success Response - **DSSCertificate** - Information about the created unsigned certificate request. ``` -------------------------------- ### Get User Devices Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Policy.html Retrieves information about a user's registered devices. Requires the user's key identifier. ```swift public func getUserDevices(kid: String) async throws -> DSSDevices ``` -------------------------------- ### Policy and Auth SDK Methods Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/other.html Reference for the Policy and Auth SDK methods used in the device registration process. ```APIDOC ## Policy and Auth SDK Methods ### Description This section details the SDK methods used for managing user devices and authentication within the CryptoPro DSS mobile SDK. ### Methods: #### `Policy.getParamsDSS()` * **Description:** Used to check if the scenario for registering a new device is permitted. * **Usage:** Call this method to validate the possibility of proceeding with the registration flow. #### `Policy.getUserDevices()` * **Description:** Refreshes and retrieves the current authentication key data for the user's devices. * **Usage:** Essential for updating the device list and identifying devices in states like 'ApproveRequired'. #### `Auth.getAuthList()` * **Description:** Retrieves a list of available authentication keys on the mobile application. * **Usage:** Used to manage and view existing authentication credentials. #### `Auth.removeAuth()` * **Description:** Removes authentication keys from the mobile application. * **Usage:** For deleting or revoking existing authentication credentials. #### `Auth.addNewDevice()` * **Description:** Initiates the process of adding a new device to the user's account. * **Usage:** Call this on the new device to start the registration. #### `Auth.confirm()` * **Description:** Confirms the receipt of authentication keys for a new device. * **Usage:** Call this on the new device after `Auth.addNewDevice()`. #### `Auth.checkStatus(boolean)` * **Description:** Checks the status of the new device registration. The boolean parameter controls the type of status check (e.g., `true` to display QR code, `false` to check registration status). * **Usage:** Call with `true` to get the QR code for the existing device to scan, and with `false` to monitor the new device's registration progress. #### `Auth.scanQR()` * **Description:** Scans a QR code presented by the existing device. * **Usage:** Call this on the new device after it has scanned the QR code from the existing device. #### `Auth.confirmNewDevice()` * **Description:** Confirms or rejects the request to register a new device. * **Usage:** Call this on the existing device after scanning the new device's QR code to finalize the approval. ``` -------------------------------- ### listKeys Source: https://dss.cryptopro.ru/docs/mobilesdk/android/class/SigningKey.html Retrieves a list of signing keys (key containers) installed on the current mobile device. It can optionally check all available containers. ```APIDOC ## Method listKeys ### Description Retrieves a list of signing keys, represented as key containers, installed on the current mobile device. This method can optionally check all available containers. ### Signature ```java public List listKeys(Context context, boolean checkAllContainers) ``` ### Parameters #### Path Parameters - **context** (Context) - Required - The Android context. - **checkAllContainers** (boolean) - Required - A flag to indicate whether to check all containers. ### Returns - **List** - An array containing information about the signing keys (key containers) installed on the mobile device. ``` -------------------------------- ### Create Placeholder Dexdigests File Source: https://dss.cryptopro.ru/docs/mobilesdk/android/integrity.html Before building your APK/AAB, create a placeholder `dexdigests` file in the `res/raw` directory. This ensures a resource ID is generated for it, allowing access in your code. ```bash mkdir -p myapp-example/src/main/res/raw touch myapp-example/src/main/res/raw/dexdigests mkdir -p myapp-example-jni-kt/src/main/res/raw touch myapp-example-jni-kt/src/main/res/raw/dexdigests ``` -------------------------------- ### Get DSS Parameters Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/Policy.html Requests the server's parameters (policy) for DSS interaction. Requires the service URL of the DSS server. ```swift public func getParamsDSS(serviceUrl: String) async throws -> DSSPolicyPayload ``` -------------------------------- ### Configure Server-Side Key Archiving Source: https://dss.cryptopro.ru/docs/mobilesdk/cases/archivekey.html Add a crypto provider for archiving and enable key archiving settings on the signing service. Optionally, configure advanced settings like cross-system archiving and deletion upon export. ```powershell # Add the corresponding crypto provider with the Archive type # -ProviderName and -ProviderType must match the parameters of the GostWithMasterKey crypto provider (Get-DssSignCryptoProvider) Add-DssSignCryptoProvider -DisplayName <Имя экземпляра сервиса> -ProviderName "Имя криптопровайдера" -ProviderType <Тип криптопровайдера> -TypeId Archive # Enable key archiving Enable-DssSignCertificateKeyArchiveSettings -DisplayName <Имя экземпляра сервиса> # (OPTIONAL) Configure archiving Set-DssSignCertificateKeyArchiveSettings -DisplayName <Имя экземпляра сервиса> -AllowCrossSystemArchive <1/0> -DeleteArchiveOnExport <1/0> ``` -------------------------------- ### List Local Signing Keys Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/Class/SigningKey.html Retrieves a list of signing keys installed on the mobile device. Use this to access keys stored locally. ```swift public func listKeys() -> [DSSSigningKeyInfo] ``` -------------------------------- ### Registering a New Device with CryptoPro DSS SDK Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/other.html This sequence of calls is used for registering a new device. Ensure the policy allows this scenario and check the status until the device is active. ```javascript Auth.addNewDevice() -> Auth.confirm() -> Auth.checkStatus(true) -> Auth.checkStatus(false) ``` -------------------------------- ### Calculate Hash for App Modules Source: https://dss.cryptopro.ru/docs/mobilesdk/android/integrity.html Use this command to calculate the hash values for critical application modules (`classes[n].dex` and `*.aap`) using the GOST 34.11-2012 algorithm with a 256-bit hash length. This is performed before publishing and after downloading from the app store. ```bash cpverify -mk -alg GR3411_2012_256 ``` -------------------------------- ### Extract IPA using frida-ios-dump Source: https://dss.cryptopro.ru/docs/mobilesdk/ios/integrity.html Clone and set up the frida-ios-dump utility to extract an IPA file. This involves installing dependencies and running the dump script. ```bash iproxy 2222 22 git clone https://github.com/AloneMonkey/frida-ios-dump cd frida-ios-dump . venv/bin/activate pip3 install -r requirements.txt python3 dump.py -u my_name -P APP ``` -------------------------------- ### Callback URL Handling Example Source: https://dss.cryptopro.ru/docs/mobilesdk/embed/deeplinks.html Demonstrates how the `callbackUrl` parameter is used to return results to the calling application. The `result` parameter indicates success or failure. ```deeplink testapp://?result=success ``` ```deeplink testapp://?result=failure ``` -------------------------------- ### Getting User Devices Information Source: https://dss.cryptopro.ru/docs/mobilesdk/reg/other.html This method is used to update data about authentication keys and to retrieve device information, including devices in the 'ApproveRequired' status. ```javascript Policy.getUserDevices() ```