About this app
Secure Box is an add-on application that offers additional commands for terminal applications (1)(2)(3).Package includes secure shell commands (client, key management, file transfer, agent, daemon) and
commands for management of keys, X.509 certificates, digests and etc.
Note "Pro" version is full functional with integrated terminal and user interface than allows you easily to manage secure shell sessions and parameteres.
The Secure Shell (SSH) is a protocol for secure remote login and other secure network services over an insecure network.
It is intended to provide secure encrypted communications between two untrusted hosts over an insecure network.
Secure shell commands are port of PKIX-SSH (feature richest ssh implementation in the world) to Android platform.
PKIX-SSH offers widest range of supported key algorithms, chippers, macs for secure shell protocol.
For instance supported public key algorithms include X.509 certificate based keys:
EC : x509v3-ecdsa-sha2-nistp256, x509v3-ecdsa-sha2-nistp384, x509v3-ecdsa-sha2-nistp521
RSA : x509v3-rsa2048-sha256, x509v3-ssh-rsa, x509v3-sign-rsa
DSA : x509v3-ssh-dss, x509v3-sign-dss
as well public key algorithms based on plan public keys:
EC : ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521
RSA : ssh-rsa, rsa-sha2-256, rsa-sha2-512
Ed25519 : ssh-ed25519
DSA : ssh-dss
Client and server support extension negotiation mechanism used in adaptive public key algorithm selection.
Auxiliary commands for management of keys, X.509 certificates, digests and etc are provided by OpenSSL command line tool.
This list of commands includes, but not limited to,
key management commands like ec and ecparam, rsa, dsa and dsaparam, genpkey and pkey,
commands for management of X.509 certificates, revocation list and authorities - x509, crl and ca,
commands for key data management - pkcs12, pkcs8 and pkcs7,
commands for operation will keys - pkeyutl,
time stamping authority tool - ts.
The complete list of commands including manual pages is available on application web-site.
Notes:
(1) Application is best integrated with terminal "TermOne Plus".
(2) Starting with Android 9.0 (Pie) SELinux permission are hardened and do not allow any more one application to share its file system tree. This prevent SecureBox to "export" packaged binaries for use by other applications. As work-around "TermOne Plus" (3.1) and SecureBox (2.1) start to "share user id". This is incompatible modification that requires reinstall of application. Another side effect is that terminal application have full access to SecureBox binaries and configuration files!
(3) Android 10.0 does not allow execution from "writable" directories. SecureBox 2.2 offers new packaging model suitable for Android 10.0. Also new packgind model requires respective support from terminal application - added in "TermOne Plus" 3.2.
