PowerAuth Mobile SDK in version 1.3.0
introduces support for latest PowerAuth protocol version 3.1
. The main changes in PowerAuth protocol are following:
- Improved information entropy in PowerAuth online signatures. The signature is now encoded into BASE64 instead of decimal string.
- Improved protection of encrypted status blob against possible replay attacks.
- Improved protection of payload encrypted by our ECIES scheme.
- Improved protocol reliability. The mobile client is now able to synchronize its signature counter with the server's.
The changes of cryptography are documented in details in the powerauth-crypto project.
- This release is fully compatible with PowerAuth Server version
0.23.x
.
- Please be aware that PowerAuth mobile SDK
1.3.4
fixed a serious issue with protocol upgrade fromV2.x
toV3.1
. You should upgrade your application to1.3.4
and newer.
- Added a new activation state
ActivationStatus.State_Deadlock
.- This new state indicates that local activation is technically blocked and no longer can be used for the signature calculations.
- The application should handle this situation in the following steps:
- Inform user that activation is no longer available
- Remove the local activation, by calling:
powerAuthSDK.removeActivationLocal(context);
- For more details, please check issue #236.
- Added a new activation state
PA2ActivationState_Deadlock
- This new state indicates that local activation is technically blocked and no longer can be used for the signature calculations.
- The application should handle this situation in the following steps:
- Inform user that activation is no longer available
- Remove the local activation, by calling:
PowerAuthSDK.sharedInstance().removeActivationLocal();
- For more details, please check issue #236.