AttestationException
Provides additional details on why an attestation attempt failed, indicating which platform was being attested. Although many reasons exist why an attestation may fail, all of them can be put into two categories:
Content e.g. version, app name, challenge, or key mismatch
Certificate e.g. chain rooted in an untrusted certificate, revocation, validity period
Certificate.Trust for trust issues
Certificate.Time for clock offset-related issues
More specific details about why the attestation failed are communicated to humans in message and are differentiated in cause. A dedicated lazy property platformSpecificCause is present to evaluate and act upon such details (which is just an alias for cause). On Android, platformSpecificCause will always be an instance of AndroidAttestationException containing an enumerable reason which will provide insights.
For iOS, less verbose details are communicated in platformSpecificCause due to a lack of a common root for all throwables.
Concrete examples of platform-specific error cases and their corresponding exceptions and reason codes, refer to Content, Certificate.Trust, and Certificate.Time
Inheritors
Types
Indicates a problem verifying the certificate chain the attestation statement is built upon. This can either be just a borked certificate chain (i.e. just a wrong certificate somewhere in the chain), or the chain not being rooted in a valid trust anchor. Most probably, however, a legitimate app on a trusted OS will simply have fallen victim to the system clock being too far ahead. This heavily depends on the OS a device was originally shipped with, (or just Samsung being Samsung and being unable to correctly encode a timestamp conforming to ASN.1)
Thrown on instantiation, for illegal configurations (e.g. no apps configured)
Indicates that some value (key to be attests, bundle identifier or package name, team identified or signer certificate, etc.) failed to verify This usually means that either the client's OS or the app was compromised/modified (or an implementation error occurred).
For Android, platformSpecificCause is always an AttestationValueException, on iOS it is always an IosAttestationException, both of which have enumerable reason property, which is documented.