makoto/at.asitplus.attestation/IosAttestationConfiguration

IosAttestationConfiguration

@Serializable
data class IosAttestationConfiguration @JvmOverloads constructor(val applications: List<IosAttestationConfiguration.AppData>, val iosVersion: IosAttestationConfiguration.OsVersions? = null, val attestationStatementValiditySeconds: Long = (ReceiptValidator.APPLE_RECOMMENDED_MAX_AGE.toKotlinDuration() + Makoto.DEFAULT_TIME_OFFSET).inWholeSeconds, val trustedRoots: Set<TrustedRootPair> = APPLE_DEFAULT_TRUSTED_ROOTS)(source)

Configuration class for Apple App Attestation

Constructors

Link copied to clipboard
@JvmOverloads
constructor(singleApp: IosAttestationConfiguration.AppData, iosVersion: IosAttestationConfiguration.OsVersions? = null, attestationStatementValiditySeconds: Long = (ReceiptValidator.APPLE_RECOMMENDED_MAX_AGE.toKotlinDuration() + Makoto.DEFAULT_TIME_OFFSET).inWholeSeconds, trustedRoots: Set<TrustedRootPair> = APPLE_DEFAULT_TRUSTED_ROOTS)
@JvmOverloads
constructor(applications: List<IosAttestationConfiguration.AppData>, iosVersion: IosAttestationConfiguration.OsVersions? = null, attestationStatementValiditySeconds: Long = (ReceiptValidator.APPLE_RECOMMENDED_MAX_AGE.toKotlinDuration() + Makoto.DEFAULT_TIME_OFFSET).inWholeSeconds, trustedRoots: Set<TrustedRootPair> = APPLE_DEFAULT_TRUSTED_ROOTS)

Types

Link copied to clipboard
@Serializable
data class AppData @JvmOverloads constructor(val teamIdentifier: String, val bundleIdentifier: String, val sandbox: Boolean = false, val iosVersionOverride: IosAttestationConfiguration.OsVersions? = null, val trustedRootOverrides: Set<TrustedRootPair>? = null)

Specifies a to-be attested app

Link copied to clipboard
@Serializable
data class OsVersions(semVer: String, buildNumber: String) : Comparable<Any>

Container class for iOS versions. Necessary, iOS versions used to always be encoded into attestation statements using SemVer syntax. Newer iPhones, however, use a hex string representation of the build number instead. Since it makes rarely sense to only check for SemVer not for a hex-encoded build number (i.e only accept older iPhones), encapsulating both variants into a dedicated type ensures that either both or neither are set.

Properties

Link copied to clipboard
val applications: List<IosAttestationConfiguration.AppData>

List of applications that can be attested

Link copied to clipboard
val attestationStatementValiditySeconds: Long

The maximum age an attestation statement is considered valid. Defaults to ReceiptValidator.APPLE_RECOMMENDED_MAX_AGE + Makoto.DEFAULT_TIME_OFFSET

Link copied to clipboard
val iosVersion: IosAttestationConfiguration.OsVersions? = null

Optional parameter. If present, the iOS version of the attested app must be greater or equal to this parameter Uses SemVer syntax. Can be overridden for individual apps.

Link copied to clipboard
val trustedRoots: Set<TrustedRootPair>

Manually specify the trust anchors. Apple's trust anchors come in pairs: a TrustedRootPair.attestationRoot and a TrustedRootPair.receiptRoot. Defaults to the Apples trust anchors available in APPLE_DEFAULT_TRUSTED_ROOTS. Overriding this set is useful for automated end-to-end tests, for example. Note that currently only Certificates are supported as trust anchors, no raw public keys

Functions

Link copied to clipboard
open operator override fun equals(other: Any?): Boolean
Link copied to clipboard
open override fun hashCode(): Int