makoto/at.asitplus.attestation/Makoto

Makoto

class Makoto : AttestationService(source)

Default, functional Android and Apple App and Key Attestation in all its glory.

Once configured, this class provides a streamlined interface for mobile client attestation

Parameters

androidAttestationConfiguration

Configuration for Android key attestation. See AndroidAttestationConfiguration for details.

iosAttestationConfiguration

IOS AppAttest configuration. See IosAttestationConfiguration for details.

clock

a clock to set the time of verification (used for certificate validity checks)

verificationTimeOffset

allows for fine-grained clock drift compensation (this offsets the certificate validity duration checks and attestation statement validity checks); can be negative. Note that this is a real offset, shifting the time window of validity, not extending it!

Throws

if neither Android nor iOS attestation configuration is provided

Constructors

Link copied to clipboard
constructor(androidAttestationConfiguration: AndroidAttestationConfiguration, iosAttestationConfiguration: IosAttestationConfiguration, clock: Clock = Clock.System, verificationTimeOffset: Duration = DEFAULT_TIME_OFFSET)

Default, functional Android and Apple App and Key Attestation in all its glory.

constructor(androidAttestationConfiguration: AndroidAttestationConfiguration, clock: Clock = Clock.System, verificationTimeOffset: Duration = DEFAULT_TIME_OFFSET)

Android-only App and Key Attestation

constructor(iosAttestationConfiguration: IosAttestationConfiguration, clock: Clock = Clock.System, verificationTimeOffset: Duration = DEFAULT_TIME_OFFSET)

iOS-only and Apple App and Key Attestation.

@JvmOverloads
constructor(iosAttestationConfigurationJ: IosAttestationConfiguration, androidAttestationConfigurationJ: AndroidAttestationConfiguration, verificationTimeOffsetJ: Duration = DEFAULT_TIME_OFFSET.toJavaDuration(), javaClock: Clock = java.time.Clock.systemUTC())

Java-friendly constructor with java.time types

@JvmOverloads
constructor(androidAttestationConfigurationJ: AndroidAttestationConfiguration, verificationTimeOffsetJ: Duration = DEFAULT_TIME_OFFSET.toJavaDuration(), javaClock: Clock = java.time.Clock.systemUTC())

Android-only Java-friendly constructor with java.time types

@JvmOverloads
constructor(iosAttestationConfigurationJ: IosAttestationConfiguration, verificationTimeOffsetJ: Duration = DEFAULT_TIME_OFFSET.toJavaDuration(), javaClock: Clock = java.time.Clock.systemUTC())

iOS-only Java-friendly constructor with java.time types

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
open override val android: AttestationService.Android

Exposes Android-specific API to reduce toplevel clutter

Link copied to clipboard
Link copied to clipboard
val clock: Clock
Link copied to clipboard
open override val ios: AttestationService.IOS

Groups iOS-specific API to reduce toplevel clutter.

Link copied to clipboard
Link copied to clipboard
val longestValidityDuration: Duration?

The longest attestation validity duration over Android and iOS configuration. Useful to get the longest sensible nonce validity duration

Link copied to clipboard
val shortestValidityDuration: Duration?

The shortest attestation validity duration over Android and iOS configuration. Useful to get the shortest sensible nonce validity duration

Link copied to clipboard

Functions

Link copied to clipboard
fun collectDebugInfo(attestationProof: Attestation, challenge: ByteArray): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called ``verifyKeyAttestation( attestationProof: Attestation, challenge: ByteArray ): KeyAttestation<PublicKey>``

fun collectDebugInfo(attestationProof: List<ByteArray>, challenge: ByteArray, publicKey: PublicKey): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called `` <T : PublicKey> verifyKeyAttestation( attestationProof: List<ByteArray>, expectedChallenge: ByteArray, keyToBeAttested: T )``

fun collectDebugInfo(attestationProof: List<ByteArray>, challenge: ByteArray, rawPublicKey: ByteArray): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called ``verifyKeyAttestation( attestationProof: List<ByteArray>, challenge: ByteArray, encodedPublicKey: ByteArray ): KeyAttestation<PublicKey>``

@JvmName(name = "collectKeyAttestationLegacy")
fun collectDebugInfo(attestationProof: List<ByteArray>, challenge: ByteArray, clientData: ByteArray? = null): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called ``verifyAttestation( attestationProof: List<ByteArray>, challenge: ByteArray, clientData: ByteArray? ): AttestationResult``

Link copied to clipboard
inline fun <T : PublicKey, R> KeyAttestation<T>.foldTyped(onError: (AttestationResult.Error) -> R, onSuccess: (T, AttestationResult.Verified) -> R): R
Link copied to clipboard
@JvmName(name = "verifyKeyAttestationSuspending")
suspend fun verifyKeyAttestation(attestationProof: Attestation, challenge: ByteArray): KeyAttestation<PublicKey>

@JvmName(name = "verifyKeyAttestationSuspending")
suspend fun <T : PublicKey> verifyKeyAttestation(attestationProof: List<ByteArray>, expectedChallenge: ByteArray, keyToBeAttested: T): KeyAttestation<T>

Verifies key attestation for both Android and Apple devices.

@JvmName(name = "verifyKeyAttestationSuspending")
suspend fun verifyKeyAttestation(attestationProof: List<ByteArray>, challenge: ByteArray, encodedPublicKey: ByteArray): KeyAttestation<PublicKey>

Same as verifyKeyAttestation, but taking an encoded (either ANSI X9.63 or DER) publix key as a byte array

Link copied to clipboard
@JvmName(name = "verifyKeyAttestation")
fun verifyKeyAttestationBlocking(attestationProof: Attestation, challenge: ByteArray): KeyAttestation<PublicKey>

@JvmName(name = "verifyKeyAttestation")
fun <T : PublicKey> verifyKeyAttestationBlocking(attestationProof: List<ByteArray>, expectedChallenge: ByteArray, keyToBeAttested: T): KeyAttestation<T>

Verifies key attestation for both Android and Apple devices.

@JvmName(name = "verifyKeyAttestation")
suspend fun verifyKeyAttestationBlocking(attestationProof: List<ByteArray>, challenge: ByteArray, encodedPublicKey: ByteArray): KeyAttestation<PublicKey>

Same as verifyKeyAttestation, but taking an encoded (either ANSI X9.63 or DER) publix key as a byte array

Generated by Dokka
© 2026 Copyright