makoto/at.asitplus.attestation/Warden

Warden

class Warden(androidAttestationConfiguration: AndroidAttestationConfiguration, iosAttestationConfiguration: IosAttestationConfiguration, clock: <Error class: unknown class> = Clock.System, verificationTimeOffset: Duration = Duration.ZERO) : AttestationService(source)

Default, functional Android and Apple App and Key Attestation in all its glory.

Once configured, this class provides a streamlined interface for mobile client attestation

Parameters

androidAttestationConfiguration

Configuration for Android key attestation. See AndroidAttestationConfiguration for details.

iosAttestationConfiguration

IOS AppAttest configuration. See IosAttestationConfiguration for details.

clock

a clock to set the time of verification (used for certificate validity checks)

verificationTimeOffset

allows for fine-grained clock drift compensation (this duration is added to the certificate validity checks); can be negative.

Constructors

Link copied to clipboard
@JvmOverloads
constructor(androidAttestationConfigurationJ: AndroidAttestationConfiguration, iosAttestationConfigurationJ: IosAttestationConfiguration, verificationTimeOffsetJ: Duration = java.time.Duration.ZERO, javaClock: Clock = java.time.Clock.systemUTC())

Java-friendly constructor with java.time types

constructor(androidAttestationConfiguration: AndroidAttestationConfiguration, iosAttestationConfiguration: IosAttestationConfiguration, clock: <Error class: unknown class> = Clock.System, verificationTimeOffset: Duration = Duration.ZERO)

Properties

Link copied to clipboard
open override val android: AttestationService.Android

Exposes Android-specific API to reduce toplevel clutter

Link copied to clipboard
open override val ios: AttestationService.IOS

Groups iOS-specific API to reduce toplevel clutter.

Functions

Link copied to clipboard
fun collectDebugInfo(attestationProof: Attestation, challenge: ByteArray): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called ``verifyKeyAttestation( attestationProof: Attestation, challenge: ByteArray ): KeyAttestation<PublicKey>``

fun collectDebugInfo(attestationProof: List<ByteArray>, challenge: ByteArray, publicKey: PublicKey): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called `` <T : PublicKey> verifyKeyAttestation( attestationProof: List<ByteArray>, expectedChallenge: ByteArray, keyToBeAttested: T )``

fun collectDebugInfo(attestationProof: List<ByteArray>, challenge: ByteArray, rawPublicKey: ByteArray): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called ``verifyKeyAttestation( attestationProof: List<ByteArray>, challenge: ByteArray, encodedPublicKey: ByteArray ): KeyAttestation<PublicKey>``

@JvmName(name = "collectKeyAttestationLegacy")
fun collectDebugInfo(attestationProof: List<ByteArray>, challenge: ByteArray, clientData: ByteArray? = null): WardenDebugAttestationStatement

Collects a debug dump of an attestation call. Use this if you called ``verifyAttestation( attestationProof: List<ByteArray>, challenge: ByteArray, clientData: ByteArray? ): AttestationResult``

Link copied to clipboard
fun <T : PublicKey> verifyKeyAttestation(attestationProof: List<ByteArray>, expectedChallenge: ByteArray, keyToBeAttested: T): KeyAttestation<T>

Verifies key attestation for both Android and Apple devices.

fun verifyKeyAttestation(attestationProof: List<ByteArray>, challenge: ByteArray, encodedPublicKey: ByteArray): KeyAttestation<PublicKey>

Same as verifyKeyAttestation, but taking an encoded (either ANSI X9.63 or DER) publix key as a byte array

open override fun verifyKeyAttestation(attestationProof: Attestation, challenge: ByteArray): KeyAttestation<PublicKey>