Example 6 with Response
use of com.webauthn4j.data.attestation.statement.Response in project webauthn4j by webauthn4j.
the class AndroidSafetyNetAuthenticator method createAttestationStatement.
@Override
public AttestationStatement createAttestationStatement(AttestationStatementRequest attestationStatementRequest, RegistrationEmulationOption registrationEmulationOption) {
AttestationOption attestationOption = registrationEmulationOption.getAttestationOption() == null ? new AndroidSafetyNetAttestationOption() : registrationEmulationOption.getAttestationOption();
X509Certificate attestationCertificate = getAttestationCertificate(attestationStatementRequest, attestationOption);
List<X509Certificate> certificates = new ArrayList<>();
certificates.add(attestationCertificate);
certificates.addAll(this.getCACertificatePath());
CertPath certPath = CertificateUtil.generateCertPath(certificates);
JWSHeader jwsHeader = new JWSHeader(JWAIdentifier.ES256, certPath);
String nonce = Base64Util.encodeToString(MessageDigestUtil.createSHA256().digest(attestationStatementRequest.getSignedData()));
long timestampMs = Instant.now().toEpochMilli();
String apkPackageName = "com.android.keystore.androidkeystoredemo";
String[] apkCertificateDigestSha256 = new String[] { "bsb4/WQdaaOWYCd/j9OJiQpg7b0iwFgAc/zzA1tCfwE=" };
String apkDigestSha256 = "dM/LUHSI9SkQhZHHpQWRnzJ3MvvB2ANSauqYAAbS2Jg=";
boolean ctsProfileMatch = true;
boolean basicIntegrity = true;
String advice = null;
Response response = new Response(nonce, timestampMs, apkPackageName, apkCertificateDigestSha256, apkDigestSha256, ctsProfileMatch, basicIntegrity, advice);
String ver = "12685023";
JWS<Response> jws = getJwsFactory().create(jwsHeader, response, this.getAttestationKeyPair().getPrivate());
if (registrationEmulationOption.isSignatureOverrideEnabled()) {
jws = getJwsFactory().create(jws.getHeader(), jws.getPayload(), registrationEmulationOption.getSignature());
}
return new AndroidSafetyNetAttestationStatement(ver, jws);
}
Also used :
AndroidSafetyNetAttestationStatement(com.webauthn4j.data.attestation.statement.AndroidSafetyNetAttestationStatement)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
Response(com.webauthn4j.data.attestation.statement.Response)
CertPath(java.security.cert.CertPath)
JWSHeader(com.webauthn4j.data.jws.JWSHeader)
Example 7 with Response
use of com.webauthn4j.data.attestation.statement.Response in project webauthn4j by webauthn4j.
the class AndroidSafetyNetAttestationStatementValidatorTest method validateNull_with_apkCertificateDigestSha256_null_test.
@Test
void validateNull_with_apkCertificateDigestSha256_null_test() {
String nonce = "nonce";
long timestampMs = Instant.now().toEpochMilli();
String apkPackageName = "com.android.keystore.androidkeystoredemo";
String apkDigestSha256 = "dM/LUHSI9SkQhZHHpQWRnzJ3MvvB2ANSauqYAAbS2Jg=";
boolean ctsProfileMatch = true;
boolean basicIntegrity = true;
String advice = null;
Response response = new Response(nonce, timestampMs, apkPackageName, null, apkDigestSha256, ctsProfileMatch, basicIntegrity, advice);
assertThatThrownBy(() -> target.validateResponseNotNull(response)).isInstanceOf(BadAttestationStatementException.class);
}Example 8 with Response
use of com.webauthn4j.data.attestation.statement.Response in project webauthn4j by webauthn4j.
the class AndroidSafetyNetAttestationStatementValidatorTest method validateAttestationStatementNotNull_test.
@Test
void validateAttestationStatementNotNull_test() {
String ver = "12685023";
String nonce = "nonce";
long timestampMs = Instant.now().toEpochMilli();
String apkPackageName = "com.android.keystore.androidkeystoredemo";
String[] apkCertificateDigestSha256 = new String[] { "bsb4/WQdaaOWYCd/j9OJiQpg7b0iwFgAc/zzA1tCfwE=" };
String apkDigestSha256 = "dM/LUHSI9SkQhZHHpQWRnzJ3MvvB2ANSauqYAAbS2Jg=";
boolean ctsProfileMatch = true;
boolean basicIntegrity = true;
String advice = null;
Response response = new Response(nonce, timestampMs, apkPackageName, apkCertificateDigestSha256, apkDigestSha256, ctsProfileMatch, basicIntegrity, advice);
JWS<Response> jws = new JWSFactory().create(new JWSHeader(JWAIdentifier.ES256, CertificateUtil.generateCertPath(Collections.emptyList())), response, new byte[32]);
AndroidSafetyNetAttestationStatement attestationStatement = new AndroidSafetyNetAttestationStatement(ver, jws);
target.validateAttestationStatementNotNull(attestationStatement);
}
Also used :
Response(com.webauthn4j.data.attestation.statement.Response)
AndroidSafetyNetAttestationStatement(com.webauthn4j.data.attestation.statement.AndroidSafetyNetAttestationStatement)
JWSFactory(com.webauthn4j.data.jws.JWSFactory)
JWSHeader(com.webauthn4j.data.jws.JWSHeader)
Test(org.junit.jupiter.api.Test)
Example 9 with Response
use of com.webauthn4j.data.attestation.statement.Response in project webauthn4j by webauthn4j.
the class AndroidSafetyNetAttestationStatementValidatorTest method validateNull_with_ctsProfileMatch_null_test.
@Test
void validateNull_with_ctsProfileMatch_null_test() {
String nonce = "nonce";
long timestampMs = Instant.now().toEpochMilli();
String apkPackageName = "com.android.keystore.androidkeystoredemo";
String[] apkCertificateDigestSha256 = new String[] { "bsb4/WQdaaOWYCd/j9OJiQpg7b0iwFgAc/zzA1tCfwE=" };
String apkDigestSha256 = "dM/LUHSI9SkQhZHHpQWRnzJ3MvvB2ANSauqYAAbS2Jg=";
boolean basicIntegrity = true;
String advice = null;
Response response = new Response(nonce, timestampMs, apkPackageName, apkCertificateDigestSha256, apkDigestSha256, null, basicIntegrity, advice);
assertThatThrownBy(() -> target.validateResponseNotNull(response)).isInstanceOf(BadAttestationStatementException.class);
}Example 10 with Response
use of com.webauthn4j.data.attestation.statement.Response in project webauthn4j by webauthn4j.
the class AndroidSafetyNetAttestationStatementValidatorTest method validateNull_with_basicIntegrity_null_test.
@Test
void validateNull_with_basicIntegrity_null_test() {
String nonce = "nonce";
long timestampMs = Instant.now().toEpochMilli();
String apkPackageName = "com.android.keystore.androidkeystoredemo";
String[] apkCertificateDigestSha256 = new String[] { "bsb4/WQdaaOWYCd/j9OJiQpg7b0iwFgAc/zzA1tCfwE=" };
String apkDigestSha256 = "dM/LUHSI9SkQhZHHpQWRnzJ3MvvB2ANSauqYAAbS2Jg=";
boolean ctsProfileMatch = true;
String advice = null;
Response response = new Response(nonce, timestampMs, apkPackageName, apkCertificateDigestSha256, apkDigestSha256, ctsProfileMatch, null, advice);
assertThatThrownBy(() -> target.validateResponseNotNull(response)).isInstanceOf(BadAttestationStatementException.class);
}Aggregations
Response (com.webauthn4j.data.attestation.statement.Response)11
Test (org.junit.jupiter.api.Test)9
AndroidSafetyNetAttestationStatement (com.webauthn4j.data.attestation.statement.AndroidSafetyNetAttestationStatement)3
JWSHeader (com.webauthn4j.data.jws.JWSHeader)2
AttestationCertificate (com.webauthn4j.data.attestation.statement.AttestationCertificate)1
JWSFactory (com.webauthn4j.data.jws.JWSFactory)1
BadAttestationStatementException (com.webauthn4j.validator.exception.BadAttestationStatementException)1
CertPath (java.security.cert.CertPath)1
X509Certificate (java.security.cert.X509Certificate)1
ArrayList (java.util.ArrayList)1
NonNull (org.checkerframework.checker.nullness.qual.NonNull)1
