class WebAuthn::AttestationStatement::AndroidKey
Public Instance Methods
valid?(authenticator_data, client_data_hash)
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 10 def valid?(authenticator_data, client_data_hash) valid_signature?(authenticator_data, client_data_hash) && matching_public_key?(authenticator_data) && valid_attestation_challenge?(client_data_hash) && all_applications_fields_not_set? && valid_authorization_list_origin? && valid_authorization_list_purpose? && trustworthy?(aaguid: authenticator_data.aaguid) && [attestation_type, attestation_trust_path] end
Private Instance Methods
all_applications_fields_not_set?()
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 35 def all_applications_fields_not_set? !tee_enforced.all_applications && !software_enforced.all_applications end
android_key_attestation()
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 63 def android_key_attestation @android_key_attestation ||= AndroidKeyAttestation::Statement.new(*certificates) end
attestation_type()
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 55 def attestation_type WebAuthn::AttestationStatement::ATTESTATION_TYPE_BASIC end
default_root_certificates()
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 59 def default_root_certificates AndroidKeyAttestation::Statement::GOOGLE_ROOT_CERTIFICATES end
software_enforced()
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 51 def software_enforced android_key_attestation.software_enforced end
tee_enforced()
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 47 def tee_enforced android_key_attestation.tee_enforced end
valid_attestation_challenge?(client_data_hash)
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 23 def valid_attestation_challenge?(client_data_hash) android_key_attestation.verify_challenge(client_data_hash) rescue AndroidKeyAttestation::ChallengeMismatchError false end
valid_certificate_chain?(aaguid: nil, **_)
click to toggle source
# File lib/webauthn/attestation_statement/android_key.rb, line 29 def valid_certificate_chain?(aaguid: nil, **_) android_key_attestation.verify_certificate_chain(root_certificates: root_certificates(aaguid: aaguid)) rescue AndroidKeyAttestation::CertificateVerificationError false end