Class: Devicecheck::Attestation
- Inherits:
-
Object
- Object
- Devicecheck::Attestation
- Defined in:
- lib/devicecheck/attestation.rb
Constant Summary collapse
- AAGUID_DEVELOPMENT =
AAGUID for development environments
'appattestdevelop'
- AAGUID_PRODUCTION =
AAGUID for production environments
"appattest\0\0\0\0\0\0\0"
Instance Method Summary collapse
-
#attest(key_id:, attestation_object:, challenge:) ⇒ Array
Verifies the attestation generated by DCAppAttestService.
-
#initialize(app_id:, environment:) ⇒ Attestation
constructor
Initialize the attestation service by providing your app ID and which environment are you testing.
Constructor Details
#initialize(app_id:, environment:) ⇒ Attestation
Initialize the attestation service by providing your app ID and which environment are you testing.
39 40 41 42 43 |
# File 'lib/devicecheck/attestation.rb', line 39 def initialize(app_id:, environment:) @app_id = app_id @environment = environment @sha256 = OpenSSL::Digest.new('SHA256') end |
Instance Method Details
#attest(key_id:, attestation_object:, challenge:) ⇒ Array
Verifies the attestation generated by DCAppAttestService. All Base64 encoded strings should be sent in strict format (RFC 4648).
61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
# File 'lib/devicecheck/attestation.rb', line 61 def attest(key_id:, attestation_object:, challenge:) decoded_attestation_object = CBOR.decode(Base64.strict_decode64(attestation_object)) att_stmt = decoded_attestation_object['attStmt'] auth_data = decoded_attestation_object['authData'] cred_cert = validate_certificates! att_stmt validate_challenge! challenge, auth_data, cred_cert validate_key_id! key_id, cred_cert validate_auth_data! key_id, auth_data [cred_cert.public_key.to_der, att_stmt['receipt']] end |