Make your Android banking app open-source!
Make your Android banking app open-source!
Make your Android banking app open-source!
Make your Android banking app open-source!
Single.create<AttestationResponse> { SafetyNet.getClient(activity) .attest(nonce, apiKey) .addOnSuccessListener(it::onSuccess) .addOnFailureListener(it::onError) }
eyJhbGciOiJSUzI1NiIsIng1YyI6WyJNSUlFaURDQ0EzQ2dBd0lCQWdJSU5CY1JCYkpDSWxBd0RRWUpLb1pJaHZjTkFRRUxCUUF3U1RFTE1Ba0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBb1RDa2R2YjJkc1pTQkpibU14SlRBakJnTlZCQU1USEVkdmIyZHNaU0JKYm5SbGNtNWxkQ0JCZFhSb2IzSnBkSGtnUnpJd0hoY05NVGN3TlRFM01UQTBNRE00V2hjTk1UY3hNakkzTURBd01EQXdXakJzTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVFc5MWJuUmhhVzRnVm1sbGR6RVRNQkVHQTFVRUNnd0tSMjl2WjJ4bElFbHVZekViTUJrR0ExVUVBd3dTWVhSMFpYTjBMbUZ1WkhKdmFXUXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2L1dPZFpURlJlN29FUFhuUkNWOVNlbWxrNGpnckZSd0tFRng4d2FRTUMrU3NzSld5dUhpSHNNdEY2MDdOcFR1MCttbFBKOEM5TkhhbmtkUElzS3RLNmJ0emMreDBlc2c1VS9JUkQ0K2JRNVpSSDBrT1BxMmZpd1g1WmJnZDUrOFIzOWIyYkxmV0dDMmJkV1lxbHBvTUs1bXhFWW1BVVdIb0J4M2JHUldCR05BMi8vNHpaS0xqc0lFSFdFYksxOE5Kb0w3VlJOaExENlkvcmVXVElDdUNHdzVraERvbEJwYUw0R0xCakZvSEVBelNoZjFlUzhuYUFFcGpzQ3Z5ZWFCVzM0ZGJhUFJadFRIVWFBRDRtYXZCZ2hta0Z2eVRFL293SUJFa0pVakliRzFpUDlndnVzaEJhTmxjOHIway9tR1k1am1uNTZhVWRVZ1JnWjFwditqRFFJREFRQUJvNElCVHpDQ0FVc3dIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUIwR0ExVWRFUVFXTUJTQ0VtRjBkR1Z6ZEM1aGJtUnliMmxrTG1OdmJUQm9CZ2dyQmdFRkJRY0JBUVJjTUZvd0t3WUlLd1lCQlFVSE1BS0dIMmgwZEhBNkx5OXdhMmt1WjI5dloyeGxMbU52YlM5SFNVRkhNaTVqY25Rd0t3WUlLd1lCQlFVSE1BR0dIMmgwZEhBNkx5OWpiR2xsYm5Sek1TNW5iMjluYkdVdVkyOXRMMjlqYzNBd0hRWURWUjBPQkJZRUZCSitWS3BMSlNaK3VxOTEraW9ReHRTNzlMVzdNQXdHQTFVZEV3RUIvd1FDTUFBd0h3WURWUjBqQkJnd0ZvQVVTdDBHRmh1ODltaTFkdldCdHJ0aUdycGFnUzh3SVFZRFZSMGdCQm93R0RBTUJnb3JCZ0VFQWRaNUFnVUJNQWdHQm1lQkRBRUNBakF3QmdOVkhSOEVLVEFuTUNXZ0k2QWhoaDlvZEhSd09pOHZjR3RwTG1kdmIyZHNaUzVqYjIwdlIwbEJSekl1WTNKc01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQ1hoMjdtNG11ZEs3NEwxM3FSWml5K0Jrc2ZudmJzL0dEaW9ra0FwdDVveUEvMk10TTFFMGxHY2tEL2NjVWpuNUF1RWx5N3FkdGJnM2NOTk9BbGlWemxnVWFHWTZXNldUWnhrNGl2UVcwbmpwOUFrWkU3Y2N1VDJVU000MEp0dS9WQWxGYUZQV1N3RXBoa3J6VUNjQ2M3cjFTSGpya1FxekRGUnc5dmV0V1VZMWFJZmw3VklGcG1RdmZNMnV3TFlneXRsblBMbHNsMVdrMFBVbWNsc2lEMUg3MmtLelZLeE5ySkFuWk1CeC83SXBKY0Q3alhNTGhneGluK3FVUFBtNzF1M2pxS2VSZ0tVK3FlTjcvSnJOb1dlSXIrR1krbTE0VFljSzhhWkNad3p4VkczeXdVeUI3U1ZzR0tRTEtGRk1USDF1T3lSL1lnSjN2cmgyT1QvMXdiIiwiTUlJRDhEQ0NBdGlnQXdJQkFnSURBanFTTUEwR0NTcUdTSWIzRFFFQkN3VUFNRUl4Q3pBSkJnTlZCQVlUQWxWVE1SWXdGQVlEVlFRS0V3MUhaVzlVY25WemRDQkpibU11TVJzd0dRWURWUVFERXhKSFpXOVVjblZ6ZENCSGJHOWlZV3dnUTBFd0hoY05NVFV3TkRBeE1EQXdNREF3V2hjTk1UY3hNak14TWpNMU9UVTVXakJKTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHQTFVRUNoTUtSMjl2WjJ4bElFbHVZekVsTUNNR0ExVUVBeE1jUjI5dloyeGxJRWx1ZEdWeWJtVjBJRUYxZEdodmNtbDBlU0JITWpDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSndxQkhkYzJGQ1JPZ2FqZ3VEWVVFaThpVC94R1hBYWlFWis0SS9GOFluT0llNWEvbUVOdHpKRWlhQjBDMU5QVmFUT2dtS1Y3dXRaWDhiaEJZQVN4RjZVUDd4YlNEajBVL2NrNXZ1UjZSWEV6L1JURGZSSy9KOVUzbjIrb0d0dmg4RFFVQjhvTUFOQTJnaHpVV3gvL3pvOHB6Y0dqcjFMRVFUcmZTVGU1dm44TVhIN2xOVmc4eTVLcjBMU3krckVhaHF5ekZQZEZVdUxIOGdaWVIvTm5hZytZeXVFTldsbGhNZ1p4VVlpK0ZPVnZ1T0FTaERHS3V5Nmx5QVJ4em1aRUFTZzhHRjZsU1dNVGxKMTRyYnRDTW9VL000aWFyTk96MFlEbDVjRGZzQ3gzbnV2UlRQUHVqNXh0OTcwSlNYQ0RUV0puWjM3RGhGNWlSNDN4YStPY21rQ0F3RUFBYU9CNXpDQjVEQWZCZ05WSFNNRUdEQVdnQlRBZXBob2pZbjdxd1ZrREJGOXFuMWx1TXJNVGpBZEJnTlZIUTRFRmdRVVN0MEdGaHU4OW1pMWR2V0J0cnRpR3JwYWdTOHdEZ1lEVlIwUEFRSC9CQVFEQWdFR01DNEdDQ3NHQVFVRkJ3RUJCQ0l3SURBZUJnZ3JCZ0VGQlFjd0FZWVNhSFIwY0RvdkwyY3VjM2x0WTJRdVkyOXRNQklHQTFVZEV3RUIvd1FJTUFZQkFmOENBUUF3TlFZRFZSMGZCQzR3TERBcW9DaWdKb1lrYUhSMGNEb3ZMMmN1YzNsdFkySXVZMjl0TDJOeWJITXZaM1JuYkc5aVlXd3VZM0pzTUJjR0ExVWRJQVFRTUE0d0RBWUtLd1lCQkFIV2VRSUZBVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBQ0U0RXA0Qi9FQlpEWGdLdDEwS0E5TENPMHE2ejZ4RjlrSVFZZmVlUUZmdEpmNmlaQlpHN2VzbldQRGNZQ1pxMng1SWdCelV6Q2VRb1kzSU50T0F5bkllWXhCdDJpV2ZCVUZpd0U2b1RHaHN5cGI3cUVaVk1TR05KNlpsZElEZk0vaXBwVVJhVlM2bmVTWUxBRUhEMExQUHN2Q1FrMEU2c3BkbGVIbTJTd2Flc1NEV0IrZVhrbkdWcHpZZWtRVkEvTGxlbGtWRVNXQTZNQ2FHc2VxUVNwU2Z6bWhDWGZWVURCdmRtV0Y5ZlpPR3JYVzJsT1VoMW1Fd3BXanFOMHl2S25GVUV2L1RtRk5XQXJDYnRGNG1tazJ4Y3BNeTQ4R2FPWk9OOW11SUFzMG5INUFxcTNWdUR4M0NRUms2KzBOdFpsbXd1OVJZMjNuSE1BY0lTd1NIR0ZnPT0iXX0 . eyJub25jZSI6IkcvS3FNWGt3dm1ya0Y2QkkrVmFaZ0tuMUkxN1UyTkwxQmovS3AzTmlqWHM9IiwidGltZXN0YW1wTXMiOjE1MDAwMjc2MjgzMDUsImFwa1BhY2thZ2VOYW1lIjoicGwubWc2LnNhZmV0eW5ldCIsImFwa0RpZ2VzdFNoYTI1NiI6IjRJSzlFa1ZyK2pyb296SW9rck1zQ25SSEJoZU9JcnRWMWV5R2J4NGRvQTg9IiwiY3RzUHJvZmlsZU1hdGNoIjp0cnVlLCJleHRlbnNpb24iOiJDYlN0cTRsSTdMNW8iLCJhcGtDZXJ0aWZpY2F0ZURpZ2VzdFNoYTI1NiI6WyJUVzVQZVpHQm9ycU5zVW9jam9VN3IxQkdNTlIxZ2dKaitQZU95QWdyazBNPSJdLCJiYXNpY0ludGVncml0eSI6dHJ1ZX0 . mY-GlSNHdAlX-P_6U4b9_xDSGZpFdt7NTZGtHmnqwvmS1mN7aZPI0yisNGcDdDpTwG2yomK6vR84zjaT1T2XHI4MEh-XBea2zPaSRxs9sUsdT7VL-Igx4IF7Nw1_3qsEtBvTjCwVnTe1GzewoXZcVQDWGD3hbunMio0PYUaF9XDObTznnybhi8syeBdvcSI0A3Foc1eZbEBuBHIqtlQPwf2gu1bxMY6LlNEuqwuGkw4UUWVlQjatoCEN59ovCeWODKg4lsqDDCaJTLAm3Sr7DdRwdpz5obFmZDGhwB1wwB5LCrkZmSF4OD-GaVRKsuCGYKerA4jcdP8WVWeqghOkeg
{
"alg": "RS256",
"x5c":
["MIIEiDCCA3CgAwIBAgIINBcRBbJCIlA
wDQYJKoZIhvcNAQELBQAwSTELMAkGA1
UEBhMCVVMxEzARBgNVBAoTCkdvb2dsZ
SBJbmMxJTAjBgNVBAMTH ... OT/1wb",
"MIID8DCCAtigAwIBAgIDAjqSMA0GCSq
GSIb3DQEBCwUAMEIxCzAJBgNVBAYTAl
VTMRYwFAYDVQQKEw1HZW9UcnVzdCBJb
mMuMRswGQYDVQQDExJHZ ... HGFg=="]
}
BASE64
inception!
openssl x509 -inform der -in cert_1 -pubkey -dates -subject -issuer
openssl x509 -inform der -in cert_1 -pubkey -dates -subject -issuer -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/WOdZTFRe7oEPXnRCV9 Semlk4jgrFRwKEFx8waQMC+SssJWyuHiHsMtF607NpTu0+mlPJ8C9NHankdPIsKt K6btzc+x0esg5U/IRD4+bQ5ZRH0kOPq2fiwX5Zbgd5+8R39b2bLfWGC2bdWYqlpo MK5mxEYmAUWHoBx3bGRWBGNA2//4zZKLjsIEHWEbK18NJoL7VRNhLD6Y/reWTICu CGw5khDolBpaL4GLBjFoHEAzShf1eS8naAEpjsCvyeaBW34dbaPRZtTHUaAD4mav BghmkFvyTE/owIBEkJUjIbG1iP9gvushBaNlc8r0k/mGY5jmn56aUdUgRgZ1pv+j DQIDAQAB -----END PUBLIC KEY----- notBefore=May 17 10:40:38 2017 GMT notAfter=Dec 27 00:00:00 2017 GMT subject= /C=US/ST=California/L=Mountain View/O=Google Inc/CN=attest.android.com issuer= /C=US/O=Google Inc/CN=Google Internet Authority G2
openssl x509 -inform der -in cert_2 -pubkey -dates -subject -issuer -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCoEd1zYUJE6BqOC4NhQ SLyJP/EZcBqIRn7gj8Xxic4h7lr+YQ23MkSJoHQLU09VpM6CYpXu61lfxuEFgBLE XpQ/vFtIOPRT9yTm+5HpFcTP9FMN9Er8n1Tefb6ga2+HwNBQHygwA0DaCHNRbH// OjynNwaOvUsRBOt9JN7m+fwxcfuU1WDzLkqvQtLL6sRqGrLMU90VS4sfyBlhH82d qD5jK4Q1aWWEyBnFRiL4U5W+44BKEMYq7LqXIBHHOZkQBKDwYXqVJYxOUnXitu0I yhT8ziJqs07PRgOXlwN+wLHee69FM8+6PnG33vQlJcINNYmdnfsOEXmJHjfFr45y aQIDAQAB -----END PUBLIC KEY----- notBefore=Apr 1 00:00:00 2015 GMT notAfter=Dec 31 23:59:59 2017 GMT subject= /C=US/O=Google Inc/CN=Google Internet Authority G2 issuer= /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
eyJhbGciOiJSUzI1NiIsIng1YyI6WyJNSUlFaURDQ0EzQ2dBd0lCQWdJSU5CY1JCYkpDSWxBd0RRWUpLb1pJaHZjTkFRRUxCUUF3U1RFTE1Ba0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBb1RDa2R2YjJkc1pTQkpibU14SlRBakJnTlZCQU1USEVkdmIyZHNaU0JKYm5SbGNtNWxkQ0JCZFhSb2IzSnBkSGtnUnpJd0hoY05NVGN3TlRFM01UQTBNRE00V2hjTk1UY3hNakkzTURBd01EQXdXakJzTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVFc5MWJuUmhhVzRnVm1sbGR6RVRNQkVHQTFVRUNnd0tSMjl2WjJ4bElFbHVZekViTUJrR0ExVUVBd3dTWVhSMFpYTjBMbUZ1WkhKdmFXUXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF2L1dPZFpURlJlN29FUFhuUkNWOVNlbWxrNGpnckZSd0tFRng4d2FRTUMrU3NzSld5dUhpSHNNdEY2MDdOcFR1MCttbFBKOEM5TkhhbmtkUElzS3RLNmJ0emMreDBlc2c1VS9JUkQ0K2JRNVpSSDBrT1BxMmZpd1g1WmJnZDUrOFIzOWIyYkxmV0dDMmJkV1lxbHBvTUs1bXhFWW1BVVdIb0J4M2JHUldCR05BMi8vNHpaS0xqc0lFSFdFYksxOE5Kb0w3VlJOaExENlkvcmVXVElDdUNHdzVraERvbEJwYUw0R0xCakZvSEVBelNoZjFlUzhuYUFFcGpzQ3Z5ZWFCVzM0ZGJhUFJadFRIVWFBRDRtYXZCZ2hta0Z2eVRFL293SUJFa0pVakliRzFpUDlndnVzaEJhTmxjOHIway9tR1k1am1uNTZhVWRVZ1JnWjFwditqRFFJREFRQUJvNElCVHpDQ0FVc3dIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUIwR0ExVWRFUVFXTUJTQ0VtRjBkR1Z6ZEM1aGJtUnliMmxrTG1OdmJUQm9CZ2dyQmdFRkJRY0JBUVJjTUZvd0t3WUlLd1lCQlFVSE1BS0dIMmgwZEhBNkx5OXdhMmt1WjI5dloyeGxMbU52YlM5SFNVRkhNaTVqY25Rd0t3WUlLd1lCQlFVSE1BR0dIMmgwZEhBNkx5OWpiR2xsYm5Sek1TNW5iMjluYkdVdVkyOXRMMjlqYzNBd0hRWURWUjBPQkJZRUZCSitWS3BMSlNaK3VxOTEraW9ReHRTNzlMVzdNQXdHQTFVZEV3RUIvd1FDTUFBd0h3WURWUjBqQkJnd0ZvQVVTdDBHRmh1ODltaTFkdldCdHJ0aUdycGFnUzh3SVFZRFZSMGdCQm93R0RBTUJnb3JCZ0VFQWRaNUFnVUJNQWdHQm1lQkRBRUNBakF3QmdOVkhSOEVLVEFuTUNXZ0k2QWhoaDlvZEhSd09pOHZjR3RwTG1kdmIyZHNaUzVqYjIwdlIwbEJSekl1WTNKc01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQ1hoMjdtNG11ZEs3NEwxM3FSWml5K0Jrc2ZudmJzL0dEaW9ra0FwdDVveUEvMk10TTFFMGxHY2tEL2NjVWpuNUF1RWx5N3FkdGJnM2NOTk9BbGlWemxnVWFHWTZXNldUWnhrNGl2UVcwbmpwOUFrWkU3Y2N1VDJVU000MEp0dS9WQWxGYUZQV1N3RXBoa3J6VUNjQ2M3cjFTSGpya1FxekRGUnc5dmV0V1VZMWFJZmw3VklGcG1RdmZNMnV3TFlneXRsblBMbHNsMVdrMFBVbWNsc2lEMUg3MmtLelZLeE5ySkFuWk1CeC83SXBKY0Q3alhNTGhneGluK3FVUFBtNzF1M2pxS2VSZ0tVK3FlTjcvSnJOb1dlSXIrR1krbTE0VFljSzhhWkNad3p4VkczeXdVeUI3U1ZzR0tRTEtGRk1USDF1T3lSL1lnSjN2cmgyT1QvMXdiIiwiTUlJRDhEQ0NBdGlnQXdJQkFnSURBanFTTUEwR0NTcUdTSWIzRFFFQkN3VUFNRUl4Q3pBSkJnTlZCQVlUQWxWVE1SWXdGQVlEVlFRS0V3MUhaVzlVY25WemRDQkpibU11TVJzd0dRWURWUVFERXhKSFpXOVVjblZ6ZENCSGJHOWlZV3dnUTBFd0hoY05NVFV3TkRBeE1EQXdNREF3V2hjTk1UY3hNak14TWpNMU9UVTVXakJKTVFzd0NRWURWUVFHRXdKVlV6RVRNQkVHQTFVRUNoTUtSMjl2WjJ4bElFbHVZekVsTUNNR0ExVUVBeE1jUjI5dloyeGxJRWx1ZEdWeWJtVjBJRUYxZEdodmNtbDBlU0JITWpDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSndxQkhkYzJGQ1JPZ2FqZ3VEWVVFaThpVC94R1hBYWlFWis0SS9GOFluT0llNWEvbUVOdHpKRWlhQjBDMU5QVmFUT2dtS1Y3dXRaWDhiaEJZQVN4RjZVUDd4YlNEajBVL2NrNXZ1UjZSWEV6L1JURGZSSy9KOVUzbjIrb0d0dmg4RFFVQjhvTUFOQTJnaHpVV3gvL3pvOHB6Y0dqcjFMRVFUcmZTVGU1dm44TVhIN2xOVmc4eTVLcjBMU3krckVhaHF5ekZQZEZVdUxIOGdaWVIvTm5hZytZeXVFTldsbGhNZ1p4VVlpK0ZPVnZ1T0FTaERHS3V5Nmx5QVJ4em1aRUFTZzhHRjZsU1dNVGxKMTRyYnRDTW9VL000aWFyTk96MFlEbDVjRGZzQ3gzbnV2UlRQUHVqNXh0OTcwSlNYQ0RUV0puWjM3RGhGNWlSNDN4YStPY21rQ0F3RUFBYU9CNXpDQjVEQWZCZ05WSFNNRUdEQVdnQlRBZXBob2pZbjdxd1ZrREJGOXFuMWx1TXJNVGpBZEJnTlZIUTRFRmdRVVN0MEdGaHU4OW1pMWR2V0J0cnRpR3JwYWdTOHdEZ1lEVlIwUEFRSC9CQVFEQWdFR01DNEdDQ3NHQVFVRkJ3RUJCQ0l3SURBZUJnZ3JCZ0VGQlFjd0FZWVNhSFIwY0RvdkwyY3VjM2x0WTJRdVkyOXRNQklHQTFVZEV3RUIvd1FJTUFZQkFmOENBUUF3TlFZRFZSMGZCQzR3TERBcW9DaWdKb1lrYUhSMGNEb3ZMMmN1YzNsdFkySXVZMjl0TDJOeWJITXZaM1JuYkc5aVlXd3VZM0pzTUJjR0ExVWRJQVFRTUE0d0RBWUtLd1lCQkFIV2VRSUZBVEFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBQ0U0RXA0Qi9FQlpEWGdLdDEwS0E5TENPMHE2ejZ4RjlrSVFZZmVlUUZmdEpmNmlaQlpHN2VzbldQRGNZQ1pxMng1SWdCelV6Q2VRb1kzSU50T0F5bkllWXhCdDJpV2ZCVUZpd0U2b1RHaHN5cGI3cUVaVk1TR05KNlpsZElEZk0vaXBwVVJhVlM2bmVTWUxBRUhEMExQUHN2Q1FrMEU2c3BkbGVIbTJTd2Flc1NEV0IrZVhrbkdWcHpZZWtRVkEvTGxlbGtWRVNXQTZNQ2FHc2VxUVNwU2Z6bWhDWGZWVURCdmRtV0Y5ZlpPR3JYVzJsT1VoMW1Fd3BXanFOMHl2S25GVUV2L1RtRk5XQXJDYnRGNG1tazJ4Y3BNeTQ4R2FPWk9OOW11SUFzMG5INUFxcTNWdUR4M0NRUms2KzBOdFpsbXd1OVJZMjNuSE1BY0lTd1NIR0ZnPT0iXX0 . eyJub25jZSI6IkcvS3FNWGt3dm1ya0Y2QkkrVmFaZ0tuMUkxN1UyTkwxQmovS3AzTmlqWHM9IiwidGltZXN0YW1wTXMiOjE1MDAwMjc2MjgzMDUsImFwa1BhY2thZ2VOYW1lIjoicGwubWc2LnNhZmV0eW5ldCIsImFwa0RpZ2VzdFNoYTI1NiI6IjRJSzlFa1ZyK2pyb296SW9rck1zQ25SSEJoZU9JcnRWMWV5R2J4NGRvQTg9IiwiY3RzUHJvZmlsZU1hdGNoIjp0cnVlLCJleHRlbnNpb24iOiJDYlN0cTRsSTdMNW8iLCJhcGtDZXJ0aWZpY2F0ZURpZ2VzdFNoYTI1NiI6WyJUVzVQZVpHQm9ycU5zVW9jam9VN3IxQkdNTlIxZ2dKaitQZU95QWdyazBNPSJdLCJiYXNpY0ludGVncml0eSI6dHJ1ZX0 . mY-GlSNHdAlX-P_6U4b9_xDSGZpFdt7NTZGtHmnqwvmS1mN7aZPI0yisNGcDdDpTwG2yomK6vR84zjaT1T2XHI4MEh-XBea2zPaSRxs9sUsdT7VL-Igx4IF7Nw1_3qsEtBvTjCwVnTe1GzewoXZcVQDWGD3hbunMio0PYUaF9XDObTznnybhi8syeBdvcSI0A3Foc1eZbEBuBHIqtlQPwf2gu1bxMY6LlNEuqwuGkw4UUWVlQjatoCEN59ovCeWODKg4lsqDDCaJTLAm3Sr7DdRwdpz5obFmZDGhwB1wwB5LCrkZmSF4OD-GaVRKsuCGYKerA4jcdP8WVWeqghOkeg
{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}
{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}
{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}
{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}
{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}
{
"nonce":
"G/KqMXkwvmrkF6BI+VaZgKn1I17U2NL1Bj/Kp3NijXs=",
"timestampMs": 1500027628305,
"apkPackageName": "pl.mg6.safetynet",
"apkDigestSha256":
"4IK9EkVr+jroozIokrMsCnRHBheOIrtV1eyGbx4doA8=",
"ctsProfileMatch": true,
"extension": "CbStq4lI7L5o",
"apkCertificateDigestSha256":
["TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M="],
"basicIntegrity": true
}
val cert = jws.verifySignature()
?: error("Invalid signature")
hostnameVerifier.verify(
"attest.android.com", cert)
if (!statement.ctsProfileMatch) {
error(" ")
}
if (statement.apkPackageName != "pl.mg6.safetynet") {
error("Wrong APK package name")
}
if (statement.apkCertificateDigestSha256[0]
!= "TW5PeZGBorqNsUocjoU7r1BGMNR1ggJj+PeOyAgrk0M=") {
error("Wrong APK certificate")
}
Demo time!
Where it applies?
Problems
- API rate limiting
- abusing your keys
- it's software only
- it's Android only
@mg6maciej
Make your Android banking app open-source!
By Maciej Górski
