Skip to content
/ SafetyNetAttestation Public

This lib helps develop server-based (PHP) SafetyNet Attestation from Google.

License

MIT license
10 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

GorokhovDV/SafetyNetAttestation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

SafetyNet offline/online attestation library

Quick Start

Install

If you use composer in your project then you can install SafetyNetAttestation as package.

composer require gorokhovdv/safetynet-verification

Example for online verification

<?php
require_once __DIR__ . '/../vendor/autoload.php';

use \SafetyNet\Config\Config;
use \SafetyNet\Statement\Statement;
use \SafetyNet\Attestation;
use \SafetyNet\Verifier\VerifierType;
use \SafetyNet\Nonce;
use \SafetyNet\SafetyNetAttestationException;

$attestationStatement = new Statement('RAW-JWS-STATEMENT');
$nonce = new Nonce('Test-nonce');

try {

    $attestationConfig = new Config([
        Config::VERIFIER_TYPE => VerifierType::ONLINE(),
        Config::VERIFIER_TIMESTAMP_DIFF => 10 * 60 * 1000,
        Config::VERIFIER_CERTIFICATE_DIGEST_SHA256 => ['SHA-256-FINGERPRINT'],
        Config::VERIFIER_PACKAGE_NAME => ['APK-NAME-FOR-TEST'],
        Config::VERIFIER_API_KEY => 'GOOGLE-API-KEY',
        Config::VERIFIER_HARDWARE_BACKED => true,
    ]);

    $attestation = new Attestation($attestationConfig);

    if ($attestation->verity($nonce, $attestationStatement)) {
        echo 'Verification success!' . PHP_EOL;
    } else {
        echo 'Verification failed!' . PHP_EOL;
    }
} catch (SafetyNetAttestationException $e) {
    echo $e->getMessage() . PHP_EOL;
}

Example for offline verification

<?php
require_once __DIR__ . '/../vendor/autoload.php';

use \SafetyNet\Config\Config;
use \SafetyNet\Statement\Statement;
use \SafetyNet\Attestation;
use \SafetyNet\Verifier\VerifierType;
use \SafetyNet\Nonce;
use \SafetyNet\SafetyNetAttestationException;

$attestationStatement = new Statement('RAW-JWS-STATEMENT');
$nonce = new Nonce('Test-nonce');

try {

    $attestationConfig = new Config([
        Config::VERIFIER_TYPE => VerifierType::OFFLINE(),
        Config::VERIFIER_TIMESTAMP_DIFF => 10 * 60 * 1000,
        Config::VERIFIER_CERTIFICATE_DIGEST_SHA256 => ['SHA-256-FINGERPRINT'],
        Config::VERIFIER_PACKAGE_NAME => ['APK-NAME-FOR-TEST'],
        Config::VERIFIER_HARDWARE_BACKED => true,
    ]);

    $attestation = new Attestation($attestationConfig);

    if ($attestation->verity($nonce, $attestationStatement)) {
        echo 'Verification success!' . PHP_EOL;
    } else {
        echo 'Verification failed!' . PHP_EOL;
    }

} catch (SafetyNetAttestationException $e) {
    echo $e->getMessage() . PHP_EOL;
}

About

This lib helps develop server-based (PHP) SafetyNet Attestation from Google.

Topics

android php google packagist composer php-library server-side safetynet

Resources

Readme

License

MIT license
Activity

Stars

10 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 2

Catching root CA exception Latest
Mar 9, 2021
+ 1 release

Packages

No packages published

Languages