Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 14 additions & 35 deletions app/src/main/java/com/thales/attest/Attestation.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,8 @@
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
Expand All @@ -34,20 +32,21 @@
public class Attestation {
public static String TAG = "att2";

private static String CLIENT_DATA = "{\"appInstanceID\":\"05c666b6-c833-46c2-a4ab-6321fc3cfe8c\",\"timeStamp\":\"2024-11-22T12:50:30Z\"}";
public static final String CLIENT_DATA = "{\"appInstanceID\":\"05c666b6c83346c2a4ab6322\",\"timeStamp\":\"2024-11-22T12:50:30Z\"}";

private static byte[] authData;

private static byte[] clientDataHash;

private static Signature signature;

public static void test(FragmentActivity context) throws Exception {
System.out.println("VISA----PackageName---"+Util.bytesToHex(context.getPackageName().getBytes()));

System.out.println("VISA----Challenge---"+Util.bytesToHex(Util.sha256(CLIENT_DATA.getBytes())));
PublicKey key = (PublicKey) Util.getKey(false);
byte[] credentialPublicKeyCbor = createCredentialPublicKeyCbor(key);
Util.logString(TAG, "credPubKey: " + bytesToHex(credentialPublicKeyCbor) );

byte[] atData = constructAttestedCredentialData(key, credentialPublicKeyCbor);
byte[] atData = Util.constructAttestedCredentialData(key, credentialPublicKeyCbor);
Util.logString(TAG, "atData: " + bytesToHex(atData) );

authData = constructAuthenticatorData(context, atData);
Expand All @@ -57,11 +56,6 @@ public static void test(FragmentActivity context) throws Exception {
Util.logString(TAG, "clientDataHash: " + bytesToHex(clientDataHash));

authenticateAndSign(context);

// constructWebAuthnCbor(authData, clientDataHash);
// byte[] attest = constructWebAuthnCbor(Util.KEY_ALIAS, authData, clientDataHash);
// String attestStr = bytesToHex(attest);
// Util.logLongString("attest", attestStr);
}

public static byte[] createCredentialPublicKeyCbor(PublicKey rsaPublicKey) throws Exception {
Expand Down Expand Up @@ -105,30 +99,6 @@ public static byte[] createCredentialPublicKeyCbor(PublicKey rsaPublicKey) throw
return cborBytes;
}

// Function to construct Attested Credential Data
public static byte[] constructAttestedCredentialData(PublicKey publicKey, byte[] credentialPublicKey) throws Exception {
// Compute the credentialId as the SHA-256 hash of the encoded publicKey
byte[] credentialId = Util.sha256(publicKey.getEncoded());

// AAGUID is set to 16 bytes of 0
byte[] aaguid = new byte[16];

// Credential ID length (2 bytes)
short credentialIdLength = (short) credentialId.length;
ByteBuffer credentialIdLengthBuffer = ByteBuffer.allocate(2);
credentialIdLengthBuffer.putShort(credentialIdLength);
byte[] credentialIdLengthBytes = credentialIdLengthBuffer.array();

// Construct the Attested Credential Data
ByteBuffer buffer = ByteBuffer.allocate(16 + 2 + credentialId.length + credentialPublicKey.length);
buffer.put(aaguid); // AAGUID (16 bytes)
buffer.put(credentialIdLengthBytes); // Credential ID length (2 bytes)
buffer.put(credentialId); // Credential ID (32 bytes, derived from SHA-256 of the publicKey)
buffer.put(credentialPublicKey); // Credential Public Key (encoded form of the publicKey)

return buffer.array();
}

public static byte[] constructAuthenticatorData(Context context, byte[] credentialData) throws Exception {
// 1. Retrieve the package name from the context
String packageName = context.getPackageName();
Expand Down Expand Up @@ -156,6 +126,15 @@ public static byte[] constructAuthenticatorData(Context context, byte[] credenti

public static void authenticateAndSign(FragmentActivity context) {
Executor executor = ContextCompat.getMainExecutor(context);
Signature signature;
try {
signature = Signature.getInstance("SHA256withRSA/PSS");
signature.initSign((PrivateKey) Util.getKey(true));
} catch (Exception e) {
throw new RuntimeException(e);
}


try {
signature = Signature.getInstance("SHA256withRSA/PSS");
signature.initSign((PrivateKey) Util.getKey(true));
Expand Down
4 changes: 3 additions & 1 deletion app/src/main/java/com/thales/attest/MainActivity.kt
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,15 @@ class MainActivity : FragmentActivity() {
}
}
}
Attestation.test(this@MainActivity)
}

}

@Composable
fun Greeting(name: String, modifier: Modifier = Modifier, context: FragmentActivity) {
Text(
text = "Hello $name! " + Attestation.test(context),
text = "Hello $name! ",
modifier = modifier
)
}
Expand Down
Loading