Stability	experimental
Safe Haskell	None
Language	Haskell2010

Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet

Description

This module implements the Android SafetyNet Attestation Statement Format.

Documentation

format :: SomeAttestationStatementFormat Source #

The default SafetyNet format configuration. Requires full CTSProfileIntegrity and allows for the SafetyNet message to be at most 60 seconds old. Does not allow any timedrift into the future.

data Format Source #

The Android SafetyKey Format. Allows configuration of the required level of trust.

Constructors

Format
Fields requiredIntegrity :: Integrity What level the integrity check of the originating Android device must have passed. driftBackwardsTolerance :: Duration The maximum time the received message may be old for it to still be considered valid. driftForwardsTolerance :: Duration The maximum time difference the received message may report being from the future for it to still be considered valid.

Instances

Instances details

Show Format Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods showsPrec :: Int -> Format -> ShowS # show :: Format -> String # showList :: [Format] -> ShowS #
AttestationStatementFormat Format Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Associated Types type AttStmt Format Source # type AttStmtVerificationError Format Source # Methods asfIdentifier :: Format -> Text Source # asfVerify :: Format -> DateTime -> AttStmt Format -> AuthenticatorData 'Registration 'True -> ClientDataHash -> Validation (NonEmpty (AttStmtVerificationError Format)) SomeAttestationType Source # asfTrustAnchors :: Format -> VerifiableAttestationType -> CertificateStore Source # asfDecode :: Format -> HashMap Text Term -> Either Text (AttStmt Format) Source # asfEncode :: Format -> AttStmt Format -> Term Source #
type AttStmt Format Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet type AttStmt Format
type AttStmtVerificationError Format Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet type AttStmtVerificationError Format = VerificationError

data Integrity Source #

(spec) The integrity of an android device from which a SafetyNet message originated.

Constructors

NoIntegrity	The device has no integrity, which is the case for an emulator, or it could be the case for a compromised device
BasicIntegrity	The device must have passed the basic integrity check, which is e.g. the case for a device with a custom ROM but not rooted, or a certified device with an unlocked bootloader
CTSProfileIntegrity	The device passed the CTS, it is genuine and verified

Instances

Instances details

Bounded Integrity Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods minBound :: Integrity # maxBound :: Integrity #
Enum Integrity Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods succ :: Integrity -> Integrity # pred :: Integrity -> Integrity # toEnum :: Int -> Integrity # fromEnum :: Integrity -> Int # enumFrom :: Integrity -> [Integrity] # enumFromThen :: Integrity -> Integrity -> [Integrity] # enumFromTo :: Integrity -> Integrity -> [Integrity] # enumFromThenTo :: Integrity -> Integrity -> Integrity -> [Integrity] #
Eq Integrity Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods (==) :: Integrity -> Integrity -> Bool # (/=) :: Integrity -> Integrity -> Bool #
Ord Integrity Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods compare :: Integrity -> Integrity -> Ordering # (<) :: Integrity -> Integrity -> Bool # (<=) :: Integrity -> Integrity -> Bool # (>) :: Integrity -> Integrity -> Bool # (>=) :: Integrity -> Integrity -> Bool # max :: Integrity -> Integrity -> Integrity # min :: Integrity -> Integrity -> Integrity #
Show Integrity Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods showsPrec :: Int -> Integrity -> ShowS # show :: Integrity -> String # showList :: [Integrity] -> ShowS #

data VerificationError Source #

Verification errors specific to Android SafetyNet

Constructors

VerificationErrorInvalidNonce	The receiced nonce was not set to the concatenation of the authenticator data and client data hash
VerificationErrorResponseTooOld DateTime DateTime	The response was created to far in the past (first: now, second: generated time)
VerificationErrorResponseInFuture DateTime DateTime	The response was created to far in the future (first: now, second: generated time)
VerificationErrorFailedIntegrityCheck Integrity	The integrity check failed based on the required integrity from the format

Instances

Instances details

Show VerificationError Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods showsPrec :: Int -> VerificationError -> ShowS # show :: VerificationError -> String # showList :: [VerificationError] -> ShowS #
Exception VerificationError Source #
Instance details Defined in Crypto.WebAuthn.AttestationStatementFormat.AndroidSafetyNet Methods toException :: VerificationError -> SomeException # fromException :: SomeException -> Maybe VerificationError # displayException :: VerificationError -> String #