Name Date Size #Lines LOC

..--

.github/workflows/H25-Apr-2025-6851

server/H25-Apr-2025-3,4452,793

.gitignoreH A D25-Apr-2025382 3029

Android.bpH A D25-Apr-20251.7 KiB5753

CONTRIBUTING.mdH A D25-Apr-20251.4 KiB3526

LICENSEH A D25-Apr-202510 KiB192155

METADATAH A D25-Apr-2025338 1615

README.mdH A D25-Apr-20252.3 KiB6143

WORKSPACEH A D25-Apr-20251.4 KiB5136

README.md

1Android Key Attestation Library
2===================================
3
4This library uses the [Bouncy Castle ASN.1][1] parser to extract information
5from an Android attestation data structure to verify that a key pair has been
6generated in a hardware-protected environment of an Android device. It is
7maintained in tandem with Android's key attestation capabilities and is meant
8for production use.
9
10This repository contains a [server](server/src/main/java/com/android/example/)
11sample code that shows how to validate an Android attestation certificate chain
12outside the Android framework. This is the recommended best practice, since if
13the Android device is rooted or otherwise compromised, on-device validation of
14the attestation may be inaccurate.
15
16The entry point into the
17[library itself](server/src/main/java/com/google/android/attestation/)
18is `com.google.android.attestation.ParsedAttestationRecord.createParsedAttestationRecord`.
19
20For more details, see the documentation and the guide at
21https://developer.android.com/training/articles/security-key-attestation.html .
22
23[1]: https://www.bouncycastle.org/
24
25
26Getting Started
27---------------
28
29See the [server](server/) sample for details.
30
31Support
32-------
33
34- Stack Overflow: http://stackoverflow.com/questions/tagged/android
35
36If you've found an error in this sample, please file an issue:
37https://github.com/google/android-key-attestation
38
39Patches are encouraged, and may be submitted by forking this project and
40submitting a pull request through GitHub. Please see CONTRIBUTING.md for more details.
41
42License
43-------
44
45Copyright 2016, The Android Open Source Project, Inc.
46
47Licensed to the Apache Software Foundation (ASF) under one or more contributor
48license agreements. See the NOTICE file distributed with this work for
49additional information regarding copyright ownership. The ASF licenses this
50file to you under the Apache License, Version 2.0 (the "License"); you may not
51use this file except in compliance with the License. You may obtain a copy of
52the License at
53
54http://www.apache.org/licenses/LICENSE-2.0
55
56Unless required by applicable law or agreed to in writing, software
57distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
58WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
59License for the specific language governing permissions and limitations under
60the License.
61