You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After playing around with the Chrome origin trial mentioned in the link above I've realized that these attestation statements have changed a bit since ~2020 when I first implemented "android-key" attestation statement verification against FIDO Conformance. I generated a newer "android-key" attestation statement using a Pixel 8a; I should use it to update verification here as I did in py_webauthn in duo-labs/py_webauthn#240.
The text was updated successfully, but these errors were encountered:
Describe the issue
Google has been gearing up to replace SafetyNet attestation with Keystore-based attestation:
https://android-developers.googleblog.com/2024/09/attestation-format-change-for-android-fido2-api.html
After playing around with the Chrome origin trial mentioned in the link above I've realized that these attestation statements have changed a bit since ~2020 when I first implemented
"android-key"attestation statement verification against FIDO Conformance. I generated a newer"android-key"attestation statement using a Pixel 8a; I should use it to update verification here as I did in py_webauthn in duo-labs/py_webauthn#240.The text was updated successfully, but these errors were encountered: