gorokhovdv / safetynet-verification
Smart (Online/Offline) SafetyNet verification
Installs: 2 838
Dependents: 0
Suggesters: 0
Security: 0
Stars: 10
Watchers: 1
Forks: 3
Open Issues: 3
Requires
- ext-openssl: *
- firebase/php-jwt: ^5.0
- myclabs/php-enum: dev-master
- phpseclib/phpseclib: ^2.0.4
This package is auto-updated.
Last update: 2024-11-15 17:48:47 UTC
README
- PHP version: 7.4+
- Packagist: gorokhovdv/safetynet-verification
- Composer:
composer require gorokhovdv/safetynet-verification
Quick Start
Install
If you use composer in your project then you can install SafetyNetAttestation as package.
composer require gorokhovdv/safetynet-verification
Example for online verification
<?php require_once __DIR__ . '/../vendor/autoload.php'; use \SafetyNet\Config\Config; use \SafetyNet\Statement\Statement; use \SafetyNet\Attestation; use \SafetyNet\Verifier\VerifierType; use \SafetyNet\Nonce; use \SafetyNet\SafetyNetAttestationException; $attestationStatement = new Statement('RAW-JWS-STATEMENT'); $nonce = new Nonce('Test-nonce'); try { $attestationConfig = new Config([ Config::VERIFIER_TYPE => VerifierType::ONLINE(), Config::VERIFIER_TIMESTAMP_DIFF => 10 * 60 * 1000, Config::VERIFIER_CERTIFICATE_DIGEST_SHA256 => ['SHA-256-FINGERPRINT'], Config::VERIFIER_PACKAGE_NAME => ['APK-NAME-FOR-TEST'], Config::VERIFIER_API_KEY => 'GOOGLE-API-KEY', Config::VERIFIER_HARDWARE_BACKED => true, ]); $attestation = new Attestation($attestationConfig); if ($attestation->verity($nonce, $attestationStatement)) { echo 'Verification success!' . PHP_EOL; } else { echo 'Verification failed!' . PHP_EOL; } } catch (SafetyNetAttestationException $e) { echo $e->getMessage() . PHP_EOL; }
Example for offline verification
<?php require_once __DIR__ . '/../vendor/autoload.php'; use \SafetyNet\Config\Config; use \SafetyNet\Statement\Statement; use \SafetyNet\Attestation; use \SafetyNet\Verifier\VerifierType; use \SafetyNet\Nonce; use \SafetyNet\SafetyNetAttestationException; $attestationStatement = new Statement('RAW-JWS-STATEMENT'); $nonce = new Nonce('Test-nonce'); try { $attestationConfig = new Config([ Config::VERIFIER_TYPE => VerifierType::OFFLINE(), Config::VERIFIER_TIMESTAMP_DIFF => 10 * 60 * 1000, Config::VERIFIER_CERTIFICATE_DIGEST_SHA256 => ['SHA-256-FINGERPRINT'], Config::VERIFIER_PACKAGE_NAME => ['APK-NAME-FOR-TEST'], Config::VERIFIER_HARDWARE_BACKED => true, ]); $attestation = new Attestation($attestationConfig); if ($attestation->verity($nonce, $attestationStatement)) { echo 'Verification success!' . PHP_EOL; } else { echo 'Verification failed!' . PHP_EOL; } } catch (SafetyNetAttestationException $e) { echo $e->getMessage() . PHP_EOL; }