Use app supplied API key for safetynet queries

This commit is contained in:
Klaus Flittner 2018-09-21 18:00:52 +02:00 committed by Marvin W
parent e32cb84397
commit b2d6965608
3 changed files with 9 additions and 9 deletions

View File

@ -139,15 +139,15 @@ public class Attestation {
} }
} }
public String attest() throws IOException { public String attest(String apiKey) throws IOException {
if (payload == null) { if (payload == null) {
throw new IllegalStateException("missing payload"); throw new IllegalStateException("missing payload");
} }
return attest(new AttestRequest(ByteString.of(payload), droidGaurdResult)).result; return attest(new AttestRequest(ByteString.of(payload), droidGaurdResult), apiKey).result;
} }
private AttestResponse attest(AttestRequest request) throws IOException { private AttestResponse attest(AttestRequest request, String apiKey) throws IOException {
HttpURLConnection connection = (HttpURLConnection) new URL(SafetyNetPrefs.get(context).getServiceUrl()).openConnection(); HttpURLConnection connection = (HttpURLConnection) new URL(SafetyNetPrefs.get(context).getServiceUrl(apiKey)).openConnection();
connection.setRequestMethod("POST"); connection.setRequestMethod("POST");
connection.setDoInput(true); connection.setDoInput(true);
connection.setDoOutput(true); connection.setDoOutput(true);

View File

@ -52,7 +52,7 @@ public class SafetyNetClientServiceImpl extends ISafetyNetService.Stub {
@Override @Override
public void attest(ISafetyNetCallbacks callbacks, byte[] nonce) throws RemoteException { public void attest(ISafetyNetCallbacks callbacks, byte[] nonce) throws RemoteException {
attestWithApiKey(callbacks, nonce, null); attestWithApiKey(callbacks, nonce, "AIzaSyDqVnJBjE5ymo--oBJt3On7HQx9xNm1RHA");
} }
@Override @Override
@ -82,7 +82,7 @@ public class SafetyNetClientServiceImpl extends ISafetyNetService.Stub {
if (dg != null && dg.getStatusCode() == 0 && dg.getResult() != null) { if (dg != null && dg.getStatusCode() == 0 && dg.getResult() != null) {
attestation.setDroidGaurdResult(Base64.encodeToString(dg.getResult(), Base64.NO_WRAP + Base64.NO_PADDING + Base64.URL_SAFE)); attestation.setDroidGaurdResult(Base64.encodeToString(dg.getResult(), Base64.NO_WRAP + Base64.NO_PADDING + Base64.URL_SAFE));
} }
AttestationData data = new AttestationData(attestation.attest()); AttestationData data = new AttestationData(attestation.attest(apiKey));
callbacks.onAttestationData(Status.SUCCESS, data); callbacks.onAttestationData(Status.SUCCESS, data);
} else { } else {
callbacks.onAttestationData(dg == null ? Status.INTERNAL_ERROR : new Status(dg.getStatusCode()), null); callbacks.onAttestationData(dg == null ? Status.INTERNAL_ERROR : new Status(dg.getStatusCode()), null);

View File

@ -21,7 +21,7 @@ import android.content.SharedPreferences;
import android.preference.PreferenceManager; import android.preference.PreferenceManager;
public class SafetyNetPrefs implements SharedPreferences.OnSharedPreferenceChangeListener { public class SafetyNetPrefs implements SharedPreferences.OnSharedPreferenceChangeListener {
private static final String OFFICIAL_ATTEST_URL = "https://www.googleapis.com/androidcheck/v1/attestations/attest?alt=PROTO&key=AIzaSyDqVnJBjE5ymo--oBJt3On7HQx9xNm1RHA"; private static final String OFFICIAL_ATTEST_BASE_URL = "https://www.googleapis.com/androidcheck/v1/attestations/attest?alt=PROTO&key=";
public static final String PREF_SNET_DISABLED = "snet_disabled"; public static final String PREF_SNET_DISABLED = "snet_disabled";
public static final String PREF_SNET_OFFICIAL = "snet_official"; public static final String PREF_SNET_OFFICIAL = "snet_official";
@ -88,8 +88,8 @@ public class SafetyNetPrefs implements SharedPreferences.OnSharedPreferenceChang
return official; return official;
} }
public String getServiceUrl() { public String getServiceUrl(String apiKey) {
if (official) return OFFICIAL_ATTEST_URL; if (official) return OFFICIAL_ATTEST_BASE_URL + apiKey;
return customUrl; return customUrl;
} }
} }