1Android Key Attestation Library 2=================================== 3 4This library uses the [Bouncy Castle ASN.1][1] parser to extract information 5from an Android attestation data structure to verify that a key pair has been 6generated in a hardware-protected environment of an Android device. It is 7maintained in tandem with Android's key attestation capabilities and is meant 8for production use. 9 10This repository contains a [server](server/src/main/java/com/android/example/) 11sample code that shows how to validate an Android attestation certificate chain 12outside the Android framework. This is the recommended best practice, since if 13the Android device is rooted or otherwise compromised, on-device validation of 14the attestation may be inaccurate. 15 16The entry point into the 17[library itself](server/src/main/java/com/google/android/attestation/) 18is `com.google.android.attestation.ParsedAttestationRecord.createParsedAttestationRecord`. 19 20For more details, see the documentation and the guide at 21https://developer.android.com/training/articles/security-key-attestation.html . 22 23[1]: https://www.bouncycastle.org/ 24 25 26Getting Started 27--------------- 28 29See the [server](server/) sample for details. 30 31Support 32------- 33 34- Stack Overflow: http://stackoverflow.com/questions/tagged/android 35 36If you've found an error in this sample, please file an issue: 37https://github.com/google/android-key-attestation 38 39Patches are encouraged, and may be submitted by forking this project and 40submitting a pull request through GitHub. Please see CONTRIBUTING.md for more details. 41 42License 43------- 44 45Copyright 2016, The Android Open Source Project, Inc. 46 47Licensed to the Apache Software Foundation (ASF) under one or more contributor 48license agreements. See the NOTICE file distributed with this work for 49additional information regarding copyright ownership. The ASF licenses this 50file to you under the Apache License, Version 2.0 (the "License"); you may not 51use this file except in compliance with the License. You may obtain a copy of 52the License at 53 54http://www.apache.org/licenses/LICENSE-2.0 55 56Unless required by applicable law or agreed to in writing, software 57distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 58WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 59License for the specific language governing permissions and limitations under 60the License. 61