I'm using SafetyNet API for checking if device is rooted or not and using the below helpful code but this uses Android verification API to validate the JWT signature:
https://github.com/scottyab/safetynethelper
And I want to validate on client side only to reduce the overhead of another web service all and besides it has limitation on only 10k request per day.
So after decoding the JWS i'm getting the below info
Sample JWS message response
xxxx.yyy.zzzz
Header data
{"alg":"RS256","x5c":["",""]}
Payload data
{"nonce":"",
"timestampMs":1472794339527,
"apkPackageName":"",
"apkDigestSha256":"",
"ctsProfileMatch":true,
"extension":"",
"apkCertificateDigestSha256":[""],"basicIntegrity":true}
Signature in this part if perform Base64 decoding it becomes unreadable so below is the Signature string as received in JWS last element
Gw09rv1aBbtd4Er7F5ww_3TT1mPRD5YouMkPkwnRXJq8XW_cxlO4428DHTJdD8Tbep-Iv3nrVRWt2t4pH1uSr2kJ9budQJuXqzOUhN93r2Hfk-UAKUYQYhp89_wOWjSCG4ySVHD4jc9S1HrZlngaUosocOmhN4SzLZN5o8BXyBdXkjhWwgArd4bcLhCWJzmxz5iZfkhDiAyeNRq09CeqjRx_plqAy8eR_OaI_2idZBNIGfd2KmLK_CKaeVjDxuC4BzJsIlVRiuLrvP362Wwhz4r1bHh8flmHr88nK99apP2jkQD2l7lPv8y5F3FN3DKhJ15CzHR6ZbiTOw1fUteifg
Now as per google
"Verify the compatibility check response: Extract the SSL certificate chain from the JWS message. Validate the SSL certificate chain and use SSL hostname matching to verify that the leaf certificate was issued to the hostname attest.android.com. Use the certificate to verify the signature of the JWS message."
I do have the cert string and signature how should I go about validating SSL certificate which is string and host name matching on second cert and how to validate signature.
I need pointers on this and code snipped would be very helpful.
JavaScript questions and answers, JavaScript questions pdf, JavaScript question bank, JavaScript questions and answers pdf, mcq on JavaScript pdf, JavaScript questions and solutions, JavaScript mcq Test , Interview JavaScript questions, JavaScript Questions for Interview, JavaScript MCQ (Multiple Choice Questions)