summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.gitignore1
-rw-r--r--python-pysafetynet-attestation.spec307
-rw-r--r--sources1
3 files changed, 309 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index e69de29..b3ec92c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/pySafetyNet-Attestation-0.0.5.tar.gz
diff --git a/python-pysafetynet-attestation.spec b/python-pysafetynet-attestation.spec
new file mode 100644
index 0000000..7940591
--- /dev/null
+++ b/python-pysafetynet-attestation.spec
@@ -0,0 +1,307 @@
+%global _empty_manifest_terminate_build 0
+Name: python-pySafetyNet-Attestation
+Version: 0.0.5
+Release: 1
+Summary: Verify JWS-attestations from Google's SafetyNet.
+License: MIT License
+URL: https://github.com/RoosDaniel/SafetyNet-Attestation
+Source0: https://mirrors.aliyun.com/pypi/web/packages/ca/42/1fa921784ae67db70a54e295ef0e137ffa57bd634b9a7dec5b5cde860b78/pySafetyNet-Attestation-0.0.5.tar.gz
+BuildArch: noarch
+
+Requires: python3-pyOpenSSL
+Requires: python3-certvalidator
+Requires: python3-jwcrypto
+Requires: python3-requests
+
+%description
+# pySafetyNet-Attestation
+
+A package for verifying JWS-attestations from Google's SafetyNet.
+
+## Introduction
+
+This package verifies [SafetyNet attestations](https://developer.android.com/training/safetynet/) by following the steps described on the page. It allows you to specify what parts of the JWS-body you wish to verify, but will always atleast verify the certificate and validity of the JWS.
+
+
+## Usage
+
+### Online verification
+
+```python
+from safetynet_attestation import Attestation
+
+jws_token = "..."
+api_key = "..."
+
+attestation = Attestation(jws_token)
+attestation.verify_online(api_key)
+```
+
+**`verify_online` takes the following optional parameters:**
+
+* `url="<standard url>"`
+ * If you for some reason wish to validate against some other url.
+
+`<standard url>` can be found at [Google's SafetyNet documentation](https://developer.android.com/training/safetynet/).
+
+### Offline verification
+
+```python
+from safetynet_attestation import Attestation
+
+
+jws_token = "..."
+
+attestation = Attestation(jws_token)
+attestation.verify_offline()
+```
+
+**`verify_offline` takes the following optional parameters:**
+
+* `apkPackageName=None`
+
+* `nonce=None`
+
+* `apkDigestSha256=None`
+ * `str` of hex-values.
+
+* `apkCertificateDigestSha256=None`
+ * Can be `list` of `str` or `str`.
+
+* `check_basicIntegrity=True`
+
+* `check_ctsProfileMatch=True`
+
+* `hostname="attest.android.com"`
+ * Used for TLS validation of the certificate. Only modify if you know what you are doing.
+
+A full explanation of the parameters above can be found at [Google's SafetyNet documentation](https://developer.android.com/training/safetynet/)
+
+Once a token has been verified, the following fields can be used:
+
+* `header`
+ * A `dict`of the token's header.
+
+* `body`
+ * A `dict` of the token's body.
+
+* `certificates`
+ * A `list`of base64-decoded certificates present in the `header`.
+
+* `public_key_pem`
+ * The public key of the certificate.
+
+
+
+%package -n python3-pySafetyNet-Attestation
+Summary: Verify JWS-attestations from Google's SafetyNet.
+Provides: python-pySafetyNet-Attestation
+BuildRequires: python3-devel
+BuildRequires: python3-setuptools
+BuildRequires: python3-pip
+%description -n python3-pySafetyNet-Attestation
+# pySafetyNet-Attestation
+
+A package for verifying JWS-attestations from Google's SafetyNet.
+
+## Introduction
+
+This package verifies [SafetyNet attestations](https://developer.android.com/training/safetynet/) by following the steps described on the page. It allows you to specify what parts of the JWS-body you wish to verify, but will always atleast verify the certificate and validity of the JWS.
+
+
+## Usage
+
+### Online verification
+
+```python
+from safetynet_attestation import Attestation
+
+jws_token = "..."
+api_key = "..."
+
+attestation = Attestation(jws_token)
+attestation.verify_online(api_key)
+```
+
+**`verify_online` takes the following optional parameters:**
+
+* `url="<standard url>"`
+ * If you for some reason wish to validate against some other url.
+
+`<standard url>` can be found at [Google's SafetyNet documentation](https://developer.android.com/training/safetynet/).
+
+### Offline verification
+
+```python
+from safetynet_attestation import Attestation
+
+
+jws_token = "..."
+
+attestation = Attestation(jws_token)
+attestation.verify_offline()
+```
+
+**`verify_offline` takes the following optional parameters:**
+
+* `apkPackageName=None`
+
+* `nonce=None`
+
+* `apkDigestSha256=None`
+ * `str` of hex-values.
+
+* `apkCertificateDigestSha256=None`
+ * Can be `list` of `str` or `str`.
+
+* `check_basicIntegrity=True`
+
+* `check_ctsProfileMatch=True`
+
+* `hostname="attest.android.com"`
+ * Used for TLS validation of the certificate. Only modify if you know what you are doing.
+
+A full explanation of the parameters above can be found at [Google's SafetyNet documentation](https://developer.android.com/training/safetynet/)
+
+Once a token has been verified, the following fields can be used:
+
+* `header`
+ * A `dict`of the token's header.
+
+* `body`
+ * A `dict` of the token's body.
+
+* `certificates`
+ * A `list`of base64-decoded certificates present in the `header`.
+
+* `public_key_pem`
+ * The public key of the certificate.
+
+
+
+%package help
+Summary: Development documents and examples for pySafetyNet-Attestation
+Provides: python3-pySafetyNet-Attestation-doc
+%description help
+# pySafetyNet-Attestation
+
+A package for verifying JWS-attestations from Google's SafetyNet.
+
+## Introduction
+
+This package verifies [SafetyNet attestations](https://developer.android.com/training/safetynet/) by following the steps described on the page. It allows you to specify what parts of the JWS-body you wish to verify, but will always atleast verify the certificate and validity of the JWS.
+
+
+## Usage
+
+### Online verification
+
+```python
+from safetynet_attestation import Attestation
+
+jws_token = "..."
+api_key = "..."
+
+attestation = Attestation(jws_token)
+attestation.verify_online(api_key)
+```
+
+**`verify_online` takes the following optional parameters:**
+
+* `url="<standard url>"`
+ * If you for some reason wish to validate against some other url.
+
+`<standard url>` can be found at [Google's SafetyNet documentation](https://developer.android.com/training/safetynet/).
+
+### Offline verification
+
+```python
+from safetynet_attestation import Attestation
+
+
+jws_token = "..."
+
+attestation = Attestation(jws_token)
+attestation.verify_offline()
+```
+
+**`verify_offline` takes the following optional parameters:**
+
+* `apkPackageName=None`
+
+* `nonce=None`
+
+* `apkDigestSha256=None`
+ * `str` of hex-values.
+
+* `apkCertificateDigestSha256=None`
+ * Can be `list` of `str` or `str`.
+
+* `check_basicIntegrity=True`
+
+* `check_ctsProfileMatch=True`
+
+* `hostname="attest.android.com"`
+ * Used for TLS validation of the certificate. Only modify if you know what you are doing.
+
+A full explanation of the parameters above can be found at [Google's SafetyNet documentation](https://developer.android.com/training/safetynet/)
+
+Once a token has been verified, the following fields can be used:
+
+* `header`
+ * A `dict`of the token's header.
+
+* `body`
+ * A `dict` of the token's body.
+
+* `certificates`
+ * A `list`of base64-decoded certificates present in the `header`.
+
+* `public_key_pem`
+ * The public key of the certificate.
+
+
+
+%prep
+%autosetup -n pySafetyNet-Attestation-0.0.5
+
+%build
+%py3_build
+
+%install
+%py3_install
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+ find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+ find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+ find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+ find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+ find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
+
+%files -n python3-pySafetyNet-Attestation -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
+%changelog
+* Tue Jun 20 2023 Python_Bot <Python_Bot@openeuler.org> - 0.0.5-1
+- Package Spec generated
diff --git a/sources b/sources
new file mode 100644
index 0000000..1fc5b9c
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+f8ab1585c840dde8874a1ac5ee844ae6 pySafetyNet-Attestation-0.0.5.tar.gz
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-25 13:03:34 +0000