How similar is android SafetyNet to Web Authnn? Is the challenge passed to the WebAutnn's authenticator to generate an attestation object equivalent to the nonce that is passed to Android SafetyNet? Can I use a nonce with WebAuthnn as the challenge?
Is android safety net nonce equivalent to web authnn's challenge?
221 views Asked by Lucas Vieira At
1
There are 1 answers
Related Questions in ANDROID
- Force sublime text to use PATH from the shell value
- Sublimetext 3 & AngularJS - Syntax highlighting (HTML)
- Longjohn build fail Titanium
- Open current file in IntelliJ wih Sublime
- Shortcut key to show unsaved changes in Sublime Text 3
- How should I create a build system that can take STDIN in Sublime Text 3 under OSX?
- sublime text next_result open blank file
- Sublime Text line wrap and commit messages
- Sublime Text won't output Java println statements in main method
- Sublime Text: set language for each file
Related Questions in NONCE
- Force sublime text to use PATH from the shell value
- Sublimetext 3 & AngularJS - Syntax highlighting (HTML)
- Longjohn build fail Titanium
- Open current file in IntelliJ wih Sublime
- Shortcut key to show unsaved changes in Sublime Text 3
- How should I create a build system that can take STDIN in Sublime Text 3 under OSX?
- sublime text next_result open blank file
- Sublime Text line wrap and commit messages
- Sublime Text won't output Java println statements in main method
- Sublime Text: set language for each file
Related Questions in WEBAUTHN
- Force sublime text to use PATH from the shell value
- Sublimetext 3 & AngularJS - Syntax highlighting (HTML)
- Longjohn build fail Titanium
- Open current file in IntelliJ wih Sublime
- Shortcut key to show unsaved changes in Sublime Text 3
- How should I create a build system that can take STDIN in Sublime Text 3 under OSX?
- sublime text next_result open blank file
- Sublime Text line wrap and commit messages
- Sublime Text won't output Java println statements in main method
- Sublime Text: set language for each file
Related Questions in SAFETYNET
- Force sublime text to use PATH from the shell value
- Sublimetext 3 & AngularJS - Syntax highlighting (HTML)
- Longjohn build fail Titanium
- Open current file in IntelliJ wih Sublime
- Shortcut key to show unsaved changes in Sublime Text 3
- How should I create a build system that can take STDIN in Sublime Text 3 under OSX?
- sublime text next_result open blank file
- Sublime Text line wrap and commit messages
- Sublime Text won't output Java println statements in main method
- Sublime Text: set language for each file
Related Questions in ATTESTATIONS
- Force sublime text to use PATH from the shell value
- Sublimetext 3 & AngularJS - Syntax highlighting (HTML)
- Longjohn build fail Titanium
- Open current file in IntelliJ wih Sublime
- Shortcut key to show unsaved changes in Sublime Text 3
- How should I create a build system that can take STDIN in Sublime Text 3 under OSX?
- sublime text next_result open blank file
- Sublime Text line wrap and commit messages
- Sublime Text won't output Java println statements in main method
- Sublime Text: set language for each file
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
This is probably the relevant part of the spec:
https://www.w3.org/TR/webauthn/#cryptographic-challenges
Given that SafetyNet has similar goals and assuming the resulting values are compatible (i.e. at least 16 bytes) it's probably safe to say that you could use values generated the same way for both.
That said, this documentation suggests that it's up to you to generate the nonce anyway:
https://developer.android.com/training/safetynet/attestation#obtain-nonce
Follow the guidance in both of those docs and you can't go far wrong.