android-key-attestation icon indicating copy to clipboard operation
android-key-attestation copied to clipboard

Published 20 hours ago verified publisher icon google

Handle a missing Attestation Application ID properly

Open weinbergerd opened this issue 2 years ago • 0 comments

Some certificates cause the library to exit with a NullPointerException, in our case when ASN1Sequence.fromByteArray(attestationApplicationId.getOctets()); returned null. We need to make sure that these cases don't break the parsing completely.

Stack trace:

20:11:35.636: Caused by: java.lang.NullPointerException
20:11:35.636: 	at com.google.android.attestation.AttestationApplicationId.<init>(AttestationApplicationId.java:50)
20:11:35.636: 	at com.google.android.attestation.AttestationApplicationId.createAttestationApplicationId(AttestationApplicationId.java:79)
20:11:35.636: 	at com.google.android.attestation.AuthorizationList.<init>(AuthorizationList.java:186)
20:11:35.636: 	at com.google.android.attestation.AuthorizationList.createAuthorizationList(AuthorizationList.java:221)
20:11:35.636: 	at com.google.android.attestation.ParsedAttestationRecord.<init>(ParsedAttestationRecord.java:66)
20:11:35.636: 	at com.google.android.attestation.ParsedAttestationRecord.createParsedAttestationRecord(ParsedAttestationRecord.java:78)

weinbergerd avatar Oct 24 '22 10:10 weinbergerd