This code serves as demo implementation for using and testing Android Protected Confirmation (APC).
Find an abstract of our objectives on https://apc.ti.bfh.ch.
APC is an optional Android standard since Android 9 (API level 28). To our knowledge it is only implemented on Pixel 3+ devices. The following devices have been tested successfully:
- Pixel 3 XL
- Pixel 5
- Pixel 6
- Pixel 6a
- Pixel 6 Pro
- Pixel 7
- Pixel 7 Pro
You will find real-time statistics of all participating devices on our web site.
Please report back if you find any other devices!
./gradlew build
The demo code allows to test APC with
- various trust stores such as Secure Element (SE) and TEE trust store.
- various asymmetric key pairs such as RSA and EC key pairs. Note that the key selection is limited by the key store. Each key store has only a limited selection of key types and supported key lengths.
- various messages to be APC confirmed. APC allows only messages of a certain length containing a reduced set of characters. Special character sets or emojis are not supported. Basically, messages which cannot be displayed properly on the Trusted UI will be refused and therefore cannot be APC confirmed.
To parse the attestation extension on the Android device we used the code from https://github.com/google/android-key-attestation. The code -intended for the server-side validation of attestation certificates- has been slightly adapted to display the attestation extension locally on the Android device. A full attestation chain can be found on our info web site.
Reach out via:
- Github
- The APC Demo App:
