Dishan Philips

Work with Google Integrity verdicts on .NET C#

There are no clear examples of how an Attestation statement can be verified on C# locally.
Spent sometime to get it working.

var decryptionKey = Convert.FromBase64String("<DECRYPTION KEY>");
var verificationKey = Convert.FromBase64String("<VERIFICATION KEY>");
var signedAttestationStatement = "<ATTESTATION STATEMENT>";

var ecDsa = ECDsa.Create();
ecDsa.ImportSubjectPublicKeyInfo(new ReadOnlySpan<byte>(verificationKey), out _);

var decrypted = Jose.JWT.Decode(signedAttestationStatement, decryptionKey);
var payload = Jose.JWT.Decode(decrypted, ecDsa);

Posted

April 25, 2023

Uncategorized

dishanphilips

Tags:

.Net, .net Core, C#, Google, IntegrityApi

Dishan Philips

Work with Google Integrity verdicts on .NET C#

Comments

Leave a Reply Cancel reply