Source: ruby-safety-net-attestation
Section: ruby
Priority: optional
Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org>
Uploaders: Pirate Praveen <praveen@debian.org>
Build-Depends: debhelper-compat (= 13),
               gem2deb (>= 1),
               ruby-jwt (>= 2.0)
Standards-Version: 4.5.0
Vcs-Git: https://salsa.debian.org/ruby-team/ruby-safety-net-attestation.git
Vcs-Browser: https://salsa.debian.org/ruby-team/ruby-safety-net-attestation
Homepage: https://github.com/bdewater/safety_net_attestation
Testsuite: autopkgtest-pkg-ruby
XS-Ruby-Versions: all
Rules-Requires-Root: no

Package: ruby-safety-net-attestation
Architecture: all
XB-Ruby-Versions: ${ruby:Versions}
Depends: ${misc:Depends},
         ${ruby:Depends},
         ${shlibs:Depends}
Description: SafetyNet attestation response verification
 A Ruby library to verify SafetyNet attestation statements from Google Play
 Services on your server.
 .
 This library verifies that the statement:
  - has a valid signature that is trusted using certificates from
    https://pki.goog/
  - has the correct nonce
  - has been generated recently (default allowed leeway from current time is 60
    seconds)
  - has a signing certificate with the correct subject
 .
 With a valid statement your application can then inspect the information
 contained about the device integrity, calling app, and if applicable any
 integrity errors and potential solutions.