UNPKG

@nevis-security/nevis-mobile-authentication-sdk-react

Version:

React Native plugin for Nevis Mobile Authentication SDK. Supports only mobile.

www.nevis.net

43 lines (38 loc) 1.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
/** * Copyright © 2025 Nevis Security AG. All rights reserved. */ /** * The result of the certificate validation done to know if the keys generated by the device have been * generated using a chipset containing a {@link https://developer.android.com/privacy-and-security/security-key-attestation#root_certificate | Google root certificate} * * For a device to support full basic attestation, the certificate chain validation result is * {@link CertificateChainValidationResult.Success}. * * @see {@link FidoUafAttestationInformation.certificateChainValidationResult} */ export enum CertificateChainValidationResult { /** * The certificate chain generated by the device is valid. This means that the mobile device has * hardware that is using a known Google root certificate, that there are no revoked nor expired * certificates in it, and that all certificates in the chain are properly signed. */ Success = 'SUCCESS', /** * The certificate chain contains an unknown root certificate. This can occur with old devices, * or new devices (like some Huawei models) that do not have a Google certified chipset. */ UnknownRootCertificate = 'UNKNOWN_ROOT_CERTIFICATE', /** * The certificate chain contains a known Google root certificate. However, it also contains at * least one revoked certificate from the certificate revocation list (CRL) published by Google * {@link https://android.googleapis.com/attestation/status | here}. This can occur when the device * is using a compromised certificate. */ CrlValidationFailed = 'CRL_VALIDATION_FAILED', /** * The certificate chain contains a known Google root certificate, but the certificate chain could * not be verified. This can occur if a rogue client is trying to mimic a trusted mobile device. * It can also occur that in old devices one of the intermediate certificates in the chain has expired. */ InvalidCertificateChain = 'INVALID_CERTIFICATE_CHAIN', }