6

We have follow Scottyab Safetynet Library.

We are facing error of “Status{statusCode=NETWORK_ERROR, resolution=null}” event though 4G internet connectivity available in our android device with package name com.safetynet.sample where as sample project is working fine with package name com.scottyab.safetynet.sample. We have check this solution but not work.

Below code where we have facing this issue

private void runSafetyNetTest() {
    Log.v(TAG, "running SafetyNet.API Test");
    requestNonce = generateOneTimeRequestNonce();
    requestTimestamp = System.currentTimeMillis();
    writeLog("running SafetyNet.API Test");
    SafetyNet.SafetyNetApi.attest(googleApiClient, requestNonce)
            .setResultCallback(new ResultCallback<SafetyNetApi.AttestationResult>() {
                                   @Override
                                   public void onResult(final SafetyNetApi.AttestationResult result) {
                                       writeLog("running SafetyNet.API Result");
                                   //result = Status{statusCode=NETWORK_ERROR, resolution=null} 
                                       if (!validateResultStatus(result)) {
                                           return;
                                       }

                                       final String jwsResult = result.getJwsResult();
                                       final SafetyNetResponse response = parseJsonWebSignature(jwsResult);
                                       lastResponse = response;
                                       writeLog("Res :: " + response);

                                       //validate payload of the response
                                       if (validateSafetyNetResponsePayload(response)) {
                                           if (!TextUtils.isEmpty(googleDeviceVerificationApiKey)) {
                                               //if the api key is set, run the AndroidDeviceVerifier
                                               AndroidDeviceVerifier androidDeviceVerifier = new AndroidDeviceVerifier(googleDeviceVerificationApiKey, jwsResult);
                                               androidDeviceVerifier.verify(new AndroidDeviceVerifier.AndroidDeviceVerifierCallback() {
                                                   @Override
                                                   public void error(String errorMsg) {
                                                       callback.error(RESPONSE_ERROR_VALIDATING_SIGNATURE, "Response signature validation error: " + errorMsg);
                                                   }

                                                   @Override
                                                   public void success(boolean isValidSignature) {
                                                       if (isValidSignature) {
                                                           callback.success(response.isCtsProfileMatch(), response.isBasicIntegrity());
                                                       } else {
                                                           callback.error(RESPONSE_FAILED_SIGNATURE_VALIDATION, "Response signature invalid");

                                                       }
                                                   }
                                               });
                                           } else {
                                               Log.w(TAG, "No google Device Verification ApiKey defined");
                                               callback.error(RESPONSE_FAILED_SIGNATURE_VALIDATION_NO_API_KEY, "No Google Device Verification ApiKey defined. Marking as failed. SafetyNet CtsProfileMatch: " + response.isCtsProfileMatch());
                                           }
                                       } else {
                                           callback.error(RESPONSE_VALIDATION_FAILED, "Response payload validation failed");
                                       }
                                   }
                               }

            );
}
Phantômaxx
  • 37,901
  • 21
  • 84
  • 115
Jigar Shekh
  • 2,800
  • 6
  • 29
  • 54

2 Answers2

4

This might be related to the fact that the attestation API has been marked as deprecated. The new one doesn't depend on the google client API, you should check this. Also Google released an example app using the new api, you can check here.

davisjp
  • 730
  • 1
  • 11
  • 24
0

As per this discussion, the wrong API_KEY may be the reason for the error.

Wackaloon
  • 2,285
  • 1
  • 16
  • 33