Confirmed Message Attestation Chain
Sample attestation chain of a APC signed message.
Note, that the app will allows you to inspect the full attestation chain of any message you confirm and sign with APC. A sample of a signed message with full attestation chain is given below.
Confirmed Message
The signed content is:
What do you consider as the most important use case?: Qualified signatures
The hashing algorithm of the signature is: SHA256
Attested Environment
- Certificate Fingerprint : 1446CAA180CD731283173863F5E338C0
- Attestation Version : KeyMint version 1.0
- Attestation Security Level : StrongBox
- Keymaster Version : KeyMint version 1.0
- Keymaster Security Level : StrongBox
- Attestation Challenge : dd297395-a56b-4252-85a1-ffbcfab6259f
- Model : Pixel 7
- Device : panther
- OS Version : 130000
- OS Patch Level : 202302
- Vendor Patch Level : 20230205
- Boot Patch Level : 20230205
- Algorithm : EC
- Elliptic Curve : EC_CURVE_P_256
- Authentication : FINGERPRINT
- Application Package Name : ch.bfh.securevote
- Application Version : 9
- Key Creation Time : 2023-02-24 09:56:33.554000
Attestation Certificate Chain
Subject: Country Name=CH, OU=BFH, OU=SecureVote, CN=Secure Vote App Key
- Subject: Country Name=CH, OU=BFH, OU=SecureVote, CN=Secure Vote App Key
- Issuer: O=StrongBox, CN=defbfd71d276a7e1ce5ed8029141993b
Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: ecdsa-with-SHA256 Issuer: O=StrongBox, CN=defbfd71d276a7e1ce5ed8029141993b Validity Not Before: Feb 24 08:56:33 2023 GMT Not After : Feb 24 08:56:33 2025 GMT Subject: C=CH, OU=BFH, OU=SecureVote, CN=Secure Vote App Key Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:4e:58:66:f2:df:d3:31:a0:1f:f8:c3:f7:f1:c7: 53:53:c3:0a:f4:be:f2:d6:d0:b8:15:98:3d:b0:f2: a3:cd:c0:e4:a2:64:6c:c9:f6:d8:d4:cf:ee:d6:ce: e4:8d:d6:12:92:44:dd:bd:f5:3f:95:33:e6:99:6c: b9:30:c2:a2:8b ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Digital Signature Attestation Extension (critical: False): Attestation Version: KeyMint version 1.0 Attestation Security Level: StrongBox Keymaster Version: KeyMint version 1.0 Keymaster Security Level: StrongBox Attestation Challenge: dd297395-a56b-4252-85a1-ffbcfab6259f Unique ID: Software Enforced: Active Date Time: 2023-02-24 09:56:33.539000 Origination Expire Date Time: 2025-02-24 09:56:33.539000 Usage Expire Date Time: 2025-02-24 09:56:33.539000 Creation Date: 2023-02-24 09:56:33.554000 Attestation Application ID: Package Infos: Package Info: ch.bfh.securevote Version: 9 Signature Digests: 868b3a4bbe2347b83c3165b1b87dd580531fece5b3cfcb56e4c1b8451eddb4a9 TEE Enforced: Purpose: SIGN Algorithm: EC Key Size: 256 Digest: SHA_2_256 SHA_2_384 SHA_2_512 Elliptic Curve: EC_CURVE_P_256 User Authentication: FINGERPRINT Trusted Confirmation Required: True Unlocked Device Required: True Origin: GENERATED Root Of Trust: Verified Boot Key: (hex) 8b2c4cd539f5075e8e7cf212adb3db0413fbd77d321199c73d5a473c51f2e10d Device Locked: True Verified Boot State: Verified Verified Boot Hash: (hex) f5746b647e9d87f1d424b8e7963383638a190ec0525929edb343d91684d09bfc OS Version: 130000 OS Patch Level: 202302 Attestation ID Brand: google Attestation ID Device: panther Attestation ID Product: panther Attestation ID Manufacturer: Google Attestation ID Model: Pixel 7 Vendor Patch Level: 20230205 Boot Patch Level: 20230205 Signature Algorithm: ecdsa-with-SHA256 30:45:02:21:00:d8:19:43:90:76:20:13:63:94:f0:68:6a:8e: a9:83:a1:a2:ce:f2:83:65:2c:3a:60:68:17:33:10:24:92:c0: a7:02:20:4c:96:43:e9:28:59:41:c2:e5:24:5d:5c:c1:38:36: 72:bd:27:e2:c0:fa:9f:d3:f9:eb:1a:24:e3:69:c2:5b:e8
Subject: O=StrongBox, CN=defbfd71d276a7e1ce5ed8029141993b
- Subject: O=StrongBox, CN=defbfd71d276a7e1ce5ed8029141993b
- Issuer: O=Google LLC, CN=Droid CA3
Certificate: Data: Version: 3 (0x2) Serial Number: de:fb:fd:71:d2:76:a7:e1:ce:5e:d8:02:91:41:99:3b Signature Algorithm: ecdsa-with-SHA256 Issuer: O=Google LLC, CN=Droid CA3 Validity Not Before: Feb 13 13:48:36 2023 GMT Not After : Mar 16 13:48:36 2023 GMT Subject: O=StrongBox, CN=defbfd71d276a7e1ce5ed8029141993b Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:55:af:1d:57:d0:d7:c1:25:8d:3d:2e:2d:0a:c4: 31:13:0e:e1:ba:3c:43:d2:52:b7:da:64:62:f0:18: b1:ee:bc:8d:8b:2e:2e:19:12:22:ce:8b:02:24:38: 10:7b:92:3d:ee:ea:6b:39:67:7f:57:8b:4d:72:5c: e4:5e:e7:a9:33 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Subject Key Identifier: C5:26:C0:CD:EE:43:66:74:F6:03:7F:57:D1:42:71:F0:70:6A:35:66 X509v3 Authority Key Identifier: keyid:CC:50:11:82:CF:35:7B:BF:43:9B:1D:61:89:C3:51:8D:21:9A:72:7F X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign Signature Algorithm: ecdsa-with-SHA256 30:45:02:20:00:84:90:99:22:be:2f:a1:98:e7:1a:4f:b1:9f: 7e:bb:b4:6d:fd:ca:e5:47:fd:17:04:2f:8a:14:4b:79:b6:8a: 02:21:00:ff:9c:e9:08:c9:e2:91:71:fb:2d:67:73:1f:d1:ca: b3:9b:28:d6:46:5a:86:dc:a4:09:39:1b:10:a5:f9:8f:50
Subject: O=Google LLC, CN=Droid CA3
- Subject: O=Google LLC, CN=Droid CA3
- Issuer: O=Google LLC, CN=Droid CA2
Certificate: Data: Version: 3 (0x2) Serial Number: ec:a5:a6:d4:b4:d6:28:24:b8:48:3a:3f:00:37:5d:37:ba:43:e6 Signature Algorithm: ecdsa-with-SHA384 Issuer: O=Google LLC, CN=Droid CA2 Validity Not Before: Feb 14 15:07:23 2023 GMT Not After : Mar 21 15:07:22 2023 GMT Subject: O=Google LLC, CN=Droid CA3 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:b6:ab:0b:31:ef:0c:5c:48:57:2c:f1:32:9d:64: 08:76:2f:4b:16:f3:c5:ec:6a:a0:b1:a7:e5:6d:9c: 9e:d5:6e:08:d1:d5:4f:73:51:61:88:53:f1:56:7f: 2b:f2:77:4e:90:d5:78:a7:1c:46:c4:de:b1:3e:58: dd:2d:b3:10:6c ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Key Usage: critical Certificate Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CC:50:11:82:CF:35:7B:BF:43:9B:1D:61:89:C3:51:8D:21:9A:72:7F X509v3 Authority Key Identifier: keyid:39:98:07:06:3A:33:12:9E:F5:14:06:3A:80:41:0C:71:80:CE:1A:AD Signature Algorithm: ecdsa-with-SHA384 30:65:02:31:00:87:1c:d9:f0:de:f4:00:57:71:e8:7e:e0:dc: a5:b6:f7:78:ef:6b:04:1b:9b:39:3c:a6:5c:2d:1d:87:78:43: 56:a0:a4:91:c7:8b:cf:90:84:00:74:cd:ea:78:bf:0f:45:02: 30:0c:fc:2c:7a:34:d6:3a:8c:8b:ad:eb:aa:82:fa:27:2b:8c: 6d:14:f5:c9:5b:8c:26:d2:df:5d:8a:da:fd:8a:a5:4f:69:fe: 5e:5e:57:da:92:97:66:c6:62:be:f1:e9:9c
Subject: O=Google LLC, CN=Droid CA2
- Subject: O=Google LLC, CN=Droid CA2
- Issuer: serialNumber=f92009e853b6b045
Certificate: Data: Version: 3 (0x2) Serial Number: 03:88:26:67:60:65:89:96:86:0f Signature Algorithm: sha256WithRSAEncryption Issuer: serialNumber=f92009e853b6b045 Validity Not Before: Jan 26 22:50:20 2022 GMT Not After : Jan 22 22:50:20 2037 GMT Subject: O=Google LLC, CN=Droid CA2 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:fe:df:b8:00:8e:39:e0:3f:29:33:7d:99:50:4a: 6e:69:2d:1e:c0:b8:c5:3f:d1:01:3a:70:85:e0:a9: 33:da:3a:9c:0c:40:a9:d1:f8:f2:df:80:1a:4c:28: 09:9e:91:9d:08:b2:14:de:ef:d6:5c:1b:37:a4:41: 02:80:cb:92:f5:15:52:2a:a8:f9:f3:8c:1d:6e:97: 31:88:96:a1:65:64:b3:1e:a3:ca:d4:d9:f9:2d:96: 1d:40:8a:4b:27:d7:14 ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Subject Key Identifier: 39:98:07:06:3A:33:12:9E:F5:14:06:3A:80:41:0C:71:80:CE:1A:AD X509v3 Authority Key Identifier: keyid:36:61:E1:00:7C:88:05:09:51:8B:44:6C:47:FF:1A:4C:C9:EA:4F:12 X509v3 Basic Constraints: critical CA:TRUE, pathlen:2 X509v3 Key Usage: critical Certificate Sign, CRL Sign Signature Algorithm: sha256WithRSAEncryption 3d:05:3b:9f:20:c1:64:1b:e9:13:a9:e1:ce:e1:90:ec:10:89: 68:82:4c:6d:94:77:d3:70:c3:97:0a:96:c3:14:f1:89:59:3a: 4f:27:5e:7e:4e:c0:07:ee:15:3d:35:2a:07:1b:6a:ed:42:34: 31:02:5f:ba:80:d6:f2:72:43:d1:c1:b2:8a:9a:ed:f9:a2:d1: c7:f5:8f:f4:51:06:fb:c0:b8:6b:e0:df:34:72:d3:e3:9c:93: 02:36:f3:7d:b7:f7:d9:7f:f3:51:4c:4a:14:be:19:cc:d3:59: f8:4b:25:8f:ce:6e:45:41:16:46:a7:44:2a:43:84:4f:d2:c4: d1:cb:ff:99:c9:cd:86:87:f0:e7:63:00:ab:9f:9c:3f:66:70: 5c:98:bf:38:e2:c5:b7:0f:10:ee:66:7a:51:b0:93:b2:9f:0b: 1f:66:89:2a:55:b8:1e:a6:37:53:5d:a0:2b:12:8b:de:99:61: 01:81:95:9b:04:f2:82:dd:6b:37:24:0b:28:13:be:9d:ac:ef: b1:ad:22:cc:32:c0:e1:df:dc:71:1a:df:d3:90:9b:c0:7c:83: 67:07:73:2e:2e:e6:42:a8:15:e4:8f:23:dc:e8:ea:3c:7e:58: 36:f5:12:bf:20:29:94:f5:bb:b9:6b:c0:25:be:25:44:2a:b9: 86:c6:1c:bc:d2:0c:8b:11:7c:68:74:b1:38:e8:44:7f:ec:e2: 90:f7:ef:53:98:02:49:0f:30:75:60:b8:16:44:f2:2b:f9:ba: fd:23:e0:80:70:37:f7:8b:ca:84:1b:d6:39:81:bf:f7:44:51: 4f:5c:79:77:7f:b3:c6:f9:fb:c9:3b:3d:88:58:70:33:00:d2: 8c:85:41:cb:eb:84:ba:16:6e:ac:bb:06:b6:36:e6:25:84:63: 9c:47:e8:4b:07:16:b7:b9:be:9d:6c:bb:5e:d1:76:6c:5b:cb: 79:ed:ee:65:f3:d4:dc:41:41:d0:37:ac:cf:a4:71:99:5f:70: af:6c:1d:33:55:4c:8d:bd:d1:6c:bd:21:2f:bc:ff:16:a5:ae: d6:a5:a3:83:c0:e8:4c:28:7f:25:f2:d7:c5:c8:f4:07:5d:36: ce:f9:e0:a3:df:f3:fc:80:31:b5:5c:ff:66:82:96:6d:51:17: bf:fb:bc:1d:1f:c7:77:90:98:b1:38:59:2d:35:4a:ca:ac:5a: 70:ac:1c:24:9b:ca:37:48:68:8c:8a:04:54:21:00:1b:48:23: 12:cd:60:b1:70:fb:49:e7:03:b0:c1:53:f3:35:7b:d8:16:04: b8:7c:77:3d:71:1c:5a:3e:4e:7e:5e:75:86:98:d5:b6:32:86: 51:81:29:42:86:e0:cf:25
Subject: serialNumber=f92009e853b6b045
- Subject: serialNumber=f92009e853b6b045
- Issuer: serialNumber=f92009e853b6b045
Certificate: Data: Version: 3 (0x2) Serial Number: d5:0f:f2:5b:a3:f2:d6:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: serialNumber=f92009e853b6b045 Validity Not Before: Nov 22 20:37:58 2019 GMT Not After : Nov 18 20:37:58 2034 GMT Subject: serialNumber=f92009e853b6b045 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (4096 bit) Modulus: 00:af:b6:c7:82:2b:b1:a7:01:ec:2b:b4:2e:8b:cc: 54:16:63:ab:ef:98:2f:32:c7:7f:75:31:03:0c:97: 52:4b:1b:5f:e8:09:fb:c7:2a:a9:45:1f:74:3c:bd: 9a:6f:13:35:74:4a:a5:5e:77:f6:b6:ac:35:35:ee: 17:c2:5e:63:95:17:dd:9c:92:e6:37:4a:53:cb:fe: 25:8f:8f:fb:b6:fd:12:93:78:a2:2a:4c:a9:9c:45: 2d:47:a5:9f:32:01:f4:41:97:ca:1c:cd:7e:76:2f: b2:f5:31:51:b6:fe:b2:ff:fd:2b:6f:e4:fe:5b:c6: bd:9e:c3:4b:fe:08:23:9d:aa:fc:eb:8e:b5:a8:ed: 2b:3a:cd:9c:5e:3a:77:90:e1:b5:14:42:79:31:59: 85:98:11:ad:9e:b2:a9:6b:bd:d7:a5:7c:93:a9:1c: 41:fc:cd:27:d6:7f:d6:f6:71:aa:0b:81:52:61:ad: 38:4f:a3:79:44:86:46:04:dd:b3:d8:c4:f9:20:a1: 9b:16:56:c2:f1:4a:d6:d0:3c:56:ec:06:08:99:04: 1c:1e:d1:a5:fe:6d:34:40:b5:56:ba:d1:d0:a1:52: 58:9c:53:e5:5d:37:07:62:f0:12:2e:ef:91:86:1b: 1b:0e:6c:4c:80:92:74:99:c0:e9:be:c0:b8:3e:3b: c1:f9:3c:72:c0:49:60:4b:bd:2f:13:45:e6:2c:3f: 8e:26:db:ec:06:c9:47:66:f3:c1:28:23:9d:4f:43: 12:fa:d8:12:38:87:e0:6b:ec:f5:67:58:3b:f8:35: 5a:81:fe:ea:ba:f9:9a:83:c8:df:3e:2a:32:2a:fc: 67:2b:f1:20:b1:35:15:8b:68:21:ce:af:30:9b:6e: ee:77:f9:88:33:b0:18:da:a1:0e:45:1f:06:a3:74: d5:07:81:f3:59:08:29:66:bb:77:8b:93:08:94:26: 98:e7:4e:0b:cd:24:62:8a:01:c2:cc:03:e5:1f:0b: 3e:5b:4a:c1:e4:df:9e:af:9f:f6:a4:92:a7:7c:14: 83:88:28:85:01:5b:42:2c:e6:7b:80:b8:8c:9b:48: e1:3b:60:7a:b5:45:c7:23:ff:8c:44:f8:f2:d3:68: b9:f6:52:0d:31:14:5e:bf:9e:86:2a:d7:1d:f6:a3: bf:d2:45:09:59:d6:53:74:0d:97:a1:2f:36:8b:13: ef:66:d5:d0:a5:4a:6e:2f:5d:9a:6f:ef:44:68:32: bc:67:84:47:25:86:1f:09:3d:d0:e6:f3:40:5d:a8: 96:43:ef:0f:4d:69:b6:42:00:51:fd:b9:30:49:67: 3e:36:95:05:80:d3:cd:f4:fb:d0:8b:c5:84:83:95: 26:00:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:61:E1:00:7C:88:05:09:51:8B:44:6C:47:FF:1A:4C:C9:EA:4F:12 X509v3 Authority Key Identifier: keyid:36:61:E1:00:7C:88:05:09:51:8B:44:6C:47:FF:1A:4C:C9:EA:4F:12 X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Certificate Sign Signature Algorithm: sha256WithRSAEncryption 4e:31:a0:5c:f2:8b:a6:5d:bd:af:a1:ce:d7:09:69:ee:5c:a8: 41:04:ad:de:d8:a3:06:cf:7f:6d:ee:50:37:5d:74:5e:d9:92: cb:02:42:cc:e7:2d:c9:ee:d5:11:91:fe:5a:d5:2b:ad:7d:d3: b2:5c:09:9e:13:a4:91:a3:cd:d4:87:a5:ac:ce:87:66:32:4c: 4a:e4:63:38:24:6a:e7:b7:8a:41:8a:cb:b9:8a:05:c4:c9:d6: 96:ee:aa:b6:09:d0:ba:0c:e1:a3:1b:e9:84:90:df:3f:4c:0e: a9:dd:c9:e8:2f:fb:0f:cb:3e:9e:bd:d8:cb:95:27:89:f2:b1: 41:1f:ac:56:c8:86:42:6e:b7:29:60:42:73:5d:a5:0e:11:ac: 71:5f:18:18:cf:9f:dc:4e:25:4a:37:63:35:1b:6a:24:40:15: 08:61:26:3a:6e:31:0b:e1:a5:0d:e5:c7:e8:ee:88:0f:dd:4b: e5:88:4a:37:12:8d:18:83:0b:b3:47:6b:f4:29:1e:82:d5:c6: 6a:64:94:93:9e:08:48:0b:fb:c0:0f:7d:8a:74:d4:3e:73:73: 7e:be:5d:8e:4e:c5:15:30:2d:46:89:69:27:80:dc:75:38:ed: 7e:91:75:be:61:39:e7:4d:43:ad:38:8b:30:50:ff:d5:a9:de: 52:62:00:08:98:c0:1f:63:c5:3d:fe:22:20:91:08:fa:4f:65: ba:16:c4:9c:cb:de:08:37:d7:c5:84:4d:54:b7:39:8b:a0:12: 2e:50:5b:15:5c:93:13:cf:e2:6e:72:d8:7e:22:aa:16:16:e6: bd:bf:54:7d:df:f9:3d:f2:9e:35:a6:3b:45:5f:e1:fc:0e:c9: 55:81:f3:f4:f7:bb:e3:bb:82:83:96:a3:7a:e3:15:75:82:bc: 37:64:b9:78:0a:23:9e:fc:0f:75:a1:e2:e6:d9:41:ce:ab:ac: 27:dd:eb:01:e2:bd:84:21:02:9b:ea:34:d5:1a:ee:6c:60:27: 1d:5a:95:eb:d0:05:15:a9:c0:01:3d:d8:0b:f8:7e:ea:26:0b: 81:c3:4f:68:8e:6e:b1:34:8a:f0:d8:ea:1c:ac:32:ac:b9:d9: 3f:a2:4a:ff:03:0a:84:c8:f2:b0:f5:69:cc:95:08:0b:20:ac: 35:ac:e0:c6:d8:db:d4:f6:84:77:19:51:9d:32:45:01:66:eb: 4b:f1:5b:85:90:44:50:1a:de:af:43:63:82:c3:4b:15:e3:b5: 4c:92:e6:1b:69:c2:bf:c7:26:45:89:17:2b:3c:93:db:e3:5c: e0:6d:08:fd:5c:01:32:2c:a0:87:7b:1d:12:74:3a:f1:fa:d5: 94:0e:a1:bc:02:dd:89:1c