We have implemented Android key attestation https://developer.android.com/training/articles/security-key-attestation
We have React Native app and we asking key chain from device. Use a KeyStore object's "getCertificateChain() method to get a reference to the chain of X.509 certificates associated with the hardware-backed keystore."
Works well but not for some devices.
For example: Armor 11 5G with Android 11 installed (playstore and google wallet works!) But, the certificate chain contains invalid CN key. CN=Android Keystore Key is invalid.
Certificate data: Version: V3 SERIALNUMBER=1d7df82f780e822882402383e926e453 Issue to: Android Keystore Key Validity: [From: Thu Jan 01 02:00:00 EET 1970, To: Sat Jan 01 01:59:59 EET 2000]
Does anyone have a clue what's going on? How it can be invalid? As you can see it was published 1970 and expired 2000.
Expecting CN certificate to be valid