avatarAckermann Yuriy

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

1576

Abstract

ficateauthority/Apple_WebAuthn_Root_CA.pem">https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem</a></p><h1 id="c188">Verifying attestation</h1><ol><li>Concatenate <b>authData</b> with <b>clientDataHash</b> to create <b>nonceBase</b></li><li>Hash <b>nonceBase</b> with SHA-256 to create <b>expectedNonce</b></li><li>Extract leaf(first) cert from “x5c” as <b>attCert</b> and decode it</li><li>Check that <b>attCert</b> is of version 3(ASN1 INT 2)</li><li>Check that <b>attCert</b> basic constraints for CA is set to FALSE</li><li>Check that certificate contains <b>AppleAnonymousAttestation</b> <b>OID 1.2.840.113635.100.8.2</b> extension</li><li>Decode AppleAnonymousAttestation extension, and check that <b>nonce </b>contains <b>expectedNonce</b></li></ol><p id="e17c">Apple has not yet publish schema for the extension(as of JAN 2021. Yes, human kind survived somehow), so instead here is me publishing it :</p> <figure id="9cc1"> <div> <div>

            <iframe class="gist-iframe" src="/gist/herrjemand/1f4102caa6143f6d2d528a49babf8b84.js" allowfullscreen="" frameborder="0" height="undefined" width="undefined">
          </div>
        </div>
    </figure></iframe></div></div></figure><figure id="a42f"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*4TlxEMAJBz1H0gKx7FMNYA.png"><figcaption>Decoded extension</figcaption></figure><p id="b4be">8. Decode <b>authData</b>, extract public key, and check that is is matching public key in the <b>attCert</b>.</p><p id="290

Options

a">9. Append “Apple WebAuthn Root CA” certificate to the <b>x5c</b> and validate the certificate path</p><p id="781a">10. Go back to drinking and eating. It’s the first of January. New Year is not over yet.</p><h1 id="f443">Notes:</h1><ul><li>As of 05/01/2021 Apple returns wrong AAGUID of 0x00{16}. This was fixed in the latest patch, but it has not propagated to the iOS builds. New AAGUID is f24a8e70d0d3f82c293732523cc4de5a</li></ul><h1 id="406c">Snippets</h1><p id="0fb1">Find all snippets in our fresh new repository <a href="https://github.com/WebAuthnWorks/webauthn-snippets">https://github.com/WebAuthnWorks/webauthn-snippets</a></p> <figure id="0979"> <div> <div>

            <iframe class="gist-iframe" src="/gist/herrjemand/7076005d34c9fed76ad1d2b495fbd691.js" allowfullscreen="" frameborder="0" height="undefined" width="undefined">
          </div>
        </div>
    </figure></iframe></div></div></figure><h1 id="f977">License</h1><p id="d90a">This article is licensed under <a href="https://creativecommons.org/licenses/by-nc-nd/4.0/">Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)</a>. So you are free to read, share, etc. If you are interested in commercial use of this article, or wish to translate it to a different language, please contact yuriy(at)webauthn(dot)works</p><p id="fac8"><b>The code samples are licensed under <a href="https://gist.github.com/herrjemand/09492b2c6fc6c4ebc0d49b5942d4ec30">MIT license</a>.</b></p></article></body>

[DEPRECATED] WebAuthn/FIDO2: Verifying Apple Anonymous Attestation

!!! THIS ATTESTATION BEEN DEPRECATED AND NO LONGED NEED TO BE SUPPORTED !!!

Please note that this is an advance post, and requires prior understanding of the FIDO2 attestations. You can read more about them here.

The apple does not fall far from the Packed… TPM…

https://commons.wikimedia.org/wiki/File:Apple_and_Orange_-_they_do_not_compare.jpg

As the proverb goes, it’s all almost exactly the same as Packed attestation, with the nonce in the attestation certificate… like TPM… Without further ado, let’s verify it, shall we?

If you check attStmt and it contains “x5c” it is a FULL attestation. FULL basically means that it is an attestation that chains to the manufacturer. It is signed by batch private key, who’s public key is in a batch certificate, that is chained to apple attestation root certificate. Generally certificates have authorityInfoAccess extension, that helps locate the root, but Apple decided to not to do that. Nevertheless, quick googling gave us the needed root certificate

https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem

Verifying attestation

  1. Concatenate authData with clientDataHash to create nonceBase
  2. Hash nonceBase with SHA-256 to create expectedNonce
  3. Extract leaf(first) cert from “x5c” as attCert and decode it
  4. Check that attCert is of version 3(ASN1 INT 2)
  5. Check that attCert basic constraints for CA is set to FALSE
  6. Check that certificate contains AppleAnonymousAttestation OID 1.2.840.113635.100.8.2 extension
  7. Decode AppleAnonymousAttestation extension, and check that nonce contains expectedNonce

Apple has not yet publish schema for the extension(as of JAN 2021. Yes, human kind survived somehow), so instead here is me publishing it :

Decoded extension

8. Decode authData, extract public key, and check that is is matching public key in the attCert.

9. Append “Apple WebAuthn Root CA” certificate to the x5c and validate the certificate path

10. Go back to drinking and eating. It’s the first of January. New Year is not over yet.

Notes:

  • As of 05/01/2021 Apple returns wrong AAGUID of 0x00{16}. This was fixed in the latest patch, but it has not propagated to the iOS builds. New AAGUID is f24a8e70d0d3f82c293732523cc4de5a

Snippets

Find all snippets in our fresh new repository https://github.com/WebAuthnWorks/webauthn-snippets

License

This article is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0). So you are free to read, share, etc. If you are interested in commercial use of this article, or wish to translate it to a different language, please contact yuriy(at)webauthn(dot)works

The code samples are licensed under MIT license.

Fido2
Webauthn
Apple
Security
Fido Alliance
Recommended from ReadMedium