Open in app

Sign in

Write

Sign in

[DEPRECATED] WebAuthn/FIDO2: Verifying Apple Anonymous Attestation

Ackermann Yuriy
WebAuthn Works
Published in
2 min readJan 1, 2021

!!! THIS ATTESTATION BEEN DEPRECATED AND NO LONGED NEED TO BE SUPPORTED !!!

Please note that this is an advance post, and requires prior understanding of the FIDO2 attestations. You can read more about them here.

The apple does not fall far from the Packed… TPM…

https://commons.wikimedia.org/wiki/File:Apple_and_Orange_-_they_do_not_compare.jpg

As the proverb goes, it’s all almost exactly the same as Packed attestation, with the nonce in the attestation certificate… like TPM… Without further ado, let’s verify it, shall we?

If you check attStmt and it contains “x5c” it is a FULL attestation. FULL basically means that it is an attestation that chains to the manufacturer. It is signed by batch private key, who’s public key is in a batch certificate, that is chained to apple attestation root certificate. Generally certificates have authorityInfoAccess extension, that helps locate the root, but Apple decided to not to do that. Nevertheless, quick googling gave us the needed root certificate

https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem

Verifying attestation

  1. Concatenate authData with clientDataHash to create nonceBase
  2. Hash nonceBase with SHA-256 to create expectedNonce
  3. Extract leaf(first) cert from “x5c” as attCert and decode it
  4. Check that attCert is of version 3(ASN1 INT 2)
  5. Check that attCert basic constraints for CA is set to FALSE
  6. Check that certificate contains AppleAnonymousAttestation OID 1.2.840.113635.100.8.2 extension
  7. Decode AppleAnonymousAttestation extension, and check that nonce contains expectedNonce

Apple has not yet publish schema for the extension(as of JAN 2021. Yes, human kind survived somehow), so instead here is me publishing it :

NOT AN OFFICIAL APPLE SCHEMA
Decoded extension

8. Decode authData, extract public key, and check that is is matching public key in the attCert.

9. Append “Apple WebAuthn Root CA” certificate to the x5c and validate the certificate path

10. Go back to drinking and eating. It’s the first of January. New Year is not over yet.

Notes:

  • As of 05/01/2021 Apple returns wrong AAGUID of 0x00{16}. This was fixed in the latest patch, but it has not propagated to the iOS builds. New AAGUID is f24a8e70d0d3f82c293732523cc4de5a

Snippets

Find all snippets in our fresh new repository https://github.com/WebAuthnWorks/webauthn-snippets

https://github.com/WebAuthnWorks/webauthn-snippets/blob/main/code-samples/verify.apple.attestation.js

License

This article is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0). So you are free to read, share, etc. If you are interested in commercial use of this article, or wish to translate it to a different language, please contact yuriy(at)webauthn(dot)works

The code samples are licensed under MIT license.

Fido2
Webauthn
Apple
Security
Fido Alliance

--

--

Ackermann Yuriy
WebAuthn Works

Written by Ackermann Yuriy

517 Followers
Editor for

FIDO, Identity, Standards

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams