[DEPRECATED] WebAuthn/FIDO2: Verifying Apple Anonymous Attestation
!!! THIS ATTESTATION BEEN DEPRECATED AND NO LONGED NEED TO BE SUPPORTED !!!
Please note that this is an advance post, and requires prior understanding of the FIDO2 attestations. You can read more about them here.
The apple does not fall far from the Packed… TPM…
As the proverb goes, it’s all almost exactly the same as Packed attestation, with the nonce in the attestation certificate… like TPM… Without further ado, let’s verify it, shall we?
If you check attStmt and it contains “x5c” it is a FULL attestation. FULL basically means that it is an attestation that chains to the manufacturer. It is signed by batch private key, who’s public key is in a batch certificate, that is chained to apple attestation root certificate. Generally certificates have authorityInfoAccess extension, that helps locate the root, but Apple decided to not to do that. Nevertheless, quick googling gave us the needed root certificate
https://www.apple.com/certificateauthority/Apple_WebAuthn_Root_CA.pem
Verifying attestation
- Concatenate authData with clientDataHash to create nonceBase
- Hash nonceBase with SHA-256 to create expectedNonce
- Extract leaf(first) cert from “x5c” as attCert and decode it
- Check that attCert is of version 3(ASN1 INT 2)
- Check that attCert basic constraints for CA is set to FALSE
- Check that certificate contains AppleAnonymousAttestation OID 1.2.840.113635.100.8.2 extension
- Decode AppleAnonymousAttestation extension, and check that nonce contains expectedNonce
Apple has not yet publish schema for the extension(as of JAN 2021. Yes, human kind survived somehow), so instead here is me publishing it :
8. Decode authData, extract public key, and check that is is matching public key in the attCert.
9. Append “Apple WebAuthn Root CA” certificate to the x5c and validate the certificate path
10. Go back to drinking and eating. It’s the first of January. New Year is not over yet.
Notes:
- As of 05/01/2021 Apple returns wrong AAGUID of 0x00{16}. This was fixed in the latest patch, but it has not propagated to the iOS builds. New AAGUID is f24a8e70d0d3f82c293732523cc4de5a
Snippets
Find all snippets in our fresh new repository https://github.com/WebAuthnWorks/webauthn-snippets
License
This article is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0). So you are free to read, share, etc. If you are interested in commercial use of this article, or wish to translate it to a different language, please contact yuriy(at)webauthn(dot)works
The code samples are licensed under MIT license.