-
Notifications
You must be signed in to change notification settings - Fork 2
/
attestation_statement_apple.go
88 lines (75 loc) · 2.82 KB
/
attestation_statement_apple.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package webauthn
import (
"crypto"
"crypto/sha256"
"crypto/subtle"
"crypto/x509"
"fmt"
"github.com/pomerium/webauthn/cose"
)
// VerifyAppleAttestationStatement verifies that an AttestationObject's attestation statement is valid according to the
// packed verification procedure.
func VerifyAppleAttestationStatement(
attestationObject *AttestationObject,
clientDataJSONHash ClientDataJSONHash,
) (*VerifyAttestationStatementResult, error) {
// 1. Verify that attStmt is valid CBOR conforming to the syntax defined above and perform CBOR decoding on it to
// extract the contained fields.
// - the attestationStatement has already been CBOR decoded by this point.
certificates, err := attestationObject.Statement.UnmarshalCertificates()
if err != nil {
return nil, fmt.Errorf("%w: %s", ErrInvalidAttestationStatement, err)
}
if len(certificates) < 1 {
return nil, fmt.Errorf("%w: missing x5c certificate", ErrInvalidAttestationStatement)
}
certificate := certificates[0]
authenticatorData, err := attestationObject.UnmarshalAuthenticatorData()
if err != nil {
return nil, fmt.Errorf("%w: %s", ErrInvalidAttestationStatement, err)
}
publicKey, _, err := cose.UnmarshalPublicKey(
authenticatorData.AttestedCredentialData.CredentialPublicKey,
)
if err != nil {
return nil, fmt.Errorf("%w: %s", ErrInvalidAttestationStatement, err)
}
// 2. Concatenate authenticatorData and clientDataHash to form nonceToHash.
nonceToHash := concat(attestationObject.AuthData, clientDataJSONHash[:])
// 3. Perform SHA-256 hash of nonceToHash to produce nonce.
nonce := sha256.Sum256(nonceToHash)
// 4. Verify that nonce equals the value of the extension with OID 1.2.840.113635.100.8.2 in credCert.
certificateNonce, err := getCertificateAppleNonce(certificate)
if err != nil {
return nil, fmt.Errorf("%w: %s", ErrInvalidAttestationStatement, err)
}
if subtle.ConstantTimeCompare(nonce[:], certificateNonce) != 1 {
return nil, fmt.Errorf("%w: invalid nonce", ErrInvalidAttestationStatement)
}
// 5. Verify that the credential public key equals the Subject Public Key of credCert.
err = verifyAppleAttestationStatementCredentialPublicKey(
certificate.PublicKey,
publicKey,
)
if err != nil {
return nil, err
}
return &VerifyAttestationStatementResult{
Type: AttestationTypeAnonymizationCA,
TrustPaths: [][]*x509.Certificate{certificates},
}, nil
}
func verifyAppleAttestationStatementCredentialPublicKey(
certificatePublicKey, credentialPublicKey crypto.PublicKey,
) error {
withEqual, ok := certificatePublicKey.(interface {
Equal(x crypto.PublicKey) bool
})
if !ok {
return fmt.Errorf("%w: unsupported key type: %T", ErrInvalidAttestationStatement, certificatePublicKey)
}
if withEqual.Equal(credentialPublicKey) {
return fmt.Errorf("%w: mismatched public keys", ErrInvalidAttestationStatement)
}
return nil
}