Merge pull request #343 from cedarcode/apple_attestation_format

Support 'apple' attestation statement format

Author: grzuy

README.md

@@ -417,6 +417,7 @@ credential.authenticator_extension_outputs
 | tpm (x5c attestation) | Yes |
 | android-key | Yes |
 | android-safetynet | Yes |
+| apple | Yes |
 | fido-u2f | Yes |
 | none | Yes |
 

lib/webauthn/attestation_statement.rb

@@ -2,6 +2,7 @@
 
 require "webauthn/attestation_statement/android_key"
 require "webauthn/attestation_statement/android_safetynet"
+require "webauthn/attestation_statement/apple"
 require "webauthn/attestation_statement/fido_u2f"
 require "webauthn/attestation_statement/none"
 require "webauthn/attestation_statement/packed"
@@ -18,14 +19,16 @@ class FormatNotSupportedError < Error; end
     ATTESTATION_FORMAT_ANDROID_SAFETYNET = "android-safetynet"
     ATTESTATION_FORMAT_ANDROID_KEY = "android-key"
     ATTESTATION_FORMAT_TPM = "tpm"
+    ATTESTATION_FORMAT_APPLE = "apple"
 
     FORMAT_TO_CLASS = {
       ATTESTATION_FORMAT_NONE => WebAuthn::AttestationStatement::None,
       ATTESTATION_FORMAT_FIDO_U2F => WebAuthn::AttestationStatement::FidoU2f,
       ATTESTATION_FORMAT_PACKED => WebAuthn::AttestationStatement::Packed,
       ATTESTATION_FORMAT_ANDROID_SAFETYNET => WebAuthn::AttestationStatement::AndroidSafetynet,
       ATTESTATION_FORMAT_ANDROID_KEY => WebAuthn::AttestationStatement::AndroidKey,
-      ATTESTATION_FORMAT_TPM => WebAuthn::AttestationStatement::TPM
+      ATTESTATION_FORMAT_TPM => WebAuthn::AttestationStatement::TPM,
+      ATTESTATION_FORMAT_APPLE => WebAuthn::AttestationStatement::Apple
     }.freeze
 
     def self.from(format, statement)

lib/webauthn/attestation_statement/android_key.rb

@@ -20,10 +20,6 @@ def valid?(authenticator_data, client_data_hash)
 
       private
 
-      def matching_public_key?(authenticator_data)
-        attestation_certificate.public_key.to_der == authenticator_data.credential.public_key_object.to_der
-      end
-
       def valid_attestation_challenge?(client_data_hash)
         android_key_attestation.verify_challenge(client_data_hash)
       rescue AndroidKeyAttestation::ChallengeMismatchError

lib/webauthn/attestation_statement/apple.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "webauthn/attestation_statement/base"
+
+module WebAuthn
+  module AttestationStatement
+    class Apple < Base
+      # Source: https://www.apple.com/certificateauthority/private/
+      ROOT_CERTIFICATE =
+        OpenSSL::X509::Certificate.new(<<~PEM)
+          -----BEGIN CERTIFICATE-----
+          MIICEjCCAZmgAwIBAgIQaB0BbHo84wIlpQGUKEdXcTAKBggqhkjOPQQDAzBLMR8w
+          HQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJ
+          bmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MjEzMloXDTQ1MDMx
+          NTAwMDAwMFowSzEfMB0GA1UEAwwWQXBwbGUgV2ViQXV0aG4gUm9vdCBDQTETMBEG
+          A1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49
+          AgEGBSuBBAAiA2IABCJCQ2pTVhzjl4Wo6IhHtMSAzO2cv+H9DQKev3//fG59G11k
+          xu9eI0/7o6V5uShBpe1u6l6mS19S1FEh6yGljnZAJ+2GNP1mi/YK2kSXIuTHjxA/
+          pcoRf7XkOtO4o1qlcaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJtdk
+          2cV4wlpn0afeaxLQG2PxxtcwDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2cA
+          MGQCMFrZ+9DsJ1PW9hfNdBywZDsWDbWFp28it1d/5w2RPkRX3Bbn/UbDTNLx7Jr3
+          jAGGiQIwHFj+dJZYUJR786osByBelJYsVZd2GbHQu209b5RCmGQ21gpSAk9QZW4B
+          1bWeT0vT
+          -----END CERTIFICATE-----
+        PEM
+
+      NONCE_EXTENSION_OID = "1.2.840.113635.100.8.2"
+
+      def valid?(authenticator_data, client_data_hash)
+        valid_nonce?(authenticator_data, client_data_hash) &&
+          matching_public_key?(authenticator_data) &&
+          trustworthy? &&
+          [attestation_type, attestation_trust_path]
+      end
+
+      private
+
+      def valid_nonce?(authenticator_data, client_data_hash)
+        extension = cred_cert&.extensions&.detect { |ext| ext.oid == NONCE_EXTENSION_OID }
+
+        if extension
+          sequence = OpenSSL::ASN1.decode(OpenSSL::ASN1.decode(extension.to_der).value[1].value)
+
+          sequence.tag == OpenSSL::ASN1::SEQUENCE &&
+            sequence.value.size == 1 &&
+            sequence.value[0].value[0].value ==
+              OpenSSL::Digest::SHA256.digest(authenticator_data.data + client_data_hash)
+        end
+      end
+
+      def attestation_type
+        WebAuthn::AttestationStatement::ATTESTATION_TYPE_ANONCA
+      end
+
+      def cred_cert
+        attestation_certificate
+      end
+
+      def default_root_certificates
+        [ROOT_CERTIFICATE]
+      end
+    end
+  end
+end

lib/webauthn/attestation_statement/base.rb

@@ -16,11 +16,13 @@ class UnsupportedAlgorithm < Error; end
     ATTESTATION_TYPE_SELF = "Self"
     ATTESTATION_TYPE_ATTCA = "AttCA"
     ATTESTATION_TYPE_BASIC_OR_ATTCA = "Basic_or_AttCA"
+    ATTESTATION_TYPE_ANONCA = "AnonCA"
 
     ATTESTATION_TYPES_WITH_ROOT = [
       ATTESTATION_TYPE_BASIC,
       ATTESTATION_TYPE_BASIC_OR_ATTCA,
-      ATTESTATION_TYPE_ATTCA
+      ATTESTATION_TYPE_ATTCA,
+      ATTESTATION_TYPE_ANONCA
     ].freeze
 
     class Base
@@ -62,6 +64,10 @@ def matching_aaguid?(attested_credential_data_aaguid)
         end
       end
 
+      def matching_public_key?(authenticator_data)
+        attestation_certificate.public_key.to_der == authenticator_data.credential.public_key_object.to_der
+      end
+
       def certificates
         @certificates ||=
           raw_certificates&.map do |raw_certificate|

lib/webauthn/configuration.rb

@@ -35,7 +35,7 @@ def initialize
       @verify_attestation_statement = true
       @credential_options_timeout = 120000
       @silent_authentication = false
-      @acceptable_attestation_types = ['None', 'Self', 'Basic', 'AttCA', 'Basic_or_AttCA']
+      @acceptable_attestation_types = ['None', 'Self', 'Basic', 'AttCA', 'Basic_or_AttCA', 'AnonCA']
       @attestation_root_certificates_finders = []
     end
 

spec/spec_helper.rb

@@ -141,7 +141,6 @@ def issue_certificate(
   not_after: Time.now + 60,
   extensions: nil
 )
-
   certificate = OpenSSL::X509::Certificate.new
 
   certificate.version = version
@@ -159,3 +158,11 @@ def issue_certificate(
 
   certificate
 end
+
+def fake_certificate_chain_validation_time(attestation_statement, time)
+  allow(attestation_statement).to receive(:attestation_root_certificates_store).and_wrap_original do |m, *args|
+    store = m.call(*args)
+    store.time = time
+    store
+  end
+end

spec/support/seeds.rb

@@ -73,6 +73,16 @@ def seeds
           authenticator_data: "wqc1M3OySstQSIGfoFIjkPhIJrGaCJiQKPeryg70zSsBAAAAbQ=="
         }
       }
+    },
+    macbook_touch_id: {
+      origin: "http://localhost:3000",
+      credential_creation_options: {
+        challenge: "a8mMXGbnWYzB2RG1cTu96rhyXewrZgHR_34BuIuRYTE"
+      },
+      authenticator_attestation_response: {
+        attestation_object: "o2NmbXRlYXBwbGVnYXR0U3RtdKFjeDVjglkCRzCCAkMwggHJoAMCAQICBgF3z8QYXDAKBggqhkjOPQQDAjBIMRwwGgYDVQQDDBNBcHBsZSBXZWJBdXRobiBDQSAxMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIxMDIyMjE2NDExMVoXDTIxMDIyNTE2NDExMVowgZExSTBHBgNVBAMMQGUwZWM5MjFiOGNkMGYxNGU3ODUzZjUzYThlNDU3NmRkY2U3OWJhN2UwNDkwMjk5OWQ2M2VlOWU2NGIyYmRlZjcxGjAYBgNVBAsMEUFBQSBDZXJ0aWZpY2F0aW9uMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPBcyVz0vF1QSjcsDdPY7WJrx0jvFh_dZnj56ytGIrdddJz5QcWIqZrEB0csxZFNjPFK0hQooZYvTixgBt7D5kqNVMFMwDAYDVR0TAQH_BAIwADAOBgNVHQ8BAf8EBAMCBPAwMwYJKoZIhvdjZAgCBCYwJKEiBCCoFqZ2h1zWBGc8uBsh0z02Ikn7eWVoI8W9OjiRWsQWUjAKBggqhkjOPQQDAgNoADBlAjEA54GIEOvNG3mjCymslbIVwg-tendQ-hRc3PCwcyVVLBdReEnoMiHCAYmh1xCvWV8KAjBkYJa8dnVlNBF92WtuVWL7IrBd5gzGd55roG9U0H7RJm5QC6DPvRdaNl2lnpxdWzZZAjgwggI0MIIBuqADAgECAhBWJVOVx6f7QOviKNgmCFO2MAoGCCqGSM49BAMDMEsxHzAdBgNVBAMMFkFwcGxlIFdlYkF1dGhuIFJvb3QgQ0ExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwMzE4MTgzODAxWhcNMzAwMzEzMDAwMDAwWjBIMRwwGgYDVQQDDBNBcHBsZSBXZWJBdXRobiBDQSAxMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEgy6HLyYUkYECJbn1_Na7Y3i19V8_ywRbxzWZNHX9VJBE35v-GSEXZcaaHdoFCzjUUINAGkNPsk0RLVbD4c-_y5iR_sBpYIG--Wy8d8iN3a9Gpa7h3VFbWvqrk76cCyaRo2YwZDASBgNVHRMBAf8ECDAGAQH_AgEAMB8GA1UdIwQYMBaAFCbXZNnFeMJaZ9Gn3msS0Btj8cbXMB0GA1UdDgQWBBTrroLE_6GsW1HUzyRhBQC-Y713iDAOBgNVHQ8BAf8EBAMCAQYwCgYIKoZIzj0EAwMDaAAwZQIxAN2LGjSBpfrZ27TnZXuEHhRMJ7dbh2pBhsKxR1dQM3In7-VURX72SJUMYy5cSD5wwQIwLIpgRNwgH8_lm8NNKTDBSHhR2WDtanXx60rKvjjNJbiX0MgFvvDH94sHpXHG6A4HaGF1dGhEYXRhWJhJlg3liA6MaHQ0Fw9kdmBbj-SuuaKGMseZXPO6gx2XY0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAUGNsngcxQiY1p2BB7fCpOWHzbTeilAQIDJiABIVggPBcyVz0vF1QSjcsDdPY7WJrx0jvFh_dZnj56ytGIrdciWCBdJz5QcWIqZrEB0csxZFNjPFK0hQooZYvTixgBt7D5kg",
+        client_data_json: "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiYThtTVhHYm5XWXpCMlJHMWNUdTk2cmh5WGV3clpnSFJfMzRCdUl1UllURSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6MzAwMCJ9"
+      }
     }
   }
 end

spec/webauthn/attestation_statement/apple_spec.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+require "spec_helper"
+
+require "openssl"
+require "webauthn/attestation_statement/apple"
+
+RSpec.describe "Apple attestation" do
+  describe "#valid?" do
+    let(:credential_key) { create_ec_key }
+    let(:root_key) { create_ec_key }
+    let(:root_certificate) { create_root_certificate(root_key) }
+
+    let(:cred_cert) do
+      issue_certificate(root_certificate, root_key, credential_key, extensions: [cred_cert_extension])
+    end
+
+    let(:statement) { WebAuthn::AttestationStatement::Apple.new("x5c" => [cred_cert.to_der]) }
+
+    let(:authenticator_data_bytes) do
+      WebAuthn::FakeAuthenticator::AuthenticatorData.new(
+        rp_id_hash: OpenSSL::Digest.digest("SHA256", "RP"),
+        credential: { id: "0".b * 16, public_key: credential_key.public_key }
+      ).serialize
+    end
+
+    let(:authenticator_data) { WebAuthn::AuthenticatorData.deserialize(authenticator_data_bytes) }
+    let(:client_data_hash) { OpenSSL::Digest::SHA256.digest({}.to_json) }
+
+    let(:nonce) { Digest::SHA256.digest(authenticator_data.data + client_data_hash) }
+    let(:cred_cert_extension) do
+      OpenSSL::X509::Extension.new(
+        "1.2.840.113635.100.8.2",
+        OpenSSL::ASN1::Sequence.new(
+          [OpenSSL::ASN1::Sequence.new([OpenSSL::ASN1::OctetString.new(nonce)])]
+        )
+      )
+    end
+
+    around do |example|
+      silence_warnings do
+        original_apple_certificate = WebAuthn::AttestationStatement::Apple::ROOT_CERTIFICATE
+        WebAuthn::AttestationStatement::Apple::ROOT_CERTIFICATE = root_certificate
+        example.run
+        WebAuthn::AttestationStatement::Apple::ROOT_CERTIFICATE = original_apple_certificate
+      end
+    end
+
+    it "works if everything's fine" do
+      expect(statement.valid?(authenticator_data, client_data_hash)).to be_truthy
+    end
+
+    context "when nonce is invalid" do
+      let(:nonce) { Digest::SHA256.digest("Invalid") }
+
+      it "fails" do
+        expect(statement.valid?(authenticator_data, client_data_hash)).to be_falsy
+      end
+    end
+
+    context "when the credential public key is invalid" do
+      let(:cred_cert) do
+        issue_certificate(root_certificate, root_key, create_ec_key, extensions: [cred_cert_extension])
+      end
+
+      it "fails" do
+        expect(statement.valid?(authenticator_data, client_data_hash)).to be_falsy
+      end
+    end
+  end
+end

spec/webauthn/authenticator_attestation_response_spec.rb

@@ -328,6 +328,48 @@
     end
   end
 
+  context "when apple attestation" do
+    let(:origin) { seeds[:macbook_touch_id][:origin] }
+
+    let(:original_challenge) do
+      Base64.urlsafe_decode64(seeds[:macbook_touch_id][:credential_creation_options][:challenge])
+    end
+
+    let(:attestation_response) do
+      response = seeds[:macbook_touch_id][:authenticator_attestation_response]
+
+      WebAuthn::AuthenticatorAttestationResponse.new(
+        attestation_object: Base64.urlsafe_decode64(response[:attestation_object]),
+        client_data_json: Base64.urlsafe_decode64(response[:client_data_json])
+      )
+    end
+
+    before do
+      # Apple credential certificate expires after 3 days apparently.
+      # Seed data was obtained 22nd Feb 2021, so we are simulating validation within that 3 day timeframe
+      fake_certificate_chain_validation_time(attestation_response.attestation_statement, Time.parse("2021-02-23"))
+    end
+
+    it "verifies" do
+      expect(attestation_response.verify(original_challenge)).to be_truthy
+    end
+
+    it "is valid" do
+      expect(attestation_response.valid?(original_challenge)).to eq(true)
+    end
+
+    it "returns attestation info" do
+      attestation_response.valid?(original_challenge)
+
+      expect(attestation_response.attestation_type).to eq("AnonCA")
+      expect(attestation_response.attestation_trust_path).to all(be_kind_of(OpenSSL::X509::Certificate))
+    end
+
+    it "returns the credential" do
+      expect(attestation_response.credential.id.length).to be >= 16
+    end
+  end
+
   it "returns user-friendly error if no client data received" do
     attestation_response = WebAuthn::AuthenticatorAttestationResponse.new(
       attestation_object: "",