POST /a for iOS attestation; Android returns 400 (#141)

* feat(CORPLAT-603): POST /a for iOS attestation; Android returns 400

Add /a handler with Apple App Attest verification, nonce consumption, and KMS-signed integrity token. Re-export apple initial-attestation API and optional kid on public_key_to_jwk.

Android bundle identifiers receive bad_request without attestation verification (no AndroidAttestationService on this branch).

Made-with: Cursor

* Provide cnf.jwk.kid

Author: ottodimi

attestation-gateway/src/apple/mod.rs

@@ -149,7 +149,7 @@ pub struct Assertion {
 
 #[allow(clippy::upper_case_acronyms)]
 #[derive(Debug, PartialEq, Clone, Copy)]
-enum AAGUID {
+pub enum AAGUID {
     AppAttest,
     AppAttestDevelop,
 }
@@ -169,7 +169,7 @@ impl FromStr for AAGUID {
 
 impl AAGUID {
     /// Returns the list of allowed `AAGUID`s for a given bundle identifier.
-    fn allowed_for_bundle_identifier(
+    pub fn allowed_for_bundle_identifier(
         bundle_identifier: &BundleIdentifier,
     ) -> eyre::Result<Vec<Self>> {
         match bundle_identifier {
@@ -188,18 +188,19 @@ impl AAGUID {
 }
 
 #[derive(Debug)]
-struct InitialAttestationOutput {
+pub struct InitialAttestationOutput {
     pub public_key: String,
     pub receipt: String,
     pub key_id: String,
+    pub key_public_key: Vec<u8>,
 }
 
 /// Implements the verification of `DeviceCheck` *attestations* for iOS.
 /// Attestations are sent the first time to attest to the validity of a specific public key.
 /// <https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server#3576643>
-fn decode_and_validate_initial_attestation(
+pub fn decode_and_validate_initial_attestation(
     apple_initial_attestation: String,
-    request_hash: &str,
+    challenge: &str,
     expected_app_id: &str,
     allowed_aaguid: &[AAGUID],
     apple_root_ca_pem: &[u8],
@@ -233,9 +234,9 @@ fn decode_and_validate_initial_attestation(
     let store = store_builder.build();
     internal_verify_cert_chain_with_store(&attestation, &store)?;
 
-    // Step 2 and 3: create clientDataHash from the "challenge" (internally called `request_hash`)
+    // Step 2 and 3: create clientDataHash from the `challenge` (internally called "request_hash")
     let mut hasher = Sha256::new();
-    hasher.update(request_hash.as_bytes());
+    hasher.update(challenge.as_bytes());
     let client_data_hash = hasher.finish();
 
     // Step 3: create nonce as composite item
@@ -318,6 +319,7 @@ fn decode_and_validate_initial_attestation(
         public_key: general_purpose::STANDARD.encode(public_key_der),
         receipt: general_purpose::STANDARD.encode(attestation.att_stmt.receipt.as_ref()),
         key_id: general_purpose::STANDARD.encode(credential_id),
+        key_public_key: res.public_key().subject_public_key.clone().data.into(),
     })
 }
 

attestation-gateway/src/keys/mod.rs

@@ -134,7 +134,7 @@ async fn generate_new_key(
 
         let public_key = PKey::public_key_from_der(&public_key_der)?;
 
-        let jwk = public_key_to_jwk(&public_key, key_definition.id.clone())?;
+        let jwk = public_key_to_jwk(&public_key, Some(key_definition.id.clone()))?;
 
         let signing_key = SigningKey {
             key_definition,
@@ -280,7 +280,10 @@ async fn release_lock(redis: &mut ConnectionManager) -> eyre::Result<()> {
 
 /// Converts a DER public key to a JWK.
 /// Forked from `josekit::jwk::alg::ec::EcKeyPair.to_jwk` because the original function does not support using public-only keys.
-fn public_key_to_jwk(public_key: &PKey<Public>, key_id: String) -> eyre::Result<josekit::jwk::Jwk> {
+pub fn public_key_to_jwk(
+    public_key: &PKey<Public>,
+    key_id: Option<String>,
+) -> eyre::Result<josekit::jwk::Jwk> {
     let mut jwk = josekit::jwk::Jwk::new("EC");
 
     let ec_key = public_key.ec_key()?;
@@ -311,12 +314,15 @@ fn public_key_to_jwk(public_key: &PKey<Public>, key_id: String) -> eyre::Result<
     key.as_str();
 
     jwk.set_algorithm("ES256");
-    jwk.set_key_id(key_id);
     jwk.set_parameter(
         "crv",
         Some(Value::String(SIGNING_CONFIG.curve_str.to_string())),
     )?;
 
+    if let Some(key_id) = key_id {
+        jwk.set_key_id(key_id);
+    }
+
     Ok(jwk)
 }
 

attestation-gateway/src/keys/tests.rs

@@ -290,7 +290,7 @@ hnX+pFZq78Se67+BOJDjy1rpIDxDAJgXMy7QbKbztaUGOIrSiRCeMc8lhg==
 
     let jwk = public_key_to_jwk(
         &public_key,
-        "key_b9734d0e56ef4ad68e1fee2086a6e8e9".to_string(),
+        Some("key_b9734d0e56ef4ad68e1fee2086a6e8e9".to_string()),
     )
     .unwrap();
 

attestation-gateway/src/nonces/nonce_db.rs

@@ -56,7 +56,6 @@ impl NonceDb {
     /// # Errors
     ///
     /// When Redis `GETDEL` fails, the value is missing, or JSON does not decode to [`TokenDetails`].
-    #[allow(dead_code)] // Used by `POST /a` (separate PR); kept so nonce flow stays in one module.
     pub async fn consume_nonce(&mut self, nonce: &str) -> Result<TokenDetails, NonceDbError> {
         let key = format!("nonce:{nonce}");
         let value = self

attestation-gateway/src/routes.rs

@@ -6,6 +6,7 @@ use std::time::Duration;
 use tower_http::timeout::TimeoutLayer;
 use tower_http::trace::TraceLayer;
 
+mod a;
 mod c;
 mod generate_token;
 mod health;
@@ -21,6 +22,7 @@ pub fn get_timeout_layer() -> TimeoutLayer {
 
 pub fn handler() -> ApiRouter {
     ApiRouter::new()
+        .api_route("/a", post(a::handler))
         .api_route("/c", post(c::handler))
         .api_route("/g", post(generate_token::handler))
         .api_route("/.well-known/jwks.json", get(jwks::handler))

attestation-gateway/src/routes/a.rs

@@ -0,0 +1,239 @@
+use std::time::SystemTime;
+
+use aws_config::SdkConfig;
+
+use axum::{Extension, Json};
+use base64::{Engine, engine::general_purpose::STANDARD as Base64};
+use chrono::{DateTime, Utc};
+use josekit::jwt::JwtPayload;
+use openssl::{
+    bn::BigNum,
+    ec::{EcGroup, EcKey},
+    nid::Nid,
+    pkey::PKey,
+    sha::sha256,
+};
+use redis::aio::ConnectionManager;
+use schemars::JsonSchema;
+
+use crate::{
+    apple, keys, kms_jws,
+    nonces::NonceDb,
+    utils::{BundleIdentifier, ErrorCode, GlobalConfig, Platform, RequestError},
+};
+
+#[derive(Debug, serde::Deserialize, serde::Serialize, JsonSchema)]
+pub struct Request {
+    pub nonce: String,
+    pub app_version: String,
+    pub bundle_identifier: BundleIdentifier,
+    pub apple_attestation: Option<String>,
+    pub android_attestation: Option<Vec<String>>,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize, JsonSchema)]
+pub struct Response {
+    pub integrity_token: String,
+}
+
+#[derive(Debug)]
+pub struct IntegrityTokenPayload {
+    pub v: String,
+    pub platform: Platform,
+    pub app_version: String,
+    pub aud: String,
+    pub cnf: Vec<u8>,
+    pub pass: bool,
+    pub exp: DateTime<Utc>,
+}
+
+impl IntegrityTokenPayload {
+    pub fn generate(&self) -> eyre::Result<JwtPayload> {
+        if self.cnf.len() != 65 {
+            return Err(eyre::eyre!("Invalid device public key"));
+        }
+
+        let cnf_ec_key = EcKey::from_public_key_affine_coordinates(
+            &EcGroup::from_curve_name(Nid::X9_62_PRIME256V1).unwrap(),
+            &BigNum::from_slice(&self.cnf[1..33]).unwrap(),
+            &BigNum::from_slice(&self.cnf[33..65]).unwrap(),
+        )
+        .map_err(|_| RequestError {
+            code: ErrorCode::BadRequest,
+            details: Some("Invalid device public key".to_string()),
+        })?;
+
+        let cnf_pkey = PKey::from_ec_key(cnf_ec_key).map_err(|_| RequestError {
+            code: ErrorCode::BadRequest,
+            details: Some("Invalid device public key".to_string()),
+        })?;
+
+        let cnf_key_id = Base64.encode(sha256(&self.cnf));
+        let cnf_jwk = keys::public_key_to_jwk(&cnf_pkey, Some(cnf_key_id))?;
+
+        let mut cfn = josekit::Map::new();
+        cfn.insert("jwk".to_string(), josekit::Value::Object(cnf_jwk.into()));
+
+        let mut payload = JwtPayload::new();
+        payload.set_issued_at(&SystemTime::now());
+        payload.set_issuer("attestation.worldcoin.org"); // TODO: what about attestation.worldcoin.dev?
+        payload.set_expires_at(&self.exp.into());
+        payload.set_claim("v", Some(josekit::Value::String(self.v.clone())))?;
+        payload.set_claim(
+            "app_version",
+            Some(josekit::Value::String(self.app_version.clone())),
+        )?;
+        payload.set_claim(
+            "platform",
+            Some(josekit::Value::String(self.platform.to_string())),
+        )?;
+        payload.set_claim("aud", Some(josekit::Value::String(self.aud.clone())))?;
+        payload.set_claim("cnf", Some(josekit::Value::Object(cfn)))?;
+        payload.set_claim("pass", Some(josekit::Value::Bool(self.pass)))?;
+
+        Ok(payload)
+    }
+}
+
+pub async fn handler(
+    Extension(global_config): Extension<GlobalConfig>,
+    Extension(mut redis): Extension<ConnectionManager>,
+    Extension(mut nonce_db): Extension<NonceDb>,
+    Extension(aws_config): Extension<SdkConfig>,
+    Json(request): Json<Request>,
+) -> Result<Json<Response>, RequestError> {
+    let tracing_span = tracing::span!(tracing::Level::DEBUG, "a", endpoint = "/a");
+    let _enter = tracing_span.enter();
+
+    if !global_config
+        .enabled_bundle_identifiers
+        .contains(&request.bundle_identifier)
+    {
+        return Err(RequestError {
+            code: ErrorCode::BadRequest,
+            details: Some("This bundle identifier is currently unavailable.".to_string()),
+        });
+    }
+
+    let challenge = format!("n={},av={}", request.nonce, request.app_version);
+    let platform = request.bundle_identifier.platform();
+
+    let device_public_key = match platform {
+        Platform::AppleIOS => {
+            let apple_attestation = request.apple_attestation.ok_or_else(|| RequestError {
+                code: ErrorCode::BadRequest,
+                details: Some("Apple attestation is required".to_string()),
+            })?;
+
+            validate_apple_attestation_and_get_device_public_key(
+                &global_config.apple_root_ca_pem,
+                &challenge,
+                &request.bundle_identifier,
+                apple_attestation,
+            )?
+        }
+        Platform::Android => {
+            return Err(RequestError {
+                code: ErrorCode::BadRequest,
+                details: Some("Android attestation is not supported on this endpoint.".to_string()),
+            });
+        }
+    };
+
+    let token_details = nonce_db.consume_nonce(&request.nonce).await.map_err(|e| {
+        tracing::error!(error = ?e, "Error consuming token nonce");
+        RequestError {
+            code: ErrorCode::InternalServerError,
+            details: None,
+        }
+    })?;
+
+    let integrity_token = generate_integrity_token(
+        &mut redis,
+        &aws_config,
+        IntegrityTokenPayload {
+            v: "1".to_string(),
+            platform,
+            app_version: request.app_version,
+            aud: token_details.aud,
+            cnf: device_public_key,
+            pass: true,
+            exp: token_details.exp,
+        },
+    )
+    .await?;
+
+    Ok(Json(Response { integrity_token }))
+}
+
+fn validate_apple_attestation_and_get_device_public_key(
+    apple_root_ca_pem: &[u8],
+    challenge: &str,
+    bundle_identifier: &BundleIdentifier,
+    apple_attestation: String,
+) -> Result<Vec<u8>, RequestError> {
+    let app_id = bundle_identifier.apple_app_id().ok_or(RequestError {
+        code: ErrorCode::BadRequest,
+        details: Some("Invalid bundle identifier".to_string()),
+    })?;
+
+    let allowed_aaguid_vec = apple::AAGUID::allowed_for_bundle_identifier(bundle_identifier)
+        .map_err(|_| RequestError {
+            code: ErrorCode::BadRequest,
+            details: Some("Invalid bundle identifier".to_string()),
+        })?;
+
+    let initial_attestation = apple::decode_and_validate_initial_attestation(
+        apple_attestation,
+        challenge,
+        app_id,
+        allowed_aaguid_vec.as_slice(),
+        apple_root_ca_pem,
+    )
+    .map_err(|e| RequestError {
+        code: ErrorCode::BadRequest,
+        details: Some(e.to_string()),
+    })?;
+
+    Ok(initial_attestation.key_public_key)
+}
+
+async fn generate_integrity_token(
+    redis: &mut ConnectionManager,
+    aws_config: &SdkConfig,
+    integrity_token_payload: IntegrityTokenPayload,
+) -> Result<String, RequestError> {
+    let integrity_token_payload = integrity_token_payload.generate().map_err(|e| {
+        tracing::error!(error = ?e, "Error generating integrity token payload");
+        RequestError {
+            code: ErrorCode::InternalServerError,
+            details: None,
+        }
+    })?;
+
+    let kms_key = keys::fetch_active_key(redis, aws_config)
+        .await
+        .map_err(|e| {
+            tracing::error!(error = ?e, "Error fetching active key");
+            RequestError {
+                code: ErrorCode::InternalServerError,
+                details: None,
+            }
+        })?;
+
+    let integrity_token = kms_jws::generate_output_token(
+        aws_config,
+        kms_key.key_definition.arn,
+        integrity_token_payload,
+    )
+    .await
+    .map_err(|e| {
+        tracing::error!(error = ?e, "Error generating output token");
+        RequestError {
+            code: ErrorCode::InternalServerError,
+            details: None,
+        }
+    })?;
+
+    Ok(integrity_token)
+}