| Summary: | [WebAuthn] Determine an AAGUID for the platform authenticators | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Frederic Jahn <frederic.jahn> | ||||||
| Component: | WebCore Misc. | Assignee: | Jiewen Tan <jiewen_tan> | ||||||
| Status: | RESOLVED FIXED | ||||||||
| Severity: | Normal | CC: | bfulgham, jiewen_tan, smoley, webkit-bug-importer | ||||||
| Priority: | P2 | Keywords: | InRadar | ||||||
| Version: | Other | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Bug Depends on: | |||||||||
| Bug Blocks: | 181943 | ||||||||
| Attachments: |
|
||||||||
|
Description
Frederic Jahn
2020-10-20 01:31:57 PDT
Thanks for filing, I'll Cc a few folks here for consideration. Created attachment 413150 [details]
Patch
Comment on attachment 413150 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=413150&action=review This looks good to me, but I'd like you to double-check the none-attestation case before we land. > Source/WebKit/ChangeLog:9 > + The AAGUID is randomly generated by CCRandomGenerateBytes. I think we should say: "Relying parties use the AAGUID to recognize supported authenticators. Using a NULL AAGUID blocks them from recognizing Apple products as valid WebAuthentication targets. We need to assign ourselves a GUID representing Apple authenticators, then publish with our attestation certificate and with the FIDO Alliance." It would also be good to reference the communication to the FIDO alliance documenting this GUID (not sure if this would be a pull request, or how that works). > Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:373 > + auto authData = buildAuthData(creationOptions.rp.id, makeCredentialFlags, counter, buildAttestedCredentialData(Vector<uint8_t>(aaguidLength, 0), credentialId, cosePublicKey)); Do we not want to indicate that we are an Apple authenticator for the none-attestation case? From Frederic Jahn's bug report, it sounds like this is needed to decide whether they allow our authenticator at all. If you aren't sure, can you check with Frederic? Comment on attachment 413150 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=413150&action=review Thanks Brent for r+ this patch. >> Source/WebKit/ChangeLog:9 >> + The AAGUID is randomly generated by CCRandomGenerateBytes. > > I think we should say: > > "Relying parties use the AAGUID to recognize supported authenticators. Using a NULL AAGUID blocks them from recognizing Apple products as valid WebAuthentication targets. We need to assign ourselves a GUID representing Apple authenticators, then publish with our attestation certificate and with the FIDO Alliance." > > It would also be good to reference the communication to the FIDO alliance documenting this GUID (not sure if this would be a pull request, or how that works). Sure. Fixed. >> Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:373 >> + auto authData = buildAuthData(creationOptions.rp.id, makeCredentialFlags, counter, buildAttestedCredentialData(Vector<uint8_t>(aaguidLength, 0), credentialId, cosePublicKey)); > > Do we not want to indicate that we are an Apple authenticator for the none-attestation case? From Frederic Jahn's bug report, it sounds like this is needed to decide whether they allow our authenticator at all. > > If you aren't sure, can you check with Frederic? For none attestation, the AAGUID is required to be all zero. Created attachment 413262 [details]
Patch for landing
Committed r269420: <https://trac.webkit.org/changeset/269420> All reviewed patches have been landed. Closing bug and clearing flags on attachment 413262 [details]. |