ChromeからMacBookのTouchIDでWebAuthenticationする

Chrome͔ΒMacBookͷTouch IDͰ
WebAuthentication͢Δ
Identity Dance School Lesson1
ٕज़ॻయͱDigital Identityٕज़
@kg0r0

View Slide

ࣗݾ঺հ
• ߹࿏ ݈ਓ
• ࣾձਓ3೥໨
• งғؾͰOAuth΍FIDOͯ͠Δ

View Slide

Ϙπཧ༝
• σϞ͕೿खͳͷʹॻ੶ͩͱө͑ͳ͍
• ΄ͱΜͲSELF Attestationͷઆ໌ͰChromeͱ
͔Touch ID͋Μ·Γؔ܎ͳ͍

View Slide

ಈ࡞؀ڥ
• MacBook Pro (13-inch, 2016)
• macOS Mojave version 10.14.4
• Chrome version 74

View Slide

σϞ

View Slide

ҧ͍
• Yubico Security Key
→ packed FULL Attestation
• Touch ID
→ packed SELF Attestation

View Slide

Registration Flow
Ҿ༻ݩIUUQTXDHJUIVCJPXFCBVUIO

View Slide

Registration
navigator.credentials.create({
publicKey: {
rp: {
id: "example.com”,
name: "Acme"
},
user: {
id: new Uint8Array(16),
name: "[email protected]",
displayName: "John P. Smith "
},
pubKeyCredParams: [{
type: "public-key",
alg: -7
}],
attestation: "direct",
timeout: 60000,
// must be a cryptographically random number sent from a server
challenge: new Uint8Array([
0x8C, 0x0A, 0x26, 0xFF, 0x22, 0x91, 0xC1, 0xE9, ... ]).buffer
}
})

View Slide

Registration

View Slide

Registration
ͪͳΈʹγʔΫϨοτϒϥ΢βͩͱཁٻ͞Εͳ͍

View Slide

Registration Flow

View Slide

AuthenticatorAttestationResponse
{
"rawId": "imCIoe8U_N9M1rTGeCqJ96TAu5uqSPa7YUzd ... ",
"id": ” imCIoe8U_N9M1rTGeCqJ96TAu5uqSPa7YUzdh7qq ... ",
"response": {
"clientDataJSON": ”eyJjaGFsbGVuZ2UiOiJJSFdtWjFPa1MydDZLaH ... ”,
"attestationObject": ”o2NmbXRoZmlkby11MmZnYXR0U3RtdKJjc2 ... "
},
"getClientExtensionResults": {},
"type": "public-key”
}

View Slide

Attestation Object
CBORΤϯίʔυ͞Εͨެ։伴ͳͲΛؚΉσʔλ

View Slide

{
fmt: 'packed',
attStmt:
{ alg: -7,
sig:
74 ab 86 16 cd 53 c3 02 21 00 c1 77 e6 45 96 c9 ff 55 12 1c ... 22 more bytes>
},
authData:
63 45 5c 7d 17 d1 ad ce 00 02 35 bc c6 0a 64 8b 0b 25 f1 ... 150 more bytes>
}
Attestation Object
CBORΤϯίʔυ͞Εͨެ։伴ͳͲΛؚΉσʔλ
.BD#PPL5PVDI*%

View Slide

Attestation Statement
Attestationͷݕূʹඞཁͳ৘ใͳͲ

View Slide

• alg : ॺ໊࡞੒ΞϧΰϦζϜ
• sig : ॺ໊
• x5c : X.509ূ໌ॻνΣʔϯ

View Slide

{
fmt: 'packed',
attStmt:
{
alg: -7,
sig:
21 00 fe e4 f7 09 64 97 4d f5 bd 3d ... 22 more bytes>,
x5c:
[ 30 2a 06 03 55 04 03 13 23 59 75 62 ... 656 more bytes> ]
},
authData:
11 f3 8c 0a 4d 15 80 06 17 11 1f ... 146 more bytes>
}
:VCJDP4FDVSJUZ,FZ

View Slide

{
fmt: 'packed',
attStmt:
{
alg: -7,
sig:
16 cd 53 c3 02 21 00 c1 77 e6 45 96 c9 ff 55 12 1c ... 22 more bytes>
},
authData:
7d 17 d1 ad ce 00 02 35 bc c6 0a 64 8b 0b 25 f1 ... 150 more bytes>
}
.BD#PPL5PVDI*%

View Slide

FULL Attestation
Attestation Statementʹx5cΛؚΉ
ݕূखॱʢུ֓ʣ
1. AuthenticatorDataͱClientDataHash͔ΒsignatureBaseΛੜ੒
2. x5cͷূ໌ॻ͔Βެ։伴Λऔಘ
3. algͱެ։伴ͱsignatureBaseͰsigΛݕূ
:VCJDP4FDVSJUZ,FZ

View Slide

SELF Attestation
Attestation Statementʹx5cΛؚ·ͳ͍
2. AuthenticatorData͔Βެ։伴Λऔಘ
.BD#PPL5PVDI*%

View Slide

Verify Attestation

View Slide

·ͱΊ
• Touch IDΛೝূثͱͨ͠৔߹ͷAttestation Format͸
packed SELF Attestation
• ূ໌ॻ͔Βऔಘͨ͠ެ։伴Ͱ͸ͳ͘Authenticator Data
͔Βऔಘͨ͠ެ։伴Ͱݕূ
• ೝূ࣌͸ͦͷଞϑΥʔϚοτͱಉ͡ (transportsͷࢦఆ
͸஫ҙ)

View Slide

͓·͚

View Slide

Authentication Flow

View Slide

Authentication
navigator.credentials.get({
publicKey: {
timeout: 60000,
challenge: new Uint8Array([
0x79, 0x50, 0x68, 0x71, 0xDA, 0xEE, 0xEE, 0xB9, 0x94, 0xC3, 0xC2, ...
]).buffer,
allowCredentials: [{
id: cred.rawId,
type: "public-key"
}]
},
})
USBOTQPSUT ௨৴खஈ
ͷࢦఆʹ஫ҙ

View Slide

Authentication

View Slide

Authentication Flow

View Slide

AuthenticatorAssertionResponse
{
"rawId": "imCIoe8U_N9M1rTGeCqJ96TAu5uqSPa7YUzd ... " ,
"id": "imCIoe8U_N9M1rTGeCqJ96TAu5uqSPa7YUzdh7qq ... ",
"response": {
"authenticatorData": "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MBAAAALQ",
"signature": "MEUCIQCFOqnsAFZLQmcPt2qSjnCb403SisGEASSjT3fOPuD5JgIgF ...",
"userHandle": "",
"clientDataJSON": "eyJjaGFsbGVuZ2UiOiJDUXF5aUlrQ00yWEtvaHVSdlNqTEFoN ...”
},
"getClientExtensionResults": {},
"type": "public-key”
}

View Slide

Generating an assertion signature

View Slide

Verify Assertion
1. ొ࿥࣌ʹอ؅ͨ͠ެ։伴ΛऔΓग़͢

View Slide

Verify Assertion

View Slide

ͳ͔ͥॺ໊ͷݕূʹࣦഊ͢Δ

View Slide

ೝূ࣌ͷAuthenticatorData͕
Yubikeyͷ࣌ͱൺ΂ͯ௕͍ͧ??

View Slide

AuthenticatorData

View Slide

ݕূʹࣦഊ͍ͯͨ͠ཧ༝
• Ұ౓AuthenticatorDataΛ෼ղ͔ͯ͠ΒSignatureBaseΛ࡞͍ͬͯͨ
• ೝূ࣌ʹAttestedCredentialData͸ؚ·Εͳ͍ͱࢥ͍ͬͯͨ
• ೝূ࣌ʹChrome͸AttestedCredentialDataΛฦ͖͍ͯͯͨ͠
• ݁Ռͱͯ͠SignatureBase͕ෆ଍ͨ͠

View Slide

It can be longer than 37 bytes if extensions are sent (in which
case the extensions bit is set in the authenticatorData ﬂags).
You are correct though, that the authenticator should not send
attestedCredentialData for a GetAssertion operation.
Ҿ༻ݩIUUQTCVHTDISPNJVNPSHQDISPNJVNJTTVFTEFUBJM JE

View Slide

Should be in Chrome 75.
If you assume that we hit our six week cadence
then Chrome 75 would be ~mid June.
Ҿ༻ݩIUUQTCVHTDISPNJVNPSHQDISPNJVNJTTVFTEFUBJM JE

View Slide

ࢀߟ
• Web Authentication: An API for accessing Public Key Credentials
https://www.w3.org/TR/webauthn/
• FIDO2 attestation formatͷ঺հ
https://techblog.yahoo.co.jp/advent-calendar-2018/webauthn-attestation-packed/
• FIDO2ʹΑΔChromeͱMacBook Proͷtouch idΛར༻ͨ͠ύεϫʔυϨεϩάΠϯͷ࣮૷
https://qiita.com/ifsec_56/items/0cc5f1d73e7d2e3029ad
• Issue 946993: Touch ID authenticator returns attestedCredentialData in GetAssertion response
http://kent056-n.hatenablog.com/entry/2019/03/31/140910
• WebAuthn/FIDO2: Verifying Packed Attestation
ɹhttps://medium.com/@herrjemand/verifying-ﬁdo2-packed-attestation-a067a9b2facd

View Slide

ChromeからMacBookのTouchIDでWebAuthenticationする

ChromeからMacBookのTouchIDでWebAuthenticationする

kg0r0

More Decks by kg0r0

Featured

Transcript