Questions about FIDO 2 attestation verification in iOS 14
I am currently implementing the FIDO 2 verification logic according to the url below.
https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server
My question is about aaguid and credentialId.
According to the url the aaguid is "An App Attest–specific constan".
And the length of credentialId is 32 bytes.
[Question] The aaguid delivered from safari was 16 zero bytes. Is it correct to be passed by this value?
The length of credentialId is 20 bytes, not 32 bytes. Is this correct?
[Test Env.]
iOS 14 beta 8
attestationObject : o2NmbXRlYXBwbGVnYXR0U3RtdKJjYWxnJmN4NWOCWQJGMIICQjCCAcmgAwIBAgIGAXR3IfJrMAoGCCqGSM49BAMCMEgxHDAaBgNVBAMME0FwcGxlIFdlYkF1dGhuIENBIDExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwOTEwMDgxOTA3WhcNMjAwOTExMDgyOTA3WjCBkTFJMEcGA1UEAwxAY2E1ZjZjYTQwZTE5OTQ0MTQzZjgzMjRlZTE3ZTliZjM2YmI4Nzk4YTllM2YzOWE4MjM4YjkwNWU3YTdmYmJlMTEaMBgGA1UECwwRQUFBIENlcnRpZmljYXRpb24xEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAShkVB07nrqMlaitq-5wjv8EzSikGdNRWvmTAA2gwYfz-9YTxpHF9UEnsTVTtl1v3Rdip4TUopyW-TYIVXUQ4o1UwUzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEBwQEAwIE8DAzBgkqhkiG92NkCAIEJjAkoSIEIHGCgF2RQrOUtNb3sBPwfRGEPAkN3drdsUJ5xmleeC8lMAoGCCqGSM49BAMCA2cAMGQCMDKVe8HKHbweixHUIHGZgUXYxV-UHxuEiJthFBkMjPrdkwG1Rvi3jExiJLUAiwXygIwctiDkQV1RYncBzpzaGPjQ4gFsilmMul-neygjeVxXAA-rm1FiA0Zh5cj7L6gWWQI4MIICNDCCAbqgAwIBAgIQViVTlcen-0Dr4ijYJghTtjAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MzgwMVoXDTMwMDMxMzAwMDAwMFowSDEcMBoGA1UEAwwTQXBwbGUgV2ViQXV0aG4gQ0EgMTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIMuhy8mFJGBAiW59fzWu2N4tfVfP8sEW8c1mTR1VSQRN-bhkhF2XGmh3aBQs41FCDQBpDT7JNES1Ww-HPv8uYkf7AaWCBvvlsvHfIjd2vRqWu4d1RW1r6q5O-nAsmkaNmMGQwEgYDVR0TAQHBAgwBgEBwIBADAfBgNVHSMEGDAWgBQm12TZxXjCWmfRp95rEtAbYHG1zAdBgNVHQ4EFgQU666CxP-hrFtR1M8kYQUAvmO9d4gwDgYDVR0PAQHBAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDdixo0gaX62du052V7hB4UTCe3W4dqQYbCsUdXUDNyJ-lVEV-9kiVDGMuXEg-cMECMCyKYETcIBP5ZvDTSkwwUh4Udlg7Wp18etKyr44zSW4l9DIBb7wxeLB6VxxugOB2hhdXRoRGF0YViYIoFgu94ab-4bEorgfUTSffzT79toCHqWSIC4Kv6KcRFAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMUF1XwkNChen9PxL4d3TozOT554pQECAyYgASFYIKGT9UHTueuoyVqK2r7nD-OwTNKKQZ01Fa-ZMADaDBhIlggP71hPGkcX1QSexNVO2XWdF2KnhNSinJb5NghVdRDg
clientDataJSON : eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiOUlRclR3YXhfaFJNVTlua0FIcEwxZzFvS2NKZUVqUjRxekxNYTNwT1NBVSIsIm9yaWdpbiI6Imh0dHBzOi8vb25lcGFzc2Rldi5yYW9uc2VjdXJlLmNvLmtyOjI4NDQ1In0
djpark0402
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
User for
Post
Replies
Boosts
Views
Activity
Questions about FIDO 2 attestation verification in iOS 14
I am currently implementing the FIDO 2 verification logic according to the url below.
https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server
My question is about aaguid and credentialId.
According to the url the aaguid is "An App Attest–specific constan".
And the length of credentialId is 32 bytes.
[Question] The aaguid delivered from safari was 16 zero bytes. Is it correct to be passed by this value?
The length of credentialId is 20 bytes, not 32 bytes. Is this correct?
[Test Env.]
iOS 14 beta 8
attestationObject : o2NmbXRlYXBwbGVnYXR0U3RtdKJjYWxnJmN4NWOCWQJGMIICQjCCAcmgAwIBAgIGAXR3IfJrMAoGCCqGSM49BAMCMEgxHDAaBgNVBAMME0FwcGxlIFdlYkF1dGhuIENBIDExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwOTEwMDgxOTA3WhcNMjAwOTExMDgyOTA3WjCBkTFJMEcGA1UEAwxAY2E1ZjZjYTQwZTE5OTQ0MTQzZjgzMjRlZTE3ZTliZjM2YmI4Nzk4YTllM2YzOWE4MjM4YjkwNWU3YTdmYmJlMTEaMBgGA1UECwwRQUFBIENlcnRpZmljYXRpb24xEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAShkVB07nrqMlaitq-5wjv8EzSikGdNRWvmTAA2gwYfz-9YTxpHF9UEnsTVTtl1v3Rdip4TUopyW-TYIVXUQ4o1UwUzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEBwQEAwIE8DAzBgkqhkiG92NkCAIEJjAkoSIEIHGCgF2RQrOUtNb3sBPwfRGEPAkN3drdsUJ5xmleeC8lMAoGCCqGSM49BAMCA2cAMGQCMDKVe8HKHbweixHUIHGZgUXYxV-UHxuEiJthFBkMjPrdkwG1Rvi3jExiJLUAiwXygIwctiDkQV1RYncBzpzaGPjQ4gFsilmMul-neygjeVxXAA-rm1FiA0Zh5cj7L6gWWQI4MIICNDCCAbqgAwIBAgIQViVTlcen-0Dr4ijYJghTtjAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MzgwMVoXDTMwMDMxMzAwMDAwMFowSDEcMBoGA1UEAwwTQXBwbGUgV2ViQXV0aG4gQ0EgMTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIMuhy8mFJGBAiW59fzWu2N4tfVfP8sEW8c1mTR1VSQRN-bhkhF2XGmh3aBQs41FCDQBpDT7JNES1Ww-HPv8uYkf7AaWCBvvlsvHfIjd2vRqWu4d1RW1r6q5O-nAsmkaNmMGQwEgYDVR0TAQHBAgwBgEBwIBADAfBgNVHSMEGDAWgBQm12TZxXjCWmfRp95rEtAbYHG1zAdBgNVHQ4EFgQU666CxP-hrFtR1M8kYQUAvmO9d4gwDgYDVR0PAQHBAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDdixo0gaX62du052V7hB4UTCe3W4dqQYbCsUdXUDNyJ-lVEV-9kiVDGMuXEg-cMECMCyKYETcIBP5ZvDTSkwwUh4Udlg7Wp18etKyr44zSW4l9DIBb7wxeLB6VxxugOB2hhdXRoRGF0YViYIoFgu94ab-4bEorgfUTSffzT79toCHqWSIC4Kv6KcRFAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMUF1XwkNChen9PxL4d3TozOT554pQECAyYgASFYIKGT9UHTueuoyVqK2r7nD-OwTNKKQZ01Fa-ZMADaDBhIlggP71hPGkcX1QSexNVO2XWdF2KnhNSinJb5NghVdRDg
clientDataJSON : eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiOUlRclR3YXhfaFJNVTlua0FIcEwxZzFvS2NKZUVqUjRxekxNYTNwT1NBVSIsIm9yaWdpbiI6Imh0dHBzOi8vb25lcGFzc2Rldi5yYW9uc2VjdXJlLmNvLmtyOjI4NDQ1In0
Questions about FIDO 2 attestation verification in iOS 14
I am currently implementing the FIDO 2 verification logic according to the url below.
https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server
My question is about aaguid and credentialId.
According to the url the aaguid is "An App Attest–specific constan".
And the length of credentialId is 32 bytes.
[Question] The "aaguid" delivered from safari was 16 zero bytes. Is it correct to be passed by this value?
The length of "credentialId" is 20 bytes, not 32 bytes. Is this correct?
[Test Env.]
iOS 14 beta 8
attestationObject : o2NmbXRlYXBwbGVnYXR0U3RtdKJjYWxnJmN4NWOCWQJGMIICQjCCAcmgAwIBAgIGAXR3IfJrMAoGCCqGSM49BAMCMEgxHDAaBgNVBAMME0FwcGxlIFdlYkF1dGhuIENBIDExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwOTEwMDgxOTA3WhcNMjAwOTExMDgyOTA3WjCBkTFJMEcGA1UEAwxAY2E1ZjZjYTQwZTE5OTQ0MTQzZjgzMjRlZTE3ZTliZjM2YmI4Nzk4YTllM2YzOWE4MjM4YjkwNWU3YTdmYmJlMTEaMBgGA1UECwwRQUFBIENlcnRpZmljYXRpb24xEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAShkVB07nrqMlaitq-5wjv8EzSikGdNRWvmTAA2gwYfz-9YTxpHF9UEnsTVTtl1v3Rdip4TUopyW-TYIVXUQ4o1UwUzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEBwQEAwIE8DAzBgkqhkiG92NkCAIEJjAkoSIEIHGCgF2RQrOUtNb3sBPwfRGEPAkN3drdsUJ5xmleeC8lMAoGCCqGSM49BAMCA2cAMGQCMDKVe8HKHbweixHUIHGZgUXYxV-UHxuEiJthFBkMjPrdkwG1Rvi3jExiJLUAiwXygIwctiDkQV1RYncBzpzaGPjQ4gFsilmMul-neygjeVxXAA-rm1FiA0Zh5cj7L6gWWQI4MIICNDCCAbqgAwIBAgIQViVTlcen-0Dr4ijYJghTtjAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MzgwMVoXDTMwMDMxMzAwMDAwMFowSDEcMBoGA1UEAwwTQXBwbGUgV2ViQXV0aG4gQ0EgMTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIMuhy8mFJGBAiW59fzWu2N4tfVfP8sEW8c1mTR1VSQRN-bhkhF2XGmh3aBQs41FCDQBpDT7JNES1Ww-HPv8uYkf7AaWCBvvlsvHfIjd2vRqWu4d1RW1r6q5O-nAsmkaNmMGQwEgYDVR0TAQHBAgwBgEBwIBADAfBgNVHSMEGDAWgBQm12TZxXjCWmfRp95rEtAbYHG1zAdBgNVHQ4EFgQU666CxP-hrFtR1M8kYQUAvmO9d4gwDgYDVR0PAQHBAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDdixo0gaX62du052V7hB4UTCe3W4dqQYbCsUdXUDNyJ-lVEV-9kiVDGMuXEg-cMECMCyKYETcIBP5ZvDTSkwwUh4Udlg7Wp18etKyr44zSW4l9DIBb7wxeLB6VxxugOB2hhdXRoRGF0YViYIoFgu94ab-4bEorgfUTSffzT79toCHqWSIC4Kv6KcRFAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMUF1XwkNChen9PxL4d3TozOT554pQECAyYgASFYIKGT9UHTueuoyVqK2r7nD-OwTNKKQZ01Fa-ZMADaDBhIlggP71hPGkcX1QSexNVO2XWdF2KnhNSinJb5NghVdRDg
clientDataJSON : eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiOUlRclR3YXhfaFJNVTlua0FIcEwxZzFvS2NKZUVqUjRxekxNYTNwT1NBVSIsIm9yaWdpbiI6Imh0dHBzOi8vb25lcGFzc2Rldi5yYW9uc2VjdXJlLmNvLmtyOjI4NDQ1In0
fido2 is available on beta14?
please tell me, yes or no