In macOS, is it possible to have a hardware-bound key in the system context?

Question

Created Jul ’24

Replies 4

Boosts 0

Participants 3

We are interested in using a hardware-bound key to sign requests made to a server prior to a user being logged in. We would do this using a launch daemon. The goal here is to have a high degree of assurance that a request came from a particular device.

The normal way to do this would be with a private key in the Secure Enclave.

Based on these threads: https://forums.developer.apple.com/forums/thread/719342

https://forums.developer.apple.com/forums/thread/115833

and the write-up about the Data Protection Keychain, it doesn't appear possible with the SE. Rather, it seems that we must wait until we have a logged-in user context before we can use the SE.

My questions are:

am I correct in that the SE is not usable in the system context prior to login?
is there any other way on macOS to sign a request in such a way that we know it comes from a specific device?

Thanks.

Answered by DTS Engineer in 797326022

am I correct in that the SE is not usable in the system context prior to login?

Correct, presuming that we’re talking about general-purpose signing from third-party code.

We are interested in using a hardware-bound key to sign requests made to a server prior to a user being logged in.

This kinda sounds a bit IdP-ish. If so, there might be an answer for you in the Platform SSO space.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

DTS Engineer OP

Apple

Jul ’24

Accepted Answer

am I correct in that the SE is not usable in the system context prior to login?

Correct, presuming that we’re talking about general-purpose signing from third-party code.

We are interested in using a hardware-bound key to sign requests made to a server prior to a user being logged in.

This kinda sounds a bit IdP-ish. If so, there might be an answer for you in the Platform SSO space.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

fxk510 OP

Jul ’24

Thanks for the quick response.

And I assume by general-purpose signing from 3rd party code you mean that Apple code might be able to do it, but we will not be able to accomplish it?

You are correct that this is in the context of IDP work and so PSSO is definitely on our radar for this. We'll dig deeper into that.

Thanks, Francis

0

Answer 3

fxk510 OP

Jul ’24

Another question on this topic: would an ACME certificate, which can be hardware bound, be used during the system context prior to login?

0

Answer 4

DTS Engineer OP

Apple

Jul ’24

And I assume by general-purpose signing from 3rd party code you mean that Apple code might be able to do it, but we will not be able to accomplish it?

Yes, but that “general-purpose” rider is important. The key thing here is the “it” in the above quote. By “general-purpose” I’m talking about calling APIs, like SecKeyCreateSignature and Apple CryptoKit, that allow you to sign arbitrary data. Beyond that, for example, in the Platform SSO stuff, things get more nuanced.

would an ACME certificate, which can be hardware bound, be used during the system context prior to login?

I don’t think so. I don’t know a lot about ACME, but it seems to me that they must be issued to the machine or the user. If they’re issued to the user, you can’t use them prior to login because the user’s keychain is locked. If they’re issued to the machine then you can’t use the key directly for the reasons I’ve outlined above.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0