Post not yet marked as solved
Questions about FIDO 2 attestation verification in iOS 14
I am currently implementing the FIDO 2 verification logic according to the url below.
https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server
My question is about aaguid and credentialId.
According to the url the aaguid is "An App Attest–specific constan".
And the length of credentialId is 32 bytes.
[Question] The aaguid delivered from safari was 16 zero bytes. Is it correct to be passed by this value?
The length of credentialId is 20 bytes, not 32 bytes. Is this correct?
[Test Env.]
iOS 14 beta 8
attestationObject : o2NmbXRlYXBwbGVnYXR0U3RtdKJjYWxnJmN4NWOCWQJGMIICQjCCAcmgAwIBAgIGAXR3IfJrMAoGCCqGSM49BAMCMEgxHDAaBgNVBAMME0FwcGxlIFdlYkF1dGhuIENBIDExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwOTEwMDgxOTA3WhcNMjAwOTExMDgyOTA3WjCBkTFJMEcGA1UEAwxAY2E1ZjZjYTQwZTE5OTQ0MTQzZjgzMjRlZTE3ZTliZjM2YmI4Nzk4YTllM2YzOWE4MjM4YjkwNWU3YTdmYmJlMTEaMBgGA1UECwwRQUFBIENlcnRpZmljYXRpb24xEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAShkVB07nrqMlaitq-5wjv8EzSikGdNRWvmTAA2gwYfz-9YTxpHF9UEnsTVTtl1v3Rdip4TUopyW-TYIVXUQ4o1UwUzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEBwQEAwIE8DAzBgkqhkiG92NkCAIEJjAkoSIEIHGCgF2RQrOUtNb3sBPwfRGEPAkN3drdsUJ5xmleeC8lMAoGCCqGSM49BAMCA2cAMGQCMDKVe8HKHbweixHUIHGZgUXYxV-UHxuEiJthFBkMjPrdkwG1Rvi3jExiJLUAiwXygIwctiDkQV1RYncBzpzaGPjQ4gFsilmMul-neygjeVxXAA-rm1FiA0Zh5cj7L6gWWQI4MIICNDCCAbqgAwIBAgIQViVTlcen-0Dr4ijYJghTtjAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MzgwMVoXDTMwMDMxMzAwMDAwMFowSDEcMBoGA1UEAwwTQXBwbGUgV2ViQXV0aG4gQ0EgMTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIMuhy8mFJGBAiW59fzWu2N4tfVfP8sEW8c1mTR1VSQRN-bhkhF2XGmh3aBQs41FCDQBpDT7JNES1Ww-HPv8uYkf7AaWCBvvlsvHfIjd2vRqWu4d1RW1r6q5O-nAsmkaNmMGQwEgYDVR0TAQHBAgwBgEBwIBADAfBgNVHSMEGDAWgBQm12TZxXjCWmfRp95rEtAbYHG1zAdBgNVHQ4EFgQU666CxP-hrFtR1M8kYQUAvmO9d4gwDgYDVR0PAQHBAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDdixo0gaX62du052V7hB4UTCe3W4dqQYbCsUdXUDNyJ-lVEV-9kiVDGMuXEg-cMECMCyKYETcIBP5ZvDTSkwwUh4Udlg7Wp18etKyr44zSW4l9DIBb7wxeLB6VxxugOB2hhdXRoRGF0YViYIoFgu94ab-4bEorgfUTSffzT79toCHqWSIC4Kv6KcRFAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMUF1XwkNChen9PxL4d3TozOT554pQECAyYgASFYIKGT9UHTueuoyVqK2r7nD-OwTNKKQZ01Fa-ZMADaDBhIlggP71hPGkcX1QSexNVO2XWdF2KnhNSinJb5NghVdRDg
clientDataJSON : eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiOUlRclR3YXhfaFJNVTlua0FIcEwxZzFvS2NKZUVqUjRxekxNYTNwT1NBVSIsIm9yaWdpbiI6Imh0dHBzOi8vb25lcGFzc2Rldi5yYW9uc2VjdXJlLmNvLmtyOjI4NDQ1In0
Post not yet marked as solved
Questions about FIDO 2 attestation verification in iOS 14
I am currently implementing the FIDO 2 verification logic according to the url below.
https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server
My question is about aaguid and credentialId.
According to the url the aaguid is "An App Attest–specific constan".
And the length of credentialId is 32 bytes.
[Question] The aaguid delivered from safari was 16 zero bytes. Is it correct to be passed by this value?
The length of credentialId is 20 bytes, not 32 bytes. Is this correct?
[Test Env.]
iOS 14 beta 8
attestationObject : o2NmbXRlYXBwbGVnYXR0U3RtdKJjYWxnJmN4NWOCWQJGMIICQjCCAcmgAwIBAgIGAXR3IfJrMAoGCCqGSM49BAMCMEgxHDAaBgNVBAMME0FwcGxlIFdlYkF1dGhuIENBIDExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwOTEwMDgxOTA3WhcNMjAwOTExMDgyOTA3WjCBkTFJMEcGA1UEAwxAY2E1ZjZjYTQwZTE5OTQ0MTQzZjgzMjRlZTE3ZTliZjM2YmI4Nzk4YTllM2YzOWE4MjM4YjkwNWU3YTdmYmJlMTEaMBgGA1UECwwRQUFBIENlcnRpZmljYXRpb24xEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAShkVB07nrqMlaitq-5wjv8EzSikGdNRWvmTAA2gwYfz-9YTxpHF9UEnsTVTtl1v3Rdip4TUopyW-TYIVXUQ4o1UwUzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEBwQEAwIE8DAzBgkqhkiG92NkCAIEJjAkoSIEIHGCgF2RQrOUtNb3sBPwfRGEPAkN3drdsUJ5xmleeC8lMAoGCCqGSM49BAMCA2cAMGQCMDKVe8HKHbweixHUIHGZgUXYxV-UHxuEiJthFBkMjPrdkwG1Rvi3jExiJLUAiwXygIwctiDkQV1RYncBzpzaGPjQ4gFsilmMul-neygjeVxXAA-rm1FiA0Zh5cj7L6gWWQI4MIICNDCCAbqgAwIBAgIQViVTlcen-0Dr4ijYJghTtjAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MzgwMVoXDTMwMDMxMzAwMDAwMFowSDEcMBoGA1UEAwwTQXBwbGUgV2ViQXV0aG4gQ0EgMTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIMuhy8mFJGBAiW59fzWu2N4tfVfP8sEW8c1mTR1VSQRN-bhkhF2XGmh3aBQs41FCDQBpDT7JNES1Ww-HPv8uYkf7AaWCBvvlsvHfIjd2vRqWu4d1RW1r6q5O-nAsmkaNmMGQwEgYDVR0TAQHBAgwBgEBwIBADAfBgNVHSMEGDAWgBQm12TZxXjCWmfRp95rEtAbYHG1zAdBgNVHQ4EFgQU666CxP-hrFtR1M8kYQUAvmO9d4gwDgYDVR0PAQHBAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDdixo0gaX62du052V7hB4UTCe3W4dqQYbCsUdXUDNyJ-lVEV-9kiVDGMuXEg-cMECMCyKYETcIBP5ZvDTSkwwUh4Udlg7Wp18etKyr44zSW4l9DIBb7wxeLB6VxxugOB2hhdXRoRGF0YViYIoFgu94ab-4bEorgfUTSffzT79toCHqWSIC4Kv6KcRFAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMUF1XwkNChen9PxL4d3TozOT554pQECAyYgASFYIKGT9UHTueuoyVqK2r7nD-OwTNKKQZ01Fa-ZMADaDBhIlggP71hPGkcX1QSexNVO2XWdF2KnhNSinJb5NghVdRDg
clientDataJSON : eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiOUlRclR3YXhfaFJNVTlua0FIcEwxZzFvS2NKZUVqUjRxekxNYTNwT1NBVSIsIm9yaWdpbiI6Imh0dHBzOi8vb25lcGFzc2Rldi5yYW9uc2VjdXJlLmNvLmtyOjI4NDQ1In0
Post not yet marked as solved
Questions about FIDO 2 attestation verification in iOS 14
I am currently implementing the FIDO 2 verification logic according to the url below.
https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server
My question is about aaguid and credentialId.
According to the url the aaguid is "An App Attest–specific constan".
And the length of credentialId is 32 bytes.
[Question] The "aaguid" delivered from safari was 16 zero bytes. Is it correct to be passed by this value?
The length of "credentialId" is 20 bytes, not 32 bytes. Is this correct?
[Test Env.]
iOS 14 beta 8
attestationObject : o2NmbXRlYXBwbGVnYXR0U3RtdKJjYWxnJmN4NWOCWQJGMIICQjCCAcmgAwIBAgIGAXR3IfJrMAoGCCqGSM49BAMCMEgxHDAaBgNVBAMME0FwcGxlIFdlYkF1dGhuIENBIDExEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwHhcNMjAwOTEwMDgxOTA3WhcNMjAwOTExMDgyOTA3WjCBkTFJMEcGA1UEAwxAY2E1ZjZjYTQwZTE5OTQ0MTQzZjgzMjRlZTE3ZTliZjM2YmI4Nzk4YTllM2YzOWE4MjM4YjkwNWU3YTdmYmJlMTEaMBgGA1UECwwRQUFBIENlcnRpZmljYXRpb24xEzARBgNVBAoMCkFwcGxlIEluYy4xEzARBgNVBAgMCkNhbGlmb3JuaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAShkVB07nrqMlaitq-5wjv8EzSikGdNRWvmTAA2gwYfz-9YTxpHF9UEnsTVTtl1v3Rdip4TUopyW-TYIVXUQ4o1UwUzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEBwQEAwIE8DAzBgkqhkiG92NkCAIEJjAkoSIEIHGCgF2RQrOUtNb3sBPwfRGEPAkN3drdsUJ5xmleeC8lMAoGCCqGSM49BAMCA2cAMGQCMDKVe8HKHbweixHUIHGZgUXYxV-UHxuEiJthFBkMjPrdkwG1Rvi3jExiJLUAiwXygIwctiDkQV1RYncBzpzaGPjQ4gFsilmMul-neygjeVxXAA-rm1FiA0Zh5cj7L6gWWQI4MIICNDCCAbqgAwIBAgIQViVTlcen-0Dr4ijYJghTtjAKBggqhkjOPQQDAzBLMR8wHQYDVQQDDBZBcHBsZSBXZWJBdXRobiBSb290IENBMRMwEQYDVQQKDApBcHBsZSBJbmMuMRMwEQYDVQQIDApDYWxpZm9ybmlhMB4XDTIwMDMxODE4MzgwMVoXDTMwMDMxMzAwMDAwMFowSDEcMBoGA1UEAwwTQXBwbGUgV2ViQXV0aG4gQ0EgMTETMBEGA1UECgwKQXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIMuhy8mFJGBAiW59fzWu2N4tfVfP8sEW8c1mTR1VSQRN-bhkhF2XGmh3aBQs41FCDQBpDT7JNES1Ww-HPv8uYkf7AaWCBvvlsvHfIjd2vRqWu4d1RW1r6q5O-nAsmkaNmMGQwEgYDVR0TAQHBAgwBgEBwIBADAfBgNVHSMEGDAWgBQm12TZxXjCWmfRp95rEtAbYHG1zAdBgNVHQ4EFgQU666CxP-hrFtR1M8kYQUAvmO9d4gwDgYDVR0PAQHBAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDdixo0gaX62du052V7hB4UTCe3W4dqQYbCsUdXUDNyJ-lVEV-9kiVDGMuXEg-cMECMCyKYETcIBP5ZvDTSkwwUh4Udlg7Wp18etKyr44zSW4l9DIBb7wxeLB6VxxugOB2hhdXRoRGF0YViYIoFgu94ab-4bEorgfUTSffzT79toCHqWSIC4Kv6KcRFAAAAAAAAAAAAAAAAAAAAAAAAAAAAFMUF1XwkNChen9PxL4d3TozOT554pQECAyYgASFYIKGT9UHTueuoyVqK2r7nD-OwTNKKQZ01Fa-ZMADaDBhIlggP71hPGkcX1QSexNVO2XWdF2KnhNSinJb5NghVdRDg
clientDataJSON : eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiOUlRclR3YXhfaFJNVTlua0FIcEwxZzFvS2NKZUVqUjRxekxNYTNwT1NBVSIsIm9yaWdpbiI6Imh0dHBzOi8vb25lcGFzc2Rldi5yYW9uc2VjdXJlLmNvLmtyOjI4NDQ1In0
Post not yet marked as solved
fido2 is available on beta14?
please tell me, yes or no
Post not yet marked as solved
How do I block cameras when using MDM BYOD on iOS 13 devices? (Without using the Apple business manager (DEP))
djpark0402.