From 11429cae438320986d5160ccb56cdc0fd8f45437 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Tue, 29 Aug 2023 20:07:47 +0000 Subject: [PATCH 01/11] initial text for compound attestation format --- index.bs | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 4319fc955..c9bc1b150 100644 --- a/index.bs +++ b/index.bs @@ -6206,7 +6206,7 @@ if the [=authenticator=] does not support [=attestation=]. attStmt: emptyMap ) - emptyMap = {} + compound = {} ``` : Signing procedure @@ -6264,6 +6264,36 @@ This attestation statement format is exclusively used by Apple for certain types 5. Verify that the [=credential public key=] equals the Subject Public Key of |credCert|. 6. If successful, return implementation-specific values representing attestation type [=Anonymization CA=] and attestation trust path |x5c|. +## Compound Attestation Statement Format ## {#sctn-compound-attestation} + +The "compound" attestation statement format is used to pass multiple, self-contained attestation statements in a single ceremony. + +: Attestation statement format identifier +:: compound + +: Attestation types supported +:: [=Basic=], [=AttCA=], [=Anonymization CA=] + +: Syntax +:: The syntax of a compound attestation statement is defined as follows: + + ``` + $$attStmtType //= ( + fmt: "compound", + attStmt: compoundAttStmts + ) + + compoundAttStmts = [] + ``` + +`compoundAttStmts` MUST NOT contain additional compound attestation statements. + +: Signing procedure +:: Not applicable + +: Verification procedure +:: For every element in the array, validate the attestation statement based on the verification procedure specified for that format (using the `fmt` identifier). + # WebAuthn Extensions # {#sctn-extensions} The mechanism for generating [=public key credentials=], as well as requesting and generating Authentication assertions, as From ae0786dc96b5fa140a108e1a7af47a03584f6f37 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Tue, 29 Aug 2023 20:31:20 +0000 Subject: [PATCH 02/11] rogue text change --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index c9bc1b150..dacda7a5e 100644 --- a/index.bs +++ b/index.bs @@ -6206,7 +6206,7 @@ if the [=authenticator=] does not support [=attestation=]. attStmt: emptyMap ) - compound = {} + emptyMap = {} ``` : Signing procedure From 3f576ed2d3f856e20af4714023cd47e1835563f8 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Tue, 5 Sep 2023 22:12:03 -0400 Subject: [PATCH 03/11] add validation failure text --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index dacda7a5e..7276202ad 100644 --- a/index.bs +++ b/index.bs @@ -6292,7 +6292,7 @@ The "compound" attestation statement format is used to pass multiple, self-conta :: Not applicable : Verification procedure -:: For every element in the array, validate the attestation statement based on the verification procedure specified for that format (using the `fmt` identifier). +:: For every element in the array, validate the attestation statement based on the verification procedure specified for that format (using the `fmt` identifier). If validation fails for one or more compound attestation statements, [=[RPS]=] should decide the appropriate results based on policy from information they have about the [=authenticators=]. # WebAuthn Extensions # {#sctn-extensions} From 21ae2d18bfcef93b1d26fcce0e63218a4ad26345 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Mon, 18 Sep 2023 23:57:00 +0000 Subject: [PATCH 04/11] any attestation type in spec --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 7276202ad..96f1fd873 100644 --- a/index.bs +++ b/index.bs @@ -6272,7 +6272,7 @@ The "compound" attestation statement format is used to pass multiple, self-conta :: compound : Attestation types supported -:: [=Basic=], [=AttCA=], [=Anonymization CA=] +:: Any attestation type defined in this specification : Syntax :: The syntax of a compound attestation statement is defined as follows: From 9bd2a6b6f9044178946259cd24c73ed210af728d Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Tue, 19 Sep 2023 20:02:28 +0000 Subject: [PATCH 05/11] add must have two or more --- index.bs | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/index.bs b/index.bs index 96f1fd873..19dd1fc3c 100644 --- a/index.bs +++ b/index.bs @@ -6266,13 +6266,14 @@ This attestation statement format is exclusively used by Apple for certain types ## Compound Attestation Statement Format ## {#sctn-compound-attestation} -The "compound" attestation statement format is used to pass multiple, self-contained attestation statements in a single ceremony. +The "compound" attestation statement format is used to pass multiple, self-contained attestation statements in a single ceremony. This + : Attestation statement format identifier :: compound : Attestation types supported -:: Any attestation type defined in this specification +:: Any attestation type defined in this specification except `compound` : Syntax :: The syntax of a compound attestation statement is defined as follows: @@ -6286,7 +6287,7 @@ The "compound" attestation statement format is used to pass multiple, self-conta compoundAttStmts = [] ``` -`compoundAttStmts` MUST NOT contain additional compound attestation statements. +`compoundAttStmts` MUST contain two or more attestation statements which MUST NOT be compound attestation statements. : Signing procedure :: Not applicable From 36951f6e291a602cda9b826a077094026b1b4ac2 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Tue, 19 Sep 2023 21:35:40 +0000 Subject: [PATCH 06/11] rouge word --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 19dd1fc3c..3449c74dd 100644 --- a/index.bs +++ b/index.bs @@ -6266,7 +6266,7 @@ This attestation statement format is exclusively used by Apple for certain types ## Compound Attestation Statement Format ## {#sctn-compound-attestation} -The "compound" attestation statement format is used to pass multiple, self-contained attestation statements in a single ceremony. This +The "compound" attestation statement format is used to pass multiple, self-contained attestation statements in a single ceremony. : Attestation statement format identifier From ed80f71d6b7d09aba41e05dcb8a6e1698a69e569 Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Wed, 20 Sep 2023 20:03:52 +0000 Subject: [PATCH 07/11] address Mike's comment about IANA reference --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 3449c74dd..919f721d8 100644 --- a/index.bs +++ b/index.bs @@ -6273,7 +6273,7 @@ The "compound" attestation statement format is used to pass multiple, self-conta :: compound : Attestation types supported -:: Any attestation type defined in this specification except `compound` +:: Any attestation type defined in the IANA "WebAuthn Attestation Statement Format Identifiers" registry [[!IANA-WebAuthn-Registries]] except `compound` : Syntax :: The syntax of a compound attestation statement is defined as follows: From b5a7fcd87b2c8f6c0b6281463ea321e86c7aa86b Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Wed, 20 Sep 2023 20:05:13 +0000 Subject: [PATCH 08/11] add for --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 919f721d8..884469c46 100644 --- a/index.bs +++ b/index.bs @@ -6273,7 +6273,7 @@ The "compound" attestation statement format is used to pass multiple, self-conta :: compound : Attestation types supported -:: Any attestation type defined in the IANA "WebAuthn Attestation Statement Format Identifiers" registry [[!IANA-WebAuthn-Registries]] except `compound` +:: Any attestation type defined in the IANA "WebAuthn Attestation Statement Format Identifiers" registry [[!IANA-WebAuthn-Registries]] except for `compound` : Syntax :: The syntax of a compound attestation statement is defined as follows: From 175ee6180520e5075e6c9f8aea3c024d08dd82bd Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Wed, 4 Oct 2023 15:13:34 -0400 Subject: [PATCH 09/11] attestation types support to any Co-authored-by: Emil Lundberg --- index.bs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.bs b/index.bs index 884469c46..e46253e66 100644 --- a/index.bs +++ b/index.bs @@ -6273,7 +6273,7 @@ The "compound" attestation statement format is used to pass multiple, self-conta :: compound : Attestation types supported -:: Any attestation type defined in the IANA "WebAuthn Attestation Statement Format Identifiers" registry [[!IANA-WebAuthn-Registries]] except for `compound` +:: Any. See [[#sctn-attestation-types]]. : Syntax :: The syntax of a compound attestation statement is defined as follows: From 108db9919ddd92a7856d7d85ec34ca5f3edd873d Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Wed, 4 Oct 2023 15:46:51 -0400 Subject: [PATCH 10/11] Update CDDL to be more explicit Co-authored-by: Emil Lundberg --- index.bs | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/index.bs b/index.bs index e46253e66..b10df96a3 100644 --- a/index.bs +++ b/index.bs @@ -6281,14 +6281,12 @@ The "compound" attestation statement format is used to pass multiple, self-conta ``` $$attStmtType //= ( fmt: "compound", - attStmt: compoundAttStmts + attStmt: [2* nonCompoundAttStmt] ) - compoundAttStmts = [] + nonCompoundAttStmt = { $$attStmtType } .within { fmt: text .ne "compound" } ``` -`compoundAttStmts` MUST contain two or more attestation statements which MUST NOT be compound attestation statements. - : Signing procedure :: Not applicable From e0a4f31b2a56b841f1511dbb1d7c125c8aa2030f Mon Sep 17 00:00:00 2001 From: Tim Cappalli Date: Thu, 5 Oct 2023 13:02:06 -0400 Subject: [PATCH 11/11] Add more complete logic for individual attestation verification via Emil Co-authored-by: Emil Lundberg --- index.bs | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/index.bs b/index.bs index b10df96a3..67c898a28 100644 --- a/index.bs +++ b/index.bs @@ -6291,7 +6291,17 @@ The "compound" attestation statement format is used to pass multiple, self-conta :: Not applicable : Verification procedure -:: For every element in the array, validate the attestation statement based on the verification procedure specified for that format (using the `fmt` identifier). If validation fails for one or more compound attestation statements, [=[RPS]=] should decide the appropriate results based on policy from information they have about the [=authenticators=]. +:: Given the [=verification procedure inputs=] |attStmt|, |authenticatorData| and |clientDataHash|, the [=verification procedure=] is + as follows: + 1. [=list/For each=] |subStmt| of |attStmt|, evaluate the [=verification procedure=] + corresponding to the [=attestation statement format identifier=] |subStmt|.fmt + with [=verification procedure inputs=] |subStmt|, |authenticatorData| and |clientDataHash|. + + If validation fails for one or more |subStmt|, decide the appropriate result based on [=[RP]=] policy. + + 2. If sufficiently many (as determined by [=[RP]=] policy) [=list/items=] of |attStmt| verify successfully, + return implementation-specific values representing any combination of outputs from successful [=verification procedures=]. + # WebAuthn Extensions # {#sctn-extensions}