Fix nonce validation

The attestation certificate contains the nonce as raw bytes in the
extension 1.2.840.113635.100.8.11.1
This commit is contained in:
Mariano Cano 2022-08-09 15:06:52 -07:00
parent e02a190fa7
commit 2ab1e6658e

View file

@ -346,12 +346,10 @@ func deviceAttest01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose
return err
}
// Validate nonce with SHA-256 of the token
//
// TODO(mariano): validate this
if data.Nonce != "" {
// Validate nonce with SHA-256 of the token.
if len(data.Nonce) != 0 {
sum := sha256.Sum256([]byte(ch.Token))
if data.Nonce != hex.EncodeToString(sum[:]) {
if subtle.ConstantTimeCompare(data.Nonce, sum[:]) != 1 {
return storeError(ctx, db, ch, true, NewError(ErrorBadAttestationStatement, "challenge token does not match"))
}
}
@ -408,7 +406,7 @@ var (
)
type appleAttestationData struct {
Nonce string
Nonce []byte
SerialNumber string
UDID string
SEPVersion string
@ -474,7 +472,7 @@ func doAppleAttestationFormat(ctx context.Context, ch *Challenge, db DB, att *At
case ext.Id.Equal(oidAppleSecureEnclaveProcessorOSVersion):
data.SEPVersion = string(ext.Value)
case ext.Id.Equal(oidAppleNonce):
data.Nonce = string(ext.Value)
data.Nonce = ext.Value
}
}