New issue
Advanced search Search tips

Issue 868571 link

Starred by 1 user
Status: Verified
Owner:
martinkr@google.com
Closed: Aug 1
Cc:
mac-bugs-priority@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 1
Type: Bug

Blocking:
issue 678128



Sign in to add a comment

Fix Touch ID attestation statement

Project Member Reported by martinkr@google.com, Jul 27 
The Touch ID authenticator currently claims to use 'u2f' attestation statement format, when it really wants to use 'packed'.
Project Member

Comment 1 by bugdroid1@chromium.org, Jul 30 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e

commit 43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e
Author: Martin Kreichgauer <martinkr@google.com>
Date: Mon Jul 30 19:59:41 2018

device/fido: fix attestation format used in Touch ID

TouchIdAuthenticator was using FidoAttestationStatement, which is
fido-u2f, when it should have been using packed format. This adds a
PackedAttestationStatement class and changes the Touch ID code to use
it.

Bug:  868571 ,  678128 
Change-Id: I84626df6299d4d9df44500dcbbba365e9a30f2a2
Reviewed-on: https://chromium-review.googlesource.com/1153849
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org>
Cr-Commit-Position: refs/heads/master@{#579131}
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/BUILD.gn
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/BUILD.gn
[rename] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/attestation_statement_formats.cc
[add] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/attestation_statement_formats.h
[add] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/attestation_statement_formats_unittest.cc
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/authenticator_make_credential_response.cc
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/ctap_response_unittest.cc
[delete] https://crrev.com/e9a9227483671255fbb14458be5310f62778b60f/device/fido/fido_attestation_statement.h
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/fido_test_data.h
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/mac/make_credential_operation.mm
[modify] https://crrev.com/43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e/device/fido/mac/util.mm

Comment 2 by martinkr@google.com, Aug 1

Blocking: 678128
Labels: -Pri-3 Pri-1
Status: Verified (was: Started)

Comment 3 by martinkr@google.com, Aug 1

Labels: Merge-Request-69

Comment 4 by gov...@chromium.org, Aug 1 

Pls apply appropriate OSs label.

Comment 5 by martinkr@google.com, Aug 1

Labels: OS-Mac
Project Member

Comment 6 by sheriffbot@chromium.org, Aug 2

Labels: -Merge-Request-69 Hotlist-Merge-Approved Merge-Approved-69
Your change meets the bar and is auto-approved for M69. Please go ahead and merge the CL to branch 3497 manually. Please contact milestone owner if you have questions.
Owners: amineer@(Android), kariahda@(iOS), cindyb@(ChromeOS), govind@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 7 by gov...@chromium.org, Aug 2 

Pls merge to M69 branch 3497 ASAP. Thank you.
Project Member

Comment 8 by bugdroid1@chromium.org, Aug 2

Labels: -merge-approved-69 merge-merged-3497
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ba41bf8405450227b7ef580e40bbba1662efdc45

commit ba41bf8405450227b7ef580e40bbba1662efdc45
Author: Martin Kreichgauer <martinkr@google.com>
Date: Thu Aug 02 21:30:33 2018

[Merge M69]device/fido: fix attestation format used in Touch ID

TouchIdAuthenticator was using FidoAttestationStatement, which is
fido-u2f, when it should have been using packed format. This adds a
PackedAttestationStatement class and changes the Touch ID code to use
it.

(cherry picked from commit 43debfd7d6cdb16ba2bf2c5226eeaa85d7c5387e)

Bug:  868571 ,  678128 
Change-Id: I84626df6299d4d9df44500dcbbba365e9a30f2a2
Reviewed-on: https://chromium-review.googlesource.com/1153849
Commit-Queue: Martin Kreichgauer <martinkr@google.com>
Reviewed-by: Kim Paulhamus <kpaulhamus@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#579131}
Reviewed-on: https://chromium-review.googlesource.com/1161252
Cr-Commit-Position: refs/branch-heads/3497@{#354}
Cr-Branched-From: 271eaf50594eb818c9295dc78d364aea18c82ea8-refs/heads/master@{#576753}
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/BUILD.gn
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/BUILD.gn
[rename] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/attestation_statement_formats.cc
[add] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/attestation_statement_formats.h
[add] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/attestation_statement_formats_unittest.cc
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/authenticator_make_credential_response.cc
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/ctap_response_unittest.cc
[delete] https://crrev.com/39157691ae59c1eb8d145cc17ecd2f2d3ec11d8d/device/fido/fido_attestation_statement.h
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/fido_test_data.h
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/mac/make_credential_operation.mm
[modify] https://crrev.com/ba41bf8405450227b7ef580e40bbba1662efdc45/device/fido/mac/util.mm

Sign in to add a comment