Skip to content

Instantly share code, notes, and snippets.

@watahani

watahani/ctap2.extx.md

Last active July 18, 2019 03:48
Show Gist options
  • Save watahani/4ca2367f23f2acbd6cafe5bc533a1747 to your computer and use it in GitHub Desktop.
Save watahani/4ca2367f23f2acbd6cafe5bc533a1747 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ctap2.extx.md

AAD Event Log

CTAP コマンドの送信は 210x 番台、生データが入ってんのは 110x 番台っぽい。

210x 番台のログで GetAssertion か MakeCredential を探して、そのあとの 110x 番台のログ見れば、中身が見える。

Make Credential

Request (make credential)

event id: 1101

TransactionId {6396df2d-3400-49b0-a1dd-0bc7ca910292}
  RpId login.microsoft.com
  UserIdLength 51
  UserId 4F463AC35FE08EE86A544087239BE152D78A08C6A6D779420C3C992AC4B36DCA11B30E63354C3A5812E3748D2232871B927812
  ClientDataHashAlgId SHA-256
  ClientDataLength 6931
  ClientDataHashLength 32
  ClientDataHash F9A8FE50B0484B8B1CA1E76D8285D338F25ADD6C3DB6AFFDD60DA2E445C48FA8
  RequireResidentKey true
  CredentialCount 0
  CredentialParameterCount 2
  RequestLength 246
  Request 01A5015820F9A8FE50B0484B8B1CA1E76D8285D338F25ADD6C3DB6AFFDD60DA2E445C48FA802A2626964736C6F67696E2E6D6963726F736F66742E636F6D646E616D65694D6963726F736F667403A362696458334F463AC35FE08EE86A544087239BE152D78A08C6A6D779420C3C992AC4B36DCA11B30E63354C3A5812E3748D2232871B927812646E616D65781F6669646F303140776168616E6979612E6F6E6D6963726F736F66742E636F6D6B646973706C61794E616D65666669646F30310482A263616C672664747970656A7075626C69632D6B6579A263616C6739010064747970656A7075626C69632D6B657907A162726BF5

CBOR の中身

{
  1: h'F9A8FE50B0484B8B1CA1E76D8285D338F25ADD6C3DB6AFFDD60DA2E445C48FA8',
  2: {"id": "login.microsoft.com", "name": "Microsoft"}, 
  3: {
    "id": h'4F463AC35FE08EE86A544087239BE152D78A08C6A6D779420C3C992AC4B36DCA11B30E63354C3A5812E3748D2232871B927812', 
    "name": "[email protected]", 
    "displayName": "fido01"}, 
  4: [
    {"alg": -7, "type": "public-key"},
    {"alg": -257, "type": "public-key"}],
  7: {"rk": true}}

public key credential source は id, name, displayName とシンプル。

Response

 EventData 

  TransactionId {6396df2d-3400-49b0-a1dd-0bc7ca910292} 
  AttestationFormatType packed 
  RpIdHashLength 32 
  RpIdHash 356C9ED4A09321B9695F1EAF918203F1B55F689DA61FBC96184C157DDA680C81 
  Flags 0xc5 
  SignCount 0x2 
  AAGuid {fa2b99dc-9e39-4257-8f92-4a30d23c4118} 
  CredentialIdLength 16 
  CredentialId 0141834C8AA4AD3C0E11773B864B53A2 
  U2fPublicKey false 
  PublicKeyLength 77 
  PublicKey A501020326200121582037E6F44C95D47E00E2B902B903321DC89DD7F19E96A2500147E969D85FAAC1D722582025609753C5DF8E35B211767082CC1A27673C36CF4ADD1AA79BCBD516942B7828 
  ResponseLength 971 
  Response A301667061636B65640258A2356C9ED4A09321B9695F1EAF918203F1B55F689DA61FBC96184C157DDA680C81C500000002FA2B99DC9E3942578F924A30D23C411800100141834C8AA4AD3C0E11773B864B53A2A501020326200121582037E6F44C95D47E00E2B902B903321DC89DD7F19E96A2500147E969D85FAAC1D722582025609753C5DF8E35B211767082CC1A27673C36CF4ADD1AA79BCBD516942B7828A16B686D61632D736563726574F503A363616C67266373696758483046022100A69DD8BD58BA3357933DF58A431D837A9B9EBBD322FF6F5B43C4328B6C3DFFB40221008C58361342386D07C3B8126D957E501EC55F1EBCD6E13EC5863E97A39C293FF163783563815902C0308202BC308201A4A003020102020403ADF012300D06092A864886F70D01010B0500302E312C302A0603550403132359756269636F2055324620526F6F742043412053657269616C203435373230303633313020170D3134303830313030303030305A180F32303530303930343030303030305A306D310B300906035504061302534531123010060355040A0C0959756269636F20414231223020060355040B0C1941757468656E74696361746F72204174746573746174696F6E3126302406035504030C1D59756269636F205532462045452053657269616C2036313733303833343059301306072A8648CE3D020106082A8648CE3D03010703420004199E879C162DB7DC39EE4A42A04616A5B309FECA092F76BE0948F96D6E95CAE4CC65CD54A059CFBDC7C9B31B2B1D6C184479C2C061F418AA954B596A2C1CFA17A36C306A302206092B0601040182C40A020415312E332E362E312E342E312E34313438322E312E373013060B2B0601040182E51C0201010404030204303021060B2B0601040182E51C01010404120410FA2B99DC9E3942578F924A30D23C4118300C0603551D130101FF04023000300D06092A864886F70D01010B0500038201010028EBB367FED1D8F0E289EBCA9FF6D80757C60E9AE57CB1728C9B1C38CABBBD84D9237DA831AC21949F0F2DFC0C316BFDB175B36E63A22BBB580EADCA5280D079840E5A1E2572625A3BFB876033DBFB22A969C938B89CE171359400A1252D9702A91293D54519E960DD22CE8A27EB05EB7E79B750C002FED9016B711EC9AD74501BD914CBBE8ED9571281B74F44EB077CE61ECB06AB85A97255267EE8E3982BF43F0CB21A382D235EB9E4CE6DB298C405425040232B2B61E10CD70C6215BC03B7E94071B70E12D1C47F96655A2EF99D4CE55A7F1B4B1FF914EE136D9E612047148864698880443116653889B86486D9C9C9FFBC9385453569B345744B8CA0B437

CBOR の中身

{
  1: "packed",
  2: h'356C9ED4A09321B9695F1EAF918203F1B55F689DA61FBC96184C157DDA680C81C500000002FA2B99DC9E3942578F924A30D23C411800100141834C8AA4AD3C0E11773B864B53A2A501020326200121582037E6F44C95D47E00E2B902B903321DC89DD7F19E96A2500147E969D85FAAC1D722582025609753C5DF8E35B211767082CC1A27673C36CF4ADD1AA79BCBD516942B7828A16B686D61632D736563726574F5', 
  3: {
    "alg": -7, 
    "sig": h'3046022100A69DD8BD58BA3357933DF58A431D837A9B9EBBD322FF6F5B43C4328B6C3DFFB40221008C58361342386D07C3B8126D957E501EC55F1EBCD6E13EC5863E97A39C293FF1',
    "x5c": [h'308202BC308201A4A003020102020403ADF012300D06092A864886F70D01010B0500302E312C302A0603550403132359756269636F2055324620526F6F742043412053657269616C203435373230303633313020170D3134303830313030303030305A180F32303530303930343030303030305A306D310B300906035504061302534531123010060355040A0C0959756269636F20414231223020060355040B0C1941757468656E74696361746F72204174746573746174696F6E3126302406035504030C1D59756269636F205532462045452053657269616C2036313733303833343059301306072A8648CE3D020106082A8648CE3D03010703420004199E879C162DB7DC39EE4A42A04616A5B309FECA092F76BE0948F96D6E95CAE4CC65CD54A059CFBDC7C9B31B2B1D6C184479C2C061F418AA954B596A2C1CFA17A36C306A302206092B0601040182C40A020415312E332E362E312E342E312E34313438322E312E373013060B2B0601040182E51C0201010404030204303021060B2B0601040182E51C01010404120410FA2B99DC9E3942578F924A30D23C4118300C0603551D130101FF04023000300D06092A864886F70D01010B0500038201010028EBB367FED1D8F0E289EBCA9FF6D80757C60E9AE57CB1728C9B1C38CABBBD84D9237DA831AC21949F0F2DFC0C316BFDB175B36E63A22BBB580EADCA5280D079840E5A1E2572625A3BFB876033DBFB22A969C938B89CE171359400A1252D9702A91293D54519E960DD22CE8A27EB05EB7E79B750C002FED9016B711EC9AD74501BD914CBBE8ED9571281B74F44EB077CE61ECB06AB85A97255267EE8E3982BF43F0CB21A382D235EB9E4CE6DB298C405425040232B2B61E10CD70C6215BC03B7E94071B70E12D1C47F96655A2EF99D4CE55A7F1B4B1FF914EE136D9E612047148864698880443116653889B86486D9C9C9FFBC9385453569B345744B8CA0B437']
  }
}

まあ YubiKey のいつもの。

Get Assertion

Request

event id: 1103

- EventData 

  TransactionId {e8ac5ca9-a3d5-45b9-9e2b-59fa75011456} 
  RpId login.microsoft.com 
  ClientDataHashAlgId S256 
  ClientDataLength 64 
  ClientDataHashLength 32 
  ClientDataHash 196370E114E6260614BF4C647DF2F0578C7C79935DEBA0D4017B47B05129C1A4 
  CredentialCount 0 
  RequestLength 64 
  Request 02A301736C6F67696E2E6D6963726F736F66742E636F6D025820196370E114E6260614BF4C647DF2F0578C7C79935DEBA0D4017B47B05129C1A405A1627570F5

CBOR の中身

{
  1: "login.microsoft.com",
  2: h'196370E114E6260614BF4C647DF2F0578C7C79935DEBA0D4017B47B05129C1A4',
  5: {"up": true}
}

2 はチャレンジだっけか?

対応するレスポンスは見つからず。

Response

1104

今度は、ちゃんと CredneitalId を指定して送っている。

TransactionId {5d419771-45d0-4ae0-89ea-0ef81703b8a5} 
  RpIdHashLength 32 
  RpIdHash 356C9ED4A09321B9695F1EAF918203F1B55F689DA61FBC96184C157DDA680C81 
  Flags 0x85 
  SignCount 0x8 
  CredentialIdLength 16 
  CredentialId 0141834C8AA4AD3C0E11773B864B53A2 
  ResponseLength 257 
  Response A401A2626964500141834C8AA4AD3C0E11773B864B53A264747970656A7075626C69632D6B6579025854356C9ED4A09321B9695F1EAF918203F1B55F689DA61FBC96184C157DDA680C818500000008A16B686D61632D7365637265745820FED320F6DC18C59778C259423A8F8F06CA7383230EA664A5BF62A1111C549465035846304402201AF81349C0605F78FE6ECB8E91C456591DC813451F172E70972FA1E91740728A022075981315DE6C3B8BBCCC3C7BD453B65F3C4CFA3E939E3A8F48BE7B84A1D2A0F204A162696458334F463AC35FE08EE86A544087239BE152D78A08C6A6D779420C3C992AC4B36DCA11B30E63354C3A5812E3748D2232871B927812 
{
  1: {"id": h'0141834C8AA4AD3C0E11773B864B53A2', "type": "public-key"}, 
  2: h'356C9ED4A09321B9695F1EAF918203F1B55F689DA61FBC96184C157DDA680C818500000008A16B686D61632D7365637265745820FED320F6DC18C59778C259423A8F8F06CA7383230EA664A5BF62A1111C549465', 
  3: h'304402201AF81349C0605F78FE6ECB8E91C456591DC813451F172E70972FA1E91740728A022075981315DE6C3B8BBCCC3C7BD453B65F3C4CFA3E939E3A8F48BE7B84A1D2A0F2', 
  4: {"id": h'4F463AC35FE08EE86A544087239BE152D78A08C6A6D779420C3C992AC4B36DCA11B30E63354C3A5812E3748D2232871B927812'}}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment