fido/mac: Change AAGUID for Touch ID self-authentication to all zeroes.

Touch ID previously used a non-zero AAGUID chosen by us. But WebAuthn requires self-attestation to use an all-zero AAGUID value. Also delete the unused |TouchIdAaguid| function. Bug: 678128 Change-Id: I27bc82f7248d2c22ede773c0e6b010f56022d255 Reviewed-on: https://chromium-review.googlesource.com/1172911Reviewed-by: Adam Langley <agl@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Commit-Queue: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#582888}

fido/mac: Change AAGUID for Touch ID self-authentication to all zeroes.
Touch ID previously used a non-zero AAGUID chosen by us. But WebAuthn requires self-attestation to use an all-zero AAGUID value. Also delete the unused |TouchIdAaguid| function. Bug: 678128 Change-Id: I27bc82f7248d2c22ede773c0e6b010f56022d255 Reviewed-on: https://chromium-review.googlesource.com/1172911Reviewed-by: Adam Langley <agl@chromium.org> Reviewed-by: Balazs Engedy <engedy@chromium.org> Commit-Queue: Balazs Engedy <engedy@chromium.org> Cr-Commit-Position: refs/heads/master@{#582888}
73a4f93c · Martin Kreichgauer · Commit Bot · 045f7eb8 · 73a4f93c · 73a4f93c
Commit 73a4f93c authored Aug 14, 2018 by Martin Kreichgauer Committed by Commit Bot Aug 14, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 10 deletions

device/fido/mac/util.h device/fido/mac/util.h +0 -2

device/fido/mac/util.mm device/fido/mac/util.mm +5 -8

No files found.
--- a/device/fido/mac/util.h
+++ b/device/fido/mac/util.h
@@ -47,8 +47,6 @@ base::Optional<std::vector<uint8_t>> GenerateSignature(
 std::unique_ptr<ECPublicKey> SecKeyRefToECPublicKey(SecKeyRef public_key_ref)
    API_AVAILABLE(macosx(10.12.2));

-std::vector<uint8_t> TouchIdAaguid();
-
 }  // namespace mac
 }  // namespace fido
 }  // namespace device

--- a/device/fido/mac/util.mm
+++ b/device/fido/mac/util.mm
@@ -31,14 +31,11 @@ using base::scoped_nsobject;
 using cbor::CBORWriter;
 using cbor::CBORValue;

-// The authenticator AAGUID value.
-constexpr std::array<uint8_t, 16> kAaguid = {0xad, 0xce, 0x00, 0x02, 0x35, 0xbc,
-                                             0xc6, 0x0a, 0x64, 0x8b, 0x0b, 0x25,
-                                             0xf1, 0xf0, 0x55, 0x03};
-
-std::vector<uint8_t> TouchIdAaguid() {
-  return std::vector<uint8_t>(kAaguid.begin(), kAaguid.end());
-}
+// WebAuthn requires an all-zero AAGUID for authenticators using
+// self-attestation.
+constexpr std::array<uint8_t, 16> kAaguid = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+                                             0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+                                             0x00, 0x00, 0x00, 0x00};

 // SecKeyRefToECPublicKey converts a SecKeyRef for a public key into an
 // equivalent |ECPublicKey| instance. It returns |nullptr| if the key cannot be