Hi, I'm looking into ACME Managed Deice Attestation and was wondering about one of the values in the payload - AllowAllAppsAccess.
From the documentation: "If true, all apps have access to the private key" but what is the case that you would have this set to true? seems like it opens up the device to potentially malicious software.
Also, if this were set to true, how would an app access this private key when it is stored in the Secure Enclave? is there a specific tag that it is stored with?
The AllowAllAppsAccess key is for macOS only. It only works for ACME payloads if HardwareBound is false.
On macOS there are two keychain technologies.
The older file-based keychain supports AllowAllAppsAccess but does not support hardware-bound keys. You can see items in the file-based keychain using the Keychain Access app. Third party apps can access these items if they were installed with AllowAllAppsAccess set to true.
The newer data protection keychain supports hardware-bound keys, and does not support AllowAllAppsAccess. Third party apps and processes cannot access the identities that device management installs into the data protection keychain (with one exception for VPN extensions).
When installing an ACME payload on macOS it decides which keychain to use based upon the value of HardwareBound. Other Apple OSes only have a data protection keychain and do not have a file-based keychain, so all items go into the data protection keychain.
I'm going to take advantage of this thread to answer a question about this topic:
When we do not use HardwareBound, is it still considered Managed Device Attestation? Will the Certificate be requested successfully via ACME? Will the Attestation be valid?
When HardwareBound is false it still uses the ACME protocol to issue a cert, however no attestation can be generated. It's up to the ACME server to decide whether it will issue a cert when an attestation is absent.
