diff --git a/CHANGELOG.md b/CHANGELOG.md
index 62ff675..f0f4808 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - You can now create and use keys created with `no-touch-required` option.
 - Support for `verify-required` option is added(with a little limitation).
+- New attestation data will be returned if available(a bit different but correct).
 
 ### Changed
 
@@ -17,7 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [v1] (OpenSSH middleware API version 5)
 
-- Check branch v1 [CHANGELOG.md](https://github.com/tavrez/openssh-sk-winhello/blob/v1/CHANGELOG.md).
+- [Branch v1 changelog](https://github.com/tavrez/openssh-sk-winhello/blob/v1/CHANGELOG.md).
 
 [Unreleased]: https://github.com/tavrez/openssh-sk-winhello/compare/v1.0.2...HEAD
 [v1]: https://github.com/tavrez/openssh-sk-winhello/tree/v1
diff --git a/src/winhello.c b/src/winhello.c
index 26ff41c..6de1a62 100644
--- a/src/winhello.c
+++ b/src/winhello.c
@@ -351,9 +351,15 @@ int sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len, cons
 			response->signature_len = att->cbSignature;
 			memcpy(response->signature, att->pbSignature, att->cbSignature);
 
-			// TODO: authentication data
-			response->authdata = NULL;
-			response->authdata_len = 0;
+			if ((response->authdata = calloc(1, pWebAuthNCredentialAttestation->cbAuthenticatorData + 2)) == NULL)
+			{
+				skdebug(__func__, "calloc authdata failed");
+				goto out;
+			}
+			response->authdata_len = pWebAuthNCredentialAttestation->cbAuthenticatorData + 2;
+			response->authdata[0] = 0x58;
+			response->authdata[1] = pWebAuthNCredentialAttestation->cbAuthenticatorData;
+			memcpy(response->authdata + 2, pWebAuthNCredentialAttestation->pbAuthenticatorData, pWebAuthNCredentialAttestation->cbAuthenticatorData);
 		}
 	}
 	*enroll_response = response;