Commit Graph

205 Commits

Author SHA1 Message Date
djm@openbsd.org
c767735241 upstream: when writing an attestation blob for a FIDO key, record all
the data needed to verify the attestation. Previously we were missing the
"authenticator data" that is included in the signature.

spotted by Ian Haken
feedback Pedro Martelletto and Ian Haken; ok markus@

OpenBSD-Commit-ID: 8439896e63792b2db99c6065dd9a45eabbdb7e0a
2020-09-09 13:11:34 +10:00
jmc@openbsd.org
744df42a12 upstream: tweak previous;
OpenBSD-Commit-ID: 92714b6531e244e4da401b2defaa376374e24be7
2020-08-27 19:47:35 +10:00
djm@openbsd.org
0caff05350 upstream: Request PIN ahead of time for certain FIDO actions
When we know that a particular action will require a PIN, such as
downloading resident keys or generating a verify-required key, request
the PIN before attempting it.

joint work with Pedro Martelletto; ok markus@

OpenBSD-Commit-ID: 863182d38ef075bad1f7d20ca485752a05edb727
2020-08-27 11:28:36 +10:00
djm@openbsd.org
9b8ad93824 upstream: support for user-verified FIDO keys
FIDO2 supports a notion of "user verification" where the user is
required to demonstrate their identity to the token before particular
operations (e.g. signing). Typically this is done by authenticating
themselves using a PIN that has been set on the token.

This adds support for generating and using user verified keys where
the verification happens via PIN (other options might be added in the
future, but none are in common use now). Practically, this adds
another key generation option "verify-required" that yields a key that
requires a PIN before each authentication.

feedback markus@ and Pedro Martelletto; ok markus@

OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
2020-08-27 11:28:36 +10:00
solene@openbsd.org
dbaaa01dae upstream: - Add [-a rounds] in ssh-keygen man page and usage() -
Reorder parameters list in the first usage() case - Sentence rewording

ok dtucker@
jmc@ noticed usage() missed -a flag too

OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246
2020-07-17 13:23:34 +10:00
dtucker@openbsd.org
fec89f32a8 upstream: Add default for number of rounds (-a). ok djm@
OpenBSD-Commit-ID: cb7e9aa04ace01a98e63e4bd77f34a42ab169b15
2020-07-15 15:08:10 +10:00
djm@openbsd.org
6ec7457171 upstream: give ssh-keygen the ability to dump the contents of a
binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker

OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
2020-04-03 13:33:25 +11:00
dtucker@openbsd.org
7eb903f51e upstream: Fix typo. Patch from itoama at live.jp via github PR#173.
OpenBSD-Commit-ID: 5cdaafab38bbdea0d07e24777d00bfe6f972568a
2020-02-24 17:14:00 +11:00
djm@openbsd.org
963d71851e upstream: sync the description of the $SSH_SK_PROVIDER environment
variable with that of the SecurityKeyProvider ssh/sshd_config(5) directive,
as the latter was more descriptive.

OpenBSD-Commit-ID: 0488f09530524a7e53afca6b6e1780598022552f
2020-02-07 15:03:20 +11:00
djm@openbsd.org
d596b1d30d upstream: require FIDO application strings to start with "ssh:"; ok
markus@

OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
2020-02-04 21:08:10 +11:00
jmc@openbsd.org
072f3b832d upstream: use better markup for challenge and write-attestation, and
rejig the challenge text a little;

ok djm

OpenBSD-Commit-ID: 9f351e6da9edfdc907d5c3fdaf2e9ff3ab0a7a6f
2020-02-04 10:00:18 +11:00
jmc@openbsd.org
0facae7bc8 upstream: shuffle the challenge keyword to keep the -O list sorted;
OpenBSD-Commit-ID: 08efad608b790949a9a048d65578fae9ed5845fe
2020-02-02 20:25:09 +11:00
djm@openbsd.org
24c0f752ad upstream: changes to support FIDO attestation
Allow writing to disk the attestation certificate that is generated by
the FIDO token at key enrollment time. These certificates may be used
by an out-of-band workflow to prove that a particular key is held in
trustworthy hardware.

Allow passing in a challenge that will be sent to the card during
key enrollment. These are needed to build an attestation workflow
that resists replay attacks.

ok markus@

OpenBSD-Commit-ID: 457dc3c3d689ba39eed328f0817ed9b91a5f78f6
2020-01-29 18:52:55 +11:00
djm@openbsd.org
72a8bea2d7 upstream: ssh-keygen -Y find-principals fixes based on feedback
from Markus:

use "principals" instead of principal, as allowed_signers lines may list
multiple.

When the signing key is a certificate, emit only principals that match
the certificate principal list.

NB. the command -Y name changes: "find-principal" => "find-principals"

ok markus@

OpenBSD-Commit-ID: ab575946ff9a55624cd4e811bfd338bf3b1d0faf
2020-01-25 11:27:29 +11:00
jmc@openbsd.org
5533c2fb7e upstream: new sentence, new line;
OpenBSD-Commit-ID: b6c3f2f36ec77e99198619b38a9f146655281925
2020-01-23 18:51:25 +11:00
djm@openbsd.org
56cffcc09f upstream: add a new signature operations "find-principal" to look
up the principal associated with a signature from an allowed-signers file.
Work by Sebastian Kinne; ok dtucker@

OpenBSD-Commit-ID: 6f782cc7e18e38fcfafa62af53246a1dcfe74e5d
2020-01-23 13:45:24 +11:00
naddy@openbsd.org
b715fdc71b upstream: one more replacement "(security) key" -> "(FIDO)
authenticator"

OpenBSD-Commit-ID: 031bca03c1d1f878ab929facd561911f1bc68dfd
2020-01-21 18:09:09 +11:00
naddy@openbsd.org
84911da1be upstream: undo merge error and replace the term "security key"
again

OpenBSD-Commit-ID: 341749062c089cc360a7877e9ee3a887aecde395
2020-01-21 18:09:09 +11:00
naddy@openbsd.org
0d005d6372 upstream: sync ssh-keygen.1 and ssh-keygen's usage() with each
other and reality ok markus@

OpenBSD-Commit-ID: cdf64454f2c3604c25977c944e5b6262a3bcce92
2020-01-21 18:09:09 +11:00
jmc@openbsd.org
cd53476383 upstream: put the fido options in a list, and tidy up the text a
little; ok djm

OpenBSD-Commit-ID: 491ce15ae52a88b7a6a2b3b6708a14b4aacdeebb
2020-01-09 21:29:19 +11:00
djm@openbsd.org
c312ca077c upstream: Extends the SK API to accept a set of key/value options
for all operations. These are intended to future-proof the API a little by
making it easier to specify additional fields for without having to change
the API version for each.

At present, only two options are defined: one to explicitly specify
the device for an operation (rather than accepting the middleware's
autoselection) and another to specify the FIDO2 username that may
be used when generating a resident key. These new options may be
invoked at key generation time via ssh-keygen -O

This also implements a suggestion from Markus to avoid "int" in favour
of uint32_t for the algorithm argument in the API, to make implementation
of ssh-sk-client/helper a little easier.

feedback, fixes and ok markus@

OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
2020-01-06 13:12:46 +11:00
jmc@openbsd.org
c593cc5e82 upstream: the download resident keys option is -K (upper) not -k
(lower); ok djm

OpenBSD-Commit-ID: 71dc28a3e1fa7c553844abc508845bcf5766e091
2020-01-04 10:15:03 +11:00
djm@openbsd.org
9039971887 upstream: ability to download FIDO2 resident keys from a token via
"ssh-keygen -K". This will save public/private keys into the current
directory.

This is handy if you move a token between hosts.

feedback & ok markus@

OpenBSD-Commit-ID: d57c1f9802f7850f00a117a1d36682a6c6d10da6
2020-01-03 09:43:24 +11:00
jmc@openbsd.org
3b1382ffd5 upstream: simplify the list for moduli options - no need for
-compact;

OpenBSD-Commit-ID: 6492c72280482c6d072be46236b365cb359fc280
2020-01-03 09:41:20 +11:00
djm@openbsd.org
3093d12ff8 upstream: Remove the -x option currently used for
FIDO/U2F-specific key flags. Instead these flags may be specified via -O.

ok markus@

OpenBSD-Commit-ID: f23ebde2a8a7e1bf860a51055a711cffb8c328c1
2019-12-30 21:02:29 +11:00
djm@openbsd.org
3e60d18fba upstream: remove single-letter flags for moduli options
Move all moduli generation options to live under the -O flag.

Frees up seven single-letter flags.

NB. this change break existing ssh-keygen commandline syntax for moduli-
related operations. Very few people use these fortunately.

feedback and ok markus@

OpenBSD-Commit-ID: d498f3eaf28128484826a4fcb343612764927935
2019-12-30 14:33:54 +11:00
djm@openbsd.org
1e645fe767 upstream: prepare for use of ssh-keygen -O flag beyond certs
Move list of available certificate options in ssh-keygen.1 to the
CERTIFICATES section.

Collect options specified by -O but delay parsing/validation of
certificate options until we're sure that we're acting as a CA.

ok markus@

OpenBSD-Commit-ID: 33e6bcc29cfca43606f6fa09bd84b955ee3a4106
2019-12-30 14:32:20 +11:00
jmc@openbsd.org
20ccd85424 upstream: sort -Y internally in the options list, as is already
done in synopsis;

OpenBSD-Commit-ID: 86d033c5764404057616690d7be992e445b42274
2019-12-30 14:31:40 +11:00
jmc@openbsd.org
5b6c954751 upstream: in the options list, sort -Y and -y;
OpenBSD-Commit-ID: 24c2e6a3aeab6e050a0271ffc73fdff91c10dcaa
2019-12-30 14:31:40 +11:00
naddy@openbsd.org
141df487ba upstream: Replace the term "security key" with "(FIDO)
authenticator".

The polysemous use of "key" was too confusing.  Input from markus@.
ok jmc@

OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
2019-12-30 14:31:40 +11:00
jmc@openbsd.org
483cc723d1 upstream: tweak the Nd lines for a bit of consistency; ok markus
OpenBSD-Commit-ID: 876651bdde06bc1e72dd4bd7ad599f42a6ce5a16
2019-12-11 19:08:22 +11:00
djm@openbsd.org
daeaf41369 upstream: allow "ssh-keygen -x no-touch-required" when generating a
security key keypair to request one that does not require a touch for each
authentication attempt. The default remains to require touch.

feedback deraadt; ok markus@

OpenBSD-Commit-ID: 887e7084b2e89c0c62d1598ac378aad8e434bcbd
2019-11-25 12:25:30 +11:00
djm@openbsd.org
2e71263b80 upstream: add a "no-touch-required" option for authorized_keys and
a similar extension for certificates. This option disables the default
requirement that security key signatures attest that the user touched their
key to authorize them.

feedback deraadt, ok markus

OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e
2019-11-25 12:23:40 +11:00
naddy@openbsd.org
f0edda81c5 upstream: more missing mentions of ed25519-sk; ok djm@
OpenBSD-Commit-ID: f242e53366f61697dffd53af881bc5daf78230ff
2019-11-20 09:27:29 +11:00
djm@openbsd.org
97dc5d1d82 upstream: mention ed25519-sk in places where it is accepted;
prompted by jmc@

OpenBSD-Commit-ID: 076d386739ebe7336c2137e583bc7a5c9538a442
2019-11-18 15:57:17 +11:00
djm@openbsd.org
6bff9521ab upstream: directly support U2F/FIDO2 security keys in OpenSSH by
linking against the (previously external) USB HID middleware. The dlopen()
capability still exists for alternate middlewares, e.g. for Bluetooth, NFC
and test/debugging.

OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
2019-11-15 09:57:30 +11:00
naddy@openbsd.org
aa4c640dc3 upstream: Fill in missing man page bits for U2F security key support:
Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's
SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable,
and ssh-keygen's new -w and -x options.

Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal
substitutions.

ok djm@

OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4
2019-11-08 14:09:32 +11:00
jmc@openbsd.org
70fc9a6ca4 upstream: fixes from lucas;
OpenBSD-Commit-ID: 4c4bfd2806c5bbc753788ffe19c5ee13aaf418b2
2019-10-29 20:47:25 +11:00
jmc@openbsd.org
6918974405 upstream: use a more common options order in SYNOPSIS and sync
usage(); while here, no need for Bk/Ek;

ok dtucker

OpenBSD-Commit-ID: 38715c3f10b166f599a2283eb7bc14860211bb90
2019-10-04 13:40:57 +10:00
jmc@openbsd.org
6c91d42cce upstream: group and sort single letter options; ok deraadt
OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
2019-10-01 20:24:07 +10:00
jmc@openbsd.org
3b44bf39ff upstream: fix the DH-GEX text in -a; because this required a comma,
i added a comma to the first part, for balance...

OpenBSD-Commit-ID: 2c3464e9e82a41e8cdfe8f0a16d94266e43dbb58
2019-10-01 20:24:07 +10:00
jmc@openbsd.org
90d4b2541e upstream: new sentence, new line;
OpenBSD-Commit-ID: c35ca5ec07be460e95e7406af12eee04a77b6698
2019-10-01 20:24:07 +10:00
djm@openbsd.org
8aa2aa3cd4 upstream: Allow testing signature syntax and validity without verifying
that a signature came from a trusted signer. To discourage accidental or
unintentional use, this is invoked by the deliberately ugly option name
"check-novalidate"

from Sebastian Kinne

OpenBSD-Commit-ID: cea42c36ab7d6b70890e2d8635c1b5b943adcc0b
2019-09-16 13:25:53 +10:00
jmc@openbsd.org
f23d91f9fa upstream: macro fix; ok djm
OpenBSD-Commit-ID: e891dd6c7996114cb32f0924cb7898ab55efde6e
2019-09-05 20:07:12 +10:00
jmc@openbsd.org
db1e6f60f0 upstream: tweak previous;
OpenBSD-Commit-ID: 0abd728aef6b5b35f6db43176aa83b7e3bf3ce27
2019-09-05 14:56:51 +10:00
djm@openbsd.org
d637c4aee6 upstream: sshsig tweaks and improvements from and suggested by
Markus

ok markus/me

OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
2019-09-03 18:40:24 +10:00
djm@openbsd.org
2a9c9f7272 upstream: sshsig: lightweight signature and verification ability
for OpenSSH

This adds a simple manual signature scheme to OpenSSH.
Signatures can be made and verified using ssh-keygen -Y sign|verify

Signatures embed the key used to make them. At verification time, this
is matched via principal name against an authorized_keys-like list
of allowed signers.

Mostly by Sebastian Kinne w/ some tweaks by me

ok markus@

OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb
2019-09-03 18:40:23 +10:00
djm@openbsd.org
bca0582063 upstream: Accept the verbose flag when searching for host keys in known
hosts (i.e. "ssh-keygen -vF host") to print the matching host's random- art
signature too. bz#3003 "amusing, pretty" deraadt@

OpenBSD-Commit-ID: 686221a5447d6507f40a2ffba5393984d889891f
2019-07-19 13:53:27 +10:00
djm@openbsd.org
eb0d8e708a upstream: support PKCS8 as an optional format for storage of
private keys, enabled via "ssh-keygen -m PKCS8" on operations that save
private keys to disk.

The OpenSSH native key format remains the default, but PKCS8 is a
superior format to PEM if interoperability with non-OpenSSH software
is required, as it may use a less terrible KDF (IIRC PEM uses a single
round of MD5 as a KDF).

adapted from patch by Jakub Jelen via bz3013; ok markus

OpenBSD-Commit-ID: 027824e3bc0b1c243dc5188504526d73a55accb1
2019-07-15 23:21:18 +10:00
jmc@openbsd.org
85ceb0e64b upstream: tweak previous;
OpenBSD-Commit-ID: 42f39f22f53cfcb913bce401ae0f1bb93e08dd6c
2019-05-21 10:04:43 +10:00