diff options
| -rw-r--r-- | usr.bin/ssh/Makefile.inc | 12 | ||||
| -rw-r--r-- | usr.bin/ssh/readconf.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sk-usbhid.c | 692 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-add.1 | 7 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-add.c | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-add/Makefile | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 7 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-agent/Makefile | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keygen.1 | 9 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keygen.c | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keygen/Makefile | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keyscan/Makefile | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keysign/Makefile | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-pkcs11-helper/Makefile | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-sk-helper/Makefile | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-sk.c | 17 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 10 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh/Makefile | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh_config.5 | 9 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd/Makefile | 5 |
20 files changed, 779 insertions, 41 deletions
diff --git a/usr.bin/ssh/Makefile.inc b/usr.bin/ssh/Makefile.inc index 5570a1f21ae..04825ce3faf 100644 --- a/usr.bin/ssh/Makefile.inc +++ b/usr.bin/ssh/Makefile.inc @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile.inc,v 1.75 2019/11/12 19:29:24 markus Exp $ +# $OpenBSD: Makefile.inc,v 1.76 2019/11/14 21:27:29 djm Exp $ .include <bsd.own.mk> @@ -17,14 +17,17 @@ CDIAGFLAGS+= -Wshadow CDIAGFLAGS+= -Wstrict-prototypes CDIAGFLAGS+= -Wunused CDIAGFLAGS+= -Wno-unused-parameter # Lots of these in protocol handlers. +CDIAGFLAGS+= -Widiomatic-parentheses -Wparentheses +CDIAGFLAGS+= -Wimplicit-fallthrough .if ${COMPILER_VERSION:L} != "gcc3" CDIAGFLAGS+= -Wstrict-aliasing=2 CDIAGFLAGS+= -Wold-style-definition .endif -#CDIAGFLAGS+= -Werror -#DEBUG=-g -#INSTALL_STRIP= +CDIAGFLAGS+= -Werror +CDIAGFLAGS+= -fno-common +DEBUG=-g +INSTALL_STRIP= WARNINGS=yes @@ -74,6 +77,7 @@ SRCS_KEY+= ssh-rsa.c SRCS_KEY+= sshbuf-getput-crypto.c SRCS_KEY+= digest-openssl.c SRCS_KEY+= ssh-sk.c +SRCS_KEY+= sk-usbhid.c .else SRCS_KEY+= cipher-aesctr.c SRCS_KEY+= rijndael.c diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 9b9acb408ab..4d185dddd32 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.313 2019/11/13 05:42:26 deraadt Exp $ */ +/* $OpenBSD: readconf.c,v 1.314 2019/11/14 21:27:29 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -2114,7 +2114,7 @@ fill_default_options(Options * options) if (options->update_hostkeys == -1) options->update_hostkeys = 0; if (options->sk_provider == NULL) - options->sk_provider = xstrdup("$SSH_SK_PROVIDER"); + options->sk_provider = xstrdup("internal"); /* Expand KEX name lists */ all_cipher = cipher_alg_list(',', 0); diff --git a/usr.bin/ssh/sk-usbhid.c b/usr.bin/ssh/sk-usbhid.c new file mode 100644 index 00000000000..63c7cb21838 --- /dev/null +++ b/usr.bin/ssh/sk-usbhid.c @@ -0,0 +1,692 @@ +/* + * Copyright (c) 2019 Markus Friedl + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <stdint.h> +#include <stdlib.h> +#include <string.h> +#include <stdio.h> +#include <stddef.h> +#include <stdarg.h> + +#include <openssl/opensslv.h> +#include <openssl/crypto.h> +#include <openssl/bn.h> +#include <openssl/ec.h> +#include <openssl/ecdsa.h> + +#include <fido.h> + +#ifndef SK_STANDALONE +#include "log.h" +#include "xmalloc.h" +#endif + +/* #define SK_DEBUG 1 */ + +#define MAX_FIDO_DEVICES 256 + +/* Compatibility with OpenSSH 1.0.x */ +#if (OPENSSL_VERSION_NUMBER < 0x10100000L) +#define ECDSA_SIG_get0(sig, pr, ps) \ + do { \ + (*pr) = sig->r; \ + (*ps) = sig->s; \ + } while (0) +#endif + +#define SK_VERSION_MAJOR 0x00020000 /* current API version */ + +/* Flags */ +#define SK_USER_PRESENCE_REQD 0x01 + +/* Algs */ +#define SK_ECDSA 0x00 +#define SK_ED25519 0x01 + +struct sk_enroll_response { + uint8_t *public_key; + size_t public_key_len; + uint8_t *key_handle; + size_t key_handle_len; + uint8_t *signature; + size_t signature_len; + uint8_t *attestation_cert; + size_t attestation_cert_len; +}; + +struct sk_sign_response { + uint8_t flags; + uint32_t counter; + uint8_t *sig_r; + size_t sig_r_len; + uint8_t *sig_s; + size_t sig_s_len; +}; + +/* If building as part of OpenSSH, then rename exported functions */ +#if !defined(SK_STANDALONE) +#define sk_api_version ssh_sk_api_version +#define sk_enroll ssh_sk_enroll +#define sk_sign ssh_sk_sign +#endif + +/* Return the version of the middleware API */ +uint32_t sk_api_version(void); + +/* Enroll a U2F key (private key generation) */ +int sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, + const char *application, uint8_t flags, + struct sk_enroll_response **enroll_response); + +/* Sign a challenge */ +int sk_sign(int alg, const uint8_t *message, size_t message_len, + const char *application, const uint8_t *key_handle, size_t key_handle_len, + uint8_t flags, struct sk_sign_response **sign_response); + +static void skdebug(const char *func, const char *fmt, ...) + __attribute__((__format__ (printf, 2, 3))); + +static void +skdebug(const char *func, const char *fmt, ...) +{ +#if !defined(SK_STANDALONE) + char *msg; + va_list ap; + + va_start(ap, fmt); + xvasprintf(&msg, fmt, ap); + va_end(ap); + debug("%s: %s", __func__, msg); + free(msg); +#elif defined(SK_DEBUG) + va_list ap; + + va_start(ap, fmt); + fprintf(stderr, "%s: ", func); + vfprintf(stderr, fmt, ap); + fputc('\n', stderr); + va_end(ap); +#else + (void)func; /* XXX */ + (void)fmt; /* XXX */ +#endif +} + +uint32_t +sk_api_version(void) +{ + return SK_VERSION_MAJOR; +} + +/* Select the first identified FIDO device attached to the system */ +static char * +pick_first_device(void) +{ + char *ret = NULL; + fido_dev_info_t *devlist = NULL; + size_t olen = 0; + int r; + const fido_dev_info_t *di; + + if ((devlist = fido_dev_info_new(1)) == NULL) { + skdebug(__func__, "fido_dev_info_new failed"); + goto out; + } + if ((r = fido_dev_info_manifest(devlist, 1, &olen)) != FIDO_OK) { + skdebug(__func__, "fido_dev_info_manifest failed: %s", + fido_strerr(r)); + goto out; + } + if (olen != 1) { + skdebug(__func__, "fido_dev_info_manifest bad len %zu", olen); + goto out; + } + di = fido_dev_info_ptr(devlist, 0); + if ((ret = strdup(fido_dev_info_path(di))) == NULL) { + skdebug(__func__, "fido_dev_info_path failed"); + goto out; + } + out: + fido_dev_info_free(&devlist, 1); + return ret; +} + +/* Check if the specified key handle exists on a given device. */ +static int +try_device(fido_dev_t *dev, const uint8_t *message, size_t message_len, + const char *application, const uint8_t *key_handle, size_t key_handle_len) +{ + fido_assert_t *assert = NULL; + int r = FIDO_ERR_INTERNAL; + + if ((assert = fido_assert_new()) == NULL) { + skdebug(__func__, "fido_assert_new failed"); + goto out; + } + if ((r = fido_assert_set_clientdata_hash(assert, message, + message_len)) != FIDO_OK) { + skdebug(__func__, "fido_assert_set_clientdata_hash: %s", + fido_strerr(r)); + goto out; + } + if ((r = fido_assert_set_rp(assert, application)) != FIDO_OK) { + skdebug(__func__, "fido_assert_set_rp: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_assert_allow_cred(assert, key_handle, + key_handle_len)) != FIDO_OK) { + skdebug(__func__, "fido_assert_allow_cred: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_assert_set_up(assert, FIDO_OPT_FALSE)) != FIDO_OK) { + skdebug(__func__, "fido_assert_up: %s", fido_strerr(r)); + goto out; + } + r = fido_dev_get_assert(dev, assert, NULL); + skdebug(__func__, "fido_dev_get_assert: %s", fido_strerr(r)); + out: + fido_assert_free(&assert); + + return r != FIDO_OK ? -1 : 0; +} + +/* Iterate over configured devices looking for a specific key handle */ +static fido_dev_t * +find_device(const uint8_t *message, size_t message_len, const char *application, + const uint8_t *key_handle, size_t key_handle_len) +{ + fido_dev_info_t *devlist = NULL; + fido_dev_t *dev = NULL; + size_t devlist_len = 0; + const char *path; + int r; + + if ((devlist = fido_dev_info_new(MAX_FIDO_DEVICES)) == NULL) { + skdebug(__func__, "fido_dev_info_new failed"); + goto out; + } + if ((r = fido_dev_info_manifest(devlist, MAX_FIDO_DEVICES, + &devlist_len)) != FIDO_OK) { + skdebug(__func__, "fido_dev_info_manifest: %s", fido_strerr(r)); + goto out; + } + + skdebug(__func__, "found %zu device(s)", devlist_len); + + for (size_t i = 0; i < devlist_len; i++) { + const fido_dev_info_t *di = fido_dev_info_ptr(devlist, i); + + if (di == NULL) { + skdebug(__func__, "fido_dev_info_ptr %zu failed", i); + continue; + } + if ((path = fido_dev_info_path(di)) == NULL) { + skdebug(__func__, "fido_dev_info_path %zu failed", i); + continue; + } + skdebug(__func__, "trying device %zu: %s", i, path); + if ((dev = fido_dev_new()) == NULL) { + skdebug(__func__, "fido_dev_new failed"); + continue; + } + if ((r = fido_dev_open(dev, path)) != FIDO_OK) { + skdebug(__func__, "fido_dev_open failed"); + fido_dev_free(&dev); + continue; + } + if (try_device(dev, message, message_len, application, + key_handle, key_handle_len) == 0) { + skdebug(__func__, "found key"); + break; + } + fido_dev_close(dev); + fido_dev_free(&dev); + } + + out: + if (devlist != NULL) + fido_dev_info_free(&devlist, MAX_FIDO_DEVICES); + + return dev; +} + +/* + * The key returned via fido_cred_pubkey_ptr() is in affine coordinates, + * but the API expects a SEC1 octet string. + */ +static int +pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) +{ + const uint8_t *ptr; + BIGNUM *x = NULL, *y = NULL; + EC_POINT *q = NULL; + EC_GROUP *g = NULL; + BN_CTX *bn_ctx = NULL; + int ret = -1; + + response->public_key = NULL; + response->public_key_len = 0; + + if ((bn_ctx = BN_CTX_new()) == NULL || + (x = BN_CTX_get(bn_ctx)) == NULL || + (y = BN_CTX_get(bn_ctx)) == NULL || + (g = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)) == NULL || + (q = EC_POINT_new(g)) == NULL) { + skdebug(__func__, "libcrypto setup failed"); + goto out; + } + if ((ptr = fido_cred_pubkey_ptr(cred)) == NULL) { + skdebug(__func__, "fido_cred_pubkey_ptr failed"); + goto out; + } + if (fido_cred_pubkey_len(cred) != 64) { + skdebug(__func__, "bad fido_cred_pubkey_len %zu", + fido_cred_pubkey_len(cred)); + goto out; + } + + if (BN_bin2bn(ptr, 32, x) == NULL || + BN_bin2bn(ptr + 32, 32, y) == NULL) { + skdebug(__func__, "BN_bin2bn failed"); + goto out; + } + if (EC_POINT_set_affine_coordinates_GFp(g, q, x, y, bn_ctx) != 1) { + skdebug(__func__, "EC_POINT_set_affine_coordinates_GFp failed"); + goto out; + } + response->public_key_len = EC_POINT_point2oct(g, q, + POINT_CONVERSION_UNCOMPRESSED, NULL, 0, bn_ctx); + if (response->public_key_len == 0 || response->public_key_len > 2048) { + skdebug(__func__, "bad pubkey length %zu", + response->public_key_len); + goto out; + } + if ((response->public_key = malloc(response->public_key_len)) == NULL) { + skdebug(__func__, "malloc pubkey failed"); + goto out; + } + if (EC_POINT_point2oct(g, q, POINT_CONVERSION_UNCOMPRESSED, + response->public_key, response->public_key_len, bn_ctx) == 0) { + skdebug(__func__, "EC_POINT_point2oct failed"); + goto out; + } + /* success */ + ret = 0; + out: + if (ret != 0 && response->public_key != NULL) { + memset(response->public_key, 0, response->public_key_len); + free(response->public_key); + response->public_key = NULL; + } + EC_POINT_free(q); + EC_GROUP_free(g); + BN_CTX_free(bn_ctx); + return ret; +} + +static int +pack_public_key_ed25519(fido_cred_t *cred, struct sk_enroll_response *response) +{ + const uint8_t *ptr; + size_t len; + int ret = -1; + + response->public_key = NULL; + response->public_key_len = 0; + + if ((len = fido_cred_pubkey_len(cred)) != 32) { + skdebug(__func__, "bad fido_cred_pubkey_len len %zu", len); + goto out; + } + if ((ptr = fido_cred_pubkey_ptr(cred)) == NULL) { + skdebug(__func__, "fido_cred_pubkey_ptr failed"); + goto out; + } + response->public_key_len = len; + if ((response->public_key = malloc(response->public_key_len)) == NULL) { + skdebug(__func__, "malloc pubkey failed"); + goto out; + } + memcpy(response->public_key, ptr, len); + ret = 0; + out: + if (ret != 0) + free(response->public_key); + return ret; +} + +static int +pack_public_key(int alg, fido_cred_t *cred, struct sk_enroll_response *response) +{ + switch(alg) { + case SK_ECDSA: + return pack_public_key_ecdsa(cred, response); + case SK_ED25519: + return pack_public_key_ed25519(cred, response); + default: + return -1; + } +} + +int +sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, + const char *application, uint8_t flags, + struct sk_enroll_response **enroll_reponse) +{ + fido_cred_t *cred = NULL; + fido_dev_t *dev = NULL; + const uint8_t *ptr; + uint8_t user_id[32]; + struct sk_enroll_response *response = NULL; + size_t len; + int cose_alg; + int ret = -1; + int r; + char *device = NULL; + + (void)flags; /* XXX; unused */ +#ifdef SK_DEBUG + fido_init(FIDO_DEBUG); +#endif + if (enroll_reponse == NULL) { + skdebug(__func__, "enroll_reponse == NULL"); + goto out; + } + *enroll_reponse = NULL; + switch(alg) { + case SK_ECDSA: + cose_alg = COSE_ES256; + break; + case SK_ED25519: + cose_alg = COSE_EDDSA; + break; + default: + skdebug(__func__, "unsupported key type %d", alg); + goto out; + } + if ((device = pick_first_device()) == NULL) { + skdebug(__func__, "pick_first_device failed"); + goto out; + } + skdebug(__func__, "using device %s", device); + if ((cred = fido_cred_new()) == NULL) { + skdebug(__func__, "fido_cred_new failed"); + goto out; + } + memset(user_id, 0, sizeof(user_id)); + if ((r = fido_cred_set_type(cred, cose_alg)) != FIDO_OK) { + skdebug(__func__, "fido_cred_set_type: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_cred_set_clientdata_hash(cred, challenge, + challenge_len)) != FIDO_OK) { + skdebug(__func__, "fido_cred_set_clientdata_hash: %s", + fido_strerr(r)); + goto out; + } + if ((r = fido_cred_set_user(cred, user_id, sizeof(user_id), + "openssh", "openssh", NULL)) != FIDO_OK) { + skdebug(__func__, "fido_cred_set_user: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_cred_set_rp(cred, application, NULL)) != FIDO_OK) { + skdebug(__func__, "fido_cred_set_rp: %s", fido_strerr(r)); + goto out; + } + if ((dev = fido_dev_new()) == NULL) { + skdebug(__func__, "fido_dev_new failed"); + goto out; + } + if ((r = fido_dev_open(dev, device)) != FIDO_OK) { + skdebug(__func__, "fido_dev_open: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_dev_make_cred(dev, cred, NULL)) != FIDO_OK) { + skdebug(__func__, "fido_dev_make_cred: %s", fido_strerr(r)); + goto out; + } + if (fido_cred_x5c_ptr(cred) != NULL) { + if ((r = fido_cred_verify(cred)) != FIDO_OK) { + skdebug(__func__, "fido_cred_verify: %s", + fido_strerr(r)); + goto out; + } + } else { + skdebug(__func__, "self-attested credential"); + if ((r = fido_cred_verify_self(cred)) != FIDO_OK) { + skdebug(__func__, "fido_cred_verify_self: %s", + fido_strerr(r)); + goto out; + } + } + if ((response = calloc(1, sizeof(*response))) == NULL) { + skdebug(__func__, "calloc response failed"); + goto out; + } + if (pack_public_key(alg, cred, response) != 0) { + skdebug(__func__, "pack_public_key failed"); + goto out; + } + if ((ptr = fido_cred_id_ptr(cred)) != NULL) { + len = fido_cred_id_len(cred); + if ((response->key_handle = calloc(1, len)) == NULL) { + skdebug(__func__, "calloc key handle failed"); + goto out; + } + memcpy(response->key_handle, ptr, len); + response->key_handle_len = len; + } + if ((ptr = fido_cred_sig_ptr(cred)) != NULL) { + len = fido_cred_sig_len(cred); + if ((response->signature = calloc(1, len)) == NULL) { + skdebug(__func__, "calloc signature failed"); + goto out; + } + memcpy(response->signature, ptr, len); + response->signature_len = len; + } + if ((ptr = fido_cred_x5c_ptr(cred)) != NULL) { + len = fido_cred_x5c_len(cred); + if ((response->attestation_cert = calloc(1, len)) == NULL) { + skdebug(__func__, "calloc attestation cert failed"); + goto out; + } + memcpy(response->attestation_cert, ptr, len); + response->attestation_cert_len = len; + } + *enroll_reponse = response; + response = NULL; + ret = 0; + out: + free(device); + if (response != NULL) { + free(response->public_key); + free(response->key_handle); + free(response->signature); + free(response->attestation_cert); + free(response); + } + if (dev != NULL) { + fido_dev_close(dev); + fido_dev_free(&dev); + } + if (cred != NULL) { + fido_cred_free(&cred); + } + return ret; +} + +static int +pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) +{ + ECDSA_SIG *sig = NULL; + const BIGNUM *sig_r, *sig_s; + const unsigned char *cp; + size_t sig_len; + int ret = -1; + + cp = fido_assert_sig_ptr(assert, 0); + sig_len = fido_assert_sig_len(assert, 0); + if ((sig = d2i_ECDSA_SIG(NULL, &cp, sig_len)) == NULL) { + skdebug(__func__, "d2i_ECDSA_SIG failed"); + goto out; + } + ECDSA_SIG_get0(sig, &sig_r, &sig_s); + response->sig_r_len = BN_num_bytes(sig_r); + response->sig_s_len = BN_num_bytes(sig_s); + if ((response->sig_r = calloc(1, response->sig_r_len)) == NULL || + (response->sig_s = calloc(1, response->sig_s_len)) == NULL) { + skdebug(__func__, "calloc signature failed"); + goto out; + } + BN_bn2bin(sig_r, response->sig_r); + BN_bn2bin(sig_s, response->sig_s); + ret = 0; + out: + ECDSA_SIG_free(sig); + if (ret != 0) { + free(response->sig_r); + free(response->sig_s); + response->sig_r = NULL; + response->sig_s = NULL; + } + return ret; +} + +static int +pack_sig_ed25519(fido_assert_t *assert, struct sk_sign_response *response) +{ + const unsigned char *ptr; + size_t len; + int ret = -1; + + ptr = fido_assert_sig_ptr(assert, 0); + len = fido_assert_sig_len(assert, 0); + if (len != 64) { + skdebug(__func__, "bad length %zu", len); + goto out; + } + response->sig_r_len = len; + if ((response->sig_r = calloc(1, response->sig_r_len)) == NULL) { + skdebug(__func__, "calloc signature failed"); + goto out; + } + memcpy(response->sig_r, ptr, len); + ret = 0; + out: + if (ret != 0) { + free(response->sig_r); + response->sig_r = NULL; + } + return ret; +} + +static int +pack_sig(int alg, fido_assert_t *assert, struct sk_sign_response *response) +{ + switch(alg) { + case SK_ECDSA: + return pack_sig_ecdsa(assert, response); + case SK_ED25519: + return pack_sig_ed25519(assert, response); + default: + return -1; + } +} + +int +sk_sign(int alg, const uint8_t *message, size_t message_len, + const char *application, + const uint8_t *key_handle, size_t key_handle_len, + uint8_t flags, struct sk_sign_response **sign_response) +{ + fido_assert_t *assert = NULL; + fido_dev_t *dev = NULL; + struct sk_sign_response *response = NULL; + int ret = -1; + int r; + +#ifdef SK_DEBUG + fido_init(FIDO_DEBUG); +#endif + + if (sign_response == NULL) { + skdebug(__func__, "sign_response == NULL"); + goto out; + } + *sign_response = NULL; + if ((dev = find_device(message, message_len, application, key_handle, + key_handle_len)) == NULL) { + skdebug(__func__, "couldn't find device for key handle"); + goto out; + } + if ((assert = fido_assert_new()) == NULL) { + skdebug(__func__, "fido_assert_new failed"); + goto out; + } + if ((r = fido_assert_set_clientdata_hash(assert, message, + message_len)) != FIDO_OK) { + skdebug(__func__, "fido_assert_set_clientdata_hash: %s", + fido_strerr(r)); + goto out; + } + if ((r = fido_assert_set_rp(assert, application)) != FIDO_OK) { + skdebug(__func__, "fido_assert_set_rp: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_assert_allow_cred(assert, key_handle, + key_handle_len)) != FIDO_OK) { + skdebug(__func__, "fido_assert_allow_cred: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_assert_set_up(assert, + (flags & SK_USER_PRESENCE_REQD) ? + FIDO_OPT_TRUE : FIDO_OPT_FALSE)) != FIDO_OK) { + skdebug(__func__, "fido_assert_set_up: %s", fido_strerr(r)); + goto out; + } + if ((r = fido_dev_get_assert(dev, assert, NULL)) != FIDO_OK) { + skdebug(__func__, "fido_dev_get_assert: %s", fido_strerr(r)); + goto out; + } + if ((response = calloc(1, sizeof(*response))) == NULL) { + skdebug(__func__, "calloc response failed"); + goto out; + } + response->flags = fido_assert_flags(assert, 0); + response->counter = fido_assert_sigcount(assert, 0); + if (pack_sig(alg, assert, response) != 0) { + skdebug(__func__, "pack_sig failed"); + goto out; + } + *sign_response = response; + response = NULL; + ret = 0; + out: + if (response != NULL) { + free(response->sig_r); + free(response->sig_s); + free(response); + } + if (dev != NULL) { + fido_dev_close(dev); + fido_dev_free(&dev); + } + if (assert != NULL) { + fido_assert_free(&assert); + } + return ret; +} diff --git a/usr.bin/ssh/ssh-add.1 b/usr.bin/ssh/ssh-add.1 index 73b91d94556..730012cf932 100644 --- a/usr.bin/ssh/ssh-add.1 +++ b/usr.bin/ssh/ssh-add.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.72 2019/11/07 08:38:38 naddy Exp $ +.\" $OpenBSD: ssh-add.1,v 1.73 2019/11/14 21:27:30 djm Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 7 2019 $ +.Dd $Mdocdate: November 14 2019 $ .Dt SSH-ADD 1 .Os .Sh NAME @@ -136,8 +136,7 @@ Be quiet after a successful operation. .It Fl S Ar provider Specifies a path to a security key provider library that will be used when adding any security key-hosted keys, overriding the default of using the -.Ev SSH_SK_PROVIDER -environment variable to specify a provider. +the internal USB HID support. .It Fl s Ar pkcs11 Add keys provided by the PKCS#11 shared library .Ar pkcs11 . diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index 9a6e8b54c9e..4b821420d11 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.144 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.145 2019/11/14 21:27:30 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -707,6 +707,9 @@ main(int argc, char **argv) goto done; } + if (skprovider == NULL) + skprovider = "internal"; + argc -= optind; argv += optind; if (Tflag) { diff --git a/usr.bin/ssh/ssh-add/Makefile b/usr.bin/ssh/ssh-add/Makefile index 61cd7054361..2899d41ac4a 100644 --- a/usr.bin/ssh/ssh-add/Makefile +++ b/usr.bin/ssh/ssh-add/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.27 2019/10/31 21:23:19 djm Exp $ +# $OpenBSD: Makefile,v 1.28 2019/11/14 21:27:30 djm Exp $ .PATH: ${.CURDIR}/.. @@ -14,3 +14,6 @@ BINDIR= /usr/bin LDADD+= -lcrypto -lutil DPADD+= ${LIBCRYPTO} ${LIBUTIL} + +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index ed4bbbe1c21..474f07fd259 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.242 2019/11/13 07:53:10 markus Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.243 2019/11/14 21:27:30 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -284,6 +284,11 @@ provider_sign(const char *provider, struct sshkey *key, *sigp = NULL; *lenp = 0; + if (strcasecmp(provider, "internal") == 0) { + return sshsk_sign(provider, key, sigp, lenp, + data, datalen, compat); + } + helper = getenv("SSH_SK_HELPER"); if (helper == NULL || strlen(helper) == 0) helper = _PATH_SSH_SK_HELPER; diff --git a/usr.bin/ssh/ssh-agent/Makefile b/usr.bin/ssh/ssh-agent/Makefile index df8972ac9cc..7317a79b211 100644 --- a/usr.bin/ssh/ssh-agent/Makefile +++ b/usr.bin/ssh/ssh-agent/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.34 2019/10/31 21:23:19 djm Exp $ +# $OpenBSD: Makefile,v 1.35 2019/11/14 21:27:30 djm Exp $ .PATH: ${.CURDIR}/.. @@ -18,3 +18,5 @@ BINDIR= /usr/bin LDADD+= -lcrypto -lutil DPADD+= ${LIBCRYPTO} ${LIBUTIL} +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} diff --git a/usr.bin/ssh/ssh-keygen.1 b/usr.bin/ssh/ssh-keygen.1 index bdb5015d118..980fdf9f0dd 100644 --- a/usr.bin/ssh/ssh-keygen.1 +++ b/usr.bin/ssh/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.173 2019/11/07 08:38:38 naddy Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.174 2019/11/14 21:27:30 djm Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 7 2019 $ +.Dd $Mdocdate: November 14 2019 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -664,9 +664,8 @@ The maximum is 3. Specify desired generator when testing candidate moduli for DH-GEX. .It Fl w Ar provider Specifies a path to a security key provider library that will be used when -creating any security key-hosted keys, overriding the default of using the -.Ev SSH_SK_PROVIDER -environment variable to specify a provider. +creating any security key-hosted keys, overriding the default of the +internal support for USB HID keys. .It Fl x Ar flags Specifies the security key flags to use when enrolling a security key-hosted key. diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 11b2c95b51c..8431f1a7552 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.363 2019/11/12 22:36:44 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.364 2019/11/14 21:27:30 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -3047,6 +3047,9 @@ main(int argc, char **argv) } } + if (sk_provider == NULL) + sk_provider = "internal"; + /* reinit */ log_init(argv[0], log_level, SYSLOG_FACILITY_USER, 1); diff --git a/usr.bin/ssh/ssh-keygen/Makefile b/usr.bin/ssh/ssh-keygen/Makefile index 6fbae1f8213..7bf2cd3d132 100644 --- a/usr.bin/ssh/ssh-keygen/Makefile +++ b/usr.bin/ssh/ssh-keygen/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.34 2019/10/31 21:23:19 djm Exp $ +# $OpenBSD: Makefile,v 1.35 2019/11/14 21:27:30 djm Exp $ .PATH: ${.CURDIR}/.. @@ -17,3 +17,5 @@ BINDIR= /usr/bin LDADD+= -lcrypto -lutil DPADD+= ${LIBCRYPTO} ${LIBUTIL} +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} diff --git a/usr.bin/ssh/ssh-keyscan/Makefile b/usr.bin/ssh/ssh-keyscan/Makefile index fee2b045c71..9550b3da819 100644 --- a/usr.bin/ssh/ssh-keyscan/Makefile +++ b/usr.bin/ssh/ssh-keyscan/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.13 2018/07/25 17:12:35 deraadt Exp $ +# $OpenBSD: Makefile,v 1.14 2019/11/14 21:27:30 djm Exp $ .PATH: ${.CURDIR}/.. @@ -12,6 +12,9 @@ BINDIR= /usr/bin .include <bsd.prog.mk> +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} + LDADD+= -lcrypto -lz -lutil DPADD+= ${LIBCRYPTO} ${LIBZ} ${LIBUTIL} diff --git a/usr.bin/ssh/ssh-keysign/Makefile b/usr.bin/ssh/ssh-keysign/Makefile index 0da2b93b2af..15460055ff0 100644 --- a/usr.bin/ssh/ssh-keysign/Makefile +++ b/usr.bin/ssh/ssh-keysign/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.16 2018/12/27 03:25:24 djm Exp $ +# $OpenBSD: Makefile,v 1.17 2019/11/14 21:27:31 djm Exp $ .PATH: ${.CURDIR}/.. @@ -16,5 +16,8 @@ MAN= ssh-keysign.8 .include <bsd.prog.mk> +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} + LDADD+= -lcrypto -lutil -lz DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} diff --git a/usr.bin/ssh/ssh-pkcs11-helper/Makefile b/usr.bin/ssh/ssh-pkcs11-helper/Makefile index cef4618c485..c625766642f 100644 --- a/usr.bin/ssh/ssh-pkcs11-helper/Makefile +++ b/usr.bin/ssh/ssh-pkcs11-helper/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.9 2019/09/06 05:59:41 djm Exp $ +# $OpenBSD: Makefile,v 1.10 2019/11/14 21:27:31 djm Exp $ .PATH: ${.CURDIR}/.. @@ -13,5 +13,8 @@ MAN= ssh-pkcs11-helper.8 .include <bsd.prog.mk> +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} + LDADD+= -lcrypto -lutil DPADD+= ${LIBCRYPTO} ${LIBUTIL} diff --git a/usr.bin/ssh/ssh-sk-helper/Makefile b/usr.bin/ssh/ssh-sk-helper/Makefile index cd4515cb50d..300f743fb56 100644 --- a/usr.bin/ssh/ssh-sk-helper/Makefile +++ b/usr.bin/ssh/ssh-sk-helper/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 2019/11/07 08:38:38 naddy Exp $ +# $OpenBSD: Makefile,v 1.4 2019/11/14 21:27:31 djm Exp $ .PATH: ${.CURDIR}/.. @@ -13,5 +13,8 @@ MAN= ssh-sk-helper.8 .include <bsd.prog.mk> +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} + LDADD+= -lcrypto -lutil DPADD+= ${LIBCRYPTO} ${LIBUTIL} diff --git a/usr.bin/ssh/ssh-sk.c b/usr.bin/ssh/ssh-sk.c index 47dcbf36995..51ad9a505db 100644 --- a/usr.bin/ssh/ssh-sk.c +++ b/usr.bin/ssh/ssh-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-sk.c,v 1.11 2019/11/13 20:25:45 markus Exp $ */ +/* $OpenBSD: ssh-sk.c,v 1.12 2019/11/14 21:27:30 djm Exp $ */ /* * Copyright (c) 2019 Google LLC * @@ -56,6 +56,15 @@ struct sshsk_provider { uint8_t flags, struct sk_sign_response **sign_response); }; +/* Built-in version */ +int ssh_sk_enroll(int alg, const uint8_t *challenge, + size_t challenge_len, const char *application, uint8_t flags, + struct sk_enroll_response **enroll_response); +int ssh_sk_sign(int alg, const uint8_t *message, size_t message_len, + const char *application, + const uint8_t *key_handle, size_t key_handle_len, + uint8_t flags, struct sk_sign_response **sign_response); + static void sshsk_free(struct sshsk_provider *p) { @@ -81,6 +90,12 @@ sshsk_open(const char *path) error("%s: strdup failed", __func__); goto fail; } + /* Skip the rest if we're using the linked in middleware */ + if (strcasecmp(ret->path, "internal") == 0) { + ret->sk_enroll = ssh_sk_enroll; + ret->sk_sign = ssh_sk_sign; + return ret; + } if ((ret->dlhandle = dlopen(path, RTLD_NOW)) == NULL) { error("Security key provider %s dlopen failed: %s", path, dlerror()); diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index e2666fa56c2..2268c197f17 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.404 2019/11/07 08:38:38 naddy Exp $ -.Dd $Mdocdate: November 7 2019 $ +.\" $OpenBSD: ssh.1,v 1.405 2019/11/14 21:27:30 djm Exp $ +.Dd $Mdocdate: November 14 2019 $ .Dt SSH 1 .Os .Sh NAME @@ -1329,12 +1329,6 @@ More permanent VPNs are better provided by tools such as and .Xr isakmpd 8 . .Sh ENVIRONMENT -.Bl -tag -width "SSH_ORIGINAL_COMMAND" -.It Ev SSH_SK_PROVIDER -Specifies the path to a security key provider library used to interact with -hardware security keys. -.Pp -.El .Nm will normally set the following environment variables: .Bl -tag -width "SSH_ORIGINAL_COMMAND" diff --git a/usr.bin/ssh/ssh/Makefile b/usr.bin/ssh/ssh/Makefile index a7887a86dbc..71de598a528 100644 --- a/usr.bin/ssh/ssh/Makefile +++ b/usr.bin/ssh/ssh/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.77 2019/10/31 21:23:19 djm Exp $ +# $OpenBSD: Makefile,v 1.78 2019/11/14 21:27:30 djm Exp $ .PATH: ${.CURDIR}/.. @@ -34,5 +34,8 @@ LDADD+= -lcrypto DPADD+= ${LIBCRYPTO} .endif +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} + LDADD+= -lutil -lz DPADD+= ${LIBUTIL} ${LIBZ} diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index ca48eeee0b6..77f5a34b686 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.305 2019/11/07 08:38:38 naddy Exp $ -.Dd $Mdocdate: November 7 2019 $ +.\" $OpenBSD: ssh_config.5,v 1.306 2019/11/14 21:27:30 djm Exp $ +.Dd $Mdocdate: November 14 2019 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1450,9 +1450,8 @@ For more information on KRLs, see the KEY REVOCATION LISTS section in .Xr ssh-keygen 1 . .It Cm SecurityKeyProvider Specifies a path to a security key provider library that will be used when -loading any security key-hosted keys, overriding the default of using the -.Ev SSH_SK_PROVIDER -environment variable to specify a provider. +loading any security key-hosted keys, overriding the default of using +the build-in support for USB HID keys. .It Cm SendEnv Specifies what variables from the local .Xr environ 7 diff --git a/usr.bin/ssh/sshd/Makefile b/usr.bin/ssh/sshd/Makefile index 5d8bc45217b..f38e860fd98 100644 --- a/usr.bin/ssh/sshd/Makefile +++ b/usr.bin/ssh/sshd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.100 2019/07/05 04:55:41 djm Exp $ +# $OpenBSD: Makefile,v 1.101 2019/11/14 21:27:31 djm Exp $ .PATH: ${.CURDIR}/.. @@ -38,5 +38,8 @@ LDADD+= -lcrypto DPADD+= ${LIBCRYPTO} .endif +LDADD+= -lfido2 -lcbor -lusbhid +DPADD+= ${LIBFIDO2} ${LIBCBOR} ${LIBUSBHID} + LDADD+= -lutil -lz DPADD+= ${LIBUTIL} ${LIBZ} |