Commit Graph

464 Commits

Author SHA1 Message Date
djm@openbsd.org
b4c7cd1185 upstream: load_hostkeys()/hostkeys_foreach() variants for FILE*
Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
FILE* argument instead of opening the file directly.

Original load_hostkeys() and hostkeys_foreach() are implemented using
these new interfaces.

Add a u_int note field to the hostkey_entry and hostkey_foreach_line
structs that is passed directly from the load_hostkeys() and
hostkeys_foreach() call. This is a lightweight way to annotate results
between different invocations of load_hostkeys().

ok markus@

OpenBSD-Commit-ID: 6ff6db13ec9ee4edfa658b2c38baad0f505d8c20
2020-12-21 10:52:28 +11:00
dtucker@openbsd.org
b755264e7d upstream: Include cipher.h for declaration of cipher_by_name.
OpenBSD-Commit-ID: ddfebbca03ca0e14e00bbad9d35f94b99655d032
2020-11-29 00:20:52 +11:00
dtucker@openbsd.org
57bf03f021 upstream: Document ssh-keygen -Z, sanity check its argument earlier and
provide a better error message if it's not correct.  Prompted by bz#2879, ok
djm@ jmc@

OpenBSD-Commit-ID: 484178a173e92230fb1803fb4f206d61f7b58005
2020-11-27 21:37:17 +11:00
djm@openbsd.org
d5a0cd4fc4 upstream: when requesting a security key touch on stderr, inform the
user once the touch has been recorded; requested by claudio@ ok markus@

OpenBSD-Commit-ID: 3b76ee444490e546b9ea7f879e4092ee0d256233
2020-11-09 09:39:22 +11:00
Darren Tucker
292bcb2479 Remove preprocessor directive from log macro calls.
Preprocessor directives inside macro calls, such as the new log macros,
are undefined behaviour and do not work with, eg old GCCs.  Put the
entire log call inside the ifdef for OPENSSL_HAS_NISTP521.
2020-11-09 00:33:35 +11:00
djm@openbsd.org
b12b835dc0 upstream: fix type of nid in type_bits_valid(); github PR#202 from
github user thingsconnected

OpenBSD-Commit-ID: 769d2b040dec7ab32d323daf54b854dd5dcb5485
2020-10-29 14:03:03 +11:00
djm@openbsd.org
1a14c13147 upstream: whitespace; no code change
OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79
2020-10-29 13:54:13 +11:00
djm@openbsd.org
816036f142 upstream: use the new variant log macros instead of prepending
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
djm@openbsd.org
c767735241 upstream: when writing an attestation blob for a FIDO key, record all
the data needed to verify the attestation. Previously we were missing the
"authenticator data" that is included in the signature.

spotted by Ian Haken
feedback Pedro Martelletto and Ian Haken; ok markus@

OpenBSD-Commit-ID: 8439896e63792b2db99c6065dd9a45eabbdb7e0a
2020-09-09 13:11:34 +10:00
djm@openbsd.org
d6f45cdde0 upstream: debug()-print a little info about FIDO-specific key
fields via "ssh-keygen -vyf /path/key"

OpenBSD-Commit-ID: cf315c4fe77db43947d111b00155165cb6b577cf
2020-08-27 19:47:35 +10:00
djm@openbsd.org
0caff05350 upstream: Request PIN ahead of time for certain FIDO actions
When we know that a particular action will require a PIN, such as
downloading resident keys or generating a verify-required key, request
the PIN before attempting it.

joint work with Pedro Martelletto; ok markus@

OpenBSD-Commit-ID: 863182d38ef075bad1f7d20ca485752a05edb727
2020-08-27 11:28:36 +10:00
djm@openbsd.org
642e06d0df upstream: major rework of FIDO token selection logic
When PINs are in use and multiple FIDO tokens are attached to a host, we
cannot just blast requests at all attached tokens with the PIN specified
as this will cause the per-token PIN failure counter to increment. If
this retry counter hits the token's limit (usually 3 attempts), then the
token will lock itself and render all (web and SSH) of its keys invalid.
We don't want this.

So this reworks the key selection logic for the specific case of
multiple keys being attached. When multiple keys are attached and the
operation requires a PIN, then the user must touch the key that they
wish to use first in order to identify it.

This may require multiple touches, but only if there are multiple keys
attached AND (usually) the operation requires a PIN. The usual case of a
single key attached should be unaffected.

Work by Pedro Martelletto; ok myself and markus@

OpenBSD-Commit-ID: 637d3049ced61b7a9ee796914bbc4843d999a864
2020-08-27 11:28:36 +10:00
djm@openbsd.org
9b8ad93824 upstream: support for user-verified FIDO keys
FIDO2 supports a notion of "user verification" where the user is
required to demonstrate their identity to the token before particular
operations (e.g. signing). Typically this is done by authenticating
themselves using a PIN that has been set on the token.

This adds support for generating and using user verified keys where
the verification happens via PIN (other options might be added in the
future, but none are in common use now). Practically, this adds
another key generation option "verify-required" that yields a key that
requires a PIN before each authentication.

feedback markus@ and Pedro Martelletto; ok markus@

OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
2020-08-27 11:28:36 +10:00
djm@openbsd.org
2d8a3b7e8b upstream: ensure that certificate extensions are lexically sorted.
Previously if the user specified a custom extension then the everything would
be in order except the custom ones. bz3198 ok dtucker markus

OpenBSD-Commit-ID: d97deb90587b06cb227c66ffebb2d9667bf886f0
2020-08-03 14:27:59 +10:00
solene@openbsd.org
dbaaa01dae upstream: - Add [-a rounds] in ssh-keygen man page and usage() -
Reorder parameters list in the first usage() case - Sentence rewording

ok dtucker@
jmc@ noticed usage() missed -a flag too

OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246
2020-07-17 13:23:34 +10:00
dtucker@openbsd.org
74344c3ca4 upstream: Defer creation of ~/.ssh by ssh(1) until we attempt to
write to it so we don't leave an empty .ssh directory when it's not needed.
Use the same function to replace the code in ssh-keygen that does the same
thing. bz#3156, ok djm@

OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
2020-06-26 15:24:27 +10:00
djm@openbsd.org
224418cf55 upstream: fix exit status for downloading of FIDO resident keys;
from Pedro Martelletto, ok markus@

OpenBSD-Commit-ID: 0da77dc24a1084798eedd83c39a002a9d231faef
2020-05-29 13:28:47 +10:00
djm@openbsd.org
2a63ce5cd6 upstream: avoid possible NULL deref; from Pedro Martelletto
OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
2020-05-27 10:13:17 +10:00
djm@openbsd.org
f2d84f1b3f upstream: preserve group/world read permission on known_hosts
file across runs of "ssh-keygen -Rf /path". The old behaviour was to remove
all rights for group/other. bz#3146 ok dtucker@

OpenBSD-Commit-ID: dc369d0e0b5dd826430c63fd5f4b269953448a8a
2020-05-27 10:09:19 +10:00
djm@openbsd.org
d25d630d24 upstream: we have a sshkey_save_public() function to save public keys;
use it and save a bunch of redundant code.

Patch from loic AT venez.fr; ok markus@ djm@

OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
2020-05-02 17:36:39 +10:00
djm@openbsd.org
99ce9cefbe upstream: avoid NULL dereference when attempting to convert invalid
ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney

OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
2020-05-01 16:40:11 +10:00
djm@openbsd.org
a98d5ba31e upstream: fix a bug I introduced in r1.406: when printing private key
fingerprint of old-format key, key comments were not being displayed. Spotted
by loic AT venez.fr, ok dtucker

OpenBSD-Commit-ID: 2d98e4f9eb168eea733d17e141e1ead9fe26e533
2020-04-20 14:46:40 +10:00
djm@openbsd.org
32f2d0aad4 upstream: repair private key fingerprint printing to also print
comment after regression caused by my recent pubkey loading refactor.
Reported by loic AT venez.fr, ok dtucker@

OpenBSD-Commit-ID: f8db49acbee6a6ccb2a4259135693b3cceedb89e
2020-04-17 17:17:48 +10:00
djm@openbsd.org
6ec7457171 upstream: give ssh-keygen the ability to dump the contents of a
binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker

OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
2020-04-03 13:33:25 +11:00
djm@openbsd.org
d081f017c2 upstream: spelling errors in comments; no code change from
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
2020-03-14 19:39:09 +11:00
djm@openbsd.org
c084a2d040 upstream: when downloading FIDO2 resident keys from a token, don't
prompt for a PIN until the token has told us that it needs one. Avoids
double-prompting on devices that implement on-device authentication (e.g. a
touchscreen PIN pad on the Trezor Model T). ok dtucker@

OpenBSD-Commit-ID: 38b78903dd4422d7d3204095a31692fb69130817
2020-03-14 19:38:53 +11:00
markus@openbsd.org
e32ef97a56 upstream: fix use-after-free in do_download_sk; ok djm
OpenBSD-Commit-ID: 96b49623d297797d4fc069f1f09e13c8811f8863
2020-03-13 13:18:31 +11:00
markus@openbsd.org
ff2acca039 upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djm
OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc
2020-03-13 13:13:30 +11:00
djm@openbsd.org
9b47bd7b09 upstream: no-touch-required certificate option should be an
extension, not a critical option.

OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d
2020-02-28 12:27:41 +11:00
jsg@openbsd.org
d5ba1c0327 upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
2020-02-28 12:26:28 +11:00
djm@openbsd.org
fd68dc2786 upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow more
than the intended number of prompts (3) and 2) it would SEGV too many
incorrect PINs were entered; based on patch by Gabriel Kihlman

OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
2020-02-07 14:31:02 +11:00
naddy@openbsd.org
a47f6a6c0e upstream: Replace "security key" with "authenticator" in program
messages.

This replaces "security key" in error/usage/verbose messages and
distinguishes between "authenticator" and "authenticator-hosted key".

ok djm@

OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
2020-02-07 09:52:59 +11:00
djm@openbsd.org
d596b1d30d upstream: require FIDO application strings to start with "ssh:"; ok
markus@

OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
2020-02-04 21:08:10 +11:00
djm@openbsd.org
24c0f752ad upstream: changes to support FIDO attestation
Allow writing to disk the attestation certificate that is generated by
the FIDO token at key enrollment time. These certificates may be used
by an out-of-band workflow to prove that a particular key is held in
trustworthy hardware.

Allow passing in a challenge that will be sent to the card during
key enrollment. These are needed to build an attestation workflow
that resists replay attacks.

ok markus@

OpenBSD-Commit-ID: 457dc3c3d689ba39eed328f0817ed9b91a5f78f6
2020-01-29 18:52:55 +11:00
djm@openbsd.org
59d01f1d72 upstream: improve the error message for u2f enrollment errors by
making ssh-keygen be solely responsible for printing the error message and
convertint some more common error responses from the middleware to a useful
ssherr.h status code. more detail remains visible via -v of course.

also remove indepedent copy of sk-api.h declarations in sk-usbhid.c
and just include it.

feedback & ok markus@

OpenBSD-Commit-ID: a4a8ffa870d9a3e0cfd76544bcdeef5c9fb1f1bb
2020-01-26 10:18:42 +11:00
djm@openbsd.org
99aa803555 upstream: factor out reading/writing sshbufs to dedicated
functions; feedback and ok markus@

OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
2020-01-26 10:18:42 +11:00
Darren Tucker
e16dfa94f8 Put EC key export inside OPENSSL_HAS_ECC.
Fixes link error when building against an OpenSSL that does not have
ECC.
2020-01-25 13:05:42 +11:00
djm@openbsd.org
89a8d4525e upstream: expose PKCS#11 key labels/X.509 subjects as comments
Extract the key label or X.509 subject string when PKCS#11 keys
are retrieved from the token and plumb this through to places where
it may be used as a comment.

based on https://github.com/openssh/openssh-portable/pull/138
by Danielle Church

feedback and ok markus@

OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35
2020-01-25 11:35:55 +11:00
djm@openbsd.org
d15c8adf2c upstream: minor tweaks to ssh-keygen -Y find-principals:
emit matched principals one per line to stdout rather than as comma-
separated and with a free-text preamble (easy confusion opportunity)

emit "not found" error to stderr

fix up argument testing for -Y operations and improve error message for
unsupported operations

OpenBSD-Commit-ID: 3d9c9a671ab07fc04a48f543edfa85eae77da69c
2020-01-25 11:27:29 +11:00
djm@openbsd.org
4a41d245d6 upstream: when signing a certificate with an RSA key, default to
a safe signature algorithm (rsa-sha-512) if not is explicitly specified by
the user; ok markus@

OpenBSD-Commit-ID: e05f638f0be6c0266e1d3d799716b461011e83a9
2020-01-25 11:27:29 +11:00
djm@openbsd.org
8dfb6a202c upstream: allow PEM export of DSA and ECDSA keys; bz3091, patch
from Jakub Jelen ok markus@

OpenBSD-Commit-ID: a58edec8b9f07acab4b962a71a5125830d321b51
2020-01-25 11:27:29 +11:00
djm@openbsd.org
72a8bea2d7 upstream: ssh-keygen -Y find-principals fixes based on feedback
from Markus:

use "principals" instead of principal, as allowed_signers lines may list
multiple.

When the signing key is a certificate, emit only principals that match
the certificate principal list.

NB. the command -Y name changes: "find-principal" => "find-principals"

ok markus@

OpenBSD-Commit-ID: ab575946ff9a55624cd4e811bfd338bf3b1d0faf
2020-01-25 11:27:29 +11:00
djm@openbsd.org
69ac4e3302 upstream: remove trailing period characters from pub/priv key
pathnames - they make them needlessly more difficult to cut and paste without
error; ok markus@ & dtucker@

OpenBSD-Commit-ID: abdcfd1a5723fcac0711feee7665edc66ae2335a
2020-01-23 21:46:58 +11:00
djm@openbsd.org
56cffcc09f upstream: add a new signature operations "find-principal" to look
up the principal associated with a signature from an allowed-signers file.
Work by Sebastian Kinne; ok dtucker@

OpenBSD-Commit-ID: 6f782cc7e18e38fcfafa62af53246a1dcfe74e5d
2020-01-23 13:45:24 +11:00
claudio@openbsd.org
4a32c0ca44 upstream: For ssh-keygen -lF only add a space after key fingerprint
when there is a comment. This makes copy-paste of fingerprints into ssh
easier. OK djm@

OpenBSD-Commit-ID: fa01d95624f65c1eb4dc7c575d20d77c78010dfd
2020-01-22 17:17:51 +11:00
djm@openbsd.org
80d3bebcab upstream: don't #ifdef out the KRL code when compiling without
libcrypto support; it works just fine and disabling it breaks a few tests. ok
dtucker@

OpenBSD-Commit-ID: 65f6272c4241eb4b04de78b012fe98b2b555ad44
2020-01-21 22:10:28 +11:00
naddy@openbsd.org
0d005d6372 upstream: sync ssh-keygen.1 and ssh-keygen's usage() with each
other and reality ok markus@

OpenBSD-Commit-ID: cdf64454f2c3604c25977c944e5b6262a3bcce92
2020-01-21 18:09:09 +11:00
djm@openbsd.org
c312ca077c upstream: Extends the SK API to accept a set of key/value options
for all operations. These are intended to future-proof the API a little by
making it easier to specify additional fields for without having to change
the API version for each.

At present, only two options are defined: one to explicitly specify
the device for an operation (rather than accepting the middleware's
autoselection) and another to specify the FIDO2 username that may
be used when generating a resident key. These new options may be
invoked at key generation time via ssh-keygen -O

This also implements a suggestion from Markus to avoid "int" in favour
of uint32_t for the algorithm argument in the API, to make implementation
of ssh-sk-client/helper a little easier.

feedback, fixes and ok markus@

OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
2020-01-06 13:12:46 +11:00
djm@openbsd.org
9039971887 upstream: ability to download FIDO2 resident keys from a token via
"ssh-keygen -K". This will save public/private keys into the current
directory.

This is handy if you move a token between hosts.

feedback & ok markus@

OpenBSD-Commit-ID: d57c1f9802f7850f00a117a1d36682a6c6d10da6
2020-01-03 09:43:24 +11:00
djm@openbsd.org
3093d12ff8 upstream: Remove the -x option currently used for
FIDO/U2F-specific key flags. Instead these flags may be specified via -O.

ok markus@

OpenBSD-Commit-ID: f23ebde2a8a7e1bf860a51055a711cffb8c328c1
2019-12-30 21:02:29 +11:00