summaryrefslogtreecommitdiff
path: root/ssh-ecdsa-sk.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2020-06-22 23:44:27 +0000
committerDamien Miller <djm@mindrot.org>2020-06-26 15:18:07 +1000
commit37f2da069c0619f2947fb92785051d82882876d7 (patch)
treec283884a3351eef1c1660f57fd06fd654124ffc7 /ssh-ecdsa-sk.c
parentb659319a5bc9e8adf3c4facc51f37b670d2a7426 (diff)
upstream: some clarifying comments
OpenBSD-Commit-ID: 5268479000fd97bfa30ab819f3517139daa054a2
Diffstat (limited to 'ssh-ecdsa-sk.c')
-rw-r--r--ssh-ecdsa-sk.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/ssh-ecdsa-sk.c b/ssh-ecdsa-sk.c
index 0004a73ca..c6927ecb2 100644
--- a/ssh-ecdsa-sk.c
+++ b/ssh-ecdsa-sk.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-ecdsa-sk.c,v 1.7 2020/06/22 05:58:35 djm Exp $ */ 1/* $OpenBSD: ssh-ecdsa-sk.c,v 1.8 2020/06/22 23:44:27 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -97,6 +97,13 @@ webauthn_check_prepare_hash(const u_char *data, size_t datalen,
97 r = SSH_ERR_INVALID_FORMAT; 97 r = SSH_ERR_INVALID_FORMAT;
98 goto out; 98 goto out;
99 } 99 }
100
101 /*
102 * Prepare the preamble to clientData that we expect, poking the
103 * challenge and origin into their canonical positions in the
104 * structure. The crossOrigin flag and any additional extension
105 * fields present are ignored.
106 */
100#define WEBAUTHN_0 "{\"type\":\"webauthn.get\",\"challenge\":\"" 107#define WEBAUTHN_0 "{\"type\":\"webauthn.get\",\"challenge\":\""
101#define WEBAUTHN_1 "\",\"origin\":\"" 108#define WEBAUTHN_1 "\",\"origin\":\""
102#define WEBAUTHN_2 "\"" 109#define WEBAUTHN_2 "\""
@@ -113,7 +120,7 @@ webauthn_check_prepare_hash(const u_char *data, size_t datalen,
113 fprintf(stderr, "%s: expected clientData premable:\n", __func__); 120 fprintf(stderr, "%s: expected clientData premable:\n", __func__);
114 sshbuf_dump(m, stderr); 121 sshbuf_dump(m, stderr);
115#endif 122#endif
116 /* Check that the supplied clientData matches what we expect */ 123 /* Check that the supplied clientData has the preamble we expect */
117 if ((r = sshbuf_cmp(wrapper, 0, sshbuf_ptr(m), sshbuf_len(m))) != 0) 124 if ((r = sshbuf_cmp(wrapper, 0, sshbuf_ptr(m), sshbuf_len(m))) != 0)
118 goto out; 125 goto out;
119 126