diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-06-22 05:58:35 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-06-22 16:27:27 +1000 |
commit | bb52e70fa5330070ec9a23069c311d9e277bbd6f (patch) | |
tree | bafbbd5e2a0928f44853b3179333b123b7e0d9ff /sshkey.c | |
parent | 64bc121097f377142f1387ffb2df7592c49935af (diff) |
upstream: Add support for FIDO webauthn (verification only).
webauthn is a standard for using FIDO keys in web browsers. webauthn
signatures are a slightly different format to plain FIDO signatures - this
support allows verification of these. Feedback and ok markus@
OpenBSD-Commit-ID: ab7e3a9fb5782d99d574f408614d833379e564ad
Diffstat (limited to 'sshkey.c')
-rw-r--r-- | sshkey.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.108 2020/04/11 10:16:11 djm Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.109 2020/06/22 05:58:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -132,6 +132,8 @@ static const struct keytype keytypes[] = { | |||
132 | # endif /* OPENSSL_HAS_NISTP521 */ | 132 | # endif /* OPENSSL_HAS_NISTP521 */ |
133 | { "sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL, | 133 | { "sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL, |
134 | KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 0 }, | 134 | KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 0 }, |
135 | { "webauthn-sk-ecdsa-sha2-nistp256@openssh.com", "ECDSA-SK", NULL, | ||
136 | KEY_ECDSA_SK, NID_X9_62_prime256v1, 0, 1 }, | ||
135 | # endif /* OPENSSL_HAS_ECC */ | 137 | # endif /* OPENSSL_HAS_ECC */ |
136 | { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL, | 138 | { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", NULL, |
137 | KEY_RSA_CERT, 0, 1, 0 }, | 139 | KEY_RSA_CERT, 0, 1, 0 }, |