summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--PROTOCOL.u2f13
1 files changed, 3 insertions, 10 deletions
diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f
index eabbd7279..375d73bbc 100644
--- a/PROTOCOL.u2f
+++ b/PROTOCOL.u2f
@@ -150,15 +150,8 @@ SSH U2F signatures
150------------------ 150------------------
151 151
152In addition to the message to be signed, the U2F signature operation 152In addition to the message to be signed, the U2F signature operation
153requires a few additional parameters: 153requires the key handle and a few additional parameters. The signature
154 154is signed over a blob that consists of:
155 byte control bits (e.g. "user presence required" flag)
156 byte[32] SHA256(message)
157 byte[32] SHA256(application)
158 byte key_handle length
159 byte[] key_handle
160
161This signature is signed over a blob that consists of:
162 155
163 byte[32] SHA256(application) 156 byte[32] SHA256(application)
164 byte flags (including "user present", extensions present) 157 byte flags (including "user present", extensions present)
@@ -170,7 +163,7 @@ The signature returned from U2F hardware takes the following format:
170 163
171 byte flags (including "user present") 164 byte flags (including "user present")
172 uint32 counter 165 uint32 counter
173 byte[32] ecdsa_signature (in X9.62 format). 166 byte[] ecdsa_signature (in X9.62 format).
174 167
175For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1 168For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1
176format data in the pre-authentication attack surface. Therefore, the 169format data in the pre-authentication attack surface. Therefore, the