diff options
Diffstat (limited to 'PROTOCOL.u2f')
| -rw-r--r-- | PROTOCOL.u2f | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f index 7b1049c3e..4e3896419 100644 --- a/PROTOCOL.u2f +++ b/PROTOCOL.u2f | |||
| @@ -175,15 +175,18 @@ The signature returned from U2F hardware takes the following format: | |||
| 175 | For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1 | 175 | For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1 |
| 176 | format data in the pre-authentication attack surface. Therefore, the | 176 | format data in the pre-authentication attack surface. Therefore, the |
| 177 | signature format used on the wire in SSH2_USERAUTH_REQUEST packets will | 177 | signature format used on the wire in SSH2_USERAUTH_REQUEST packets will |
| 178 | be reformatted slightly and the ecdsa_signature_blob value has the encoding: | 178 | be reformatted to better match the existing signature encoding: |
| 179 | 179 | ||
| 180 | mpint r | 180 | string "sk-ecdsa-sha2-nistp256@openssh.com" |
| 181 | mpint s | 181 | string ecdsa_signature |
| 182 | byte flags | 182 | byte flags |
| 183 | uint32 counter | 183 | uint32 counter |
| 184 | 184 | ||
| 185 | Where 'r' and 's' are extracted by the client or token middleware from the | 185 | Where the "ecdsa_signature" field follows the RFC5656 ECDSA signature |
| 186 | ecdsa_signature field returned from the hardware. | 186 | encoding: |
| 187 | |||
| 188 | mpint r | ||
| 189 | mpint s | ||
| 187 | 190 | ||
| 188 | For Ed25519 keys the signature is encoded as: | 191 | For Ed25519 keys the signature is encoded as: |
| 189 | 192 | ||