summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
AgeCommit message (Collapse)Author
2020-09-09upstream: when writing an attestation blob for a FIDO key, record alldjm@openbsd.org
the data needed to verify the attestation. Previously we were missing the "authenticator data" that is included in the signature. spotted by Ian Haken feedback Pedro Martelletto and Ian Haken; ok markus@ OpenBSD-Commit-ID: 8439896e63792b2db99c6065dd9a45eabbdb7e0a
2020-08-27upstream: debug()-print a little info about FIDO-specific keydjm@openbsd.org
fields via "ssh-keygen -vyf /path/key" OpenBSD-Commit-ID: cf315c4fe77db43947d111b00155165cb6b577cf
2020-08-27upstream: Request PIN ahead of time for certain FIDO actionsdjm@openbsd.org
When we know that a particular action will require a PIN, such as downloading resident keys or generating a verify-required key, request the PIN before attempting it. joint work with Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 863182d38ef075bad1f7d20ca485752a05edb727
2020-08-27upstream: major rework of FIDO token selection logicdjm@openbsd.org
When PINs are in use and multiple FIDO tokens are attached to a host, we cannot just blast requests at all attached tokens with the PIN specified as this will cause the per-token PIN failure counter to increment. If this retry counter hits the token's limit (usually 3 attempts), then the token will lock itself and render all (web and SSH) of its keys invalid. We don't want this. So this reworks the key selection logic for the specific case of multiple keys being attached. When multiple keys are attached and the operation requires a PIN, then the user must touch the key that they wish to use first in order to identify it. This may require multiple touches, but only if there are multiple keys attached AND (usually) the operation requires a PIN. The usual case of a single key attached should be unaffected. Work by Pedro Martelletto; ok myself and markus@ OpenBSD-Commit-ID: 637d3049ced61b7a9ee796914bbc4843d999a864
2020-08-27upstream: support for user-verified FIDO keysdjm@openbsd.org
FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
2020-08-03upstream: ensure that certificate extensions are lexically sorted.djm@openbsd.org
Previously if the user specified a custom extension then the everything would be in order except the custom ones. bz3198 ok dtucker markus OpenBSD-Commit-ID: d97deb90587b06cb227c66ffebb2d9667bf886f0
2020-07-17upstream: - Add [-a rounds] in ssh-keygen man page and usage() -solene@openbsd.org
Reorder parameters list in the first usage() case - Sentence rewording ok dtucker@ jmc@ noticed usage() missed -a flag too OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246
2020-06-26upstream: Defer creation of ~/.ssh by ssh(1) until we attempt todtucker@openbsd.org
write to it so we don't leave an empty .ssh directory when it's not needed. Use the same function to replace the code in ssh-keygen that does the same thing. bz#3156, ok djm@ OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
2020-05-29upstream: fix exit status for downloading of FIDO resident keys;djm@openbsd.org
from Pedro Martelletto, ok markus@ OpenBSD-Commit-ID: 0da77dc24a1084798eedd83c39a002a9d231faef
2020-05-27upstream: avoid possible NULL deref; from Pedro Martellettodjm@openbsd.org
OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
2020-05-27upstream: preserve group/world read permission on known_hostsdjm@openbsd.org
file across runs of "ssh-keygen -Rf /path". The old behaviour was to remove all rights for group/other. bz#3146 ok dtucker@ OpenBSD-Commit-ID: dc369d0e0b5dd826430c63fd5f4b269953448a8a
2020-05-02upstream: we have a sshkey_save_public() function to save public keys;djm@openbsd.org
use it and save a bunch of redundant code. Patch from loic AT venez.fr; ok markus@ djm@ OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
2020-05-01upstream: avoid NULL dereference when attempting to convert invaliddjm@openbsd.org
ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
2020-04-20upstream: fix a bug I introduced in r1.406: when printing private keydjm@openbsd.org
fingerprint of old-format key, key comments were not being displayed. Spotted by loic AT venez.fr, ok dtucker OpenBSD-Commit-ID: 2d98e4f9eb168eea733d17e141e1ead9fe26e533
2020-04-17upstream: repair private key fingerprint printing to also printdjm@openbsd.org
comment after regression caused by my recent pubkey loading refactor. Reported by loic AT venez.fr, ok dtucker@ OpenBSD-Commit-ID: f8db49acbee6a6ccb2a4259135693b3cceedb89e
2020-04-03upstream: give ssh-keygen the ability to dump the contents of adjm@openbsd.org
binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
2020-03-14upstream: spelling errors in comments; no code change fromdjm@openbsd.org
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
2020-03-14upstream: when downloading FIDO2 resident keys from a token, don'tdjm@openbsd.org
prompt for a PIN until the token has told us that it needs one. Avoids double-prompting on devices that implement on-device authentication (e.g. a touchscreen PIN pad on the Trezor Model T). ok dtucker@ OpenBSD-Commit-ID: 38b78903dd4422d7d3204095a31692fb69130817
2020-03-13upstream: fix use-after-free in do_download_sk; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: 96b49623d297797d4fc069f1f09e13c8811f8863
2020-03-13upstream: exit if ssh_krl_revoke_key_sha256 fails; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: 0864ad4fe8bf28ab21fd1df766e0365c11bbc0dc
2020-02-28upstream: no-touch-required certificate option should be andjm@openbsd.org
extension, not a critical option. OpenBSD-Commit-ID: 626b22c5feb7be8a645e4b9a9bef89893b88600d
2020-02-28upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
2020-02-07upstream: fix two PIN entry bugs on FIDO keygen: 1) it would allow moredjm@openbsd.org
than the intended number of prompts (3) and 2) it would SEGV too many incorrect PINs were entered; based on patch by Gabriel Kihlman OpenBSD-Commit-ID: 9c0011f28ba8bd8adf2014424b64960333da1718
2020-02-07upstream: Replace "security key" with "authenticator" in programnaddy@openbsd.org
messages. This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@ OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
2020-02-04upstream: require FIDO application strings to start with "ssh:"; okdjm@openbsd.org
markus@ OpenBSD-Commit-ID: 94e9c1c066d42b76f035a3d58250a32b14000afb
2020-01-29upstream: changes to support FIDO attestationdjm@openbsd.org
Allow writing to disk the attestation certificate that is generated by the FIDO token at key enrollment time. These certificates may be used by an out-of-band workflow to prove that a particular key is held in trustworthy hardware. Allow passing in a challenge that will be sent to the card during key enrollment. These are needed to build an attestation workflow that resists replay attacks. ok markus@ OpenBSD-Commit-ID: 457dc3c3d689ba39eed328f0817ed9b91a5f78f6
2020-01-26upstream: improve the error message for u2f enrollment errors bydjm@openbsd.org
making ssh-keygen be solely responsible for printing the error message and convertint some more common error responses from the middleware to a useful ssherr.h status code. more detail remains visible via -v of course. also remove indepedent copy of sk-api.h declarations in sk-usbhid.c and just include it. feedback & ok markus@ OpenBSD-Commit-ID: a4a8ffa870d9a3e0cfd76544bcdeef5c9fb1f1bb
2020-01-26upstream: factor out reading/writing sshbufs to dedicateddjm@openbsd.org
functions; feedback and ok markus@ OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
2020-01-25Put EC key export inside OPENSSL_HAS_ECC.Darren Tucker
Fixes link error when building against an OpenSSL that does not have ECC.
2020-01-25upstream: expose PKCS#11 key labels/X.509 subjects as commentsdjm@openbsd.org
Extract the key label or X.509 subject string when PKCS#11 keys are retrieved from the token and plumb this through to places where it may be used as a comment. based on https://github.com/openssh/openssh-portable/pull/138 by Danielle Church feedback and ok markus@ OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35
2020-01-25upstream: minor tweaks to ssh-keygen -Y find-principals:djm@openbsd.org
emit matched principals one per line to stdout rather than as comma- separated and with a free-text preamble (easy confusion opportunity) emit "not found" error to stderr fix up argument testing for -Y operations and improve error message for unsupported operations OpenBSD-Commit-ID: 3d9c9a671ab07fc04a48f543edfa85eae77da69c
2020-01-25upstream: when signing a certificate with an RSA key, default todjm@openbsd.org
a safe signature algorithm (rsa-sha-512) if not is explicitly specified by the user; ok markus@ OpenBSD-Commit-ID: e05f638f0be6c0266e1d3d799716b461011e83a9
2020-01-25upstream: allow PEM export of DSA and ECDSA keys; bz3091, patchdjm@openbsd.org
from Jakub Jelen ok markus@ OpenBSD-Commit-ID: a58edec8b9f07acab4b962a71a5125830d321b51
2020-01-25upstream: ssh-keygen -Y find-principals fixes based on feedbackdjm@openbsd.org
from Markus: use "principals" instead of principal, as allowed_signers lines may list multiple. When the signing key is a certificate, emit only principals that match the certificate principal list. NB. the command -Y name changes: "find-principal" => "find-principals" ok markus@ OpenBSD-Commit-ID: ab575946ff9a55624cd4e811bfd338bf3b1d0faf
2020-01-23upstream: remove trailing period characters from pub/priv keydjm@openbsd.org
pathnames - they make them needlessly more difficult to cut and paste without error; ok markus@ & dtucker@ OpenBSD-Commit-ID: abdcfd1a5723fcac0711feee7665edc66ae2335a
2020-01-23upstream: add a new signature operations "find-principal" to lookdjm@openbsd.org
up the principal associated with a signature from an allowed-signers file. Work by Sebastian Kinne; ok dtucker@ OpenBSD-Commit-ID: 6f782cc7e18e38fcfafa62af53246a1dcfe74e5d
2020-01-22upstream: For ssh-keygen -lF only add a space after key fingerprintclaudio@openbsd.org
when there is a comment. This makes copy-paste of fingerprints into ssh easier. OK djm@ OpenBSD-Commit-ID: fa01d95624f65c1eb4dc7c575d20d77c78010dfd
2020-01-21upstream: don't #ifdef out the KRL code when compiling withoutdjm@openbsd.org
libcrypto support; it works just fine and disabling it breaks a few tests. ok dtucker@ OpenBSD-Commit-ID: 65f6272c4241eb4b04de78b012fe98b2b555ad44
2020-01-21upstream: sync ssh-keygen.1 and ssh-keygen's usage() with eachnaddy@openbsd.org
other and reality ok markus@ OpenBSD-Commit-ID: cdf64454f2c3604c25977c944e5b6262a3bcce92
2020-01-06upstream: Extends the SK API to accept a set of key/value optionsdjm@openbsd.org
for all operations. These are intended to future-proof the API a little by making it easier to specify additional fields for without having to change the API version for each. At present, only two options are defined: one to explicitly specify the device for an operation (rather than accepting the middleware's autoselection) and another to specify the FIDO2 username that may be used when generating a resident key. These new options may be invoked at key generation time via ssh-keygen -O This also implements a suggestion from Markus to avoid "int" in favour of uint32_t for the algorithm argument in the API, to make implementation of ssh-sk-client/helper a little easier. feedback, fixes and ok markus@ OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
2020-01-03upstream: ability to download FIDO2 resident keys from a token viadjm@openbsd.org
"ssh-keygen -K". This will save public/private keys into the current directory. This is handy if you move a token between hosts. feedback & ok markus@ OpenBSD-Commit-ID: d57c1f9802f7850f00a117a1d36682a6c6d10da6
2019-12-30upstream: Remove the -x option currently used fordjm@openbsd.org
FIDO/U2F-specific key flags. Instead these flags may be specified via -O. ok markus@ OpenBSD-Commit-ID: f23ebde2a8a7e1bf860a51055a711cffb8c328c1
2019-12-30upstream: translate and return error codes; retry on bad PINdjm@openbsd.org
Define some well-known error codes in the SK API and pass them back via ssh-sk-helper. Use the new "wrong PIN" error code to retry PIN prompting during ssh-keygen of resident keys. feedback and ok markus@ OpenBSD-Commit-ID: 9663c6a2bb7a0bc8deaccc6c30d9a2983b481620
2019-12-30upstream: SK API and sk-helper error/PIN passingdjm@openbsd.org
Allow passing a PIN via the SK API (API major crank) and let the ssh-sk-helper API follow. Also enhance the ssh-sk-helper API to support passing back an error code instead of a complete reply. Will be used to signal "wrong PIN", etc. feedback and ok markus@ OpenBSD-Commit-ID: a1bd6b0a2421646919a0c139b8183ad76d28fb71
2019-12-30upstream: basic support for generating FIDO2 resident keysdjm@openbsd.org
"ssh-keygen -t ecdsa-sk|ed25519-sk -x resident" will generate a device-resident key. feedback and ok markus@ OpenBSD-Commit-ID: 8e1b3c56a4b11d85047bd6c6c705b7eef4d58431
2019-12-30upstream: remove single-letter flags for moduli optionsdjm@openbsd.org
Move all moduli generation options to live under the -O flag. Frees up seven single-letter flags. NB. this change break existing ssh-keygen commandline syntax for moduli- related operations. Very few people use these fortunately. feedback and ok markus@ OpenBSD-Commit-ID: d498f3eaf28128484826a4fcb343612764927935
2019-12-30upstream: prepare for use of ssh-keygen -O flag beyond certsdjm@openbsd.org
Move list of available certificate options in ssh-keygen.1 to the CERTIFICATES section. Collect options specified by -O but delay parsing/validation of certificate options until we're sure that we're acting as a CA. ok markus@ OpenBSD-Commit-ID: 33e6bcc29cfca43606f6fa09bd84b955ee3a4106
2019-12-14remove a bunch of ENABLE_SK #ifdefsDamien Miller
The ssh-sk-helper client API gives us a nice place to disable security key support when it is wasn't enabled at compile time, so we don't need to check everywere. Also, verification of security key signatures can remain enabled all the time - it has no additional dependencies. So sshd can accept security key pubkeys in authorized_keys, etc regardless of the host's support for dlopen, etc.
2019-12-11upstream: when acting as a CA and using a security key as the CAdjm@openbsd.org
key, remind the user to touch they key to authorise the signature. OpenBSD-Commit-ID: fe58733edd367362f9766b526a8b56827cc439c1
2019-11-25upstream: Print a key touch reminder when generating a securitydjm@openbsd.org
key. Most keys require a touch to authorize the operation. OpenBSD-Commit-ID: 7fe8b23edbf33e1bb81741b9f25e9a63be5f6b68