ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-06-26 18:17:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Implement server-side support for sk-ecdsa U2F-backed keys (#142)

Browse Source 
* Implement server-side support for sk-ecdsa U2F-backed keys

* Fix out-of-bounds read on normal ecdsa-sha2-[identifier] keys

* Fix one more potential out-of-bounds read

* Check if nistp256 curve is used in sk-ecdsa-sha2- key

It's the only allowed curve per PROTOCOL.u2f specification

* Implement server-side support for sk-ed25519 FIDO2-backed keys

* Keys with type sk-* make no sense as host keys, so they should be
disabled

* fix typo

* Make sk-ecdsa call buf_ecdsa_verify

This reduces code duplication, the SK code just handles the
different message format.

* Reduce sk specific code

The application id can be stored in signkey, then we don't need
to call sk-specific functions from svr-authpubkey

* Remove debugging output, which causes compilation errors with DEBUG_TRACE disabled

* Proper cleanup of sk_app

Co-authored-by: Matt Johnston <matt@codeconstruct.com.au>
This commit is contained in:
egor-duda
2022-01-22 16:53:04 +03:00
committed by GitHub
parent 18be2a6509
commit 5edd2ce32e
14 changed files with 271 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
ecdsa.c
View File

@@ -81,18 +81,25 @@ ecc_key *buf_get_ecdsa_pub_key(buffer* buf) {
struct dropbear_ecc_curve **curve;
ecc_key *new_key = NULL;
/* string "ecdsa-sha2-[identifier]" */
/* string "ecdsa-sha2-[identifier]" or "sk-ecdsa-sha2-nistp256@openssh.com" */
key_ident = (unsigned char*)buf_getstring(buf, &key_ident_len);
/* string "[identifier]" */
identifier = (unsigned char*)buf_getstring(buf, &identifier_len);
if (key_ident_len != identifier_len + strlen("ecdsa-sha2-")) {
TRACE(("Bad identifier lengths"))
goto out;
}
if (memcmp(&key_ident[strlen("ecdsa-sha2-")], identifier, identifier_len) != 0) {
TRACE(("mismatching identifiers"))
goto out;
if (strcmp (key_ident, "sk-ecdsa-sha2-nistp256@openssh.com") == 0) {
if (strcmp (identifier, "nistp256") != 0) {
TRACE(("mismatching identifiers"))
goto out;
}
} else {
if (key_ident_len != identifier_len + strlen ("ecdsa-sha2-")) {
TRACE(("Bad identifier lengths"))
goto out;
}
if (memcmp(&key_ident[strlen ("ecdsa-sha2-")], identifier, identifier_len) != 0) {
TRACE(("mismatching identifiers"))
goto out;
}
}
for (curve = dropbear_ecc_curves; *curve; curve++) {