diff options
| author | Corinna Vinschen <vinschen@redhat.com> | 2022-02-11 14:33:41 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2022-08-05 06:44:03 +0200 |
| commit | 2886975c0ad9244e60dc5e4be34fde3aa573a4b5 (patch) | |
| tree | 08b8b3010c873e9dc13008515989505f56f096eb /sk-usbhid.c | |
| parent | check_sk_options: add temporary WinHello workaround (diff) | |
| download | openssh-2886975c0ad9244e60dc5e4be34fde3aa573a4b5.tar.xz openssh-2886975c0ad9244e60dc5e4be34fde3aa573a4b5.zip | |
sk_sign: set FIDO2 uv attribute explicitely for WinHello
WinHello via libfido2 performs user verification by default.
However, if we stick to that, there's no way to differentiate
between keys created with or without "-O verify-required".
Set FIDO2 uv attribute explicitely to FIDO_OPT_FALSE, then check
if user verification has been requested.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
Diffstat (limited to 'sk-usbhid.c')
| -rw-r--r-- | sk-usbhid.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index 06bf0e85c..a82110efa 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -1216,6 +1216,14 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen, skdebug(__func__, "fido_assert_set_up: %s", fido_strerr(r)); goto out; } + /* + * WinHello requests the PIN by default. Make "uv" request explicit + * to allow keys with and without -O verify-required to make sense. + */ + if (pin == NULL && fido_dev_is_winhello (sk->dev) && + (r = fido_assert_set_uv(assert, FIDO_OPT_FALSE)) != FIDO_OK) { + skdebug(__func__, "fido_assert_set_uv: %s", fido_strerr(r)); + } if (pin == NULL && (flags & SSH_SK_USER_VERIFICATION_REQD)) { if (check_sk_options(sk->dev, "uv", &internal_uv) < 0 || internal_uv != 1) { |