]> git.ipfire.org Git - thirdparty/openssh-portable.git/commit
upstream: Enable credProtect extension when generating a resident
authordjm@openbsd.org <djm@openbsd.org>
Wed, 13 May 2020 10:08:02 +0000 (10:08 +0000)
committerDamien Miller <djm@mindrot.org>
Wed, 27 May 2020 00:09:19 +0000 (10:09 +1000)
commit2ad7b7e46408dbebf2a4efc4efd75a9544197d57
tree5d24a7a78d9ff23c4471d9104892fd6d77ec4764
parent1e70dc3285fc9b4f6454975acb81e8702c23dd89
upstream: Enable credProtect extension when generating a resident

key.

The FIDO 2.1 Client to Authenticator Protocol introduced a "credProtect"
feature to better protect resident keys. This option allows (amone other
possibilities) requiring a PIN prior to all operations that may retrieve
the key handle.

Patch by Pedro Martelletto; ok djm and markus

OpenBSD-Commit-ID: 013bc06a577dcaa66be3913b7f183eb8cad87e73
sk-usbhid.c