upstream: remove extra layer for ed25519 signature; ok djm@

OpenBSD-Commit-ID: 7672d9d0278b4bf656a12d3aab0c0bfe92a8ae47

diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f
index bd60f9fac5ff9be56f1a75e7af170f84c72d6e02..ca55c42972ef84d726cddf3d8fbaa7a453ef9b32 100644 (file)
--- a/PROTOCOL.u2f
+++ b/PROTOCOL.u2f
@@ -148,6 +148,14 @@ be reformatted slightly and the ecdsa_signature_blob value has the encoding:
 Where 'r' and 's' are extracted by the client or token middleware from the
 ecdsa_signature field returned from the hardware.
 
+For Ed25519 keys the signature is encoded as:
+
+       string          "sk-ssh-ed25519@openssh.com"
+       string          signature
+       byte            flags
+       uint32          counter
+
+
 ssh-agent protocol extensions
 -----------------------------
 

diff --git a/ssh-ed25519-sk.c b/ssh-ed25519-sk.c
index f42c883037ac72365a81a7fb3a8f2f6b2b6b8bbe..622cb45c24539cf344069f089914929f2ad6aae9 100644 (file)
--- a/ssh-ed25519-sk.c
+++ b/ssh-ed25519-sk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ed25519-sk.c,v 1.1 2019/11/12 19:29:24 markus Exp $ */
+/* $OpenBSD: ssh-ed25519-sk.c,v 1.2 2019/11/12 19:34:40 markus Exp $ */
 /*
  * Copyright (c) 2019 Markus Friedl.  All rights reserved.
  *
@@ -36,7 +36,6 @@ ssh_ed25519_sk_verify(const struct sshkey *key,
     const u_char *data, size_t datalen, u_int compat)
 {
        struct sshbuf *b = NULL;
-       struct sshbuf *sigbuf = NULL;
        struct sshbuf *encoded = NULL;
        char *ktype = NULL;
        const u_char *sigblob;
@@ -60,10 +59,9 @@ ssh_ed25519_sk_verify(const struct sshkey *key,
        if ((b = sshbuf_from(signature, signaturelen)) == NULL)
                return SSH_ERR_ALLOC_FAIL;
        if (sshbuf_get_cstring(b, &ktype, NULL) != 0 ||
-           sshbuf_froms(b, &sigbuf) != 0 ||
-           sshbuf_get_string_direct(sigbuf, &sigblob, &len) != 0 ||
-           sshbuf_get_u8(sigbuf, &sig_flags) != 0 ||
-           sshbuf_get_u32(sigbuf, &sig_counter) != 0) {
+           sshbuf_get_string_direct(b, &sigblob, &len) != 0 ||
+           sshbuf_get_u8(b, &sig_flags) != 0 ||
+           sshbuf_get_u32(b, &sig_counter) != 0) {
                r = SSH_ERR_INVALID_FORMAT;
                goto out;
        }
@@ -123,7 +121,6 @@ ssh_ed25519_sk_verify(const struct sshkey *key,
                free(m);
        }
        sshbuf_free(b);
-       sshbuf_free(sigbuf);
        sshbuf_free(encoded);
        free(ktype);
        return r;

diff --git a/ssh-sk.c b/ssh-sk.c
index 7a4bf8c6b5c9681ce671b87891085623874a6723..ff9c6f28282fc5a292970e64024cf36ee27f8d47 100644 (file)
--- a/ssh-sk.c
+++ b/ssh-sk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-sk.c,v 1.8 2019/11/12 19:34:00 markus Exp $ */
+/* $OpenBSD: ssh-sk.c,v 1.9 2019/11/12 19:34:40 markus Exp $ */
 /*
  * Copyright (c) 2019 Google LLC
  *
@@ -359,12 +359,11 @@ sshsk_enroll(int type, const char *provider_path, const char *application,
 }
 
 static int
-sshsk_ecdsa_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
+sshsk_ecdsa_sig(struct sk_sign_response *resp, struct sshbuf *sig)
 {
        struct sshbuf *inner_sig = NULL;
        int r = SSH_ERR_INTERNAL_ERROR;
 
-       *retp = NULL;
        /* Check response validity */
        if (resp->sig_r == NULL || resp->sig_r == NULL) {
                error("%s: sk_sign response invalid", __func__);
@@ -375,7 +374,7 @@ sshsk_ecdsa_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
                r = SSH_ERR_ALLOC_FAIL;
                goto out;
        }
-       /* Prepare inner signature object */
+       /* Prepare and append inner signature object */
        if ((r = sshbuf_put_bignum2_bytes(inner_sig,
            resp->sig_r, resp->sig_r_len)) != 0 ||
            (r = sshbuf_put_bignum2_bytes(inner_sig,
@@ -385,42 +384,39 @@ sshsk_ecdsa_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
                debug("%s: buffer error: %s", __func__, ssh_err(r));
                goto out;
        }
+       if ((r = sshbuf_put_stringb(sig, inner_sig)) != 0) {
+               debug("%s: buffer error: %s", __func__, ssh_err(r));
+               goto out;
+       }
 #ifdef DEBUG_SK
        fprintf(stderr, "%s: sig_r:\n", __func__);
        sshbuf_dump_data(resp->sig_r, resp->sig_r_len, stderr);
        fprintf(stderr, "%s: sig_s:\n", __func__);
        sshbuf_dump_data(resp->sig_s, resp->sig_s_len, stderr);
+       fprintf(stderr, "%s: inner:\n", __func__);
+       sshbuf_dump(inner_sig, stderr);
 #endif
-       *retp = inner_sig;
-       inner_sig = NULL;
        r = 0;
-out:
+ out:
        sshbuf_free(inner_sig);
        return r;
 }
 
 static int
-sshsk_ed25519_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
+sshsk_ed25519_sig(struct sk_sign_response *resp, struct sshbuf *sig)
 {
-       struct sshbuf *inner_sig = NULL;
        int r = SSH_ERR_INTERNAL_ERROR;
 
-       *retp = NULL;
        /* Check response validity */
        if (resp->sig_r == NULL) {
                error("%s: sk_sign response invalid", __func__);
                r = SSH_ERR_INVALID_FORMAT;
                goto out;
        }
-       if ((inner_sig = sshbuf_new()) == NULL) {
-               r = SSH_ERR_ALLOC_FAIL;
-               goto out;
-       }
-       /* Prepare inner signature object */
-       if ((r = sshbuf_put_string(inner_sig,
+       if ((r = sshbuf_put_string(sig,
            resp->sig_r, resp->sig_r_len)) != 0 ||
-           (r = sshbuf_put_u8(inner_sig, resp->flags)) != 0 ||
-           (r = sshbuf_put_u32(inner_sig, resp->counter)) != 0) {
+           (r = sshbuf_put_u8(sig, resp->flags)) != 0 ||
+           (r = sshbuf_put_u32(sig, resp->counter)) != 0) {
                debug("%s: buffer error: %s", __func__, ssh_err(r));
                goto out;
        }
@@ -428,12 +424,9 @@ sshsk_ed25519_inner_sig(struct sk_sign_response *resp, struct sshbuf **retp)
        fprintf(stderr, "%s: sig_r:\n", __func__);
        sshbuf_dump_data(resp->sig_r, resp->sig_r_len, stderr);
 #endif
-       *retp = inner_sig;
-       inner_sig = NULL;
        r = 0;
-out:
-       sshbuf_free(inner_sig);
-       return r;
+ out:
+       return 0;
 }
 
 int
@@ -488,34 +481,30 @@ sshsk_sign(const char *provider_path, const struct sshkey *key,
                debug("%s: sk_sign failed with code %d", __func__, r);
                goto out;
        }
-       /* Prepare inner signature object */
+       /* Assemble signature */
+       if ((sig = sshbuf_new()) == NULL) {
+               r = SSH_ERR_ALLOC_FAIL;
+               goto out;
+       }
+       if ((r = sshbuf_put_cstring(sig, sshkey_ssh_name_plain(key))) != 0) {
+               debug("%s: buffer error (outer): %s", __func__, ssh_err(r));
+               goto out;
+       }
        switch (type) {
        case KEY_ECDSA_SK:
-               if ((r = sshsk_ecdsa_inner_sig(resp, &inner_sig)) != 0)
+               if ((r = sshsk_ecdsa_sig(resp, sig)) != 0)
                        goto out;
                break;
        case KEY_ED25519_SK:
-               if ((r = sshsk_ed25519_inner_sig(resp, &inner_sig)) != 0)
+               if ((r = sshsk_ed25519_sig(resp, sig)) != 0)
                        goto out;
                break;
        }
-       /* Assemble outer signature */
-       if ((sig = sshbuf_new()) == NULL) {
-               r = SSH_ERR_ALLOC_FAIL;
-               goto out;
-       }
-       if ((r = sshbuf_put_cstring(sig, sshkey_ssh_name_plain(key))) != 0 ||
-           (r = sshbuf_put_stringb(sig, inner_sig)) != 0) {
-               debug("%s: buffer error (outer): %s", __func__, ssh_err(r));
-               goto out;
-       }
 #ifdef DEBUG_SK
        fprintf(stderr, "%s: sig_flags = 0x%02x, sig_counter = %u\n",
            __func__, resp->flags, resp->counter);
        fprintf(stderr, "%s: hashed message:\n", __func__);
        sshbuf_dump_data(message, sizeof(message), stderr);
-       fprintf(stderr, "%s: inner:\n", __func__);
-       sshbuf_dump(inner_sig, stderr);
        fprintf(stderr, "%s: sigbuf:\n", __func__);
        sshbuf_dump(sig, stderr);
 #endif