diff options
| author |   djm <djm@openbsd.org> | 2020-06-22 23:44:27 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2020-06-22 23:44:27 +0000 |
| commit | 385c31a1e45ac9fe96fe47ecc78b4478524dad0c (patch) | |
| tree | 749746d57d10a3ede7943ac6e6be1fc27af3c7ea | |
| parent | timecounting: add gettime(9), getuptime(9) (diff) | |
| download | wireguard-openbsd-385c31a1e45ac9fe96fe47ecc78b4478524dad0c.tar.xz wireguard-openbsd-385c31a1e45ac9fe96fe47ecc78b4478524dad0c.zip | |
some clarifying comments
| -rw-r--r-- | usr.bin/ssh/ssh-ecdsa-sk.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh-ecdsa-sk.c b/usr.bin/ssh/ssh-ecdsa-sk.c index 8361cae952f..68a6fc7eb60 100644 --- a/usr.bin/ssh/ssh-ecdsa-sk.c +++ b/usr.bin/ssh/ssh-ecdsa-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ecdsa-sk.c,v 1.7 2020/06/22 05:58:35 djm Exp $ */ +/* $OpenBSD: ssh-ecdsa-sk.c,v 1.8 2020/06/22 23:44:27 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -79,6 +79,13 @@ webauthn_check_prepare_hash(const u_char *data, size_t datalen, r = SSH_ERR_INVALID_FORMAT; goto out; } + + /* + * Prepare the preamble to clientData that we expect, poking the + * challenge and origin into their canonical positions in the + * structure. The crossOrigin flag and any additional extension + * fields present are ignored. + */ #define WEBAUTHN_0 "{\"type\":\"webauthn.get\",\"challenge\":\"" #define WEBAUTHN_1 "\",\"origin\":\"" #define WEBAUTHN_2 "\"" @@ -95,7 +102,7 @@ webauthn_check_prepare_hash(const u_char *data, size_t datalen, fprintf(stderr, "%s: expected clientData premable:\n", __func__); sshbuf_dump(m, stderr); #endif - /* Check that the supplied clientData matches what we expect */ + /* Check that the supplied clientData has the preamble we expect */ if ((r = sshbuf_cmp(wrapper, 0, sshbuf_ptr(m), sshbuf_len(m))) != 0) goto out; |