| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
making debugging a bit easier. ok markus@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
operations. These are intended to future-proof the API a little by
making it easier to specify additional fields for without having to
change the API version for each.
At present, only two options are defined: one to explicitly specify
the device for an operation (rather than accepting the middleware's
autoselection) and another to specify the FIDO2 username that may
be used when generating a resident key. These new options may be
invoked at key generation time via ssh-keygen -O
This also implements a suggestion from Markus to avoid "int" in favour
of uint32_t for the algorithm argument in the API, to make implementation
of ssh-sk-client/helper a little easier.
feedback, fixes and ok markus@
|
| |
|
|
|
|
|
|
|
|
|
| |
Allow passing a PIN via the SK API (API major crank) and let the
ssh-sk-helper API follow.
Also enhance the ssh-sk-helper API to support passing back an error
code instead of a complete reply. Will be used to signal "wrong PIN",
etc.
feedback and ok markus@
|
| |
|
|
|
|
|
|
|
|
| |
Adds a sk_load_resident_keys() function to the security key
API that accepts a security key provider and a PIN and returns
a list of keys.
Implement support for this in the usbhid middleware.
feedback and ok markus@
|
| |
|
|
|
|
|
|
|
| |
This extracts and refactors the client interface for ssh-sk-helper
from ssh-agent and generalises it for use by the other programs.
This means that most OpenSSH tools no longer need to link against
libfido2 or directly interact with /dev/uhid*
requested by, feedback and ok markus@
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
feedback & ok markus@
|
|
|
Supports enrolling (generating) keys and signatures.
feedback & ok markus@
|
djm
markus