Mercurial > dropbear
diff ssh.h @ 1928:333688ec53d0
Handle ecdsa-sk flags, reject no-touch
For the time being Dropbear will only allow SK auth with default
parameters, user-presence needs to be set.
In future handling of authorized_keys option "no-touch-required" can be
added.
This code would also be refactored to share between ecdsa and ed25519
once I get hardware/emulation to test ed25519.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 30 Mar 2022 21:06:15 +0800 |
parents | d5cdc60db08e |
children |
line wrap: on
line diff
--- a/ssh.h Wed Mar 30 14:32:49 2022 +0800 +++ b/ssh.h Wed Mar 30 21:06:15 2022 +0800 @@ -126,3 +126,8 @@ #define SSH2_AGENT_SIGN_RESPONSE 14 #define SSH2_AGENT_FAILURE 30 + +/* Flags defined by OpenSSH U2F key/signature format */ +#define SSH_SK_USER_PRESENCE_REQD 0x01 +#define SSH_SK_USER_VERIFICATION_REQD 0x04 +#define SSH_SK_RESIDENT_KEY 0x20