[openssh-commits] [openssh] branch master updated: upstream: sk-usbhid: skip unsupported key types in read_rks()
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Jun 1 15:50:12 AEST 2026
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
The following commit(s) were added to refs/heads/master by this push:
new 684d26a3c upstream: sk-usbhid: skip unsupported key types in read_rks()
684d26a3c is described below
commit 684d26a3c4d07e78027517fd6e98875ae5dff71d
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Mon Jun 1 05:49:20 2026 +0000
upstream: sk-usbhid: skip unsupported key types in read_rks()
When enumerating resident keys, encountering a credential with an
unsupported COSE key type (not ES256 or EdDSA) caused the entire
enumeration to abort via goto out, discarding all valid keys.
Move the key type check before the per-credential allocation so
unsupported types can be skipped with continue instead. This
preserves all valid resident keys on the token.
Patch from Akhilesh Arora via GHPR657
OpenBSD-Commit-ID: b344a44ff97d26faf099b8e0cad72ad1e793ac0f
---
sk-usbhid.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/sk-usbhid.c b/sk-usbhid.c
index cd248811a..ce59c4e93 100644
--- a/sk-usbhid.c
+++ b/sk-usbhid.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sk-usbhid.c,v 1.48 2025/05/12 05:41:20 tb Exp $ */
+/* $OpenBSD: sk-usbhid.c,v 1.49 2026/06/01 05:49:20 djm Exp $ */
/*
* Copyright (c) 2019 Markus Friedl
* Copyright (c) 2020 Pedro Martelletto
@@ -1262,6 +1262,7 @@ read_rks(struct sk_usbhid *sk, const char *pin,
struct sk_resident_key ***rksp, size_t *nrksp)
{
int ret = SSH_SK_ERR_GENERAL, r = -1, internal_uv;
+ uint32_t alg;
fido_credman_metadata_t *metadata = NULL;
fido_credman_rp_t *rp = NULL;
fido_credman_rk_t *rk = NULL;
@@ -1358,6 +1359,20 @@ read_rks(struct sk_usbhid *sk, const char *pin,
user_id_len, j, fido_cred_type(cred),
fido_cred_flags(cred), fido_cred_prot(cred));
+ /* Determine key algorithm */
+ switch (fido_cred_type(cred)) {
+ case COSE_ES256:
+ alg = SSH_SK_ECDSA;
+ break;
+ case COSE_EDDSA:
+ alg = SSH_SK_ED25519;
+ break;
+ default:
+ skdebug(__func__, "unsupported key type %d",
+ fido_cred_type(cred));
+ continue;
+ }
+
/* build response entry */
if ((srk = calloc(1, sizeof(*srk))) == NULL ||
(srk->key.key_handle = calloc(1,
@@ -1369,6 +1384,7 @@ read_rks(struct sk_usbhid *sk, const char *pin,
goto out;
}
+ srk->alg = alg;
srk->key.key_handle_len = fido_cred_id_len(cred);
memcpy(srk->key.key_handle, fido_cred_id_ptr(cred),
srk->key.key_handle_len);
@@ -1376,19 +1392,6 @@ read_rks(struct sk_usbhid *sk, const char *pin,
if (srk->user_id_len != 0)
memcpy(srk->user_id, user_id, srk->user_id_len);
- switch (fido_cred_type(cred)) {
- case COSE_ES256:
- srk->alg = SSH_SK_ECDSA;
- break;
- case COSE_EDDSA:
- srk->alg = SSH_SK_ED25519;
- break;
- default:
- skdebug(__func__, "unsupported key type %d",
- fido_cred_type(cred));
- goto out; /* XXX free rk and continue */
- }
-
if (fido_cred_prot(cred) == FIDO_CRED_PROT_UV_REQUIRED
&& internal_uv == -1)
srk->flags |= SSH_SK_USER_VERIFICATION_REQD;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list