webauthn signatures: SecurityKeyProvider, json parsing

Damien Miller djm at mindrot.org
Wed Jan 12 09:33:52 AEDT 2022


On Tue, 11 Jan 2022, Scott C Wang wrote:

> Damien, thanks for clarifying.
> 
> (1 SecurityKeyProvider)
> 
> I don't have a FIDO security key, but I do have an Android phone, and
> the Android phone can act as a webauthn key via Google Chrome. So
> these were the shower thoughts I had for getting this to work.
>
> I implement a SecurityKeyProvider that prints a https URL upon
> sk_sign. I open this URL in Google Chrome. The script on the page
> calls the webauthn authentication API; Google Chrome prompts
> me to choose an authentication method, and I pick my phone.
> Authenticating my fingerprint on my phone yields a webauthn signature
> to the script, which POSTs the signature, origin, clientData, and
> extensions back to the same URL. The SecurityKeyProvider polls
> the URL (or some endpoint) until the signature arrives, which it
> returns, along with the origin, clientData, and extensions, to the
> OpenSSH client. The OpenSSH client now has what it needs to pack a
> "webauthn-sk-ecdsa-sha2-nistp256 at openssh.com" signature message, all
> of which the OpenSSH server currently already supports validating.
>
> More generally, this one SecurityKeyProvider implementation would be
> able to bridge the OpenSSH client's security key authentication to any
> platform running a web browser exposing the webauthn API.
>
> I've only given preliminary thought to this as yet -- have I gone mad?

No, I've wondered about the same thing too :)

As far as communicating with the webauthn signer via the ssh-sk API,
nothing in OpenSSH uses the extensions field and the existing
application field could be used to pass origin. AFAIK clientData is
prepared from origin, extensions and H(message), so there's not need
to pass that explicitly.

That just leaves signalling that the signer wants an origin rather
than a bare application, and signalling back from the signer that the
signature should be packed as a webauthn one.

Am I missing anything? (I apologise for forgetting most of the details
since I implemented webauthn in OpenSSH)

> (2 json key order) Perfect! Very prudent.
>
> (3 mindrot.org) Excellent, thank you for the link. (I was trying
> /webauthn.html, but hadn't thought to try /webauthn.) Perhaps
> the hardcoded "mindrot.org" relying party can be changed to
> window.location.host, so that the standalone page can be hosted
> without modification on anyone's domain.

good idea - done.

-d


More information about the openssh-unix-dev mailing list