openssh-sk-winhello
openssh-sk-winhello copied to clipboard
#13 - Update SSH_SK_VERSION_MAJOR from 7 to 9
Addressing issue 13, I copied this version of sk-api.h
and changed a couple variables to match the names within (from message to data).
After that, I was able to create a key against Openssh_9.0p1, OpenSSL 1.1.1q Jul 5 2022
using my yubikey + windows hello.
By bumping from 7 to 9, we'll notably be missing support for 8 and a. See mentions of SSH_SK_VERSION_MAJOR
in the OpenSSH release notes, and these commits that edit the sk-api.h
file.
Many thanks! I’ll release a preview version based on this!
On Tue, Aug 9, 2022 at 7:23 AM Adam Strickland @.***> wrote:
Addressing issue 13 https://github.com/tavrez/openssh-sk-winhello/issues/13, I copied this version of sk-api.h and changed a couple variables to match the names within (from message to data).
After that, I was able to create a key against Openssh_9.0p1, OpenSSL 1.1.1q Jul 5 2022 using my yubikey + windows hello.
You can view, comment on, or merge this pull request online at:
https://github.com/tavrez/openssh-sk-winhello/pull/16 Commit Summary
- 13036d5 https://github.com/tavrez/openssh-sk-winhello/pull/16/commits/13036d5061442ae66ea660a83f2d4c780b277a09 Just change 7 to 9
- 123ac4c https://github.com/tavrez/openssh-sk-winhello/pull/16/commits/123ac4c9ef796697fc60b8ddc205c83cd5d976ac Apply newest webauthn header file
- 747b831 https://github.com/tavrez/openssh-sk-winhello/pull/16/commits/747b83149fc809cb101cbd3ac11f25f8827073ae Change "message" to "data" from new sk-api.h
File Changes
(3 files https://github.com/tavrez/openssh-sk-winhello/pull/16/files)
- M src/sk-api.h https://github.com/tavrez/openssh-sk-winhello/pull/16/files#diff-4f5fffd10fe14dabda631f12bb97a8989ede7e15a9b7bc39b0e41961fc5f415f (11)
- M src/webauthn/webauthn.h https://github.com/tavrez/openssh-sk-winhello/pull/16/files#diff-727d3755c4cb0fee43813f243f100af8b7ce9db552e1a0280397d6451a8e91aa (308)
- M src/winhello.c https://github.com/tavrez/openssh-sk-winhello/pull/16/files#diff-3cc466f067d3c26e566f128619db4d1db31457db889572cf3b151cb310d65870 (4)
Patch Links:
- https://github.com/tavrez/openssh-sk-winhello/pull/16.patch
- https://github.com/tavrez/openssh-sk-winhello/pull/16.diff
— Reply to this email directly, view it on GitHub https://github.com/tavrez/openssh-sk-winhello/pull/16, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACFM2DLRLV5GVDHJFTCBX73VYHB4BANCNFSM557E662A . You are receiving this because you are subscribed to this thread.Message ID: @.***>
This is also working for me. I tested with OpenSSH_9.0p1 in cygwin (64-bit).
With OpenSSH_9.1p1, this is broken again:
Provider "/usr/lib/winhello.dll" implements unsupported version 0x00090000 (supported: 0x000a0000)
sign_and_send_pubkey: signing failed for ED25519-SK "/cygdrive/c/home/.ssh/id_ed25519_sk": invalid format
but it can be fixed with:
diff --git a/src/sk-api.h b/src/sk-api.h
index 2445438..ca2015e 100644
--- a/src/sk-api.h
+++ b/src/sk-api.h
@@ -77,7 +77,7 @@ struct sk_option {
uint8_t required;
};
-#define SSH_SK_VERSION_MAJOR 0x00090000 /* current API version */
+#define SSH_SK_VERSION_MAJOR 0x000a0000 /* current API version */
#define SSH_SK_VERSION_MAJOR_MASK 0xffff0000
/* Return the version of the middleware API */
@tavrez , how do you think we should handle these frequent version bumps in OpenSSH-portable? Should we tag a release for major version 9, and then make a new one for major version a?
@ivan , it looks like this commit did more than just update the version number, and may have introduced other changes we need to make. Did you take a look at/test that?