PROTOCOL.u2f 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310
  1. This document describes OpenSSH's support for U2F/FIDO security keys.
  2. Background
  3. ----------
  4. U2F is an open standard for two-factor authentication hardware, widely
  5. used for user authentication to websites. U2F tokens are ubiquitous,
  6. available from a number of manufacturers and are currently by far the
  7. cheapest way for users to achieve hardware-backed credential storage.
  8. The U2F protocol however cannot be trivially used as an SSH protocol key
  9. type as both the inputs to the signature operation and the resultant
  10. signature differ from those specified for SSH. For similar reasons,
  11. integration of U2F devices cannot be achieved via the PKCS#11 API.
  12. U2F also offers a number of features that are attractive in the context
  13. of SSH authentication. They can be configured to require indication
  14. of "user presence" for each signature operation (typically achieved
  15. by requiring the user touch the key). They also offer an attestation
  16. mechanism at key enrollment time that can be used to prove that a
  17. given key is backed by hardware. Finally the signature format includes
  18. a monotonic signature counter that can be used (at scale) to detect
  19. concurrent use of a private key, should it be extracted from hardware.
  20. U2F private keys are generated through an enrollment operation,
  21. which takes an application ID - a URL-like string, typically "ssh:"
  22. in this case, but a HTTP origin for the case of web authentication,
  23. and a challenge string (typically randomly generated). The enrollment
  24. operation returns a public key, a key handle that must be used to invoke
  25. the hardware-backed private key, some flags and signed attestation
  26. information that may be used to verify that a private key is hosted on a
  27. particular hardware instance.
  28. It is common for U2F hardware to derive private keys from the key handle
  29. in conjunction with a small per-device secret that is unique to the
  30. hardware, thus requiring little on-device storage for an effectively
  31. unlimited number of supported keys. This drives the requirement that
  32. the key handle be supplied for each signature operation. U2F tokens
  33. primarily use ECDSA signatures in the NIST-P256 field, though the FIDO2
  34. standard specifies additional key types, including one based on Ed25519.
  35. Use of U2F security keys does not automatically imply multi-factor
  36. authentication. From sshd's perspective, a security key constitutes a
  37. single factor of authentication, even if protected by a PIN or biometric
  38. authentication. To enable multi-factor authentication in ssh, please
  39. refer to the AuthenticationMethods option in sshd_config(5).
  40. SSH U2F Key formats
  41. -------------------
  42. OpenSSH integrates U2F as new key and corresponding certificate types:
  43. sk-ecdsa-sha2-nistp256@openssh.com
  44. sk-ecdsa-sha2-nistp256-cert-v01@openssh.com
  45. sk-ssh-ed25519@openssh.com
  46. sk-ssh-ed25519-cert-v01@openssh.com
  47. While each uses ecdsa-sha256-nistp256 as the underlying signature primitive,
  48. keys require extra information in the public and private keys, and in
  49. the signature object itself. As such they cannot be made compatible with
  50. the existing ecdsa-sha2-nistp* key types.
  51. The format of a sk-ecdsa-sha2-nistp256@openssh.com public key is:
  52. string "sk-ecdsa-sha2-nistp256@openssh.com"
  53. string curve name
  54. ec_point Q
  55. string application (user-specified, but typically "ssh:")
  56. The corresponding private key contains:
  57. string "sk-ecdsa-sha2-nistp256@openssh.com"
  58. string curve name
  59. ec_point Q
  60. string application (user-specified, but typically "ssh:")
  61. uint8 flags
  62. string key_handle
  63. string reserved
  64. The format of a sk-ssh-ed25519@openssh.com public key is:
  65. string "sk-ssh-ed25519@openssh.com"
  66. string public key
  67. string application (user-specified, but typically "ssh:")
  68. With a private half consisting of:
  69. string "sk-ssh-ed25519@openssh.com"
  70. string public key
  71. string application (user-specified, but typically "ssh:")
  72. uint8 flags
  73. string key_handle
  74. string reserved
  75. The certificate form for SSH U2F keys appends the usual certificate
  76. information to the public key:
  77. string "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
  78. string nonce
  79. string curve name
  80. ec_point Q
  81. string application
  82. uint64 serial
  83. uint32 type
  84. string key id
  85. string valid principals
  86. uint64 valid after
  87. uint64 valid before
  88. string critical options
  89. string extensions
  90. string reserved
  91. string signature key
  92. string signature
  93. and for security key ed25519 certificates:
  94. string "sk-ssh-ed25519-cert-v01@openssh.com"
  95. string nonce
  96. string public key
  97. string application
  98. uint64 serial
  99. uint32 type
  100. string key id
  101. string valid principals
  102. uint64 valid after
  103. uint64 valid before
  104. string critical options
  105. string extensions
  106. string reserved
  107. string signature key
  108. string signature
  109. Both security key certificates use the following encoding for private keys:
  110. string type (e.g. "sk-ssh-ed25519-cert-v01@openssh.com")
  111. string pubkey (the above key/cert structure)
  112. string application
  113. uint8 flags
  114. string key_handle
  115. string reserved
  116. During key generation, the hardware also returns attestation information
  117. that may be used to cryptographically prove that a given key is
  118. hardware-backed. Unfortunately, the protocol required for this proof is
  119. not privacy-preserving and may be used to identify U2F tokens with at
  120. least manufacturer and batch number granularity. For this reason, we
  121. choose not to include this information in the public key or save it by
  122. default.
  123. Attestation information is useful for out-of-band key and certificate
  124. registration workflows, e.g. proving to a CA that a key is backed
  125. by trusted hardware before it will issue a certificate. To support this
  126. case, OpenSSH optionally allows retaining the attestation information
  127. at the time of key generation. It will take the following format:
  128. string "ssh-sk-attest-v01"
  129. string attestation certificate
  130. string enrollment signature
  131. string authenticator data (CBOR encoded)
  132. uint32 reserved flags
  133. string reserved string
  134. A previous version of this format, emitted prior to OpenSSH 8.4 omitted
  135. the authenticator data.
  136. string "ssh-sk-attest-v00"
  137. string attestation certificate
  138. string enrollment signature
  139. uint32 reserved flags
  140. string reserved string
  141. OpenSSH treats the attestation certificate and enrollment signatures as
  142. opaque objects and does no interpretation of them itself.
  143. SSH U2F signatures
  144. ------------------
  145. In addition to the message to be signed, the U2F signature operation
  146. requires the key handle and a few additional parameters. The signature
  147. is signed over a blob that consists of:
  148. byte[32] SHA256(application)
  149. byte flags (including "user present", extensions present)
  150. uint32 counter
  151. byte[] extensions
  152. byte[32] SHA256(message)
  153. No extensions are yet defined for SSH use. If any are defined in the future,
  154. it will be possible to infer their presence from the contents of the "flags"
  155. value.
  156. The signature returned from U2F hardware takes the following format:
  157. byte flags (including "user present")
  158. uint32 counter
  159. byte[] ecdsa_signature (in X9.62 format).
  160. For use in the SSH protocol, we wish to avoid server-side parsing of ASN.1
  161. format data in the pre-authentication attack surface. Therefore, the
  162. signature format used on the wire in SSH2_USERAUTH_REQUEST packets will
  163. be reformatted to better match the existing signature encoding:
  164. string "sk-ecdsa-sha2-nistp256@openssh.com"
  165. string ecdsa_signature
  166. byte flags
  167. uint32 counter
  168. Where the "ecdsa_signature" field follows the RFC5656 ECDSA signature
  169. encoding:
  170. mpint r
  171. mpint s
  172. For Ed25519 keys the signature is encoded as:
  173. string "sk-ssh-ed25519@openssh.com"
  174. string signature
  175. byte flags
  176. uint32 counter
  177. webauthn signatures
  178. -------------------
  179. The W3C/FIDO webauthn[1] standard defines a mechanism for a web browser to
  180. interact with FIDO authentication tokens. This standard builds upon the
  181. FIDO standards, but requires different signature contents to raw FIDO
  182. messages. OpenSSH supports ECDSA/p256 webauthn signatures through the
  183. "webauthn-sk-ecdsa-sha2-nistp256@openssh.com" signature algorithm.
  184. The wire encoding for a webauthn-sk-ecdsa-sha2-nistp256@openssh.com
  185. signature is similar to the sk-ecdsa-sha2-nistp256@openssh.com format:
  186. string "webauthn-sk-ecdsa-sha2-nistp256@openssh.com"
  187. string ecdsa_signature
  188. byte flags
  189. uint32 counter
  190. string origin
  191. string clientData
  192. string extensions
  193. Where "origin" is the HTTP origin making the signature, "clientData" is
  194. the JSON-like structure signed by the browser and "extensions" are any
  195. extensions used in making the signature.
  196. [1] https://www.w3.org/TR/webauthn-2/
  197. ssh-agent protocol extensions
  198. -----------------------------
  199. ssh-agent requires a protocol extension to support U2F keys. At
  200. present the closest analogue to Security Keys in ssh-agent are PKCS#11
  201. tokens, insofar as they require a middleware library to communicate with
  202. the device that holds the keys. Unfortunately, the protocol message used
  203. to add PKCS#11 keys to ssh-agent does not include any way to send the
  204. key handle to the agent as U2F keys require.
  205. To avoid this, without having to add wholly new messages to the agent
  206. protocol, we will use the existing SSH2_AGENTC_ADD_ID_CONSTRAINED message
  207. with a new key constraint extension to encode a path to the middleware
  208. library for the key. The format of this constraint extension would be:
  209. byte SSH_AGENT_CONSTRAIN_EXTENSION
  210. string sk-provider@openssh.com
  211. string middleware path
  212. This constraint-based approach does not present any compatibility
  213. problems.
  214. OpenSSH integration
  215. -------------------
  216. U2F tokens may be attached via a number of means, including USB and NFC.
  217. The USB interface is standardised around a HID protocol, but we want to
  218. be able to support other transports as well as dummy implementations for
  219. regress testing. For this reason, OpenSSH shall support a dynamically-
  220. loaded middleware libraries to communicate with security keys, but offer
  221. support for the common case of USB HID security keys internally.
  222. The middleware library need only expose a handful of functions and
  223. numbers listed in sk-api.h. Included in the defined numbers is a
  224. SSH_SK_VERSION_MAJOR that should be incremented for each incompatible
  225. API change.
  226. miscellaneous options may be passed to the middleware as a NULL-
  227. terminated array of pointers to struct sk_option. The middleware may
  228. ignore unsupported or unknown options unless the "required" flag is set,
  229. in which case it should return failure if an unsupported option is
  230. requested.
  231. At present the following options names are supported:
  232. "device"
  233. Specifies a specific FIDO device on which to perform the
  234. operation. The value in this field is interpreted by the
  235. middleware but it would be typical to specify a path to
  236. a /dev node for the device in question.
  237. "user"
  238. Specifies the FIDO2 username used when enrolling a key,
  239. overriding OpenSSH's default of using an all-zero username.
  240. In OpenSSH, the middleware will be invoked by using a similar mechanism to
  241. ssh-pkcs11-helper to provide address-space containment of the
  242. middleware from ssh-agent.
  243. $OpenBSD: PROTOCOL.u2f,v 1.26 2020/09/09 03:08:01 djm Exp $