Summary: | Teach contrib/libfido2 to talk to hidraw(4) devices | ||||||
---|---|---|---|---|---|---|---|
Product: | Base System | Reporter: | David Horn <dhorn2000> | ||||
Component: | usb | Assignee: | Ed Maste <emaste> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Some People | CC: | dhorn2000, emaste | ||||
Priority: | --- | Flags: | dhorn2000:
mfc-stable12?
|
||||
Version: | CURRENT | ||||||
Hardware: | amd64 | ||||||
OS: | Any | ||||||
Bug Depends on: | |||||||
Bug Blocks: | 271607 | ||||||
Attachments: |
|
Description
David Horn
2023-09-06 12:03:57 UTC
For those that find this issue in the future, or are impacted by a different codebase there is a temporary workaround that I found to pass in an explicit device to the necessary ssh command using the `-O device=/dev/hidrawXX` syntax. e.g.: ssh-keygen -v -K -O device=/dev/hidraw3 Using the -v (verbose) flag give much better error messages. There are also instructions for enabling Yubikey hidraw(4) support in the port security/py-yubikey-manager `pkg-message` file for reference. libfido2 1.13 is imported in a vendor branch already, but still needs to be merged to main (and MFC'd). It should be pretty straightforward and I expect to do it soon. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=1843dfb05ed80149f5a412180af882e3cb8f451b commit 1843dfb05ed80149f5a412180af882e3cb8f451b Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 16:50:13 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-19 16:53:47 +0000 libfido2: backport hidraw(4) support PR: 273596 Submitted by: David Horn Obtained from: libfido2 2c9dfaae2a56, 930160388700 contrib/libfido2/src/hid_freebsd.c | 97 ++++++++++++++++++++++++++++++++++---- 1 file changed, 87 insertions(+), 10 deletions(-) A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=2ccfa855b2fc331819953e3de1b1c15ce5b95a7e commit 2ccfa855b2fc331819953e3de1b1c15ce5b95a7e Merge: 1843dfb05ed8 00db45a65823 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 17:06:12 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-19 17:06:12 +0000 libfido2: update to 1.13.0 Some highlights from NEWS entries: ** Improved OpenSSL 3.0 compatibility. ** Support for hidraw(4) on FreeBSD; gh#597. ** Improved support for FIDO 2.1 authenticators. PR: 273596 Relnotes: Yes Sponsored by: The FreeBSD Foundation contrib/libfido2/CMakeLists.txt | 142 ++++++-- contrib/libfido2/LICENSE | 4 +- contrib/libfido2/NEWS | 41 +++ contrib/libfido2/README.adoc | 114 ++++-- contrib/libfido2/examples/CMakeLists.txt | 12 +- contrib/libfido2/examples/README.adoc | 17 +- contrib/libfido2/examples/assert.c | 33 +- contrib/libfido2/examples/cred.c | 29 +- contrib/libfido2/examples/extern.h | 8 +- contrib/libfido2/examples/info.c | 101 +++++- contrib/libfido2/examples/manifest.c | 1 + contrib/libfido2/examples/reset.c | 1 + contrib/libfido2/examples/retries.c | 3 +- contrib/libfido2/examples/select.c | 5 +- contrib/libfido2/examples/setpin.c | 3 +- contrib/libfido2/examples/util.c | 65 +++- contrib/libfido2/fuzz/CMakeLists.txt | 55 ++- contrib/libfido2/fuzz/Dockerfile | 22 +- contrib/libfido2/fuzz/Makefile | 35 +- contrib/libfido2/fuzz/README | 22 +- contrib/libfido2/fuzz/build-coverage | 7 +- contrib/libfido2/fuzz/clock.c | 1 + contrib/libfido2/fuzz/dummy.h | 5 +- contrib/libfido2/fuzz/export.gnu | 32 +- contrib/libfido2/fuzz/functions.txt | 404 ++++++++++++--------- contrib/libfido2/fuzz/fuzz_assert.c | 43 ++- contrib/libfido2/fuzz/fuzz_bio.c | 5 +- contrib/libfido2/fuzz/fuzz_cred.c | 10 +- contrib/libfido2/fuzz/fuzz_credman.c | 5 +- contrib/libfido2/fuzz/fuzz_hid.c | 5 +- contrib/libfido2/fuzz/fuzz_largeblob.c | 5 +- contrib/libfido2/fuzz/fuzz_mgmt.c | 34 +- contrib/libfido2/fuzz/fuzz_netlink.c | 5 +- contrib/libfido2/fuzz/fuzz_pcsc.c (new) | 269 ++++++++++++++ contrib/libfido2/fuzz/libfuzzer.c | 61 +++- contrib/libfido2/fuzz/mutator_aux.c | 21 +- contrib/libfido2/fuzz/mutator_aux.h | 22 +- contrib/libfido2/fuzz/pcsc.c (new) | 153 ++++++++ contrib/libfido2/fuzz/preload-fuzz.c | 1 + contrib/libfido2/fuzz/preload-snoop.c | 1 + contrib/libfido2/fuzz/report.tgz | Bin 323706 -> 357005 bytes contrib/libfido2/fuzz/summary.txt | 77 ++-- contrib/libfido2/fuzz/udev.c | 3 +- contrib/libfido2/fuzz/wiredata_fido2.h | 77 +++- contrib/libfido2/fuzz/wiredata_u2f.h | 1 + contrib/libfido2/fuzz/wrap.c | 67 +++- contrib/libfido2/fuzz/wrapped.sym | 10 + contrib/libfido2/man/CMakeLists.txt | 53 ++- contrib/libfido2/man/check.sh | 1 + contrib/libfido2/man/eddsa_pk_new.3 | 32 +- contrib/libfido2/man/es256_pk_new.3 | 32 +- contrib/libfido2/man/es384_pk_new.3 (new) | 164 +++++++++ contrib/libfido2/man/fido2-assert.1 | 27 +- contrib/libfido2/man/fido2-cred.1 | 27 +- contrib/libfido2/man/fido2-token.1 | 51 ++- contrib/libfido2/man/fido_assert_allow_cred.3 | 45 ++- contrib/libfido2/man/fido_assert_new.3 | 37 +- contrib/libfido2/man/fido_assert_set_authdata.3 | 33 +- contrib/libfido2/man/fido_assert_verify.3 | 33 +- contrib/libfido2/man/fido_bio_dev_get_info.3 | 27 +- contrib/libfido2/man/fido_bio_enroll_new.3 | 27 +- contrib/libfido2/man/fido_bio_info_new.3 | 27 +- contrib/libfido2/man/fido_bio_template.3 | 27 +- contrib/libfido2/man/fido_cbor_info_new.3 | 169 ++++++++- contrib/libfido2/man/fido_cred_exclude.3 | 45 ++- contrib/libfido2/man/fido_cred_new.3 | 29 +- contrib/libfido2/man/fido_cred_set_authdata.3 | 46 ++- contrib/libfido2/man/fido_cred_verify.3 | 27 +- contrib/libfido2/man/fido_credman_metadata_new.3 | 27 +- contrib/libfido2/man/fido_dev_enable_entattest.3 | 38 +- contrib/libfido2/man/fido_dev_get_assert.3 | 27 +- contrib/libfido2/man/fido_dev_get_touch_begin.3 | 27 +- contrib/libfido2/man/fido_dev_info_manifest.3 | 31 +- contrib/libfido2/man/fido_dev_largeblob_get.3 | 34 +- contrib/libfido2/man/fido_dev_make_cred.3 | 27 +- contrib/libfido2/man/fido_dev_open.3 | 27 +- contrib/libfido2/man/fido_dev_set_io_functions.3 | 27 +- contrib/libfido2/man/fido_dev_set_pin.3 | 29 +- contrib/libfido2/man/fido_init.3 | 27 +- contrib/libfido2/man/fido_strerr.3 | 27 +- contrib/libfido2/man/rs256_pk_new.3 | 32 +- .../libfido2/openbsd-compat/bsd-asprintf.c (new) | 88 +++++ contrib/libfido2/openbsd-compat/clock_gettime.c | 1 + contrib/libfido2/openbsd-compat/endian_win32.c | 1 + contrib/libfido2/openbsd-compat/openbsd-compat.h | 5 + contrib/libfido2/regress/CMakeLists.txt | 57 ++- contrib/libfido2/regress/assert.c | 14 +- contrib/libfido2/regress/compress.c (new) | 268 ++++++++++++++ contrib/libfido2/regress/cred.c | 15 +- contrib/libfido2/regress/dev.c | 43 ++- contrib/libfido2/regress/eddsa.c (new) | 159 ++++++++ contrib/libfido2/regress/es256.c (new) | 199 ++++++++++ contrib/libfido2/regress/es384.c (new) | 213 +++++++++++ contrib/libfido2/regress/rs256.c (new) | 201 ++++++++++ contrib/libfido2/src/CMakeLists.txt | 31 +- contrib/libfido2/src/aes256.c | 1 + contrib/libfido2/src/assert.c | 206 +++++++---- contrib/libfido2/src/authkey.c | 26 +- contrib/libfido2/src/bio.c | 116 ++++-- contrib/libfido2/src/blob.c | 1 + contrib/libfido2/src/blob.h | 1 + contrib/libfido2/src/buf.c | 1 + contrib/libfido2/src/cbor.c | 52 ++- contrib/libfido2/src/compress.c | 145 +++++++- contrib/libfido2/src/config.c | 28 +- contrib/libfido2/src/cred.c | 45 ++- contrib/libfido2/src/credman.c | 162 ++++++--- contrib/libfido2/src/dev.c | 229 ++---------- contrib/libfido2/src/diff_exports.sh | 1 + contrib/libfido2/src/ecdh.c | 1 + contrib/libfido2/src/eddsa.c | 14 +- contrib/libfido2/src/err.c | 1 + contrib/libfido2/src/es256.c | 66 +++- contrib/libfido2/src/es384.c (new) | 296 +++++++++++++++ contrib/libfido2/src/export.gnu | 22 +- contrib/libfido2/src/export.llvm | 22 +- contrib/libfido2/src/export.msvc | 22 +- contrib/libfido2/src/extern.h | 30 +- contrib/libfido2/src/fallthrough.h (new) | 21 ++ contrib/libfido2/src/fido.h | 46 ++- contrib/libfido2/src/fido/bio.h | 26 +- contrib/libfido2/src/fido/config.h | 26 +- contrib/libfido2/src/fido/credman.h | 26 +- contrib/libfido2/src/fido/eddsa.h | 28 +- contrib/libfido2/src/fido/err.h | 26 +- contrib/libfido2/src/fido/es256.h | 26 +- contrib/libfido2/src/fido/es384.h (new) | 59 +++ contrib/libfido2/src/fido/param.h | 57 ++- contrib/libfido2/src/fido/rs256.h | 26 +- contrib/libfido2/src/fido/types.h | 78 +++- contrib/libfido2/src/hid.c | 1 + contrib/libfido2/src/hid_freebsd.c | 1 + contrib/libfido2/src/hid_hidapi.c | 13 +- contrib/libfido2/src/hid_linux.c | 50 ++- contrib/libfido2/src/hid_netbsd.c | 1 + contrib/libfido2/src/hid_openbsd.c | 101 +++--- contrib/libfido2/src/hid_osx.c | 26 +- contrib/libfido2/src/hid_unix.c | 1 + contrib/libfido2/src/hid_win.c | 5 +- contrib/libfido2/src/info.c | 171 ++++++++- contrib/libfido2/src/io.c | 26 +- contrib/libfido2/src/iso7816.c | 1 + contrib/libfido2/src/iso7816.h | 1 + contrib/libfido2/src/largeblob.c | 34 +- contrib/libfido2/src/log.c | 1 + contrib/libfido2/src/netlink.c | 1 + contrib/libfido2/src/netlink.h | 1 + contrib/libfido2/src/nfc.c (new) | 350 ++++++++++++++++++ contrib/libfido2/src/nfc_linux.c | 387 +++----------------- contrib/libfido2/src/packed.h | 1 + contrib/libfido2/src/pcsc.c (new) | 394 ++++++++++++++++++++ contrib/libfido2/src/pin.c | 77 ++-- contrib/libfido2/src/random.c | 1 + contrib/libfido2/src/reset.c | 1 + contrib/libfido2/src/rs1.c | 3 +- contrib/libfido2/src/rs256.c | 29 +- contrib/libfido2/src/time.c | 1 + contrib/libfido2/src/touch.c (new) | 109 ++++++ contrib/libfido2/src/tpm.c | 3 +- contrib/libfido2/src/types.c | 17 +- contrib/libfido2/src/u2f.c | 93 +++-- contrib/libfido2/src/util.c (new) | 31 ++ contrib/libfido2/src/webauthn.h | 75 +++- contrib/libfido2/src/winhello.c | 122 +++++-- contrib/libfido2/tools/CMakeLists.txt | 12 +- contrib/libfido2/tools/assert_get.c | 7 +- contrib/libfido2/tools/assert_verify.c | 30 +- contrib/libfido2/tools/base64.c | 1 + contrib/libfido2/tools/bio.c | 1 + contrib/libfido2/tools/config.c | 1 + contrib/libfido2/tools/cred_make.c | 7 +- contrib/libfido2/tools/cred_verify.c | 1 + contrib/libfido2/tools/credman.c | 1 + contrib/libfido2/tools/extern.h | 4 +- contrib/libfido2/tools/fido2-assert.c | 1 + contrib/libfido2/tools/fido2-attach.sh | 1 + contrib/libfido2/tools/fido2-cred.c | 1 + contrib/libfido2/tools/fido2-detach.sh | 1 + contrib/libfido2/tools/fido2-token.c | 1 + contrib/libfido2/tools/fido2-unprot.sh | 1 + contrib/libfido2/tools/include_check.sh | 1 + contrib/libfido2/tools/largeblob.c | 59 ++- contrib/libfido2/tools/pin.c | 26 +- contrib/libfido2/tools/test.sh | 46 ++- contrib/libfido2/tools/token.c | 159 +++++++- contrib/libfido2/tools/util.c | 70 +++- contrib/libfido2/udev/70-u2f.rules | 39 +- contrib/libfido2/udev/CMakeLists.txt | 1 + contrib/libfido2/udev/check.sh | 1 + contrib/libfido2/udev/fidodevs | 3 + contrib/libfido2/udev/genrules.awk | 32 +- contrib/libfido2/windows/build.ps1 | 32 +- contrib/libfido2/windows/const.ps1 | 14 +- contrib/libfido2/windows/cygwin.ps1 | 2 + contrib/libfido2/windows/release.ps1 | 30 +- lib/libfido2/Makefile | 6 +- 196 files changed, 7592 insertions(+), 1733 deletions(-) I split the update into two parts so that we can decide for 14.0 whether to cherry-pick just the hid_freebsd.c change or the whole update to 1.13.0. I will merge both of these to stable/14 soon. Any testing or feedback you can provide is greatly appreciated. I am staging a fresh build for 15-CURRENT amd64 test now. Will also test after MFC to stable/14. I will try an aarch64 via QEMU test once a 14BETA/RC or snapshot ISO is available since I'm not setup for cross-compile at the moment on my test machine. Will report back once some tests are complete. Thanks for the commit. I am now successfully using the updated version of libfido2 on -CURRENT with the base OpenSSH_9.4p1, OpenSSL 3.0.10 1 Aug 2023. FreeBSD freebsd14 15.0-CURRENT FreeBSD 15.0-CURRENT #3 main-n265425-2a78083fc2a1: Wed Sep 20 07:13:42 EDT 2023 root@freebsd14:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 Original failcase of using `ssh-keygen -K` to extract FIDO keys from a hidraw(4) usb device now works seemlessly. If other are interested in testing OpenSSH's SK Support with hidraw device kldload hidraw sysctl hw.usb.usbhid.enable="1" remove and re-insert FIDO USB device This should result in console demesg output with the new usb device names (/dev/hidraw0 and /dev/hidraw1) Perform any OpenSSH action that requires access to SK (FIDO) device on /dev/hidrawX. e.g.: ssh-keygen -v -K Should now work properly. If you have not done this before, test as root, then install the u2f-devd package to allow users in the 'u2f' group to access u2f/FIDO devices without being root. Will re-test amd64/aarch64 after MFC to stable/14. Only thing that I make look into in the mean time is if we can easily add any unit tests to cover this functionality. A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3df74eecfdecbafe55838b45141c275754d526bb commit 3df74eecfdecbafe55838b45141c275754d526bb Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 16:50:13 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-22 11:03:35 +0000 libfido2: backport hidraw(4) support PR: 273596 Submitted by: David Horn Obtained from: libfido2 2c9dfaae2a56, 930160388700 (cherry picked from commit 1843dfb05ed80149f5a412180af882e3cb8f451b) contrib/libfido2/src/hid_freebsd.c | 97 ++++++++++++++++++++++++++++++++++---- 1 file changed, 87 insertions(+), 10 deletions(-) A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=5bfbde817cdedbd7309c38a361cd1211bdcdd70e commit 5bfbde817cdedbd7309c38a361cd1211bdcdd70e Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 17:06:12 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-22 11:03:36 +0000 libfido2: update to 1.13.0 Some highlights from NEWS entries: ** Improved OpenSSL 3.0 compatibility. ** Support for hidraw(4) on FreeBSD; gh#597. ** Improved support for FIDO 2.1 authenticators. PR: 273596 Relnotes: Yes Sponsored by: The FreeBSD Foundation (cherry picked from commit 2ccfa855b2fc331819953e3de1b1c15ce5b95a7e) contrib/libfido2/CMakeLists.txt | 142 ++++++-- contrib/libfido2/LICENSE | 4 +- contrib/libfido2/NEWS | 41 +++ contrib/libfido2/README.adoc | 114 ++++-- contrib/libfido2/examples/CMakeLists.txt | 12 +- contrib/libfido2/examples/README.adoc | 17 +- contrib/libfido2/examples/assert.c | 33 +- contrib/libfido2/examples/cred.c | 29 +- contrib/libfido2/examples/extern.h | 8 +- contrib/libfido2/examples/info.c | 101 +++++- contrib/libfido2/examples/manifest.c | 1 + contrib/libfido2/examples/reset.c | 1 + contrib/libfido2/examples/retries.c | 3 +- contrib/libfido2/examples/select.c | 5 +- contrib/libfido2/examples/setpin.c | 3 +- contrib/libfido2/examples/util.c | 65 +++- contrib/libfido2/fuzz/CMakeLists.txt | 55 ++- contrib/libfido2/fuzz/Dockerfile | 22 +- contrib/libfido2/fuzz/Makefile | 35 +- contrib/libfido2/fuzz/README | 22 +- contrib/libfido2/fuzz/build-coverage | 7 +- contrib/libfido2/fuzz/clock.c | 1 + contrib/libfido2/fuzz/dummy.h | 5 +- contrib/libfido2/fuzz/export.gnu | 32 +- contrib/libfido2/fuzz/functions.txt | 404 ++++++++++++--------- contrib/libfido2/fuzz/fuzz_assert.c | 43 ++- contrib/libfido2/fuzz/fuzz_bio.c | 5 +- contrib/libfido2/fuzz/fuzz_cred.c | 10 +- contrib/libfido2/fuzz/fuzz_credman.c | 5 +- contrib/libfido2/fuzz/fuzz_hid.c | 5 +- contrib/libfido2/fuzz/fuzz_largeblob.c | 5 +- contrib/libfido2/fuzz/fuzz_mgmt.c | 34 +- contrib/libfido2/fuzz/fuzz_netlink.c | 5 +- contrib/libfido2/fuzz/fuzz_pcsc.c (new) | 269 ++++++++++++++ contrib/libfido2/fuzz/libfuzzer.c | 61 +++- contrib/libfido2/fuzz/mutator_aux.c | 21 +- contrib/libfido2/fuzz/mutator_aux.h | 22 +- contrib/libfido2/fuzz/pcsc.c (new) | 153 ++++++++ contrib/libfido2/fuzz/preload-fuzz.c | 1 + contrib/libfido2/fuzz/preload-snoop.c | 1 + contrib/libfido2/fuzz/report.tgz | Bin 323706 -> 357005 bytes contrib/libfido2/fuzz/summary.txt | 77 ++-- contrib/libfido2/fuzz/udev.c | 3 +- contrib/libfido2/fuzz/wiredata_fido2.h | 77 +++- contrib/libfido2/fuzz/wiredata_u2f.h | 1 + contrib/libfido2/fuzz/wrap.c | 67 +++- contrib/libfido2/fuzz/wrapped.sym | 10 + contrib/libfido2/man/CMakeLists.txt | 53 ++- contrib/libfido2/man/check.sh | 1 + contrib/libfido2/man/eddsa_pk_new.3 | 32 +- contrib/libfido2/man/es256_pk_new.3 | 32 +- contrib/libfido2/man/es384_pk_new.3 (new) | 164 +++++++++ contrib/libfido2/man/fido2-assert.1 | 27 +- contrib/libfido2/man/fido2-cred.1 | 27 +- contrib/libfido2/man/fido2-token.1 | 51 ++- contrib/libfido2/man/fido_assert_allow_cred.3 | 45 ++- contrib/libfido2/man/fido_assert_new.3 | 37 +- contrib/libfido2/man/fido_assert_set_authdata.3 | 33 +- contrib/libfido2/man/fido_assert_verify.3 | 33 +- contrib/libfido2/man/fido_bio_dev_get_info.3 | 27 +- contrib/libfido2/man/fido_bio_enroll_new.3 | 27 +- contrib/libfido2/man/fido_bio_info_new.3 | 27 +- contrib/libfido2/man/fido_bio_template.3 | 27 +- contrib/libfido2/man/fido_cbor_info_new.3 | 169 ++++++++- contrib/libfido2/man/fido_cred_exclude.3 | 45 ++- contrib/libfido2/man/fido_cred_new.3 | 29 +- contrib/libfido2/man/fido_cred_set_authdata.3 | 46 ++- contrib/libfido2/man/fido_cred_verify.3 | 27 +- contrib/libfido2/man/fido_credman_metadata_new.3 | 27 +- contrib/libfido2/man/fido_dev_enable_entattest.3 | 38 +- contrib/libfido2/man/fido_dev_get_assert.3 | 27 +- contrib/libfido2/man/fido_dev_get_touch_begin.3 | 27 +- contrib/libfido2/man/fido_dev_info_manifest.3 | 31 +- contrib/libfido2/man/fido_dev_largeblob_get.3 | 34 +- contrib/libfido2/man/fido_dev_make_cred.3 | 27 +- contrib/libfido2/man/fido_dev_open.3 | 27 +- contrib/libfido2/man/fido_dev_set_io_functions.3 | 27 +- contrib/libfido2/man/fido_dev_set_pin.3 | 29 +- contrib/libfido2/man/fido_init.3 | 27 +- contrib/libfido2/man/fido_strerr.3 | 27 +- contrib/libfido2/man/rs256_pk_new.3 | 32 +- .../libfido2/openbsd-compat/bsd-asprintf.c (new) | 88 +++++ contrib/libfido2/openbsd-compat/clock_gettime.c | 1 + contrib/libfido2/openbsd-compat/endian_win32.c | 1 + contrib/libfido2/openbsd-compat/openbsd-compat.h | 5 + contrib/libfido2/regress/CMakeLists.txt | 57 ++- contrib/libfido2/regress/assert.c | 14 +- contrib/libfido2/regress/compress.c (new) | 268 ++++++++++++++ contrib/libfido2/regress/cred.c | 15 +- contrib/libfido2/regress/dev.c | 43 ++- contrib/libfido2/regress/eddsa.c (new) | 159 ++++++++ contrib/libfido2/regress/es256.c (new) | 199 ++++++++++ contrib/libfido2/regress/es384.c (new) | 213 +++++++++++ contrib/libfido2/regress/rs256.c (new) | 201 ++++++++++ contrib/libfido2/src/CMakeLists.txt | 31 +- contrib/libfido2/src/aes256.c | 1 + contrib/libfido2/src/assert.c | 206 +++++++---- contrib/libfido2/src/authkey.c | 26 +- contrib/libfido2/src/bio.c | 116 ++++-- contrib/libfido2/src/blob.c | 1 + contrib/libfido2/src/blob.h | 1 + contrib/libfido2/src/buf.c | 1 + contrib/libfido2/src/cbor.c | 52 ++- contrib/libfido2/src/compress.c | 145 +++++++- contrib/libfido2/src/config.c | 28 +- contrib/libfido2/src/cred.c | 45 ++- contrib/libfido2/src/credman.c | 162 ++++++--- contrib/libfido2/src/dev.c | 229 ++---------- contrib/libfido2/src/diff_exports.sh | 1 + contrib/libfido2/src/ecdh.c | 1 + contrib/libfido2/src/eddsa.c | 14 +- contrib/libfido2/src/err.c | 1 + contrib/libfido2/src/es256.c | 66 +++- contrib/libfido2/src/es384.c (new) | 296 +++++++++++++++ contrib/libfido2/src/export.gnu | 22 +- contrib/libfido2/src/export.llvm | 22 +- contrib/libfido2/src/export.msvc | 22 +- contrib/libfido2/src/extern.h | 30 +- contrib/libfido2/src/fallthrough.h (new) | 21 ++ contrib/libfido2/src/fido.h | 46 ++- contrib/libfido2/src/fido/bio.h | 26 +- contrib/libfido2/src/fido/config.h | 26 +- contrib/libfido2/src/fido/credman.h | 26 +- contrib/libfido2/src/fido/eddsa.h | 28 +- contrib/libfido2/src/fido/err.h | 26 +- contrib/libfido2/src/fido/es256.h | 26 +- contrib/libfido2/src/fido/es384.h (new) | 59 +++ contrib/libfido2/src/fido/param.h | 57 ++- contrib/libfido2/src/fido/rs256.h | 26 +- contrib/libfido2/src/fido/types.h | 78 +++- contrib/libfido2/src/hid.c | 1 + contrib/libfido2/src/hid_freebsd.c | 1 + contrib/libfido2/src/hid_hidapi.c | 13 +- contrib/libfido2/src/hid_linux.c | 50 ++- contrib/libfido2/src/hid_netbsd.c | 1 + contrib/libfido2/src/hid_openbsd.c | 101 +++--- contrib/libfido2/src/hid_osx.c | 26 +- contrib/libfido2/src/hid_unix.c | 1 + contrib/libfido2/src/hid_win.c | 5 +- contrib/libfido2/src/info.c | 171 ++++++++- contrib/libfido2/src/io.c | 26 +- contrib/libfido2/src/iso7816.c | 1 + contrib/libfido2/src/iso7816.h | 1 + contrib/libfido2/src/largeblob.c | 34 +- contrib/libfido2/src/log.c | 1 + contrib/libfido2/src/netlink.c | 1 + contrib/libfido2/src/netlink.h | 1 + contrib/libfido2/src/nfc.c (new) | 350 ++++++++++++++++++ contrib/libfido2/src/nfc_linux.c | 387 +++----------------- contrib/libfido2/src/packed.h | 1 + contrib/libfido2/src/pcsc.c (new) | 394 ++++++++++++++++++++ contrib/libfido2/src/pin.c | 77 ++-- contrib/libfido2/src/random.c | 1 + contrib/libfido2/src/reset.c | 1 + contrib/libfido2/src/rs1.c | 3 +- contrib/libfido2/src/rs256.c | 29 +- contrib/libfido2/src/time.c | 1 + contrib/libfido2/src/touch.c (new) | 109 ++++++ contrib/libfido2/src/tpm.c | 3 +- contrib/libfido2/src/types.c | 17 +- contrib/libfido2/src/u2f.c | 93 +++-- contrib/libfido2/src/util.c (new) | 31 ++ contrib/libfido2/src/webauthn.h | 75 +++- contrib/libfido2/src/winhello.c | 122 +++++-- contrib/libfido2/tools/CMakeLists.txt | 12 +- contrib/libfido2/tools/assert_get.c | 7 +- contrib/libfido2/tools/assert_verify.c | 30 +- contrib/libfido2/tools/base64.c | 1 + contrib/libfido2/tools/bio.c | 1 + contrib/libfido2/tools/config.c | 1 + contrib/libfido2/tools/cred_make.c | 7 +- contrib/libfido2/tools/cred_verify.c | 1 + contrib/libfido2/tools/credman.c | 1 + contrib/libfido2/tools/extern.h | 4 +- contrib/libfido2/tools/fido2-assert.c | 1 + contrib/libfido2/tools/fido2-attach.sh | 1 + contrib/libfido2/tools/fido2-cred.c | 1 + contrib/libfido2/tools/fido2-detach.sh | 1 + contrib/libfido2/tools/fido2-token.c | 1 + contrib/libfido2/tools/fido2-unprot.sh | 1 + contrib/libfido2/tools/include_check.sh | 1 + contrib/libfido2/tools/largeblob.c | 59 ++- contrib/libfido2/tools/pin.c | 26 +- contrib/libfido2/tools/test.sh | 46 ++- contrib/libfido2/tools/token.c | 159 +++++++- contrib/libfido2/tools/util.c | 70 +++- contrib/libfido2/udev/70-u2f.rules | 39 +- contrib/libfido2/udev/CMakeLists.txt | 1 + contrib/libfido2/udev/check.sh | 1 + contrib/libfido2/udev/fidodevs | 3 + contrib/libfido2/udev/genrules.awk | 32 +- contrib/libfido2/windows/build.ps1 | 32 +- contrib/libfido2/windows/const.ps1 | 14 +- contrib/libfido2/windows/cygwin.ps1 | 2 + contrib/libfido2/windows/release.ps1 | 30 +- lib/libfido2/Makefile | 6 +- 196 files changed, 7592 insertions(+), 1733 deletions(-) A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3e85eb3c5ef0c08ae3a7db543d72713c365ca3a4 commit 3e85eb3c5ef0c08ae3a7db543d72713c365ca3a4 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 16:50:13 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-22 11:07:25 +0000 libfido2: backport hidraw(4) support PR: 273596 Submitted by: David Horn Obtained from: libfido2 2c9dfaae2a56, 930160388700 (cherry picked from commit 1843dfb05ed80149f5a412180af882e3cb8f451b) (cherry picked from commit 3df74eecfdecbafe55838b45141c275754d526bb) contrib/libfido2/src/hid_freebsd.c | 97 ++++++++++++++++++++++++++++++++++---- 1 file changed, 87 insertions(+), 10 deletions(-) A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=d79e0d1735e3e68aee782cc676dea99c71cdbbfb commit d79e0d1735e3e68aee782cc676dea99c71cdbbfb Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 17:06:12 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-22 11:07:25 +0000 libfido2: update to 1.13.0 Some highlights from NEWS entries: ** Improved OpenSSL 3.0 compatibility. ** Support for hidraw(4) on FreeBSD; gh#597. ** Improved support for FIDO 2.1 authenticators. PR: 273596 Relnotes: Yes Sponsored by: The FreeBSD Foundation (cherry picked from commit 2ccfa855b2fc331819953e3de1b1c15ce5b95a7e) (cherry picked from commit 5bfbde817cdedbd7309c38a361cd1211bdcdd70e) contrib/libfido2/CMakeLists.txt | 142 ++++++-- contrib/libfido2/LICENSE | 4 +- contrib/libfido2/NEWS | 41 +++ contrib/libfido2/README.adoc | 114 ++++-- contrib/libfido2/examples/CMakeLists.txt | 12 +- contrib/libfido2/examples/README.adoc | 17 +- contrib/libfido2/examples/assert.c | 33 +- contrib/libfido2/examples/cred.c | 29 +- contrib/libfido2/examples/extern.h | 8 +- contrib/libfido2/examples/info.c | 101 +++++- contrib/libfido2/examples/manifest.c | 1 + contrib/libfido2/examples/reset.c | 1 + contrib/libfido2/examples/retries.c | 3 +- contrib/libfido2/examples/select.c | 5 +- contrib/libfido2/examples/setpin.c | 3 +- contrib/libfido2/examples/util.c | 65 +++- contrib/libfido2/fuzz/CMakeLists.txt | 55 ++- contrib/libfido2/fuzz/Dockerfile | 22 +- contrib/libfido2/fuzz/Makefile | 35 +- contrib/libfido2/fuzz/README | 22 +- contrib/libfido2/fuzz/build-coverage | 7 +- contrib/libfido2/fuzz/clock.c | 1 + contrib/libfido2/fuzz/dummy.h | 5 +- contrib/libfido2/fuzz/export.gnu | 32 +- contrib/libfido2/fuzz/functions.txt | 404 ++++++++++++--------- contrib/libfido2/fuzz/fuzz_assert.c | 43 ++- contrib/libfido2/fuzz/fuzz_bio.c | 5 +- contrib/libfido2/fuzz/fuzz_cred.c | 10 +- contrib/libfido2/fuzz/fuzz_credman.c | 5 +- contrib/libfido2/fuzz/fuzz_hid.c | 5 +- contrib/libfido2/fuzz/fuzz_largeblob.c | 5 +- contrib/libfido2/fuzz/fuzz_mgmt.c | 34 +- contrib/libfido2/fuzz/fuzz_netlink.c | 5 +- contrib/libfido2/fuzz/fuzz_pcsc.c (new) | 269 ++++++++++++++ contrib/libfido2/fuzz/libfuzzer.c | 61 +++- contrib/libfido2/fuzz/mutator_aux.c | 21 +- contrib/libfido2/fuzz/mutator_aux.h | 22 +- contrib/libfido2/fuzz/pcsc.c (new) | 153 ++++++++ contrib/libfido2/fuzz/preload-fuzz.c | 1 + contrib/libfido2/fuzz/preload-snoop.c | 1 + contrib/libfido2/fuzz/report.tgz | Bin 323706 -> 357005 bytes contrib/libfido2/fuzz/summary.txt | 77 ++-- contrib/libfido2/fuzz/udev.c | 3 +- contrib/libfido2/fuzz/wiredata_fido2.h | 77 +++- contrib/libfido2/fuzz/wiredata_u2f.h | 1 + contrib/libfido2/fuzz/wrap.c | 67 +++- contrib/libfido2/fuzz/wrapped.sym | 10 + contrib/libfido2/man/CMakeLists.txt | 53 ++- contrib/libfido2/man/check.sh | 1 + contrib/libfido2/man/eddsa_pk_new.3 | 32 +- contrib/libfido2/man/es256_pk_new.3 | 32 +- contrib/libfido2/man/es384_pk_new.3 (new) | 164 +++++++++ contrib/libfido2/man/fido2-assert.1 | 27 +- contrib/libfido2/man/fido2-cred.1 | 27 +- contrib/libfido2/man/fido2-token.1 | 51 ++- contrib/libfido2/man/fido_assert_allow_cred.3 | 45 ++- contrib/libfido2/man/fido_assert_new.3 | 37 +- contrib/libfido2/man/fido_assert_set_authdata.3 | 33 +- contrib/libfido2/man/fido_assert_verify.3 | 33 +- contrib/libfido2/man/fido_bio_dev_get_info.3 | 27 +- contrib/libfido2/man/fido_bio_enroll_new.3 | 27 +- contrib/libfido2/man/fido_bio_info_new.3 | 27 +- contrib/libfido2/man/fido_bio_template.3 | 27 +- contrib/libfido2/man/fido_cbor_info_new.3 | 169 ++++++++- contrib/libfido2/man/fido_cred_exclude.3 | 45 ++- contrib/libfido2/man/fido_cred_new.3 | 29 +- contrib/libfido2/man/fido_cred_set_authdata.3 | 46 ++- contrib/libfido2/man/fido_cred_verify.3 | 27 +- contrib/libfido2/man/fido_credman_metadata_new.3 | 27 +- contrib/libfido2/man/fido_dev_enable_entattest.3 | 38 +- contrib/libfido2/man/fido_dev_get_assert.3 | 27 +- contrib/libfido2/man/fido_dev_get_touch_begin.3 | 27 +- contrib/libfido2/man/fido_dev_info_manifest.3 | 31 +- contrib/libfido2/man/fido_dev_largeblob_get.3 | 34 +- contrib/libfido2/man/fido_dev_make_cred.3 | 27 +- contrib/libfido2/man/fido_dev_open.3 | 27 +- contrib/libfido2/man/fido_dev_set_io_functions.3 | 27 +- contrib/libfido2/man/fido_dev_set_pin.3 | 29 +- contrib/libfido2/man/fido_init.3 | 27 +- contrib/libfido2/man/fido_strerr.3 | 27 +- contrib/libfido2/man/rs256_pk_new.3 | 32 +- .../libfido2/openbsd-compat/bsd-asprintf.c (new) | 88 +++++ contrib/libfido2/openbsd-compat/clock_gettime.c | 1 + contrib/libfido2/openbsd-compat/endian_win32.c | 1 + contrib/libfido2/openbsd-compat/openbsd-compat.h | 5 + contrib/libfido2/regress/CMakeLists.txt | 57 ++- contrib/libfido2/regress/assert.c | 14 +- contrib/libfido2/regress/compress.c (new) | 268 ++++++++++++++ contrib/libfido2/regress/cred.c | 15 +- contrib/libfido2/regress/dev.c | 43 ++- contrib/libfido2/regress/eddsa.c (new) | 159 ++++++++ contrib/libfido2/regress/es256.c (new) | 199 ++++++++++ contrib/libfido2/regress/es384.c (new) | 213 +++++++++++ contrib/libfido2/regress/rs256.c (new) | 201 ++++++++++ contrib/libfido2/src/CMakeLists.txt | 31 +- contrib/libfido2/src/aes256.c | 1 + contrib/libfido2/src/assert.c | 206 +++++++---- contrib/libfido2/src/authkey.c | 26 +- contrib/libfido2/src/bio.c | 116 ++++-- contrib/libfido2/src/blob.c | 1 + contrib/libfido2/src/blob.h | 1 + contrib/libfido2/src/buf.c | 1 + contrib/libfido2/src/cbor.c | 52 ++- contrib/libfido2/src/compress.c | 145 +++++++- contrib/libfido2/src/config.c | 28 +- contrib/libfido2/src/cred.c | 45 ++- contrib/libfido2/src/credman.c | 162 ++++++--- contrib/libfido2/src/dev.c | 229 ++---------- contrib/libfido2/src/diff_exports.sh | 1 + contrib/libfido2/src/ecdh.c | 1 + contrib/libfido2/src/eddsa.c | 14 +- contrib/libfido2/src/err.c | 1 + contrib/libfido2/src/es256.c | 66 +++- contrib/libfido2/src/es384.c (new) | 296 +++++++++++++++ contrib/libfido2/src/export.gnu | 22 +- contrib/libfido2/src/export.llvm | 22 +- contrib/libfido2/src/export.msvc | 22 +- contrib/libfido2/src/extern.h | 30 +- contrib/libfido2/src/fallthrough.h (new) | 21 ++ contrib/libfido2/src/fido.h | 46 ++- contrib/libfido2/src/fido/bio.h | 26 +- contrib/libfido2/src/fido/config.h | 26 +- contrib/libfido2/src/fido/credman.h | 26 +- contrib/libfido2/src/fido/eddsa.h | 28 +- contrib/libfido2/src/fido/err.h | 26 +- contrib/libfido2/src/fido/es256.h | 26 +- contrib/libfido2/src/fido/es384.h (new) | 59 +++ contrib/libfido2/src/fido/param.h | 57 ++- contrib/libfido2/src/fido/rs256.h | 26 +- contrib/libfido2/src/fido/types.h | 78 +++- contrib/libfido2/src/hid.c | 1 + contrib/libfido2/src/hid_freebsd.c | 1 + contrib/libfido2/src/hid_hidapi.c | 13 +- contrib/libfido2/src/hid_linux.c | 50 ++- contrib/libfido2/src/hid_netbsd.c | 1 + contrib/libfido2/src/hid_openbsd.c | 101 +++--- contrib/libfido2/src/hid_osx.c | 26 +- contrib/libfido2/src/hid_unix.c | 1 + contrib/libfido2/src/hid_win.c | 5 +- contrib/libfido2/src/info.c | 171 ++++++++- contrib/libfido2/src/io.c | 26 +- contrib/libfido2/src/iso7816.c | 1 + contrib/libfido2/src/iso7816.h | 1 + contrib/libfido2/src/largeblob.c | 34 +- contrib/libfido2/src/log.c | 1 + contrib/libfido2/src/netlink.c | 1 + contrib/libfido2/src/netlink.h | 1 + contrib/libfido2/src/nfc.c (new) | 350 ++++++++++++++++++ contrib/libfido2/src/nfc_linux.c | 387 +++----------------- contrib/libfido2/src/packed.h | 1 + contrib/libfido2/src/pcsc.c (new) | 394 ++++++++++++++++++++ contrib/libfido2/src/pin.c | 77 ++-- contrib/libfido2/src/random.c | 1 + contrib/libfido2/src/reset.c | 1 + contrib/libfido2/src/rs1.c | 3 +- contrib/libfido2/src/rs256.c | 29 +- contrib/libfido2/src/time.c | 1 + contrib/libfido2/src/touch.c (new) | 109 ++++++ contrib/libfido2/src/tpm.c | 3 +- contrib/libfido2/src/types.c | 17 +- contrib/libfido2/src/u2f.c | 93 +++-- contrib/libfido2/src/util.c (new) | 31 ++ contrib/libfido2/src/webauthn.h | 75 +++- contrib/libfido2/src/winhello.c | 122 +++++-- contrib/libfido2/tools/CMakeLists.txt | 12 +- contrib/libfido2/tools/assert_get.c | 7 +- contrib/libfido2/tools/assert_verify.c | 30 +- contrib/libfido2/tools/base64.c | 1 + contrib/libfido2/tools/bio.c | 1 + contrib/libfido2/tools/config.c | 1 + contrib/libfido2/tools/cred_make.c | 7 +- contrib/libfido2/tools/cred_verify.c | 1 + contrib/libfido2/tools/credman.c | 1 + contrib/libfido2/tools/extern.h | 4 +- contrib/libfido2/tools/fido2-assert.c | 1 + contrib/libfido2/tools/fido2-attach.sh | 1 + contrib/libfido2/tools/fido2-cred.c | 1 + contrib/libfido2/tools/fido2-detach.sh | 1 + contrib/libfido2/tools/fido2-token.c | 1 + contrib/libfido2/tools/fido2-unprot.sh | 1 + contrib/libfido2/tools/include_check.sh | 1 + contrib/libfido2/tools/largeblob.c | 59 ++- contrib/libfido2/tools/pin.c | 26 +- contrib/libfido2/tools/test.sh | 46 ++- contrib/libfido2/tools/token.c | 159 +++++++- contrib/libfido2/tools/util.c | 70 +++- contrib/libfido2/udev/70-u2f.rules | 39 +- contrib/libfido2/udev/CMakeLists.txt | 1 + contrib/libfido2/udev/check.sh | 1 + contrib/libfido2/udev/fidodevs | 3 + contrib/libfido2/udev/genrules.awk | 32 +- contrib/libfido2/windows/build.ps1 | 32 +- contrib/libfido2/windows/const.ps1 | 14 +- contrib/libfido2/windows/cygwin.ps1 | 2 + contrib/libfido2/windows/release.ps1 | 30 +- lib/libfido2/Makefile | 6 +- 196 files changed, 7592 insertions(+), 1733 deletions(-) A commit in branch releng/14.0 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=c782cf6f13fcc7b7c57acdeca6f13d624434bdec commit c782cf6f13fcc7b7c57acdeca6f13d624434bdec Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 16:50:13 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-23 13:08:56 +0000 libfido2: backport hidraw(4) support PR: 273596 Submitted by: David Horn Obtained from: libfido2 2c9dfaae2a56, 930160388700 (cherry picked from commit 1843dfb05ed80149f5a412180af882e3cb8f451b) (cherry picked from commit 3df74eecfdecbafe55838b45141c275754d526bb) Approved by: re (gjb) contrib/libfido2/src/hid_freebsd.c | 97 ++++++++++++++++++++++++++++++++++---- 1 file changed, 87 insertions(+), 10 deletions(-) A commit in branch releng/14.0 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=95321fff46ec680708dc9c1ffe116757bee8ad78 commit 95321fff46ec680708dc9c1ffe116757bee8ad78 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2023-09-19 17:06:12 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2023-09-23 13:09:06 +0000 libfido2: update to 1.13.0 Some highlights from NEWS entries: ** Improved OpenSSL 3.0 compatibility. ** Support for hidraw(4) on FreeBSD; gh#597. ** Improved support for FIDO 2.1 authenticators. PR: 273596 Relnotes: Yes Sponsored by: The FreeBSD Foundation (cherry picked from commit 2ccfa855b2fc331819953e3de1b1c15ce5b95a7e) (cherry picked from commit 5bfbde817cdedbd7309c38a361cd1211bdcdd70e) Approved by: re (gjb) contrib/libfido2/CMakeLists.txt | 142 ++++++-- contrib/libfido2/LICENSE | 4 +- contrib/libfido2/NEWS | 41 +++ contrib/libfido2/README.adoc | 114 ++++-- contrib/libfido2/examples/CMakeLists.txt | 12 +- contrib/libfido2/examples/README.adoc | 17 +- contrib/libfido2/examples/assert.c | 33 +- contrib/libfido2/examples/cred.c | 29 +- contrib/libfido2/examples/extern.h | 8 +- contrib/libfido2/examples/info.c | 101 +++++- contrib/libfido2/examples/manifest.c | 1 + contrib/libfido2/examples/reset.c | 1 + contrib/libfido2/examples/retries.c | 3 +- contrib/libfido2/examples/select.c | 5 +- contrib/libfido2/examples/setpin.c | 3 +- contrib/libfido2/examples/util.c | 65 +++- contrib/libfido2/fuzz/CMakeLists.txt | 55 ++- contrib/libfido2/fuzz/Dockerfile | 22 +- contrib/libfido2/fuzz/Makefile | 35 +- contrib/libfido2/fuzz/README | 22 +- contrib/libfido2/fuzz/build-coverage | 7 +- contrib/libfido2/fuzz/clock.c | 1 + contrib/libfido2/fuzz/dummy.h | 5 +- contrib/libfido2/fuzz/export.gnu | 32 +- contrib/libfido2/fuzz/functions.txt | 404 ++++++++++++--------- contrib/libfido2/fuzz/fuzz_assert.c | 43 ++- contrib/libfido2/fuzz/fuzz_bio.c | 5 +- contrib/libfido2/fuzz/fuzz_cred.c | 10 +- contrib/libfido2/fuzz/fuzz_credman.c | 5 +- contrib/libfido2/fuzz/fuzz_hid.c | 5 +- contrib/libfido2/fuzz/fuzz_largeblob.c | 5 +- contrib/libfido2/fuzz/fuzz_mgmt.c | 34 +- contrib/libfido2/fuzz/fuzz_netlink.c | 5 +- contrib/libfido2/fuzz/fuzz_pcsc.c (new) | 269 ++++++++++++++ contrib/libfido2/fuzz/libfuzzer.c | 61 +++- contrib/libfido2/fuzz/mutator_aux.c | 21 +- contrib/libfido2/fuzz/mutator_aux.h | 22 +- contrib/libfido2/fuzz/pcsc.c (new) | 153 ++++++++ contrib/libfido2/fuzz/preload-fuzz.c | 1 + contrib/libfido2/fuzz/preload-snoop.c | 1 + contrib/libfido2/fuzz/report.tgz | Bin 323706 -> 357005 bytes contrib/libfido2/fuzz/summary.txt | 77 ++-- contrib/libfido2/fuzz/udev.c | 3 +- contrib/libfido2/fuzz/wiredata_fido2.h | 77 +++- contrib/libfido2/fuzz/wiredata_u2f.h | 1 + contrib/libfido2/fuzz/wrap.c | 67 +++- contrib/libfido2/fuzz/wrapped.sym | 10 + contrib/libfido2/man/CMakeLists.txt | 53 ++- contrib/libfido2/man/check.sh | 1 + contrib/libfido2/man/eddsa_pk_new.3 | 32 +- contrib/libfido2/man/es256_pk_new.3 | 32 +- contrib/libfido2/man/es384_pk_new.3 (new) | 164 +++++++++ contrib/libfido2/man/fido2-assert.1 | 27 +- contrib/libfido2/man/fido2-cred.1 | 27 +- contrib/libfido2/man/fido2-token.1 | 51 ++- contrib/libfido2/man/fido_assert_allow_cred.3 | 45 ++- contrib/libfido2/man/fido_assert_new.3 | 37 +- contrib/libfido2/man/fido_assert_set_authdata.3 | 33 +- contrib/libfido2/man/fido_assert_verify.3 | 33 +- contrib/libfido2/man/fido_bio_dev_get_info.3 | 27 +- contrib/libfido2/man/fido_bio_enroll_new.3 | 27 +- contrib/libfido2/man/fido_bio_info_new.3 | 27 +- contrib/libfido2/man/fido_bio_template.3 | 27 +- contrib/libfido2/man/fido_cbor_info_new.3 | 169 ++++++++- contrib/libfido2/man/fido_cred_exclude.3 | 45 ++- contrib/libfido2/man/fido_cred_new.3 | 29 +- contrib/libfido2/man/fido_cred_set_authdata.3 | 46 ++- contrib/libfido2/man/fido_cred_verify.3 | 27 +- contrib/libfido2/man/fido_credman_metadata_new.3 | 27 +- contrib/libfido2/man/fido_dev_enable_entattest.3 | 38 +- contrib/libfido2/man/fido_dev_get_assert.3 | 27 +- contrib/libfido2/man/fido_dev_get_touch_begin.3 | 27 +- contrib/libfido2/man/fido_dev_info_manifest.3 | 31 +- contrib/libfido2/man/fido_dev_largeblob_get.3 | 34 +- contrib/libfido2/man/fido_dev_make_cred.3 | 27 +- contrib/libfido2/man/fido_dev_open.3 | 27 +- contrib/libfido2/man/fido_dev_set_io_functions.3 | 27 +- contrib/libfido2/man/fido_dev_set_pin.3 | 29 +- contrib/libfido2/man/fido_init.3 | 27 +- contrib/libfido2/man/fido_strerr.3 | 27 +- contrib/libfido2/man/rs256_pk_new.3 | 32 +- .../libfido2/openbsd-compat/bsd-asprintf.c (new) | 88 +++++ contrib/libfido2/openbsd-compat/clock_gettime.c | 1 + contrib/libfido2/openbsd-compat/endian_win32.c | 1 + contrib/libfido2/openbsd-compat/openbsd-compat.h | 5 + contrib/libfido2/regress/CMakeLists.txt | 57 ++- contrib/libfido2/regress/assert.c | 14 +- contrib/libfido2/regress/compress.c (new) | 268 ++++++++++++++ contrib/libfido2/regress/cred.c | 15 +- contrib/libfido2/regress/dev.c | 43 ++- contrib/libfido2/regress/eddsa.c (new) | 159 ++++++++ contrib/libfido2/regress/es256.c (new) | 199 ++++++++++ contrib/libfido2/regress/es384.c (new) | 213 +++++++++++ contrib/libfido2/regress/rs256.c (new) | 201 ++++++++++ contrib/libfido2/src/CMakeLists.txt | 31 +- contrib/libfido2/src/aes256.c | 1 + contrib/libfido2/src/assert.c | 206 +++++++---- contrib/libfido2/src/authkey.c | 26 +- contrib/libfido2/src/bio.c | 116 ++++-- contrib/libfido2/src/blob.c | 1 + contrib/libfido2/src/blob.h | 1 + contrib/libfido2/src/buf.c | 1 + contrib/libfido2/src/cbor.c | 52 ++- contrib/libfido2/src/compress.c | 145 +++++++- contrib/libfido2/src/config.c | 28 +- contrib/libfido2/src/cred.c | 45 ++- contrib/libfido2/src/credman.c | 162 ++++++--- contrib/libfido2/src/dev.c | 229 ++---------- contrib/libfido2/src/diff_exports.sh | 1 + contrib/libfido2/src/ecdh.c | 1 + contrib/libfido2/src/eddsa.c | 14 +- contrib/libfido2/src/err.c | 1 + contrib/libfido2/src/es256.c | 66 +++- contrib/libfido2/src/es384.c (new) | 296 +++++++++++++++ contrib/libfido2/src/export.gnu | 22 +- contrib/libfido2/src/export.llvm | 22 +- contrib/libfido2/src/export.msvc | 22 +- contrib/libfido2/src/extern.h | 30 +- contrib/libfido2/src/fallthrough.h (new) | 21 ++ contrib/libfido2/src/fido.h | 46 ++- contrib/libfido2/src/fido/bio.h | 26 +- contrib/libfido2/src/fido/config.h | 26 +- contrib/libfido2/src/fido/credman.h | 26 +- contrib/libfido2/src/fido/eddsa.h | 28 +- contrib/libfido2/src/fido/err.h | 26 +- contrib/libfido2/src/fido/es256.h | 26 +- contrib/libfido2/src/fido/es384.h (new) | 59 +++ contrib/libfido2/src/fido/param.h | 57 ++- contrib/libfido2/src/fido/rs256.h | 26 +- contrib/libfido2/src/fido/types.h | 78 +++- contrib/libfido2/src/hid.c | 1 + contrib/libfido2/src/hid_freebsd.c | 1 + contrib/libfido2/src/hid_hidapi.c | 13 +- contrib/libfido2/src/hid_linux.c | 50 ++- contrib/libfido2/src/hid_netbsd.c | 1 + contrib/libfido2/src/hid_openbsd.c | 101 +++--- contrib/libfido2/src/hid_osx.c | 26 +- contrib/libfido2/src/hid_unix.c | 1 + contrib/libfido2/src/hid_win.c | 5 +- contrib/libfido2/src/info.c | 171 ++++++++- contrib/libfido2/src/io.c | 26 +- contrib/libfido2/src/iso7816.c | 1 + contrib/libfido2/src/iso7816.h | 1 + contrib/libfido2/src/largeblob.c | 34 +- contrib/libfido2/src/log.c | 1 + contrib/libfido2/src/netlink.c | 1 + contrib/libfido2/src/netlink.h | 1 + contrib/libfido2/src/nfc.c (new) | 350 ++++++++++++++++++ contrib/libfido2/src/nfc_linux.c | 387 +++----------------- contrib/libfido2/src/packed.h | 1 + contrib/libfido2/src/pcsc.c (new) | 394 ++++++++++++++++++++ contrib/libfido2/src/pin.c | 77 ++-- contrib/libfido2/src/random.c | 1 + contrib/libfido2/src/reset.c | 1 + contrib/libfido2/src/rs1.c | 3 +- contrib/libfido2/src/rs256.c | 29 +- contrib/libfido2/src/time.c | 1 + contrib/libfido2/src/touch.c (new) | 109 ++++++ contrib/libfido2/src/tpm.c | 3 +- contrib/libfido2/src/types.c | 17 +- contrib/libfido2/src/u2f.c | 93 +++-- contrib/libfido2/src/util.c (new) | 31 ++ contrib/libfido2/src/webauthn.h | 75 +++- contrib/libfido2/src/winhello.c | 122 +++++-- contrib/libfido2/tools/CMakeLists.txt | 12 +- contrib/libfido2/tools/assert_get.c | 7 +- contrib/libfido2/tools/assert_verify.c | 30 +- contrib/libfido2/tools/base64.c | 1 + contrib/libfido2/tools/bio.c | 1 + contrib/libfido2/tools/config.c | 1 + contrib/libfido2/tools/cred_make.c | 7 +- contrib/libfido2/tools/cred_verify.c | 1 + contrib/libfido2/tools/credman.c | 1 + contrib/libfido2/tools/extern.h | 4 +- contrib/libfido2/tools/fido2-assert.c | 1 + contrib/libfido2/tools/fido2-attach.sh | 1 + contrib/libfido2/tools/fido2-cred.c | 1 + contrib/libfido2/tools/fido2-detach.sh | 1 + contrib/libfido2/tools/fido2-token.c | 1 + contrib/libfido2/tools/fido2-unprot.sh | 1 + contrib/libfido2/tools/include_check.sh | 1 + contrib/libfido2/tools/largeblob.c | 59 ++- contrib/libfido2/tools/pin.c | 26 +- contrib/libfido2/tools/test.sh | 46 ++- contrib/libfido2/tools/token.c | 159 +++++++- contrib/libfido2/tools/util.c | 70 +++- contrib/libfido2/udev/70-u2f.rules | 39 +- contrib/libfido2/udev/CMakeLists.txt | 1 + contrib/libfido2/udev/check.sh | 1 + contrib/libfido2/udev/fidodevs | 3 + contrib/libfido2/udev/genrules.awk | 32 +- contrib/libfido2/windows/build.ps1 | 32 +- contrib/libfido2/windows/const.ps1 | 14 +- contrib/libfido2/windows/cygwin.ps1 | 2 + contrib/libfido2/windows/release.ps1 | 30 +- lib/libfido2/Makefile | 6 +- 196 files changed, 7592 insertions(+), 1733 deletions(-) |