Closed SecTec closed 5 years ago
The requirement for attestation certificate to be v3 was not present in original U2F specification. It was defined in FIDO U2F Authenticator Transports Extension for U2F 1.2 and now it is a part of FIDO2 (which is out of scope of this project). The gen.sh
script simply generates shortest possible certificate and it works on every site with U2F support. It also conforms to U2F 1.0. However, you can generate your own x.509 v3 certificate using following script:
#!/bin/bash
set -e
cat > opnssl.cnf <<EOF
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_ca # The extentions to add to the self signed cert
req_extensions = v3_req
x509_extensions = usr_cert
[usr_cert]
basicConstraints=CA:FALSE
nsCertType = client, server, email
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection
nsComment = "OpenSSL Generated Certificate"
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer
[v3_ca]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
basicConstraints = CA:true
[v3_req]
extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
[req_distinguished_name]
EOF
# generate key and self-signed certificate
openssl ecparam -genkey -name prime256v1 -out attestation_key.pem
openssl req -new -sha256 -key attestation_key.pem -out csr.csr -subj "/C=US/ST=New York City/O=S. Security/OU=Authenticator Attestation/CN=FIDO2 Token"
openssl req -config opnssl.cnf -x509 -sha256 -days 3650 -key attestation_key.pem -in csr.csr -out attestation.pem
# convert to der
openssl x509 -outform der -in attestation.pem -out attestation.der
openssl ec -in attestation_key.pem -outform der -out attestation_key.der
# generate C code
python dump-der.py > certificates.c || ( rm certificates.c && exit 1 )
Make sure to provide your own subject.
Hi,
when I try to deploy the attestation certificate with ./certtool init
I get the following error:
Trying to initialize device HIDDevice:
0005:0011:00 | 16d0:e90 | unknown | U2F-token (STM32) | 1.00
release_number: 256
usage_page: 0
usage: 0
interface_number: 0
HID Error: 1
Could the new generated cert be too long for the script to deploy?
And I looked at the U2F specifications. U2F 1.0 and U2F 1.2 are using v3 certificates in their examples. The FIDO2 specification does not define any certificate version.
Could the new generated cert be too long for the script to deploy?
Yes. It could be the case. After some digging I came up with this script to produce short enough v3 certificate with fido u2f transport extension:
#!/bin/bash
set -e
cat > opnssl.cnf <<EOF
[req]
x509_extensions = usr_cert
[usr_cert]
1.3.6.1.4.1.45724.2.1.1=ASN1:FORMAT:BITLIST,BITSTRING:2
EOF
# generate key and self-signed certificate
openssl ecparam -genkey -name prime256v1 -out attestation_key.pem
openssl req -new -sha256 -key attestation_key.pem -out csr.csr -subj "/C=US/CN=U2F Token"
openssl req -config opnssl.cnf -x509 -sha256 -days 3650 -key attestation_key.pem -in csr.csr -out attestation.pem
# convert to der
openssl x509 -outform der -in attestation.pem -out attestation.der
openssl ec -in attestation_key.pem -outform der -out attestation_key.der
# generate C code
python dump-der.py > certificates.c || ( rm certificates.c && exit 1 )
It works on webauthn.org for me.
It worked on all three demo sites. Thanks.
Now two questions arise:
gen.sh
or will it be calles gen_v3.sh
.I see no reason to keep an old script. Yes, having unique attestation certificate for each device allows user tracking. I put pre-generated certificate into the repository, but still since the number of users of this firmware is small, they are easy to track.
Hi,
I made a BluePill U2F device and tried it on the following webauthn demo sites: yubico.com webauthn.io webauthn.org
When registering at webauthn.org I got the following error message:
Below is the whole debug output: