Issue generating new key

EntraptaJ commented 3 years ago

I'm running on a 2020 Dell XPS 13 9310 with Windows 10 Enterprise, I've had the following issue on WSL2 with Ubuntu 20.04 20.10, and all versions of Debian I could get the install to work.

I'm using a Trezor Model T plugged in via direct USB-C, I know I'm giving too much information, I have a feeling this issue may be caused by my specific config/workstation.

When I attempt to generate a key, it does bring up the Fido2 Windows prompt, I auth the request on the Trezor Model T screen, and once it returns it seems to error out on the CLI terminate called after throwing an instance of 'std::out_of_range'

kristianfjones@DESKTOP-IP61DKN:/usr/lib$ WINDOWS_FIDO_BRIDGE_DEBUG=true SSH_SK_PROVIDER=libwindowsfidobridge.so ssh-keygen -v -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
debug1: sshsk_enroll: provider "libwindowsfidobridge.so", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sshsk_open: provider libwindowsfidobridge.so implements version 0x00070000
[2021-01-27 11:15:34.951] [wfb-middleware] [debug] Parameters from OpenSSH:
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]     Algorithm: 0
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]     Challenge:
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]       |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]       | 0000: 58 c5 d0 6f 35 86 0d 0c 63 17 59 9d ef 94 aa d8  X..o5...c.Y.....
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]       | 0010: 32 06 fc 04 57 83 19 03 3a 4d ca 4f c6 81 0a 12  2...W...:M.O....
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]     Application: "ssh:"
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]     Flags: 0b00000001
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]     PIN: (not present)
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]     Options:
[2021-01-27 11:15:34.951] [wfb-middleware] [debug]         (No options provided)
terminate called after throwing an instance of 'std::out_of_range'
  what():  map::at
client_converse: receive: unexpected internal error
reap_helper: helper exited abnormally
Key enrollment failed: unexpected internal error

kristianfjones@DESKTOP-IP61DKN:/usr/lib$ uname -r
5.4.72-microsoft-standard-WSL2

I was first running the Nathan Chance WSL2 custom kernel and I reverted back to the standard Microsoft WSL2 kernel to ensure that wasn't the issue.

mgbowen commented 3 years ago

I'm using a Trezor Model T plugged in via direct USB-C, I know I'm giving too much information, I have a feeling this issue may be caused by my specific config/workstation.

No, that's helpful info. Most likely there's an incompatibility with your specific security key and the code that parses credential attestations; to be honest, most of the code for parsing those attestations was made in haste and isn't particularly robust to deviations from how my YubiKeys behave.

I'll need to add more debug logs to get a sense of where exactly the parser is failing since there's a few places where we call at() on data received from the security key. I can try adding some this weekend so we can figure out how your key differs from the keys I own.

EntraptaJ commented 3 years ago

I'm here to provide any information you need. I'll try using my YubiKey 5 from work tomorrow and see if it works to ensure it is the Trezor and not my workstation.

EntraptaJ commented 3 years ago

If you want to try to work this out together this weekend, you can add me as KristianFJones#2054 on Discord.

mgbowen commented 3 years ago

Could you pull and compile the latest commit on master and try enrolling a key again with debug logging on? I added significantly more logging and validation that may make it easier to figure out what's going wrong.

EntraptaJ commented 3 years ago

Compiling now. Totally forgot about this, been distracted by my current work project.

EntraptaJ commented 3 years ago

kristianfjones@DESKTOP-IP61DKN:~/Projects/GitHub/mgbowen/windows-fido-bridge/build$ WINDOWS_FIDO_BRIDGE_DEBUG=true SSH_SK_PROVIDER=/usr/local/lib/libwindowsfidobridge.so ssh-keygen -v -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sshsk_open: provider /usr/local/lib/libwindowsfidobridge.so implements version 0x00070000
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] Parameters from OpenSSH:
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]     Algorithm: 0
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]     Challenge:
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]       |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]       | 0000: 34 1b 1e 69 4e 6a 39 90 32 ed 08 ff 39 7f 3c 17  4..iNj9.2...9.<.
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]       | 0010: bb 85 03 7d 42 95 2f 26 9d ec 69 a8 35 8c 19 e2  ...}B./&..i.5...
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]     Application: "ssh:"
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]     Flags: 0b00000001
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]     PIN: (not present)
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]     Options:
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]         (No options provided)
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] Invoking Windows bridge with the following parameters:
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0000: a4 6b 61 70 70 6c 69 63 61 74 69 6f 6e 64 73 73  .kapplicationdss
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0010: 68 3a 69 63 68 61 6c 6c 65 6e 67 65 58 20 34 1b  h:ichallengeX 4.
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0020: 1e 69 4e 6a 39 90 32 ed 08 ff 39 7f 3c 17 bb 85  .iNj9.2...9.<...
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0030: 03 7d 42 95 2f 26 9d ec 69 a8 35 8c 19 e2 64 74  .}B./&..i.5...dt
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0040: 79 70 65 66 63 72 65 61 74 65 78 1a 75 73 65 72  ypefcreatex.user
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0050: 5f 76 65 72 69 66 69 63 61 74 69 6f 6e 5f 72 65  _verification_re
[2021-01-30 18:29:21.233] [wfb-middleware] [debug]   | 0060: 71 75 69 72 65 64 00                             quired.
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] Forking.
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] Child process PID = 5820
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] Sending parameters to child process.
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] Parameters sent to child process, waiting for reply.
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] [Windows bridge child] Detected own library file path is "/usr/local/lib/libwindowsfidobridge.so".
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] [Windows bridge child] Using Windows bridge at "/usr/local/lib/windowsfidobridge.exe".
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] [Windows bridge child] Setting WSLENV environment variable to "WT_SESSION::WT_PROFILE_ID:WINDOWS_FIDO_BRIDGE_DEBUG".
[2021-01-30 18:29:21.233] [wfb-middleware] [debug] [Windows bridge child] Execing.
[2021-01-30 18:29:35.354] [wfb-middleware] [debug] Reply received from child process:
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0000: a2 72 61 74 74 65 73 74 61 74 69 6f 6e 5f 6f 62  .rattestation_ob
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0010: 6a 65 63 74 59 01 5f a3 63 66 6d 74 66 70 61 63  jectY._.cfmtfpac
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0020: 6b 65 64 67 61 74 74 53 74 6d 74 a2 63 61 6c 67  kedgattStmt.calg
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0030: 26 63 73 69 67 58 46 30 44 02 20 34 3e 57 53 f7  &csigXF0D. 4>WS.
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0040: bc 3f 56 9c e5 dd 45 ff 3f 06 6e 42 84 b0 37 72  .?V...E.?.nB..7r
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0050: 79 e0 73 0f f8 b4 f1 9b df 2d ce 02 20 57 57 4a  y.s......-.. WWJ
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0060: 04 33 83 d2 41 82 c1 3c 7f f1 a3 c2 7f 62 58 f3  .3..A..<.....bX.
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0070: f8 0a 66 d7 ae 64 0c 25 a8 1e 70 33 53 68 61 75  ..f..d.%..p3Shau
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0080: 74 68 44 61 74 61 58 ee e3 06 10 e8 a1 62 11 59  thDataX......b.Y
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0090: 60 fe 1e c2 23 e6 52 9c 9f 4b 6e 80 20 0d cb 5e  `...#.R..Kn. ..^
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 00a0: 5c 32 1c 8a f1 e2 b1 bf 45 00 00 00 3d d6 d0 bd  \2......E...=...
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 00b0: c3 62 ee c4 db de 8d 7a 65 6e 4a 44 87 00 6a f1  .b.....zenJD..j.
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 00c0: d0 02 00 a4 a4 82 cb 11 b8 0c d3 44 49 60 92 26  ...........DI`.&
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 00d0: 80 b1 1b a1 65 6f d6 aa 0d aa 8f 3a b9 01 75 26  ....eo.....:..u&
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 00e0: b7 cc 51 27 60 a7 43 99 5f 65 0a 52 99 f6 41 07  ..Q'`.C._e.R..A.
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 00f0: 4e ed 5a d1 6a 1a aa a1 fe f1 46 b4 4e d6 e1 52  N.Z.j.....F.N..R
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0100: ab fd 99 e4 f2 46 47 bc f0 c9 eb b3 8d e2 fd 49  .....FG........I
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0110: 2d c1 19 33 f3 e5 fb 5d ca cb 5f 74 4b 25 97 fd  -..3...].._tK%..
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0120: 50 76 68 64 1f 99 f5 ad 61 a5 01 02 03 26 20 01  Pvhd....a....& .
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0130: 21 58 20 34 ed 3f 22 61 3c 02 75 35 5e 84 de 67  !X 4.?"a<.u5^..g
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0140: 98 2f ee 2a 72 73 e9 86 38 85 d1 68 62 77 a1 4f  ./.*rs..8..hbw.O
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0150: 06 9e 01 22 58 20 a6 e3 2b f1 2b 89 f0 e8 86 46  ..."X ..+.+....F
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0160: 69 6d 8c 64 22 1d 07 8d 70 99 84 1e c6 e6 00 8a  im.d"...p.......
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0170: 8d 3f 46 2e 41 49 6d 63 72 65 64 65 6e 74 69 61  .?F.AImcredentia
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0180: 6c 5f 69 64 58 6a f1 d0 02 00 a4 a4 82 cb 11 b8  l_idXj..........
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 0190: 0c d3 44 49 60 92 26 80 b1 1b a1 65 6f d6 aa 0d  ..DI`.&....eo...
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 01a0: aa 8f 3a b9 01 75 26 b7 cc 51 27 60 a7 43 99 5f  ..:..u&..Q'`.C._
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 01b0: 65 0a 52 99 f6 41 07 4e ed 5a d1 6a 1a aa a1 fe  e.R..A.N.Z.j....
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 01c0: f1 46 b4 4e d6 e1 52 ab fd 99 e4 f2 46 47 bc f0  .F.N..R.....FG..
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 01d0: c9 eb b3 8d e2 fd 49 2d c1 19 33 f3 e5 fb 5d ca  ......I-..3...].
[2021-01-30 18:29:35.354] [wfb-middleware] [debug]   | 01e0: cb 5f 74 4b 25 97 fd 50 76 68 64 1f 99 f5 ad 61  ._tK%..Pvhd....a
[2021-01-30 18:29:35.354] [wfb-middleware] [debug] Waiting for child process to exit.
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Parsing CBOR response received from Windows bridge
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Parsing CBOR attestation object
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Map keys in CBOR attestation object: ["attStmt", "authData", "fmt"]
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Attestation object format: "packed"
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Parsing authenticator data
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Parsing attested credential data
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Parsing public key CBOR map in attested credential data
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Public key CBOR map keys: [1, 3, -1, -2, -3]
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Public key type: Elliptic Curve Keys w/ x- and y-coordinate pair (kty = 2)
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Public key algorithm: ECDSA w/ SHA-256 (alg = -7)
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Public key EC2 curve type: P-256 (crv = 1)
[2021-01-30 18:29:35.386] [wfb-middleware] [debug] Public key EC2 curve X coordinate: b"34ed3f22613c0275355e84de67982fee2a7273e9863885d1686277a14f069e01"
[2021-01-30 18:29:35.387] [wfb-middleware] [debug] Public key EC2 curve Y coordinate: b"a6e32bf12b89f0e88646696d8c64221d078d7099841ec6e6008a8d3f462e4149"
[2021-01-30 18:29:35.387] [wfb-middleware] [debug] Public key parsed successfully
[2021-01-30 18:29:35.387] [wfb-middleware] [debug] Attested credential data parsed successfully
[2021-01-30 18:29:35.387] [wfb-middleware] [debug] Authenticator data parsed successfully
[2021-01-30 18:29:35.387] [wfb-middleware] [debug] Parsed authenticator data:
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   | Relying party ID hash: 0xe30610e8a162115960fe1ec223e6529c9f4b6e80200dcb5e5c321c8af1e2b1bf
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   | Flags: 0b01000101
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   |     User present result: true
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   |     User verified result: true
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   |     Attested credential data included: true
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   |     Extension data included: false
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   | Signature count: 61
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   | Authenticator attestation GUID: d6d0bdc3-62ee-c4db-de8d-7a656e4a4487
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   | Credential ID (106 bytes): 0xf1d00200a4a482cb11b80cd3444960922680b11ba1656fd6aa0daa8f3ab9017526b7cc512760a743995f650a5299f641074eed5ad16a1aaaa1fef146b44ed6e152abfd99e4f24647bcf0c9ebb38de2fd492dc11933f3e5fb5dcacb5f744b2597fd507668641f99f5ad61
[2021-01-30 18:29:35.387] [wfb-middleware] [debug]   | Public key (65 bytes): 0x0434ed3f22613c0275355e84de67982fee2a7273e9863885d1686277a14f069e01a6e32bf12b89f0e88646696d8c64221d078d7099841ec6e6008a8d3f462e4149
[2021-01-30 18:29:35.387] [wfb-middleware] [debug] Parsing attestation statement data in attestation object
[2021-01-30 18:29:35.387] [wfb-middleware] [critical] Missing certificate array in attestation statement
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so" returned failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: ssh-sk-helper: reply len 8
debug1: client_converse: helper returned error -4
Key enrollment failed: invalid format

EntraptaJ commented 3 years ago

Odd, it's failing with my YubiKey 4C

kristianfjones@DESKTOP-IP61DKN:~/Projects/GitHub/mgbowen/windows-fido-bridge/build$ WINDOWS_FIDO_BRIDGE_DEBUG=true SSH_SK_PROVIDER=/usr/local/lib/libwindowsfidobridge.so ssh-keygen -v -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sshsk_open: provider /usr/local/lib/libwindowsfidobridge.so implements version 0x00070000
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] Parameters from OpenSSH:
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]     Algorithm: 0
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]     Challenge:
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]       |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]       | 0000: b2 57 8b 63 4b 1c e0 1e 7e 1d c1 a8 6f 9f d8 f5  .W.cK...~...o...
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]       | 0010: 7d 02 eb dc 7b 65 45 9b 48 60 c7 cd 6a 88 8d b9  }...{eE.H`..j...
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]     Application: "ssh:"
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]     Flags: 0b00000001
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]     PIN: (not present)
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]     Options:
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]         (No options provided)
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] Invoking Windows bridge with the following parameters:
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0000: a4 6b 61 70 70 6c 69 63 61 74 69 6f 6e 64 73 73  .kapplicationdss
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0010: 68 3a 69 63 68 61 6c 6c 65 6e 67 65 58 20 b2 57  h:ichallengeX .W
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0020: 8b 63 4b 1c e0 1e 7e 1d c1 a8 6f 9f d8 f5 7d 02  .cK...~...o...}.
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0030: eb dc 7b 65 45 9b 48 60 c7 cd 6a 88 8d b9 64 74  ..{eE.H`..j...dt
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0040: 79 70 65 66 63 72 65 61 74 65 78 1a 75 73 65 72  ypefcreatex.user
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0050: 5f 76 65 72 69 66 69 63 61 74 69 6f 6e 5f 72 65  _verification_re
[2021-01-30 18:30:34.512] [wfb-middleware] [debug]   | 0060: 71 75 69 72 65 64 00                             quired.
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] Forking.
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] Child process PID = 6051
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] Sending parameters to child process.
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] Parameters sent to child process, waiting for reply.
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] [Windows bridge child] Detected own library file path is "/usr/local/lib/libwindowsfidobridge.so".
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] [Windows bridge child] Using Windows bridge at "/usr/local/lib/windowsfidobridge.exe".
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] [Windows bridge child] Setting WSLENV environment variable to "WT_SESSION::WT_PROFILE_ID:WINDOWS_FIDO_BRIDGE_DEBUG".
[2021-01-30 18:30:34.512] [wfb-middleware] [debug] [Windows bridge child] Execing.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug] Reply received from child process:
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0000: a2 72 61 74 74 65 73 74 61 74 69 6f 6e 5f 6f 62  .rattestation_ob
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0010: 6a 65 63 74 59 03 8f a3 63 66 6d 74 68 66 69 64  jectY...cfmthfid
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0020: 6f 2d 75 32 66 67 61 74 74 53 74 6d 74 a2 63 73  o-u2fgattStmt.cs
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0030: 69 67 58 48 30 46 02 21 00 8e e4 26 3a b7 9c c7  igXH0F.!...&:...
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0040: 45 3e 91 83 b9 d2 d4 60 6e 39 c9 ba 66 55 0e 91  E>.....`n9..fU..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0050: 58 27 dc 0e 93 75 d3 af f5 02 21 00 b5 78 d9 3e  X'...u....!..x.>
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0060: d8 f5 b1 9a 95 f4 44 1e 25 8e 02 29 46 2c 2e ec  ......D.%..)F,..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0070: ea 86 92 82 cb f9 51 e0 bd 78 34 5d 63 78 35 63  ......Q..x4]cx5c
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0080: 81 59 02 53 30 82 02 4f 30 82 01 37 a0 03 02 01  .Y.S0..O0..7....
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0090: 02 02 04 3c 68 29 4d 30 0d 06 09 2a 86 48 86 f7  ...<h)M0...*.H..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 00a0: 0d 01 01 0b 05 00 30 2e 31 2c 30 2a 06 03 55 04  ......0.1,0*..U.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 00b0: 03 13 23 59 75 62 69 63 6f 20 55 32 46 20 52 6f  ..#Yubico U2F Ro
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 00c0: 6f 74 20 43 41 20 53 65 72 69 61 6c 20 34 35 37  ot CA Serial 457
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 00d0: 32 30 30 36 33 31 30 20 17 0d 31 34 30 38 30 31  2006310 ..140801
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 00e0: 30 30 30 30 30 30 5a 18 0f 32 30 35 30 30 39 30  000000Z..2050090
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 00f0: 34 30 30 30 30 30 30 5a 30 31 31 2f 30 2d 06 03  4000000Z011/0-..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0100: 55 04 03 0c 26 59 75 62 69 63 6f 20 55 32 46 20  U...&Yubico U2F
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0110: 45 45 20 53 65 72 69 61 6c 20 32 33 39 32 35 37  EE Serial 239257
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0120: 33 34 38 31 31 31 31 37 39 30 31 30 59 30 13 06  348111179010Y0..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0130: 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03  .*.H.=....*.H.=.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0140: 01 07 03 42 00 04 bd df 67 93 db 77 94 c3 50 31  ...B....g..w..P1
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0150: 71 ed 2c 4d 45 4a d9 73 66 75 1a 48 ba a5 d9 f9  q.,MEJ.sfu.H....
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0160: b5 6a 3a 20 81 79 6b 4e df 2b cd 7b 92 7a 14 93  .j: .ykN.+.{.z..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0170: 10 fb c4 68 47 6f fc 57 92 a9 7d b6 2f a0 28 6b  ...hGo.W..}./.(k
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0180: c6 a3 20 02 0e 63 a3 3b 30 39 30 22 06 09 2b 06  .. ..c.;090"..+.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0190: 01 04 01 82 c4 0a 02 04 15 31 2e 33 2e 36 2e 31  .........1.3.6.1
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 01a0: 2e 34 2e 31 2e 34 31 34 38 32 2e 31 2e 35 30 13  .4.1.41482.1.50.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 01b0: 06 0b 2b 06 01 04 01 82 e5 1c 02 01 01 04 04 03  ..+.............
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 01c0: 02 05 20 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b  .. 0...*.H......
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 01d0: 05 00 03 82 01 01 00 aa c0 0d 51 09 7e ec 15 a4  ..........Q.~...
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 01e0: 86 b3 79 bc c4 83 40 f8 67 d3 97 2e ce 6a 67 fb  ..y...@.g....jg.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 01f0: a4 70 e3 60 c6 44 59 f0 ad 38 42 d3 ff 08 1e 71  .p.`.DY..8B....q
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0200: ea 89 53 97 1b 23 f9 25 c0 ad 00 c2 47 31 18 52  ..S..#.%....G1.R
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0210: 06 f0 b3 a9 19 29 fb 91 b7 66 b5 3f e1 33 52 2a  .....)...f.?.3R*
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0220: 83 58 b8 d1 20 b4 ab fb 7f e8 ef 24 7b 64 ff c6  .X.. ......${d..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0230: a6 21 4a c1 d9 be 73 36 fd e0 f3 a8 18 3f 93 4b  .!J...s6.....?.K
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0240: 52 18 75 f5 e3 f7 89 80 af 97 0a 5b 1e 04 2a 38  R.u........[..*8
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0250: 76 d7 4b a8 be ef e9 2d d2 e3 73 cc 64 41 c8 94  v.K....-..s.dA..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0260: ad 7c d9 a4 f4 7d ad 3d a4 fe af 47 91 98 47 53  .|...}.=...G..GS
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0270: e3 5a 08 9c e4 cb e3 d3 c8 36 ea d0 a2 a7 ce a5  .Z.......6......
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0280: 61 5a d7 e4 48 10 86 c3 77 b3 66 44 d2 fb 99 6b  aZ..H...w.fD...k
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0290: bc e2 9b 21 ad b8 95 f7 93 82 ee c5 49 3e 4e c1  ...!........I>N.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 02a0: 33 c2 16 7f 07 71 f5 99 31 73 12 0f f2 8d 53 e8  3....q..1s....S.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 02b0: 81 a8 97 40 c1 32 cf 3c 34 68 2c bb cf 4e 5d bd  ...@.2.<4h,..N].
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 02c0: c1 e0 80 22 1f 87 52 99 81 41 dd 14 96 d7 0f 3a  ..."..R..A.....:
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 02d0: b0 3f 2c 5b c0 7f ad 68 61 75 74 68 44 61 74 61  .?,[...hauthData
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 02e0: 58 c4 e3 06 10 e8 a1 62 11 59 60 fe 1e c2 23 e6  X......b.Y`...#.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 02f0: 52 9c 9f 4b 6e 80 20 0d cb 5e 5c 32 1c 8a f1 e2  R..Kn. ..^\2....
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0300: b1 bf 41 00 00 00 00 00 00 00 00 00 00 00 00 00  ..A.............
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0310: 00 00 00 00 00 00 00 00 40 c2 b0 d2 4f 89 40 47  ........@...O.@G
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0320: eb dd 4f 43 67 a1 cd fc d7 f7 22 bd b8 5b 9e 8f  ..OCg....."..[..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0330: 09 57 30 fd 8c 80 b1 7c 1e 71 40 fa b2 21 73 d1  .W0....|.q@..!s.
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0340: 4d d3 50 f1 6e 88 bd d2 6e b2 53 e3 8a 34 22 22  M.P.n...n.S..4""
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0350: 47 80 b6 ad bd 96 04 67 32 a5 01 02 03 26 20 01  G......g2....& .
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0360: 21 58 20 9e 54 b8 ed 34 2b 93 0d 59 00 17 56 6b  !X .T..4+..Y..Vk
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0370: 22 39 6b 6c 6f 35 88 6a 88 64 44 96 e7 85 3a 6a  "9klo5.j.dD...:j
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0380: b4 2b 87 22 58 20 b5 87 66 83 47 27 7c 67 8a d7  .+."X ..f.G'|g..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 0390: e6 c9 4f fb 2f 59 ed 18 2e 07 dd 18 a7 13 a7 de  ..O./Y..........
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 03a0: 8b c8 23 38 49 61 6d 63 72 65 64 65 6e 74 69 61  ..#8Iamcredentia
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 03b0: 6c 5f 69 64 58 40 c2 b0 d2 4f 89 40 47 eb dd 4f  l_idX@...O.@G..O
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 03c0: 43 67 a1 cd fc d7 f7 22 bd b8 5b 9e 8f 09 57 30  Cg....."..[...W0
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 03d0: fd 8c 80 b1 7c 1e 71 40 fa b2 21 73 d1 4d d3 50  ....|.q@..!s.M.P
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 03e0: f1 6e 88 bd d2 6e b2 53 e3 8a 34 22 22 47 80 b6  .n...n.S..4""G..
[2021-01-30 18:30:37.695] [wfb-middleware] [debug]   | 03f0: ad bd 96 04 67 32                                ....g2
[2021-01-30 18:30:37.695] [wfb-middleware] [debug] Waiting for child process to exit.
[2021-01-30 18:30:37.719] [wfb-middleware] [debug] Parsing CBOR response received from Windows bridge
[2021-01-30 18:30:37.720] [wfb-middleware] [debug] Parsing CBOR attestation object
[2021-01-30 18:30:37.720] [wfb-middleware] [debug] Map keys in CBOR attestation object: ["attStmt", "authData", "fmt"]
[2021-01-30 18:30:37.720] [wfb-middleware] [debug] Attestation object format: "fido-u2f"
[2021-01-30 18:30:37.720] [wfb-middleware] [critical] Failed to parse attestation object: Invalid or unknown attestation object format
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so" returned failure -1
debug1: ssh-sk-helper: Enrollment failed: invalid format
debug1: ssh-sk-helper: reply len 8
debug1: client_converse: helper returned error -4
Key enrollment failed: invalid format

EntraptaJ commented 3 years ago

And it's working with my YubiKey 5 from work.

kristianfjones@DESKTOP-IP61DKN:~/Projects/GitHub/mgbowen/windows-fido-bridge/build$ WINDOWS_FIDO_BRIDGE_DEBUG=true SSH_SK_PROVIDER=/usr/local/lib/libwindowsfidobridge.so ssh-keygen -v -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sshsk_open: provider /usr/local/lib/libwindowsfidobridge.so implements version 0x00070000
[2021-01-30 18:32:34.754] [wfb-middleware] [debug] Parameters from OpenSSH:
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]     Algorithm: 0
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]     Challenge:
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]       |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]       | 0000: cb 25 d1 fa 59 cb 4c 18 14 c9 d2 9a 40 62 7a d5  .%..Y.L.....@bz.
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]       | 0010: 6b 9b 65 a3 67 70 53 15 89 c2 9c 41 6f 4a 96 dd  k.e.gpS....AoJ..
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]     Application: "ssh:"
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]     Flags: 0b00000001
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]     PIN: (not present)
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]     Options:
[2021-01-30 18:32:34.754] [wfb-middleware] [debug]         (No options provided)
[2021-01-30 18:32:34.754] [wfb-middleware] [debug] Invoking Windows bridge with the following parameters:
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0000: a4 6b 61 70 70 6c 69 63 61 74 69 6f 6e 64 73 73  .kapplicationdss
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0010: 68 3a 69 63 68 61 6c 6c 65 6e 67 65 58 20 cb 25  h:ichallengeX .%
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0020: d1 fa 59 cb 4c 18 14 c9 d2 9a 40 62 7a d5 6b 9b  ..Y.L.....@bz.k.
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0030: 65 a3 67 70 53 15 89 c2 9c 41 6f 4a 96 dd 64 74  e.gpS....AoJ..dt
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0040: 79 70 65 66 63 72 65 61 74 65 78 1a 75 73 65 72  ypefcreatex.user
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0050: 5f 76 65 72 69 66 69 63 61 74 69 6f 6e 5f 72 65  _verification_re
[2021-01-30 18:32:34.755] [wfb-middleware] [debug]   | 0060: 71 75 69 72 65 64 00                             quired.
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] Forking.
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] Child process PID = 6493
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] Sending parameters to child process.
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] Parameters sent to child process, waiting for reply.
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] [Windows bridge child] Detected own library file path is "/usr/local/lib/libwindowsfidobridge.so".
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] [Windows bridge child] Using Windows bridge at "/usr/local/lib/windowsfidobridge.exe".
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] [Windows bridge child] Setting WSLENV environment variable to "WT_SESSION::WT_PROFILE_ID:WINDOWS_FIDO_BRIDGE_DEBUG".
[2021-01-30 18:32:34.755] [wfb-middleware] [debug] [Windows bridge child] Execing.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug] Reply received from child process:
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0000: a2 72 61 74 74 65 73 74 61 74 69 6f 6e 5f 6f 62  .rattestation_ob
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0010: 6a 65 63 74 59 03 fe a3 63 66 6d 74 66 70 61 63  jectY...cfmtfpac
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0020: 6b 65 64 67 61 74 74 53 74 6d 74 a3 63 61 6c 67  kedgattStmt.calg
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0030: 26 63 73 69 67 58 47 30 45 02 21 00 cb 6c 63 f7  &csigXG0E.!..lc.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0040: 74 4e 86 b6 1c 8f 84 b9 40 20 1f 68 12 17 6f 96  tN......@ .h..o.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0050: 2a f7 39 c8 1a 37 89 de 82 58 a4 19 02 20 0d 93  *.9..7...X... ..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0060: ec 26 67 ab 2d 9a de 58 0e e5 2c eb f5 0c 05 5e  .&g.-..X..,....^
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0070: 4e 3d 82 d8 75 18 82 02 c6 3b 6a 4a 0e fd 63 78  N=..u....;jJ..cx
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0080: 35 63 81 59 02 c0 30 82 02 bc 30 82 01 a4 a0 03  5c.Y..0...0.....
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0090: 02 01 02 02 04 03 ad f0 12 30 0d 06 09 2a 86 48  .........0...*.H
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 00a0: 86 f7 0d 01 01 0b 05 00 30 2e 31 2c 30 2a 06 03  ........0.1,0*..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 00b0: 55 04 03 13 23 59 75 62 69 63 6f 20 55 32 46 20  U...#Yubico U2F
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 00c0: 52 6f 6f 74 20 43 41 20 53 65 72 69 61 6c 20 34  Root CA Serial 4
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 00d0: 35 37 32 30 30 36 33 31 30 20 17 0d 31 34 30 38  572006310 ..1408
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 00e0: 30 31 30 30 30 30 30 30 5a 18 0f 32 30 35 30 30  01000000Z..20500
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 00f0: 39 30 34 30 30 30 30 30 30 5a 30 6d 31 0b 30 09  904000000Z0m1.0.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0100: 06 03 55 04 06 13 02 53 45 31 12 30 10 06 03 55  ..U....SE1.0...U
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0110: 04 0a 0c 09 59 75 62 69 63 6f 20 41 42 31 22 30  ....Yubico AB1"0
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0120: 20 06 03 55 04 0b 0c 19 41 75 74 68 65 6e 74 69   ..U....Authenti
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0130: 63 61 74 6f 72 20 41 74 74 65 73 74 61 74 69 6f  cator Attestatio
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0140: 6e 31 26 30 24 06 03 55 04 03 0c 1d 59 75 62 69  n1&0$..U....Yubi
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0150: 63 6f 20 55 32 46 20 45 45 20 53 65 72 69 61 6c  co U2F EE Serial
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0160: 20 36 31 37 33 30 38 33 34 30 59 30 13 06 07 2a   617308340Y0...*
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0170: 86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07  .H.=....*.H.=...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0180: 03 42 00 04 19 9e 87 9c 16 2d b7 dc 39 ee 4a 42  .B.......-..9.JB
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0190: a0 46 16 a5 b3 09 fe ca 09 2f 76 be 09 48 f9 6d  .F......./v..H.m
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 01a0: 6e 95 ca e4 cc 65 cd 54 a0 59 cf bd c7 c9 b3 1b  n....e.T.Y......
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 01b0: 2b 1d 6c 18 44 79 c2 c0 61 f4 18 aa 95 4b 59 6a  +.l.Dy..a....KYj
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 01c0: 2c 1c fa 17 a3 6c 30 6a 30 22 06 09 2b 06 01 04  ,....l0j0"..+...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 01d0: 01 82 c4 0a 02 04 15 31 2e 33 2e 36 2e 31 2e 34  .......1.3.6.1.4
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 01e0: 2e 31 2e 34 31 34 38 32 2e 31 2e 37 30 13 06 0b  .1.41482.1.70...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 01f0: 2b 06 01 04 01 82 e5 1c 02 01 01 04 04 03 02 04  +...............
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0200: 30 30 21 06 0b 2b 06 01 04 01 82 e5 1c 01 01 04  00!..+..........
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0210: 04 12 04 10 fa 2b 99 dc 9e 39 42 57 8f 92 4a 30  .....+...9BW..J0
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0220: d2 3c 41 18 30 0c 06 03 55 1d 13 01 01 ff 04 02  .<A.0...U.......
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0230: 30 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05  0.0...*.H.......
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0240: 00 03 82 01 01 00 28 eb b3 67 fe d1 d8 f0 e2 89  ......(..g......
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0250: eb ca 9f f6 d8 07 57 c6 0e 9a e5 7c b1 72 8c 9b  ......W....|.r..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0260: 1c 38 ca bb bd 84 d9 23 7d a8 31 ac 21 94 9f 0f  .8.....#}.1.!...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0270: 2d fc 0c 31 6b fd b1 75 b3 6e 63 a2 2b bb 58 0e  -..1k..u.nc.+.X.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0280: ad ca 52 80 d0 79 84 0e 5a 1e 25 72 62 5a 3b fb  ..R..y..Z.%rbZ;.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0290: 87 60 33 db fb 22 a9 69 c9 38 b8 9c e1 71 35 94  .`3..".i.8...q5.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 02a0: 00 a1 25 2d 97 02 a9 12 93 d5 45 19 e9 60 dd 22  ..%-......E..`."
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 02b0: ce 8a 27 eb 05 eb 7e 79 b7 50 c0 02 fe d9 01 6b  ..'...~y.P.....k
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 02c0: 71 1e c9 ad 74 50 1b d9 14 cb be 8e d9 57 12 81  q...tP.......W..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 02d0: b7 4f 44 eb 07 7c e6 1e cb 06 ab 85 a9 72 55 26  .OD..|.......rU&
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 02e0: 7e e8 e3 98 2b f4 3f 0c b2 1a 38 2d 23 5e b9 e4  ~...+.?...8-#^..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 02f0: ce 6d b2 98 c4 05 42 50 40 23 2b 2b 61 e1 0c d7  .m....BP@#++a...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0300: 0c 62 15 bc 03 b7 e9 40 71 b7 0e 12 d1 c4 7f 96  .b.....@q.......
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0310: 65 5a 2e f9 9d 4c e5 5a 7f 1b 4b 1f f9 14 ee 13  eZ...L.Z..K.....
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0320: 6d 9e 61 20 47 14 88 64 69 88 80 44 31 16 65 38  m.a G..di..D1.e8
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0330: 89 b8 64 86 d9 c9 c9 ff bc 93 85 45 35 69 b3 45  ..d........E5i.E
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0340: 74 4b 8c a0 b4 37 68 61 75 74 68 44 61 74 61 58  tK...7hauthDataX
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0350: c4 e3 06 10 e8 a1 62 11 59 60 fe 1e c2 23 e6 52  ......b.Y`...#.R
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0360: 9c 9f 4b 6e 80 20 0d cb 5e 5c 32 1c 8a f1 e2 b1  ..Kn. ..^\2.....
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0370: bf 45 00 00 00 20 fa 2b 99 dc 9e 39 42 57 8f 92  .E... .+...9BW..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0380: 4a 30 d2 3c 41 18 00 40 f5 ea 22 3e 6e f1 e3 99  J0.<A..@..">n...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0390: 71 58 00 bf a2 47 b5 61 20 9b c1 0b f5 e0 94 38  qX...G.a ......8
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 03a0: 23 ee d8 77 67 ce 0f 5d bc bf 20 ea 66 d4 bb 8d  #..wg..].. .f...
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 03b0: 3e 42 d0 96 3c 2c 85 53 a7 0a cd 16 0c d7 fe ac  >B..<,.S........
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 03c0: 1f 79 e6 4d 92 70 ee ae a5 01 02 03 26 20 01 21  .y.M.p......& .!
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 03d0: 58 20 89 34 d6 3c 46 9a 90 1b d3 9e 1a f0 6e 59  X .4.<F.......nY
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 03e0: 0f 04 56 41 cc 46 13 d1 7f f2 e7 5b cd 9e 26 7d  ..VA.F.....[..&}
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 03f0: b3 d8 22 58 20 82 df 4f 3c 9d b2 80 e5 97 96 9b  .."X ..O<.......
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0400: 4c 31 a1 88 c5 86 ad 85 2a 88 09 95 ff 6f 0b 5f  L1......*....o._
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0410: 92 fa 3a 58 ba 6d 63 72 65 64 65 6e 74 69 61 6c  ..:X.mcredential
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0420: 5f 69 64 58 40 f5 ea 22 3e 6e f1 e3 99 71 58 00  _idX@..">n...qX.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0430: bf a2 47 b5 61 20 9b c1 0b f5 e0 94 38 23 ee d8  ..G.a ......8#..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0440: 77 67 ce 0f 5d bc bf 20 ea 66 d4 bb 8d 3e 42 d0  wg..].. .f...>B.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0450: 96 3c 2c 85 53 a7 0a cd 16 0c d7 fe ac 1f 79 e6  .<,.S.........y.
[2021-01-30 18:32:39.912] [wfb-middleware] [debug]   | 0460: 4d 92 70 ee ae                                   M.p..
[2021-01-30 18:32:39.912] [wfb-middleware] [debug] Waiting for child process to exit.
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsing CBOR response received from Windows bridge
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsing CBOR attestation object
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Map keys in CBOR attestation object: ["attStmt", "authData", "fmt"]
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Attestation object format: "packed"
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsing authenticator data
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsing attested credential data
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsing public key CBOR map in attested credential data
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key CBOR map keys: [1, 3, -1, -2, -3]
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key type: Elliptic Curve Keys w/ x- and y-coordinate pair (kty = 2)
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key algorithm: ECDSA w/ SHA-256 (alg = -7)
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key EC2 curve type: P-256 (crv = 1)
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key EC2 curve X coordinate: b"8934d63c469a901bd39e1af06e590f045641cc4613d17ff2e75bcd9e267db3d8"
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key EC2 curve Y coordinate: b"82df4f3c9db280e597969b4c31a188c586ad852a880995ff6f0b5f92fa3a58ba"
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Public key parsed successfully
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Attested credential data parsed successfully
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Authenticator data parsed successfully
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsed authenticator data:
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   | Relying party ID hash: 0xe30610e8a162115960fe1ec223e6529c9f4b6e80200dcb5e5c321c8af1e2b1bf
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   | Flags: 0b01000101
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   |     User present result: true
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   |     User verified result: true
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   |     Attested credential data included: true
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   |     Extension data included: false
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   | Signature count: 32
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   | Authenticator attestation GUID: fa2b99dc-9e39-4257-8f92-4a30d23c4118
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   | Credential ID (64 bytes): 0xf5ea223e6ef1e399715800bfa247b561209bc10bf5e0943823eed87767ce0f5dbcbf20ea66d4bb8d3e42d0963c2c8553a70acd160cd7feac1f79e64d9270eeae
[2021-01-30 18:32:39.937] [wfb-middleware] [debug]   | Public key (65 bytes): 0x048934d63c469a901bd39e1af06e590f045641cc4613d17ff2e75bcd9e267db3d882df4f3c9db280e597969b4c31a188c586ad852a880995ff6f0b5f92fa3a58ba
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Parsing attestation statement data in attestation object
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Attestation statement parsed successfully
[2021-01-30 18:32:39.937] [wfb-middleware] [debug] Key enrollment successfully completed
debug1: ssh-sk-helper: reply len 1028
Enter file in which to save the key (/home/kristianfjones/.ssh/id_ecdsa_sk):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/kristianfjones/.ssh/id_ecdsa_sk
Your public key has been saved in /home/kristianfjones/.ssh/id_ecdsa_sk.pub
The key fingerprint is:
SHA256:AhL6HxKLFIea2xIretKeSKqtKzZ9rPMuE0tX5T+usY0 kristianfjones@DESKTOP-IP61DKN

mgbowen commented 3 years ago

Whoops, looks like I accidentally broke keys that present a fido-u2f attestation object. Fortunately, I have a YubiKey NEO that uses that, so I can test fixing that myself.

The difference with your Trezor Model T seems to be that it performs self-attestation, so there isn't an x5c element in its attestation statement. This is explicitly allowed by the WebAuthn spec when keys use the packed attestation object format, but I'm unclear if OpenSSH will be fine with that. Based on OpenSSH's spec, it seems like it would be fine if the certificate was 0 bytes given it treats them as opaque. I can try artificially omitting it and seeing what OpenSSH does.

mgbowen commented 3 years ago

Can you try one more time with the latest master? Basic tests show OpenSSH doesn't seem to care if the attestation certificate is empty, so there shouldn't be a problem with omitting it if presented with a key that performs self attestation.

EntraptaJ commented 3 years ago

Key has been generated successfully, kinda.

kristianfjones@DESKTOP-IP61DKN:~/Projects/GitHub/mgbowen/windows-fido-bridge/build$ WINDOWS_FIDO_BRIDGE_DEBUG=true SSH_SK_PROVIDER=/usr/local/lib/libwindowsfidobridge.so ssh-keygen -v -t ecdsa-sk
Generating public/private ecdsa-sk key pair.
You may need to touch your authenticator to authorize key generation.
debug1: start_helper: starting /usr/lib/openssh/ssh-sk-helper
debug1: sshsk_enroll: provider "/usr/local/lib/libwindowsfidobridge.so", device "(null)", application "ssh:", userid "(null)", flags 0x01, challenge len 0
debug1: sshsk_enroll: using random challenge
debug1: sshsk_open: provider /usr/local/lib/libwindowsfidobridge.so implements version 0x00070000
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] Parameters from OpenSSH:
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]     Algorithm: 0
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]     Challenge:
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]       |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]       | 0000: e3 17 f4 9a 3b 24 f9 4a 89 c5 9b d0 0e ac 5b 75  ....;$.J......[u
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]       | 0010: 8e bb b6 90 e5 69 2a 57 cd 51 1e f9 db 5f 37 05  .....i*W.Q..._7.
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]     Application: "ssh:"
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]     Flags: 0b00000001
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]     PIN: (not present)
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]     Options:
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]         (No options provided)
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] Invoking Windows bridge with the following parameters:
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0000: a4 6b 61 70 70 6c 69 63 61 74 69 6f 6e 64 73 73  .kapplicationdss
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0010: 68 3a 69 63 68 61 6c 6c 65 6e 67 65 58 20 e3 17  h:ichallengeX ..
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0020: f4 9a 3b 24 f9 4a 89 c5 9b d0 0e ac 5b 75 8e bb  ..;$.J......[u..
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0030: b6 90 e5 69 2a 57 cd 51 1e f9 db 5f 37 05 64 74  ...i*W.Q..._7.dt
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0040: 79 70 65 66 63 72 65 61 74 65 78 1a 75 73 65 72  ypefcreatex.user
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0050: 5f 76 65 72 69 66 69 63 61 74 69 6f 6e 5f 72 65  _verification_re
[2021-01-30 20:40:14.842] [wfb-middleware] [debug]   | 0060: 71 75 69 72 65 64 00                             quired.
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] Forking.
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] Child process PID = 4300
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] Sending parameters to child process.
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] Parameters sent to child process, waiting for reply.
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] [Windows bridge child] Detected own library file path is "/usr/local/lib/libwindowsfidobridge.so".
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] [Windows bridge child] Using Windows bridge at "/usr/local/lib/windowsfidobridge.exe".
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] [Windows bridge child] Setting WSLENV environment variable to "WT_SESSION::WT_PROFILE_ID:WINDOWS_FIDO_BRIDGE_DEBUG".
[2021-01-30 20:40:14.842] [wfb-middleware] [debug] [Windows bridge child] Execing.
[2021-01-30 20:40:28.041] [wfb-middleware] [debug] Reply received from child process:
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   |        0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0000: a2 72 61 74 74 65 73 74 61 74 69 6f 6e 5f 6f 62  .rattestation_ob
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0010: 6a 65 63 74 59 01 5f a3 63 66 6d 74 66 70 61 63  jectY._.cfmtfpac
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0020: 6b 65 64 67 61 74 74 53 74 6d 74 a2 63 61 6c 67  kedgattStmt.calg
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0030: 26 63 73 69 67 58 46 30 44 02 20 03 b9 78 db 96  &csigXF0D. ..x..
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0040: 98 d8 bf e0 56 ae fe 33 d3 13 d6 f0 60 0f 4f c5  ....V..3....`.O.
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0050: 05 85 31 ee c4 d5 3e 7a 53 84 c0 02 20 16 81 da  ..1...>zS... ...
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0060: f5 dd 44 a4 69 dc df 67 52 6c 72 24 5d fe b1 d7  ..D.i..gRlr$]...
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0070: 15 4d c1 2b b0 9b 09 1a 0e 47 d7 60 a8 68 61 75  .M.+.....G.`.hau
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0080: 74 68 44 61 74 61 58 ee e3 06 10 e8 a1 62 11 59  thDataX......b.Y
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0090: 60 fe 1e c2 23 e6 52 9c 9f 4b 6e 80 20 0d cb 5e  `...#.R..Kn. ..^
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 00a0: 5c 32 1c 8a f1 e2 b1 bf 45 00 00 00 3f d6 d0 bd  \2......E...?...
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 00b0: c3 62 ee c4 db de 8d 7a 65 6e 4a 44 87 00 6a f1  .b.....zenJD..j.
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 00c0: d0 02 00 71 5e 7f b3 85 fb 16 e7 db 63 6a b2 36  ...q^.......cj.6
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 00d0: a0 4d 11 a1 f1 39 ef 17 3e 30 cf 48 eb 55 91 c8  .M...9..>0.H.U..
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 00e0: 01 d3 52 5a 89 b0 ce 3e a2 65 78 1c 54 f8 fc 8a  ..RZ...>.ex.T...
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 00f0: 34 3e f9 be f7 ed 38 27 06 f0 2c 8d 34 6a 4c aa  4>....8'..,.4jL.
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0100: 51 c3 7f 73 82 ae db b9 14 56 c4 e3 4c 53 ad 50  Q..s.....V..LS.P
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0110: 6f e9 02 11 4b 57 2b ab 0c 92 b1 51 a3 b3 8d fd  o...KW+....Q....
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0120: 33 4e e8 a1 98 47 a2 13 db a5 01 02 03 26 20 01  3N...G.......& .
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0130: 21 58 20 9b 9c 4d fe 15 5d 39 f6 c4 aa 36 e5 97  !X ..M..]9...6..
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0140: e6 10 07 d6 8e 96 01 bf 07 77 be 1b 0d ed e2 f8  .........w......
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0150: 2b 3c bd 22 58 20 b4 f0 e2 83 1b f0 c2 e8 97 17  +<."X ..........
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0160: ba 30 3e bf 62 cb c3 48 45 93 a9 60 1f 50 09 7d  .0>.b..HE..`.P.}
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0170: 1b 40 23 85 0d 72 6d 63 72 65 64 65 6e 74 69 61  .@#..rmcredentia
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0180: 6c 5f 69 64 58 6a f1 d0 02 00 71 5e 7f b3 85 fb  l_idXj....q^....
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 0190: 16 e7 db 63 6a b2 36 a0 4d 11 a1 f1 39 ef 17 3e  ...cj.6.M...9..>
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 01a0: 30 cf 48 eb 55 91 c8 01 d3 52 5a 89 b0 ce 3e a2  0.H.U....RZ...>.
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 01b0: 65 78 1c 54 f8 fc 8a 34 3e f9 be f7 ed 38 27 06  ex.T...4>....8'.
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 01c0: f0 2c 8d 34 6a 4c aa 51 c3 7f 73 82 ae db b9 14  .,.4jL.Q..s.....
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 01d0: 56 c4 e3 4c 53 ad 50 6f e9 02 11 4b 57 2b ab 0c  V..LS.Po...KW+..
[2021-01-30 20:40:28.041] [wfb-middleware] [debug]   | 01e0: 92 b1 51 a3 b3 8d fd 33 4e e8 a1 98 47 a2 13 db  ..Q....3N...G...
[2021-01-30 20:40:28.041] [wfb-middleware] [debug] Waiting for child process to exit.
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsing CBOR response received from Windows bridge
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsing CBOR attestation object
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Map keys in CBOR attestation object: ["attStmt", "authData", "fmt"]
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Attestation object format: "packed"
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsing authenticator data
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsing attested credential data
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsing public key CBOR map in attested credential data
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key CBOR map keys: [1, 3, -1, -2, -3]
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key type: Elliptic Curve Keys w/ x- and y-coordinate pair (kty = 2)
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key algorithm: ECDSA w/ SHA-256 (alg = -7)
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key EC2 curve type: P-256 (crv = 1)
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key EC2 curve X coordinate: b"9b9c4dfe155d39f6c4aa36e597e61007d68e9601bf0777be1b0dede2f82b3cbd"
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key EC2 curve Y coordinate: b"b4f0e2831bf0c2e89717ba303ebf62cbc3484593a9601f50097d1b4023850d72"
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Public key parsed successfully
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Attested credential data parsed successfully
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Authenticator data parsed successfully
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsed authenticator data:
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   | Relying party ID hash: 0xe30610e8a162115960fe1ec223e6529c9f4b6e80200dcb5e5c321c8af1e2b1bf
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   | Flags: 0b01000101
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   |     User present result: true
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   |     User verified result: true
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   |     Attested credential data included: true
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   |     Extension data included: false
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   | Signature count: 63
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   | Authenticator attestation GUID: d6d0bdc3-62ee-c4db-de8d-7a656e4a4487
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   | Credential ID (106 bytes): 0xf1d00200715e7fb385fb16e7db636ab236a04d11a1f139ef173e30cf48eb5591c801d3525a89b0ce3ea265781c54f8fc8a343ef9bef7ed382706f02c8d346a4caa51c37f7382aedbb91456c4e34c53ad506fe902114b572bab0c92b151a3b38dfd334ee8a19847a213db
[2021-01-30 20:40:28.118] [wfb-middleware] [debug]   | Public key (65 bytes): 0x049b9c4dfe155d39f6c4aa36e597e61007d68e9601bf0777be1b0dede2f82b3cbdb4f0e2831bf0c2e89717ba303ebf62cbc3484593a9601f50097d1b4023850d72
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Parsing attestation statement data in attestation object
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Certificate array is missing from attestation statement, assuming self-attestation
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Attestation statement parsed successfully
[2021-01-30 20:40:28.118] [wfb-middleware] [debug] Key enrollment successfully completed
debug1: ssh-sk-helper: reply len 365
Enter file in which to save the key (/home/kristianfjones/.ssh/id_ecdsa_sk): id_test1
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_test1
Your public key has been saved in id_test1.pub
The key fingerprint is:
SHA256:Fw8aWZ/lgncRcu3E48X6wCAw76yQhu9L8D4euC46nPc kristianfjones@DESKTOP-IP61DKN

EntraptaJ commented 3 years ago

~~Am I doing something wrong, or should this be working?~~

kristianfjones@DESKTOP-IP61DKN:~/Projects/GitHub/mgbowen/windows-fido-bridge/build$ WINDOWS_FIDO_BRIDGE_DEBUG=true SSH_SK_PROVIDER=/usr/local/lib/libwindowsfidobridge.so ssh -i ~/.ssh/id_test1 kristianfjones@172.16.30.102
Confirm user presence for key ECDSA-SK SHA256:Fw8aWZ/lgncRcu3E48X6wCAw76yQhu9L8D4euC46nPc
Provider "winhello.dll" dlopen failed: /usr/lib/winhello.dll: invalid ELF header
sign_and_send_pubkey: signing failed for ECDSA-SK "/home/kristianfjones/.ssh/id_test1": invalid format
kristianfjones@172.16.30.102's password:

NVM, it works, forgot to RTFM

mgbowen commented 3 years ago

Great, glad to hear! I'll go ahead and close this for now then, feel free to open it again if you run into issues again.

mgbowen / windows-fido-bridge

Issue generating new key #9