search

trustcrypto / onlykey-agent

The OnlyKey agent is essentially middleware that lets you use OnlyKey as a hardware SSH/GPG device.
https://docs.crp.to/onlykey-agent.html
GNU Lesser General Public License v3.0
46 stars 15 forks source link

Public Key Returned to Agent is Empty #6

Closed josh-palan closed 5 years ago

josh-palan commented 5 years ago

After flashing new firmware to my OnlyKey, it would appear that the key being returned to the onlykey-agent is empty, causing assertion errors and preventing me from generating keys or logging in. This seems to affect both NIST P256 and ED25519 key generation. Here's the output when running the command, with private fields stripped out:

user@PC:~$ sudo onlykey-agent -v user@server.address
2018-11-15 14:34:48,435 INFO         getting public key from OnlyKey...                                                                   [client.py:54]
2018-11-15 14:34:48,435 INFO         Trying to read the public key...                                                                     [client.py:55]
2018-11-15 14:34:48,436 INFO         Identity hash ="MY IDENTITY HASH" [client.py:67]
2018-11-15 14:34:49,957 INFO         received= ''                                                                                         [client.py:75]
2018-11-15 14:34:49,957 INFO         Received Public Key generated by OnlyKey= ''                                                         [client.py:84]
2018-11-15 14:34:49,958 INFO         disconnected from OnlyKey                                                                            [client.py:41]
Traceback (most recent call last):
  File "/usr/local/bin/onlykey-agent", line 11, in <module>
    sys.exit(run_agent())
  File "/usr/local/lib/python2.7/dist-packages/onlykey_agent/__main__.py", line 123, in wrapper
    return func(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/onlykey_agent/__main__.py", line 140, in run_agent
    public_key = conn.get_public_key(label=label)
  File "/usr/local/lib/python2.7/dist-packages/onlykey_agent/client.py", line 85, in get_public_key
    vk = ecdsa.VerifyingKey.from_string(ok_pubkey, curve=ecdsa.NIST256p)
  File "/home/user/.local/lib/python2.7/site-packages/ecdsa/keys.py", line 37, in from_string
    (len(string), curve.verifying_key_length)
AssertionError: (0, 64)
josh-palan commented 5 years ago

Do I need to add a key to the OnlyKey first? I don't anything in the documentation saying this is required.

josh-palan commented 5 years ago

Apologies, it would appear this is addressed and answered in the post here:

https://groups.google.com/forum/#!category-topic/onlykey/ssh-and-pgpgpg/EEe6Km0zLI8

To anyone who stumbles on this, it appears to be an issue with the current software, and should be addressed in the next release.

josh-palan commented 5 years ago

This has been resolved.