upstream: Add support for FIDO webauthn (verification only).

webauthn is a standard for using FIDO keys in web browsers. webauthn
signatures are a slightly different format to plain FIDO signatures - this
support allows verification of these. Feedback and ok markus@

OpenBSD-Commit-ID: ab7e3a9fb5782d99d574f408614d833379e564ad

1 files changed, 26 insertions, 0 deletions

diff --git a/PROTOCOL.u2f b/PROTOCOL.u2f
index 69347e99..fd31ea4e 100644
--- a/PROTOCOL.u2f
+++ b/PROTOCOL.u2f
@@ -209,6 +209,32 @@ For Ed25519 keys the signature is encoded as:
 	byte		flags
 	uint32		counter
 
+webauthn signatures
+-------------------
+
+The W3C/FIDO webauthn[1] standard defines a mechanism for a web browser to
+interact with FIDO authentication tokens. This standard builds upon the
+FIDO standards, but requires different signature contents to raw FIDO
+messages. OpenSSH supports ECDSA/p256 webauthn signatures through the
+"webauthn-sk-ecdsa-sha2-nistp256@openssh.com" signature algorithm.
+
+The wire encoding for a webauthn-sk-ecdsa-sha2-nistp256@openssh.com
+signature is similar to the sk-ecdsa-sha2-nistp256@openssh.com format:
+
+	string		"webauthn-sk-ecdsa-sha2-nistp256@openssh.com"
+	string		ecdsa_signature
+	byte		flags
+	uint32		counter
+	string		origin
+	string		clientData
+	string		extensions
+
+Where "origin" is the HTTP origin making the signature, "clientData" is
+the JSON-like structure signed by the browser and "extensions" are any
+extensions used in making the signature.
+
+[1] https://www.w3.org/TR/webauthn-2/
+
 ssh-agent protocol extensions
 -----------------------------