clarion 0.3.0 → 1.0.0

data/app/views/layout.erb

@@ -107,7 +107,6 @@
         font-size: 12px;
       }
     </style>
-    <script src="/u2f-api.js"></script>
   </head>
 
   <body>

data/app/views/register.erb

@@ -29,7 +29,7 @@
 </style>
 
 <p><strong>U2F key registration<%- if @name -%> for <%= @name %><%- end -%></strong></p>
-<div id="procession" class="procession_init" data-app-id="<%= @app_id %>" data-requests='<%= @requests.to_json %>' data-state='<%= @state %>' data-callback='<%= @callback %>' data-reg-id='<%= @reg_id %>'>
+<div id="procession" class="procession_init" data-state='<%= @state %>' data-callback='<%= @callback %>' data-reg-id='<%= @reg_id %>' data-webauthn-creation='<%= @credential_creation_options.to_json %>'>
   <form id="callback_form" class="hidden" method='POST'>
     <input type="hidden" name="state" value="<%= @state %>">
     <input type="hidden" name="data" value="">
@@ -58,9 +58,12 @@
   </div>
   <div class="procession_error">
     <p>Error: try again from the previous page?</p>
+    <p class='text-muted'><small id='error_message'></small></p>
   </div>
   <div class="procession_timeout">
-    <p>Timed out...</p>
+    <p>Error: The operation interrupted or timed out<p>
+  </div>
+  <div class="procession_timeout procession_error">
     <p><button id="retry_button">Try again</button></p>
   </div>
 </div>

data/app/views/test.erb

@@ -12,7 +12,7 @@
   <input type="hidden" name="data" value="">
 </form>
 
-<button id="register_cb_button" data-url="/register?<%= URI.encode_www_form(name: @name, comment: @comment, state: @state, callback: "js:#{request.base_url}", public_key: @public_key)%>">Register (JS callback)</button>
+<button id="register_cb_button" data-url="<%= base_url %>/register?<%= URI.encode_www_form(name: @name, comment: @comment, state: @state, callback: "js:#{request.base_url}", public_key: @public_key)%>">Register (JS callback)</button>
 <script>
 "use strict";
 document.addEventListener("DOMContentLoaded", function() {

data/clarion.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Sorah Fukumori"]
   spec.email         = ["sorah@cookpad.com"]
 
-  spec.summary       = %q{Web-based FIDO U2F Helper for CLI operations (SSH login...)}
+  spec.summary       = %q{Web-based WebAuthn (U2F) Helper for CLI operations (SSH login...)}
   spec.homepage      = "https://github.com/sorah/clarion"
   spec.license       = "MIT"
 
@@ -20,7 +20,7 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "u2f"
+  spec.add_dependency "webauthn", '>= 1.1.0'
   spec.add_dependency "sinatra"
   spec.add_dependency "erubis"
   spec.add_dependency "aws-sdk-s3"

data/config.ru

@@ -21,6 +21,7 @@ end
 config = {
   registration_allowed_url: Regexp.new(ENV.fetch('CLARION_REGISTRATION_ALLOWED_URL')),
   authn_default_expires_in: ENV.fetch('CLARION_AUTHN_DEFAULT_EXPIRES_IN', 300).to_i,
+  app_id: ENV['CLARION_APP_ID'],
 }
 
 case ENV.fetch('CLARION_STORE', 's3')

data/docs/api.md

@@ -21,21 +21,31 @@ application/json
 
 ``` json
 {
-  "name": "USERNAME",
-  "comment": "COMMENT",
+  "name": "alice",
+  "comment": "SSH logging in",
   "keys": [
     {
+      "name": "my security key",
       "handle": "KEYHANDLE",
       "public_key": "PUBLICKEY",
-      "counter": COUNTER
+      "counter": 42
     }
   ]
 }
 ```
 
+- `name` (optional): used for consenting user
+- `comment` (optional): used for consenting user
+- keys: array of _key_ objects, which is retrievable by `/register` API
+  - `name` (optional)
+  - `handle` (required)
+  - `public_key` (required)
+  - `counter` (optional)
+
+
 ### Response
 
-Same with /api/authn/:id
+Same with `/api/authn/:id`
 
 ## GET `/api/authn/:id` (Check authentication result)
 
@@ -48,21 +58,33 @@ Same with /api/authn/:id
 ``` json
 {
   "authn": {
-    "id": "AUTHN_ID",
-    "expires_at": "EXPIRY",
-    "html_url": "HTML_URL",
-    "url": "API_URL",
-    "status": "STATUS",
-    "verified_at": "VERIFIED_AT",
+    "id": "bwsyJySllmJpFeIV4VuSPg9xO9Bdky905i48K1kA02Yd8l6C7-l4GlvPA8icYPLPxG4xkp9ePUp_3Onsemc",
+    "status": "open",
+    "html_url": "https://example.org/authn/bwsyJySllmJpFeIV4VuSPg9xO9Bdky905i48K1kA02Yd8l6C7-l4GlvPA8icYPLPxG4xkp9ePUp_3Onsemc",
+    "url": "https://example.org/api/authn/bwsyJySllmJpFeIV4VuSPg9xO9Bdky905i48K1kA02Yd8l6C7-l4GlvPA8icYPLPxG4xkp9ePUp_3Onsemc",
+    "created_at": "2017-12-08T01:14:41+09:00",
+    "expires_at": "2017-12-08T01:16:41+09:00",
+    "verified_at": "2017-12-08T01:15:41+09:00",
     "verified_key": {
+      "name": "my security key",
       "handle": "KEYHANDLE",
       "public_key": "PUBLICKEY",
-      "counter": COUNTER
+      "counter": 43
     }
   }
 }
 ```
 
+- `id`: authn ID
+- `status`: One of = `open`, `verified`, `expired`, or `cancelled`
+- `html_url`: URL of authentication page for user
+- `url`: API URL to retrieve the latest authn status (`/api/authn/:id`)
+- `created_at`: Creation time of authn, format is ISO8601
+- `expires_at`: Expiration time of authn, format is ISO8601
+- (only available when `status == "verified"`)
+  - `verified_at` : verification time of authn, format is ISO8601.
+  - `verified_key` : a _key_ object, user presented.
+
 ## GET/POST `/register` (Security Key Registration page)
 
 Navigate user to this page for key registration. Clarion redirects back to _callback_ with registered key information.
@@ -75,7 +97,13 @@ form encoded body on POST, or query string on GET
 name=NAME&comment=COMMENT&state=STATE&callback=CALLBACK&public_key=PUBKEY
 ```
 
-CALLBACK may start with `js:`, when `js:$ORIGIN` (where `$ORIGIN` is a page origin) is specified, `/register` page will return a result using [window.opener.postMessage()](https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage).
+- `NAME` (optional): Used for consenting user
+- `COMMENT` (optional): Used for consenting user
+- `STATE` (optional): if given, the same string will be returned in a callback
+- `CALLBACK` (required): Callback URL
+  - may start with `js:`: When `js:$ORIGIN` (where `$ORIGIN` is a page origin) is specified, `/register` page will return a result using [window.opener.postMessage()](https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage).
+  - Returned message is a JavaScript object contains a property `clarion_key`. It is a JavaScript object in the same format of POST callback.
+- `PUBKEY` (required): RSA public key, in a Base64 encoded DER string.
 
 ### Response
 
@@ -94,8 +122,8 @@ state=STATE&data=DATA
 ```
 
 - `DATA` is a JSON string `{"data": "ENCRYPT_DATA_BASE64", "key": "ENCRYPTED_SHARED_KEY_BASE64"}`.
-  - `ENCRYPTED_SHARED_KEY_BASE64` contains base64 encoded binary, which is a encrypted JSON string using the given RSA public key to `/register`.
-    - it's decrypted like as `{"iv": "IV_BASE64", "tag": "TAG_BASE64", "key": "KEY_BASE64"}`.
+  - `ENCRYPTED_SHARED_KEY_BASE64` contains base64 encoded binary, which is a RSA encrypted JSON string using the given RSA public key to `/register`. RSA padding mode is `PKCS1_OAEP_PADDING`.
+    - it decrypts like as `{"iv": "IV_BASE64", "tag": "TAG_BASE64", "key": "KEY_BASE64"}`.
     - `IV_BASE64` is a base64 encoded IV.
     - `TAG_BASE64` is a AES-GCM auth tag.
     - `KEY_BASE64` is a base64 encoded shared key used for AES-256-GCM.

data/examples/pam-u2f/README.md

@@ -0,0 +1,52 @@
+# pam-u2f: pam 2fa example using clarion
+
+Example usage of https://github.com/sorah/clarion 
+
+## Usage
+
+### Preparing Keys
+
+Place the key information in a JSON seriarized array at `/var/cache/pam-u2f/${USER}`.
+
+``` json
+[
+  {
+    "name": "NAME",
+    "handle": "HANDLE",
+    "public_key": "PUBLICKEY",
+    "counter": COUNTER
+  }
+]
+```
+
+(counter is optional)
+
+### PAM
+
+Use with pam_exec(8).
+
+```
+# Required
+auth  [success=1 default=ignore]    pam_exec.so quiet /path/to/pam-u2f --check
+auth  requisite pam_deny.so
+auth  [success=ignore default=die]  pam_exec.so stdout quiet /path/to/pam-u2f --initiate
+auth  [success=ok default=bad]      pam_exec.so stdout expose_authtok quiet /path/to/pam-u2f --wait
+```
+
+```
+# Optional (to combine with other 2FA PAM modules)
+auth  [success=ignore default=2]    pam_exec.so quiet /path/to/pam-u2f --check
+auth  [success=ignore default=1]    pam_exec.so stdout quiet /path/to/pam-u2f --initiate
+auth  [success=ok default=ignore] pam_exec.so stdout expose_authtok quiet /path/to/pam-u2f --wait
+auth  ...
+```
+
+
+Caveats:
+
+1. `pam_exec` doesn't call `pam_info` with commnad's STDOUT until a command exits.
+2. OpenSSH doesn't flush message until pam_prompt. So it's necessary to split the execution into two.
+3. `expose_authtok` enables `pam_prompt` before command execution.
+
+
+`--initiate`, `--wait` exits with a failure when a user's key doesn't exist.

data/examples/pam-u2f/pam-u2f.rb

@@ -0,0 +1,203 @@
+#!/usr/bin/env ruby
+# Use with pam_exec(8)
+require 'json'
+require 'socket'
+require 'syslog'
+require 'uri'
+require 'net/http'
+require 'net/https'
+require 'fileutils'
+require 'digest/sha2'
+
+class ClarionClient
+  def initialize(endpoint)
+    @endpoint = endpoint
+  end
+
+  def create_authn(keys, name: nil, comment: nil)
+    clarion_keys = keys.map{ |_| {name: _[:name], handle: _[:handle], counter: _[:counter], public_key: _[:public_key] } }
+    authn = post('/api/authn', name: name, comment: comment, keys: clarion_keys)
+    authn['authn']
+  end
+
+  def get_authn(id)
+    get("/api/authn/#{id}")['authn']
+  end
+
+  private
+
+  def get(path)
+    uri = URI.parse("#{@endpoint}#{path}")
+    req = Net::HTTP::Get.new(uri.request_uri)
+
+    http = Net::HTTP.new(uri.host, uri.port)
+    http.use_ssl = uri.scheme == 'https'
+    http.start do
+      resp = http.request(req).tap(&:value)
+      JSON.parse(resp.body)
+    end
+  end
+
+
+  def post(path, payload)
+    uri = URI.parse("#{@endpoint}#{path}")
+    req = Net::HTTP::Post.new(uri.request_uri, 'Content-Type' => 'application/json')
+    req.body = payload.to_json
+
+    http = Net::HTTP.new(uri.host, uri.port)
+    http.use_ssl = uri.scheme == 'https'
+    http.start do
+      resp = http.request(req).tap(&:value)
+      JSON.parse(resp.body)
+    end
+  end
+end
+
+Syslog.open("pam-u2f")
+$stdout.sync = true
+
+CLARION_URL = ARGV[0]
+
+mode = nil
+mode = :check if ARGV.delete('--check')
+mode = :initiate if ARGV.delete('--initiate')
+mode = :wait if ARGV.delete('--wait')
+unless mode and CLARION_URL
+  abort "Usage: #{$0} {--check|--wait|--initiate} [CLARION_URL]"
+end
+
+KEYS_DIR = '/var/cache/pam-u2f/users'
+STATE_DIR = '/run/pam-u2f'
+
+FileUtils.mkdir_p(STATE_DIR)
+
+clarion = ClarionClient.new(CLARION_URL)
+
+user = ENV.fetch('PAM_USER')
+key_path = File.join(KEYS_DIR, user)
+state_path = File.join(STATE_DIR, Digest::SHA256.hexdigest("#{user},#{ENV['PAM_RHOST']}"))
+
+# Not using U2F, exit
+unless File.exist?(key_path)
+  exit 1
+end
+
+class HaveToRetry < Exception; end
+
+begin
+  keys = JSON.parse(File.read(key_path), symbolize_names: true)
+
+  case mode
+  when :check
+    exit 0
+  when :initiate
+    # Create clarion authn and present URL.
+    File.open(state_path, File::RDWR|File::CREAT, 0600) do |io|
+      # Reuse existing state if possible
+      io.flock(File::LOCK_SH)
+      io.rewind
+      json = io.read
+      state = begin
+                JSON.parse(json, symbolize_names: true)
+              rescue JSON::ParserError
+                nil
+              end
+
+      authn = nil
+      if state
+        if !state.is_a?(Hash) || !state[:id]
+          puts "PAM-U2F ERR: state file broken @ #{Socket.gethostname} #{state_path}"
+          Syslog.err('%s', "Clarion Authn broken for #{user} #{ENV['PAM_RHOST']} : #{state_path}")
+          raise "state is broken" 
+        end
+
+        # Check authn status (recorded in state).
+        begin
+          authn = clarion.get_authn(state[:id])
+
+          # authn should be opened to reuse.
+          if authn['status'] == 'open'
+            id = authn['id']
+            html_url = authn['html_url']
+          else
+            authn = nil
+          end
+        rescue Net::HTTPNotFound
+          authn = nil
+        end
+      end
+
+      unless authn
+        io.flock(File::LOCK_EX)
+        # Other process may remove a state file. If so, simply retry to create it again.
+        raise HaveToRetry unless File.exist?(state_path)
+
+        authn = clarion.create_authn(keys, name: user, comment: "SSH login #{ENV['PAM_RHOST']}")
+        id = authn && authn['id']
+        html_url = authn && authn['html_url']
+
+        raise "failed to create authn" unless id && html_url
+        io.rewind
+        io.puts({user: user, rhost: ENV['PAM_RHOST'], id: id, html_url: html_url}.to_json)
+        io.flush
+        io.truncate(io.pos)
+      end
+      io.flock(File::LOCK_UN)
+
+      Syslog.info('%s', "Clarion Authn created for #{user} #{ENV['PAM_RHOST']} : #{id.inspect}")
+      puts "PAM-U2F: #{html_url}"
+      puts
+      puts "--- Send empty password ---"
+    end
+    exit 0
+  when :wait
+    unless File.exist?(state_path)
+      puts "PAM-U2F ERR: state not exist @ #{Socket.gethostname} #{state_path}"
+      Syslog.err("%s", "called without initiate, state not exists: #{user} #{ENV['PAM_RHOST']} #{state_path}")
+      exit 1
+    end
+    File.open(state_path, 'r', 0600) do |io|
+      io.flock(File::LOCK_SH)
+      io.rewind
+      state = JSON.parse(io.read, symbolize_names: true)
+      id = state[:id]
+
+      authn = nil
+      loop do
+        authn = clarion.get_authn(id)
+        if authn['status'] != 'open'
+          break
+        end
+        sleep 1
+      end
+
+      if authn['status'] == 'verified'
+        key = keys.find { |_| _[:handle] == authn['verified_key']['handle'] }
+        Syslog.info('%s', "Clarion Authn #{user} #{ENV['PAM_RHOST']} #{id.inspect} : status=#{authn['status']} verified_key=#{key[:name].inspect}")
+        puts "PAM-U2F verified with key #{key[:name]}"
+        puts
+        io.flock(File::LOCK_EX)
+        if File.exist?(state_path)
+          File.unlink(state_path)
+        end
+        exit 0
+      end
+      Syslog.warning('%s', "Clarion Authn #{user} #{ENV['PAM_RHOST']} #{id.inspect} : status=#{authn['status']}")
+      puts "PAM-U2F authn #{authn['status']} ..."
+      puts
+      File.unlink(state_path)
+      exit 1
+    end
+  end
+rescue HaveToRetry
+  retry
+rescue SystemExit
+  raise
+rescue Exception => e
+  puts "PAM-U2F Error"
+  Syslog.err('%s', "Err: #{e.inspect}\t#{e.backtrace.join("\t")}")
+  File.unlink(state_path) if state_path && File.exist?(state_path)
+  raise
+end
+# Fail safe
+exit 1

data/lib/clarion/app.rb

@@ -1,6 +1,5 @@
 require 'erubis'
 require 'sinatra/base'
-require 'u2f'
 require 'securerandom'
 
 require 'clarion/registrator'
@@ -56,8 +55,16 @@ module Clarion
         context[:config]
       end
 
-      def u2f
-        @u2f ||= U2F::U2F.new(conf.app_id || request.base_url)
+      def base_url
+        conf.app_id || request.base_url
+      end
+
+      def rp_id
+        conf.rp_id || request.host
+      end
+
+      def legacy_app_id
+        base_url
       end
 
       def counter
@@ -71,8 +78,8 @@ module Clarion
       def render_authn_json(authn)
         {
           authn: authn.as_json.merge(
-            url: "#{request.base_url}/api/authn/#{authn.id}",
-            html_url: "#{request.base_url}/authn/#{authn.id}",
+            url: "#{base_url}/api/authn/#{authn.id}",
+            html_url: "#{base_url}/authn/#{authn.id}",
           )
         }.to_json
       end
@@ -97,12 +104,12 @@ module Clarion
         halt 410, "Authn already processed"
       end
 
-      authenticator = Authenticator.new(@authn, u2f, counter, store)
-      @app_id, @requests, @challenge = authenticator.request
+      authenticator = Authenticator.new(@authn, counter, store, rp_id: rp_id, legacy_app_id: legacy_app_id)
+      @credential_request_options = authenticator.credential_request_options
 
       @req_id = SecureRandom.urlsafe_base64(12)
       session[:reqs] ||= {}
-      session[:reqs][@req_id] = {challenge: @challenge}
+      session[:reqs][@req_id] = {challenge: authenticator.challenge}
 
       erb :authn
     end
@@ -130,19 +137,22 @@ module Clarion
       end
 
       @reg_id = SecureRandom.urlsafe_base64(12)
-      registrator = Registrator.new(u2f, counter)
-      @app_id, @requests = registrator.request
+      @name = params[:name]
+      # TODO: Give proper user_handle
+      registrator = Registrator.new(counter, rp_id: rp_id, rp_name: "Clarion: #{request.host}", display_name: @name)
+      @credential_creation_options = registrator.credential_creation_options
+
       session[:regis] ||= []
       session[:regis] << {
         id: @reg_id,
-        challenges: @requests.map(&:challenge),
+        challenge: registrator.challenge,
+        user_handle: registrator.user_handle,
         key: public_key.to_der,
       }
       session[:regis].shift(session[:regis].size - 4) if session[:regis].size > 4
 
       @callback = params[:callback]
       @state = params[:state]
-      @name = params[:name]
       @comment = params[:comment]
       erb :register
     end
@@ -153,13 +163,13 @@ module Clarion
 
     post '/ui/register' do
       content_type :json
-      unless data[:reg_id] && data[:response]
+      unless data[:reg_id] && data[:attestation_object] && data[:client_data_json]
         halt 400, '{"error": "Missing params"}'
       end
 
       session[:regis] ||= []
       reg = session[:regis].find { |_| _[:id] == data[:reg_id] }
-      unless reg && reg[:challenges] && reg[:key]
+      unless reg && reg[:challenge] && reg[:user_handle] && reg[:key]
         halt 400, '{"error": "Invalid :reg"}'
       end
 
@@ -169,8 +179,18 @@ module Clarion
         halt 400, '{"error": "Invalid public key"}'
       end
 
-      registrator = Registrator.new(u2f, counter)
-      key = registrator.register!(reg[:challenges], data[:response])
+      registrator = Registrator.new(counter, rp_id: rp_id, user_handle: reg[:user_handle])
+      begin
+        key = registrator.register!(
+          challenge: reg[:challenge],
+          origin: request.base_url,
+          attestation_object: data[:attestation_object].unpack('m*')[0],
+          client_data_json: data[:client_data_json].unpack('m*')[0],
+        )
+      rescue Registrator::InvalidAttestation => e
+        logger.warn "invalid attestation error: #{e.inspect}"
+        halt 400, {user_error: true, error: "Invalid attestation"}.to_json
+      end
       key.name = data[:name]
 
       session[:regis].reject! { |_| _[:id] == data[:reg_id] }
@@ -212,7 +232,7 @@ module Clarion
 
     post '/ui/verify/:id' do
       content_type :json
-      unless data[:req_id] && data[:response]
+      unless data[:req_id] && data[:authenticator_data] && data[:client_data_json] && data[:signature] && data[:credential_id]
         halt 400, '{"error": "missing params"}'
       end
       session[:reqs] ||= {}
@@ -235,17 +255,24 @@ module Clarion
         halt 410, '{"error": "authn already processed"}'
       end
 
-      authenticator = Authenticator.new(@authn, u2f, counter, store)
+      authenticator = Authenticator.new(@authn, counter, store, rp_id: rp_id, legacy_app_id: legacy_app_id)
 
       begin
         authenticator.verify!(
-          challenge,
-          data[:response]
+          challenge: challenge,
+          origin: request.base_url,
+          credential_id: data[:credential_id],
+          authenticator_data: data[:authenticator_data].unpack('m*')[0],
+          client_data_json: data[:client_data_json].unpack('m*')[0],
+          signature: data[:signature].unpack('m*')[0],
         )
-      rescue U2F::Error => e
-        halt 400, {error: "U2F Error: #{e.message}"}.to_json
+        logger.info "authn verified (#{@authn.id}) with credential_id=#{data[:credential_id]}"
+      rescue Authenticator::InvalidAssertion => e
+        logger.warn "authn verify error (#{@authn.id}; credential_id=#{data[:credential_id]}): #{e.inspect}"
+        halt 400, {user_error: true, error: "Invalid assertion"}.to_json
       rescue Authenticator::InvalidKey => e
-        halt 400, {error: "It is an unregistered key"}.to_json
+        logger.warn "authn verify error (#{@authn.id}; credential_id=#{data[:credential_id]}): #{e.inspect}"
+        halt 401, {user_error: true, error: "It is an unregistered key"}.to_json
       end
 
       session[:reqs].delete data[:req_id]
@@ -286,7 +313,7 @@ module Clarion
       key = conf.options[:register_test_key] ||= OpenSSL::PKey::RSA.generate(2048)
       @name = 'testuser'
       @comment = 'test comment'
-      @register_url = "#{request.base_url}/register"
+      @register_url = "#{base_url}/register"
       @callback =  "#{request.base_url}/test/callback"
       @public_key = [key.public_key.to_der].pack('m*').gsub(/\r?\n/, '')
       @state = SecureRandom.urlsafe_base64(12)