Affected by GO-2024-2442 and 3 other vulnerabilities

GO-2024-2442: Withdrawn Advisory: Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport

GO-2024-2445: Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport

GO-2024-2447: Withdrawn Advisory: Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low privileged users in github.com/gravitational/teleport

GO-2024-2449: Withdrawn Advisory: User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport

mocku2f

package

v1.2.3-fred.5 Latest Latest Go to latest Published: Oct 19, 2022 License: Apache-2.0 Imports: 19 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/gravitational/teleport

Documentation ¶

Index ¶

type Key
- func Create() (*Key, error)
- func CreateWithKeyHandle(keyHandle []byte) (*Key, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Key ¶

type Key struct {
	KeyHandle  []byte
	PrivateKey *ecdsa.PrivateKey

	// Cert is the Key attestation certificate.
	Cert []byte

	// PreferRPID instructs the Key to use favor using the RPID for Webauthn
	// ceremonies, even if the U2F App ID extension is present.
	PreferRPID bool
	// IgnoreAllowedCredentials allows the Key to sign a Webauthn
	// CredentialAssertion even it its KeyHandle is not among the allowed
	// credentials.
	IgnoreAllowedCredentials bool
	// SetUV sets the UV (user verification) bit on signatures if true.
	// SetUV should be paired only with WebAuthn login/registration methods, as
	// it makes Key mimic a WebAuthn device.
	SetUV bool
	// AllowResidentKey allows creation of resident credentials.
	// There's no actual change in Key's behavior other than allowing such requests
	// to proceed.
	// AllowResidentKey should be paired only with WebAuthn registration methods,
	// as it makes Key mimic a WebAuthn device.
	AllowResidentKey bool
	// contains filtered or unexported fields
}

func Create ¶

func Create() (*Key, error)

func CreateWithKeyHandle ¶

func CreateWithKeyHandle(keyHandle []byte) (*Key, error)

func (*Key) AuthenticateRaw ¶

func (muk *Key) AuthenticateRaw(appHash, challengeHash []byte) ([]byte, error)

AuthenticateRaw signs low-level U2F authentication data. Most callers should use either SignResponse or SignAssertion.

func (*Key) Counter ¶

func (muk *Key) Counter() uint32

func (*Key) RegisterRaw ¶

func (muk *Key) RegisterRaw(appHash, challengeHash []byte) ([]byte, error)

RegisterRaw signs low-level U2F registration data. Most callers should use either RegisterResponse or SignCredentialCreation.

func (*Key) SetCounter ¶

func (muk *Key) SetCounter(counter uint32)

func (*Key) SetPasswordless ¶

func (muk *Key) SetPasswordless()

SetPasswordless sets common passwordless options in Key. Options are AllowResidentKey, IgnoreAllowedCredentials and SetUV.

func (*Key) SignAssertion ¶

func (muk *Key) SignAssertion(origin string, assertion *wanlib.CredentialAssertion) (*wanlib.CredentialAssertionResponse, error)

SignAssertion signs a WebAuthn assertion following the U2F-compat-getAssertion algorithm.

func (*Key) SignCredentialCreation ¶

func (muk *Key) SignCredentialCreation(origin string, cc *wanlib.CredentialCreation) (*wanlib.CredentialCreationResponse, error)

SignCredentialCreation signs a WebAuthn credential creation request following the U2F-compat-makeCredential algorithm.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL