diff --git a/cmd/keymasterd/2fa_u2f.go b/cmd/keymasterd/2fa_u2f.go index 2ea26013..11a96697 100644 --- a/cmd/keymasterd/2fa_u2f.go +++ b/cmd/keymasterd/2fa_u2f.go @@ -13,7 +13,7 @@ import ( "github.com/Cloud-Foundations/keymaster/lib/instrumentedwriter" "github.com/Cloud-Foundations/keymaster/lib/webapi/v0/proto" "github.com/Cloud-Foundations/keymaster/proto/eventmon" - "github.com/duo-labs/webauthn/protocol/webauthncose" + "github.com/go-webauthn/webauthn/protocol/webauthncose" "github.com/tstranex/u2f" ) diff --git a/cmd/keymasterd/2fa_webauthn.go b/cmd/keymasterd/2fa_webauthn.go index 5582cac7..4a5e064f 100644 --- a/cmd/keymasterd/2fa_webauthn.go +++ b/cmd/keymasterd/2fa_webauthn.go @@ -11,8 +11,8 @@ import ( "github.com/tstranex/u2f" - "github.com/duo-labs/webauthn/protocol" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/protocol" + "github.com/go-webauthn/webauthn/webauthn" "github.com/Cloud-Foundations/keymaster/lib/instrumentedwriter" "github.com/Cloud-Foundations/keymaster/proto/eventmon" diff --git a/cmd/keymasterd/2fa_webauthn_test.go b/cmd/keymasterd/2fa_webauthn_test.go index 69e04e62..d04d41bd 100644 --- a/cmd/keymasterd/2fa_webauthn_test.go +++ b/cmd/keymasterd/2fa_webauthn_test.go @@ -9,7 +9,7 @@ import ( "github.com/Cloud-Foundations/keymaster/lib/webapi/v0/proto" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/webauthn" ) func TestWebAuthnRegistrationBegin(t *testing.T) { diff --git a/cmd/keymasterd/app.go b/cmd/keymasterd/app.go index a8e46bb4..9a2d9d08 100644 --- a/cmd/keymasterd/app.go +++ b/cmd/keymasterd/app.go @@ -57,7 +57,7 @@ import ( "github.com/Cloud-Foundations/tricorder/go/tricorder" "github.com/Cloud-Foundations/tricorder/go/tricorder/units" "github.com/cloudflare/cfssl/revoke" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/webauthn" "github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus/promhttp" "github.com/tstranex/u2f" diff --git a/cmd/keymasterd/config.go b/cmd/keymasterd/config.go index 245a8a13..8958b1b0 100644 --- a/cmd/keymasterd/config.go +++ b/cmd/keymasterd/config.go @@ -40,7 +40,7 @@ import ( "github.com/Cloud-Foundations/keymaster/lib/pwauth/ldap" "github.com/Cloud-Foundations/keymaster/lib/server/aws_identity_cert" "github.com/Cloud-Foundations/keymaster/lib/vip" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/webauthn" "golang.org/x/crypto/openpgp" "golang.org/x/crypto/openpgp/armor" "golang.org/x/crypto/ssh" diff --git a/cmd/keymasterd/userProfile.go b/cmd/keymasterd/userProfile.go index cfbedd86..316bd455 100644 --- a/cmd/keymasterd/userProfile.go +++ b/cmd/keymasterd/userProfile.go @@ -6,7 +6,7 @@ import ( "encoding/binary" "time" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/webauthn" ) // This is the implementation of duo-labs' webauthn User interface diff --git a/go.mod b/go.mod index 7f5b7a57..5356f3f8 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,8 @@ module github.com/Cloud-Foundations/keymaster -go 1.22.0 +go 1.23 -toolchain go1.23.2 +toolchain go1.23.4 replace github.com/bearsh/hid v1.3.0 => github.com/bearsh/hid v1.5.0 @@ -18,10 +18,10 @@ require ( github.com/aws/aws-sdk-go-v2/service/sts v1.32.2 github.com/bearsh/hid v1.6.0 github.com/cloudflare/cfssl v1.6.5 - github.com/duo-labs/webauthn v0.0.0-20221205164246-ebaf9b74c6ec github.com/flynn/u2f v0.0.0-20180613185708-15554eb68e5d github.com/foomo/htpasswd v0.0.0-20200116085101-e3a90e78da9c github.com/go-jose/go-jose/v4 v4.0.4 + github.com/go-webauthn/webauthn v0.11.2 github.com/lib/pq v1.10.9 github.com/marshallbrekka/go-u2fhost v0.0.0-20210111072507-3ccdec8c8105 github.com/mattn/go-sqlite3 v1.14.24 @@ -53,7 +53,10 @@ require ( github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.6.0 // indirect github.com/go-git/go-git/v5 v5.12.0 // indirect + github.com/go-webauthn/x v0.1.14 // indirect + github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/google/go-tpm v0.9.1 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.17.11 // indirect @@ -80,7 +83,6 @@ require ( github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/flynn/hid v0.0.0-20190502022136-f1b9b6cc019a // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect - github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/google/certificate-transparency-go v1.2.1 // indirect github.com/google/uuid v1.6.0 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect diff --git a/go.sum b/go.sum index 421c3fad..ff66dd6b 100644 --- a/go.sum +++ b/go.sum @@ -91,8 +91,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/duo-labs/webauthn v0.0.0-20221205164246-ebaf9b74c6ec h1:darQ1FPPrwlzwmuN3fRMVCrsaCpuDqkKHADYzcMa73M= -github.com/duo-labs/webauthn v0.0.0-20221205164246-ebaf9b74c6ec/go.mod h1:V3q8IgNpNqFio+56G0vy/QZIi7iho65UFrDwdF5OtZA= github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU= github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= @@ -127,10 +125,14 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-quicktest/qt v1.101.0 h1:O1K29Txy5P2OK0dGo59b7b0LR6wKfIhttaAhHUyn7eI= github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-webauthn/webauthn v0.11.2 h1:Fgx0/wlmkClTKlnOsdOQ+K5HcHDsDcYIvtYmfhEOSUc= +github.com/go-webauthn/webauthn v0.11.2/go.mod h1:aOtudaF94pM71g3jRwTYYwQTG1KyTILTcZqN1srkmD0= +github.com/go-webauthn/x v0.1.14 h1:1wrB8jzXAofojJPAaRxnZhRgagvLGnLjhCAwg3kTpT0= +github.com/go-webauthn/x v0.1.14/go.mod h1:UuVvFZ8/NbOnkDz3y1NaxtUN87pmtpC1PQ+/5BBQRdc= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= -github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= +github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= @@ -144,6 +146,8 @@ github.com/google/certificate-transparency-go v1.2.1/go.mod h1:bvn/ytAccv+I6+DGk github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-tpm v0.9.1 h1:0pGc4X//bAlmZzMKf8iz6IsDo1nYTbYJ6FZN/rg4zdM= +github.com/google/go-tpm v0.9.1/go.mod h1:h9jEsEECg7gtLis0upRBQU+GhYVH6jMjrFxI8u6bVUY= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= diff --git a/lib/client/twofa/u2f/u2f.go b/lib/client/twofa/u2f/u2f.go index 84d1fa9f..b83c7450 100644 --- a/lib/client/twofa/u2f/u2f.go +++ b/lib/client/twofa/u2f/u2f.go @@ -17,9 +17,9 @@ import ( "github.com/Cloud-Foundations/golib/pkg/log" "github.com/bearsh/hid" - "github.com/duo-labs/webauthn/protocol" "github.com/flynn/u2f/u2fhid" "github.com/flynn/u2f/u2ftoken" + "github.com/go-webauthn/webauthn/protocol" "github.com/marshallbrekka/go-u2fhost" "github.com/tstranex/u2f" )