SSH Agent: Add support for OpenSSH 8.2 FIDO/U2F keys

[hifi]

Finally closes #4334 😅

Shout-out to @Yubico for sending me keys with up-to-date firmware to properly test this!

Testing strategy

Manual tests with Yubikeys on Linux. Automated tests for the in-wire format.

This needs to be tested by people with Yubikeys other than me before merging.

Type of change

• ✅ New feature (change that adds functionality)

[networkException]

I tried testing this branch a database but unlocking failed due to a HMAC mismatch (the database has a hardware key as an additional credential)

[hifi]

That may be an older pre-release bug and this just needs a rebase. Does the current develop/snapshot work for you?

[networkException]

Yep develop works fine. I tried to do a quick rebase but it had conflicts, if it helps I will try to look into resolving them I think I rebased it onto the wrong branch

[networkException]

Rebasing onto develop resolved the unlocking issue and using ed25519-sk works flawlessly! The key is only present in the agent when unlocked as expected and I need to confirm with touching the yubikey. Great work 👍

[droidmonkey]

@hifi is this ready for review? Probably needs a rebase on develop.

[hifi]

@droidmonkey should be ready for review now. Not sure what that test failure was but I rebased and the code looks pretty much identical.

[leonlag]

Adding and removing ed25519-sk keys on fedora 34 using a solokey v1 works for me. Thanks for your great work!

[droidmonkey]

Beautiful code @hifi!

[codecov-commenter]

Codecov Report

Merging #6371 (18e4ceb) into develop (1dbec40) will increase coverage by 0.02%.
The diff coverage is 81.54%.

@@             Coverage Diff             @@
##           develop    #6371      +/-   ##
===========================================
+ Coverage    63.77%   63.78%   +0.02%     
===========================================
  Files          330      330              
  Lines        41378    41430      +52     
===========================================
+ Hits         26385    26426      +41     
- Misses       14993    15004      +11     

Impacted Files	Coverage Δ
src/core/Config.cpp	86.50% <ø> (ø)
src/core/Config.h	100.00% <ø> (ø)
src/sshagent/SSHAgent.h	100.00% <ø> (ø)
src/sshagent/SSHAgent.cpp	68.53% <64.29%> (-0.94%)	⬇️
src/sshagent/AgentSettingsWidget.cpp	61.22% <71.43%> (+1.70%)	⬆️
src/sshagent/OpenSSHKey.cpp	79.01% <82.35%> (+0.86%)	⬆️
src/sshagent/ASN1Key.cpp	96.72% <100.00%> (+0.11%)	⬆️
src/core/FileWatcher.cpp	86.75% <0.00%> (+1.20%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1dbec40...18e4ceb. Read the comment docs.