summaryrefslogtreecommitdiffstats
path: root/src/fido/param.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:23:06 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 09:23:06 +0000
commitcd13e2506379761d3464eae917eb1881876a7aa1 (patch)
tree54d32c05b0d6396408ff0d599d771fb9e7cdd60c /src/fido/param.h
parentInitial commit. (diff)
downloadlibfido2-upstream.tar.xz
libfido2-upstream.zip
Adding upstream version 1.12.0.upstream/1.12.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/fido/param.h160
1 files changed, 160 insertions, 0 deletions
diff --git a/src/fido/param.h b/src/fido/param.h
new file mode 100644
index 0000000..511370b
--- /dev/null
+++ b/src/fido/param.h
@@ -0,0 +1,160 @@
+/*
+ * Copyright (c) 2018-2022 Yubico AB. All rights reserved.
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _FIDO_PARAM_H
+#define _FIDO_PARAM_H
+
+/* Authentication data flags. */
+#define CTAP_AUTHDATA_USER_PRESENT 0x01
+#define CTAP_AUTHDATA_USER_VERIFIED 0x04
+#define CTAP_AUTHDATA_ATT_CRED 0x40
+#define CTAP_AUTHDATA_EXT_DATA 0x80
+
+/* CTAPHID command opcodes. */
+#define CTAP_CMD_PING 0x01
+#define CTAP_CMD_MSG 0x03
+#define CTAP_CMD_LOCK 0x04
+#define CTAP_CMD_INIT 0x06
+#define CTAP_CMD_WINK 0x08
+#define CTAP_CMD_CBOR 0x10
+#define CTAP_CMD_CANCEL 0x11
+#define CTAP_KEEPALIVE 0x3b
+#define CTAP_FRAME_INIT 0x80
+
+/* CTAPHID CBOR command opcodes. */
+#define CTAP_CBOR_MAKECRED 0x01
+#define CTAP_CBOR_ASSERT 0x02
+#define CTAP_CBOR_GETINFO 0x04
+#define CTAP_CBOR_CLIENT_PIN 0x06
+#define CTAP_CBOR_RESET 0x07
+#define CTAP_CBOR_NEXT_ASSERT 0x08
+#define CTAP_CBOR_LARGEBLOB 0x0c
+#define CTAP_CBOR_CONFIG 0x0d
+#define CTAP_CBOR_BIO_ENROLL_PRE 0x40
+#define CTAP_CBOR_CRED_MGMT_PRE 0x41
+
+/* Supported CTAP PIN/UV Auth Protocols. */
+#define CTAP_PIN_PROTOCOL1 1
+#define CTAP_PIN_PROTOCOL2 2
+
+/* U2F command opcodes. */
+#define U2F_CMD_REGISTER 0x01
+#define U2F_CMD_AUTH 0x02
+
+/* U2F command flags. */
+#define U2F_AUTH_SIGN 0x03
+#define U2F_AUTH_CHECK 0x07
+
+/* ISO7816-4 status words. */
+#define SW1_MORE_DATA 0x61
+#define SW_CONDITIONS_NOT_SATISFIED 0x6985
+#define SW_WRONG_DATA 0x6a80
+#define SW_NO_ERROR 0x9000
+
+/* HID Broadcast channel ID. */
+#define CTAP_CID_BROADCAST 0xffffffff
+
+#define CTAP_INIT_HEADER_LEN 7
+#define CTAP_CONT_HEADER_LEN 5
+
+/* Maximum length of a CTAP HID report in bytes. */
+#define CTAP_MAX_REPORT_LEN 64
+
+/* Minimum length of a CTAP HID report in bytes. */
+#define CTAP_MIN_REPORT_LEN (CTAP_INIT_HEADER_LEN + 1)
+
+/* Randomness device on UNIX-like platforms. */
+#ifndef FIDO_RANDOM_DEV
+#define FIDO_RANDOM_DEV "/dev/urandom"
+#endif
+
+/* Maximum message size in bytes. */
+#ifndef FIDO_MAXMSG
+#define FIDO_MAXMSG 2048
+#endif
+
+/* CTAP capability bits. */
+#define FIDO_CAP_WINK 0x01 /* if set, device supports CTAP_CMD_WINK */
+#define FIDO_CAP_CBOR 0x04 /* if set, device supports CTAP_CMD_CBOR */
+#define FIDO_CAP_NMSG 0x08 /* if set, device doesn't support CTAP_CMD_MSG */
+
+/* Supported COSE algorithms. */
+#define COSE_UNSPEC 0
+#define COSE_ES256 -7
+#define COSE_EDDSA -8
+#define COSE_ECDH_ES256 -25
+#define COSE_ES384 -35
+#define COSE_RS256 -257
+#define COSE_RS1 -65535
+
+/* Supported COSE types. */
+#define COSE_KTY_OKP 1
+#define COSE_KTY_EC2 2
+#define COSE_KTY_RSA 3
+
+/* Supported curves. */
+#define COSE_P256 1
+#define COSE_P384 2
+#define COSE_ED25519 6
+
+/* Supported extensions. */
+#define FIDO_EXT_HMAC_SECRET 0x01
+#define FIDO_EXT_CRED_PROTECT 0x02
+#define FIDO_EXT_LARGEBLOB_KEY 0x04
+#define FIDO_EXT_CRED_BLOB 0x08
+#define FIDO_EXT_MINPINLEN 0x10
+
+/* Supported credential protection policies. */
+#define FIDO_CRED_PROT_UV_OPTIONAL 0x01
+#define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID 0x02
+#define FIDO_CRED_PROT_UV_REQUIRED 0x03
+
+#ifdef _FIDO_INTERNAL
+#define FIDO_EXT_ASSERT_MASK (FIDO_EXT_HMAC_SECRET|FIDO_EXT_LARGEBLOB_KEY| \
+ FIDO_EXT_CRED_BLOB)
+#define FIDO_EXT_CRED_MASK (FIDO_EXT_HMAC_SECRET|FIDO_EXT_CRED_PROTECT| \
+ FIDO_EXT_LARGEBLOB_KEY|FIDO_EXT_CRED_BLOB| \
+ FIDO_EXT_MINPINLEN)
+#endif /* _FIDO_INTERNAL */
+
+/* Recognised UV modes. */
+#define FIDO_UV_MODE_TUP 0x0001 /* internal test of user presence */
+#define FIDO_UV_MODE_FP 0x0002 /* internal fingerprint check */
+#define FIDO_UV_MODE_PIN 0x0004 /* internal pin check */
+#define FIDO_UV_MODE_VOICE 0x0008 /* internal voice recognition */
+#define FIDO_UV_MODE_FACE 0x0010 /* internal face recognition */
+#define FIDO_UV_MODE_LOCATION 0x0020 /* internal location check */
+#define FIDO_UV_MODE_EYE 0x0040 /* internal eyeprint check */
+#define FIDO_UV_MODE_DRAWN 0x0080 /* internal drawn pattern check */
+#define FIDO_UV_MODE_HAND 0x0100 /* internal handprint verification */
+#define FIDO_UV_MODE_NONE 0x0200 /* TUP/UV not required */
+#define FIDO_UV_MODE_ALL 0x0400 /* all supported UV modes required */
+#define FIDO_UV_MODE_EXT_PIN 0x0800 /* external pin verification */
+#define FIDO_UV_MODE_EXT_DRAWN 0x1000 /* external drawn pattern check */
+
+#endif /* !_FIDO_PARAM_H */