/libfido2/src/fido/param.h
| Line | Count | Source | 
| 1 |  | /* | 
| 2 |  |  * Copyright (c) 2018-2022 Yubico AB. All rights reserved. | 
| 3 |  |  * SPDX-License-Identifier: BSD-2-Clause | 
| 4 |  |  *  | 
| 5 |  |  * Redistribution and use in source and binary forms, with or without | 
| 6 |  |  * modification, are permitted provided that the following conditions are | 
| 7 |  |  * met: | 
| 8 |  |  *  | 
| 9 |  |  *    1. Redistributions of source code must retain the above copyright | 
| 10 |  |  *       notice, this list of conditions and the following disclaimer. | 
| 11 |  |  *    2. Redistributions in binary form must reproduce the above copyright | 
| 12 |  |  *       notice, this list of conditions and the following disclaimer in | 
| 13 |  |  *       the documentation and/or other materials provided with the | 
| 14 |  |  *       distribution. | 
| 15 |  |  *  | 
| 16 |  |  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | 
| 17 |  |  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | 
| 18 |  |  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR | 
| 19 |  |  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | 
| 20 |  |  * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | 
| 21 |  |  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | 
| 22 |  |  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | 
| 23 |  |  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | 
| 24 |  |  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 
| 25 |  |  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 
| 26 |  |  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 
| 27 |  |  */ | 
| 28 |  |  | 
| 29 |  | #ifndef _FIDO_PARAM_H | 
| 30 |  | #define _FIDO_PARAM_H | 
| 31 |  |  | 
| 32 |  | /* Authentication data flags. */ | 
| 33 | 2.85k | #define CTAP_AUTHDATA_USER_PRESENT      0x01 | 
| 34 | 136 | #define CTAP_AUTHDATA_USER_VERIFIED     0x04 | 
| 35 | 4.52k | #define CTAP_AUTHDATA_ATT_CRED          0x40 | 
| 36 | 6.66k | #define CTAP_AUTHDATA_EXT_DATA          0x80 | 
| 37 |  |  | 
| 38 |  | /* CTAPHID command opcodes. */ | 
| 39 |  | #define CTAP_CMD_PING                   0x01 | 
| 40 | 16.4k | #define CTAP_CMD_MSG                    0x03 | 
| 41 |  | #define CTAP_CMD_LOCK                   0x04 | 
| 42 | 235k | #define CTAP_CMD_INIT                   0x06 | 
| 43 | 3.68k | #define CTAP_CMD_WINK                   0x08 | 
| 44 | 128k | #define CTAP_CMD_CBOR                   0x10 | 
| 45 | 3.30k | #define CTAP_CMD_CANCEL                 0x11 | 
| 46 | 119k | #define CTAP_KEEPALIVE                  0x3b | 
| 47 | 534k | #define CTAP_FRAME_INIT                 0x80 | 
| 48 |  |  | 
| 49 |  | /* CTAPHID CBOR command opcodes. */ | 
| 50 | 2.06k | #define CTAP_CBOR_MAKECRED              0x01 | 
| 51 | 902 | #define CTAP_CBOR_ASSERT                0x02 | 
| 52 | 36.8k | #define CTAP_CBOR_GETINFO               0x04 | 
| 53 | 14.2k | #define CTAP_CBOR_CLIENT_PIN            0x06 | 
| 54 | 205 | #define CTAP_CBOR_RESET                 0x07 | 
| 55 | 308 | #define CTAP_CBOR_NEXT_ASSERT           0x08 | 
| 56 | 15 | #define CTAP_CBOR_BIO_ENROLL            0x09 | 
| 57 | 30 | #define CTAP_CBOR_CRED_MGMT             0x0a | 
| 58 | 2.40k | #define CTAP_CBOR_LARGEBLOB             0x0c | 
| 59 | 13.9k | #define CTAP_CBOR_CONFIG                0x0d | 
| 60 | 4.66k | #define CTAP_CBOR_BIO_ENROLL_PRE        0x40 | 
| 61 | 8.72k | #define CTAP_CBOR_CRED_MGMT_PRE         0x41 | 
| 62 |  |  | 
| 63 |  | /* Supported CTAP PIN/UV Auth Protocols. */ | 
| 64 | 45.8k | #define CTAP_PIN_PROTOCOL1              1 | 
| 65 | 13.1k | #define CTAP_PIN_PROTOCOL2              2 | 
| 66 |  |  | 
| 67 |  | /* U2F command opcodes. */ | 
| 68 | 4.03k | #define U2F_CMD_REGISTER                0x01 | 
| 69 | 2.49k | #define U2F_CMD_AUTH                    0x02 | 
| 70 |  |  | 
| 71 |  | /* U2F command flags. */ | 
| 72 | 696 | #define U2F_AUTH_SIGN                   0x03 | 
| 73 | 1.80k | #define U2F_AUTH_CHECK                  0x07 | 
| 74 |  |  | 
| 75 |  | /* ISO7816-4 status words. */ | 
| 76 | 950 | #define SW1_MORE_DATA                   0x61 | 
| 77 | 3.39k | #define SW_CONDITIONS_NOT_SATISFIED     0x6985 | 
| 78 | 20 | #define SW_WRONG_DATA                   0x6a80 | 
| 79 | 2.95k | #define SW_NO_ERROR                     0x9000 | 
| 80 |  |  | 
| 81 |  | /* HID Broadcast channel ID. */ | 
| 82 | 1.74M | #define CTAP_CID_BROADCAST              0xffffffff | 
| 83 |  |  | 
| 84 | 1.41M | #define CTAP_INIT_HEADER_LEN            7 | 
| 85 | 494k | #define CTAP_CONT_HEADER_LEN            5 | 
| 86 |  |  | 
| 87 |  | /* Maximum length of a CTAP HID report in bytes. */ | 
| 88 | 694k | #define CTAP_MAX_REPORT_LEN             64 | 
| 89 |  |  | 
| 90 |  | /* Minimum length of a CTAP HID report in bytes. */ | 
| 91 | 926k | #define CTAP_MIN_REPORT_LEN             (CTAP_INIT_HEADER_LEN + 1) | 
| 92 |  |  | 
| 93 |  | /* Randomness device on UNIX-like platforms. */ | 
| 94 |  | #ifndef FIDO_RANDOM_DEV | 
| 95 |  | #define FIDO_RANDOM_DEV                 "/dev/urandom" | 
| 96 |  | #endif | 
| 97 |  |  | 
| 98 |  | /* Maximum message size in bytes. */ | 
| 99 |  | #ifndef FIDO_MAXMSG | 
| 100 | 231k | #define FIDO_MAXMSG     2048 | 
| 101 |  | #endif | 
| 102 |  |  | 
| 103 |  | /* CTAP capability bits. */ | 
| 104 | 3.25k | #define FIDO_CAP_WINK   0x01 /* if set, device supports CTAP_CMD_WINK */ | 
| 105 | 165k | #define FIDO_CAP_CBOR   0x04 /* if set, device supports CTAP_CMD_CBOR */ | 
| 106 | 1.16k | #define FIDO_CAP_NMSG   0x08 /* if set, device doesn't support CTAP_CMD_MSG */ | 
| 107 |  |  | 
| 108 |  | /* Supported COSE algorithms. */ | 
| 109 | 1.70k | #define COSE_UNSPEC     0 | 
| 110 | 43.4k | #define COSE_ES256      -7 | 
| 111 | 8.17k | #define COSE_EDDSA      -8 | 
| 112 | 4.29k | #define COSE_ECDH_ES256 -25 | 
| 113 | 21.9k | #define COSE_ES384      -35 | 
| 114 | 21.0k | #define COSE_RS256      -257 | 
| 115 | 1.04k | #define COSE_RS1        -65535 | 
| 116 |  |  | 
| 117 |  | /* Supported COSE types. */ | 
| 118 | 1.29k | #define COSE_KTY_OKP    1 | 
| 119 | 7.99k | #define COSE_KTY_EC2    2 | 
| 120 | 191 | #define COSE_KTY_RSA    3 | 
| 121 |  |  | 
| 122 |  | /* Supported curves. */ | 
| 123 | 3.70k | #define COSE_P256       1 | 
| 124 | 238 | #define COSE_P384       2 | 
| 125 | 617 | #define COSE_ED25519    6 | 
| 126 |  |  | 
| 127 |  | /* Supported extensions. */ | 
| 128 | 66.9k | #define FIDO_EXT_HMAC_SECRET    0x01 | 
| 129 | 16.5k | #define FIDO_EXT_CRED_PROTECT   0x02 | 
| 130 | 68.6k | #define FIDO_EXT_LARGEBLOB_KEY  0x04 | 
| 131 | 66.7k | #define FIDO_EXT_CRED_BLOB      0x08 | 
| 132 | 13.0k | #define FIDO_EXT_MINPINLEN      0x10 | 
| 133 |  |  | 
| 134 |  | /* Supported credential protection policies. */ | 
| 135 | 6.44k | #define FIDO_CRED_PROT_UV_OPTIONAL              0x01 | 
| 136 | 5.13k | #define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID      0x02 | 
| 137 | 1.20k | #define FIDO_CRED_PROT_UV_REQUIRED              0x03 | 
| 138 |  |  | 
| 139 |  | #ifdef _FIDO_INTERNAL | 
| 140 | 56.9k | #define FIDO_EXT_ASSERT_MASK    (FIDO_EXT_HMAC_SECRET|FIDO_EXT_LARGEBLOB_KEY| \ | 
| 141 | 56.9k |                                  FIDO_EXT_CRED_BLOB) | 
| 142 | 5.63k | #define FIDO_EXT_CRED_MASK      (FIDO_EXT_HMAC_SECRET|FIDO_EXT_CRED_PROTECT| \ | 
| 143 | 5.63k |                                  FIDO_EXT_LARGEBLOB_KEY|FIDO_EXT_CRED_BLOB| \ | 
| 144 | 5.63k |                                  FIDO_EXT_MINPINLEN) | 
| 145 |  | #endif /* _FIDO_INTERNAL */ | 
| 146 |  |  | 
| 147 |  | /* Recognised UV modes. */ | 
| 148 |  | #define FIDO_UV_MODE_TUP        0x0001  /* internal test of user presence */ | 
| 149 |  | #define FIDO_UV_MODE_FP         0x0002  /* internal fingerprint check */ | 
| 150 |  | #define FIDO_UV_MODE_PIN        0x0004  /* internal pin check */ | 
| 151 |  | #define FIDO_UV_MODE_VOICE      0x0008  /* internal voice recognition */ | 
| 152 |  | #define FIDO_UV_MODE_FACE       0x0010  /* internal face recognition */ | 
| 153 |  | #define FIDO_UV_MODE_LOCATION   0x0020  /* internal location check */ | 
| 154 |  | #define FIDO_UV_MODE_EYE        0x0040  /* internal eyeprint check */ | 
| 155 |  | #define FIDO_UV_MODE_DRAWN      0x0080  /* internal drawn pattern check */ | 
| 156 |  | #define FIDO_UV_MODE_HAND       0x0100  /* internal handprint verification */ | 
| 157 |  | #define FIDO_UV_MODE_NONE       0x0200  /* TUP/UV not required */ | 
| 158 |  | #define FIDO_UV_MODE_ALL        0x0400  /* all supported UV modes required */ | 
| 159 |  | #define FIDO_UV_MODE_EXT_PIN    0x0800  /* external pin verification */ | 
| 160 |  | #define FIDO_UV_MODE_EXT_DRAWN  0x1000  /* external drawn pattern check */ | 
| 161 |  |  | 
| 162 |  | #endif /* !_FIDO_PARAM_H */ |