/libfido2/src/fido/param.h
Line | Count | Source |
1 | | /* |
2 | | * Copyright (c) 2018-2021 Yubico AB. All rights reserved. |
3 | | * Use of this source code is governed by a BSD-style |
4 | | * license that can be found in the LICENSE file. |
5 | | */ |
6 | | |
7 | | #ifndef _FIDO_PARAM_H |
8 | | #define _FIDO_PARAM_H |
9 | | |
10 | | /* Authentication data flags. */ |
11 | 538 | #define CTAP_AUTHDATA_USER_PRESENT 0x01 |
12 | 88 | #define CTAP_AUTHDATA_USER_VERIFIED 0x04 |
13 | 1.40k | #define CTAP_AUTHDATA_ATT_CRED 0x40 |
14 | 2.73k | #define CTAP_AUTHDATA_EXT_DATA 0x80 |
15 | | |
16 | | /* CTAPHID command opcodes. */ |
17 | | #define CTAP_CMD_PING 0x01 |
18 | 8.62k | #define CTAP_CMD_MSG 0x03 |
19 | | #define CTAP_CMD_LOCK 0x04 |
20 | 144k | #define CTAP_CMD_INIT 0x06 |
21 | 2.73k | #define CTAP_CMD_WINK 0x08 |
22 | 81.8k | #define CTAP_CMD_CBOR 0x10 |
23 | 2.60k | #define CTAP_CMD_CANCEL 0x11 |
24 | 71.8k | #define CTAP_KEEPALIVE 0x3b |
25 | 327k | #define CTAP_FRAME_INIT 0x80 |
26 | | |
27 | | /* CTAPHID CBOR command opcodes. */ |
28 | 1.46k | #define CTAP_CBOR_MAKECRED 0x01 |
29 | 906 | #define CTAP_CBOR_ASSERT 0x02 |
30 | 22.3k | #define CTAP_CBOR_GETINFO 0x04 |
31 | 10.2k | #define CTAP_CBOR_CLIENT_PIN 0x06 |
32 | 137 | #define CTAP_CBOR_RESET 0x07 |
33 | 228 | #define CTAP_CBOR_NEXT_ASSERT 0x08 |
34 | 1.52k | #define CTAP_CBOR_LARGEBLOB 0x0c |
35 | 6.00k | #define CTAP_CBOR_CONFIG 0x0d |
36 | 3.17k | #define CTAP_CBOR_BIO_ENROLL_PRE 0x40 |
37 | 5.02k | #define CTAP_CBOR_CRED_MGMT_PRE 0x41 |
38 | | |
39 | | /* Supported CTAP PIN/UV Auth Protocols. */ |
40 | 37.4k | #define CTAP_PIN_PROTOCOL1 1 |
41 | 9.73k | #define CTAP_PIN_PROTOCOL2 2 |
42 | | |
43 | | /* U2F command opcodes. */ |
44 | 2.39k | #define U2F_CMD_REGISTER 0x01 |
45 | 1.11k | #define U2F_CMD_AUTH 0x02 |
46 | | |
47 | | /* U2F command flags. */ |
48 | 182 | #define U2F_AUTH_SIGN 0x03 |
49 | 931 | #define U2F_AUTH_CHECK 0x07 |
50 | | |
51 | | /* ISO7816-4 status words. */ |
52 | 282 | #define SW1_MORE_DATA 0x61 |
53 | 1.25k | #define SW_CONDITIONS_NOT_SATISFIED 0x6985 |
54 | 16 | #define SW_WRONG_DATA 0x6a80 |
55 | 1.00k | #define SW_NO_ERROR 0x9000 |
56 | | |
57 | | /* HID Broadcast channel ID. */ |
58 | 171k | #define CTAP_CID_BROADCAST 0xffffffff |
59 | | |
60 | 892k | #define CTAP_INIT_HEADER_LEN 7 |
61 | 309k | #define CTAP_CONT_HEADER_LEN 5 |
62 | | |
63 | | /* Maximum length of a CTAP HID report in bytes. */ |
64 | 433k | #define CTAP_MAX_REPORT_LEN 64 |
65 | | |
66 | | /* Minimum length of a CTAP HID report in bytes. */ |
67 | 577k | #define CTAP_MIN_REPORT_LEN (CTAP_INIT_HEADER_LEN + 1) |
68 | | |
69 | | /* Randomness device on UNIX-like platforms. */ |
70 | | #ifndef FIDO_RANDOM_DEV |
71 | | #define FIDO_RANDOM_DEV "/dev/urandom" |
72 | | #endif |
73 | | |
74 | | /* Maximum message size in bytes. */ |
75 | | #ifndef FIDO_MAXMSG |
76 | 12.3k | #define FIDO_MAXMSG 2048 |
77 | | #endif |
78 | | |
79 | | /* CTAP capability bits. */ |
80 | 2.15k | #define FIDO_CAP_WINK 0x01 /* if set, device supports CTAP_CMD_WINK */ |
81 | 97.8k | #define FIDO_CAP_CBOR 0x04 /* if set, device supports CTAP_CMD_CBOR */ |
82 | 489 | #define FIDO_CAP_NMSG 0x08 /* if set, device doesn't support CTAP_CMD_MSG */ |
83 | | |
84 | | /* Supported COSE algorithms. */ |
85 | 1 | #define COSE_UNSPEC 0 |
86 | 22.9k | #define COSE_ES256 -7 |
87 | 3.84k | #define COSE_EDDSA -8 |
88 | 3.51k | #define COSE_ECDH_ES256 -25 |
89 | 12.7k | #define COSE_RS256 -257 |
90 | 195 | #define COSE_RS1 -65535 |
91 | | |
92 | | /* Supported COSE types. */ |
93 | 676 | #define COSE_KTY_OKP 1 |
94 | 2.91k | #define COSE_KTY_EC2 2 |
95 | 215 | #define COSE_KTY_RSA 3 |
96 | | |
97 | | /* Supported curves. */ |
98 | 1.44k | #define COSE_P256 1 |
99 | 324 | #define COSE_ED25519 6 |
100 | | |
101 | | /* Supported extensions. */ |
102 | 40.2k | #define FIDO_EXT_HMAC_SECRET 0x01 |
103 | 11.4k | #define FIDO_EXT_CRED_PROTECT 0x02 |
104 | 39.9k | #define FIDO_EXT_LARGEBLOB_KEY 0x04 |
105 | 40.0k | #define FIDO_EXT_CRED_BLOB 0x08 |
106 | 9.17k | #define FIDO_EXT_MINPINLEN 0x10 |
107 | | |
108 | | /* Supported credential protection policies. */ |
109 | 6.24k | #define FIDO_CRED_PROT_UV_OPTIONAL 0x01 |
110 | 4.82k | #define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID 0x02 |
111 | 980 | #define FIDO_CRED_PROT_UV_REQUIRED 0x03 |
112 | | |
113 | | #ifdef _FIDO_INTERNAL |
114 | 32.7k | #define FIDO_EXT_ASSERT_MASK (FIDO_EXT_HMAC_SECRET|FIDO_EXT_LARGEBLOB_KEY| \ |
115 | 32.7k | FIDO_EXT_CRED_BLOB) |
116 | 3.86k | #define FIDO_EXT_CRED_MASK (FIDO_EXT_HMAC_SECRET|FIDO_EXT_CRED_PROTECT| \ |
117 | 3.86k | FIDO_EXT_LARGEBLOB_KEY|FIDO_EXT_CRED_BLOB| \ |
118 | 3.86k | FIDO_EXT_MINPINLEN) |
119 | | #endif /* _FIDO_INTERNAL */ |
120 | | |
121 | | #endif /* !_FIDO_PARAM_H */ |