Coverage Report

Created: 2023-09-23 17:42

/libfido2/src/fido/param.h
Line
Count
Source
1
/*
2
 * Copyright (c) 2018-2022 Yubico AB. All rights reserved.
3
 * SPDX-License-Identifier: BSD-2-Clause
4
 * 
5
 * Redistribution and use in source and binary forms, with or without
6
 * modification, are permitted provided that the following conditions are
7
 * met:
8
 * 
9
 *    1. Redistributions of source code must retain the above copyright
10
 *       notice, this list of conditions and the following disclaimer.
11
 *    2. Redistributions in binary form must reproduce the above copyright
12
 *       notice, this list of conditions and the following disclaimer in
13
 *       the documentation and/or other materials provided with the
14
 *       distribution.
15
 * 
16
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
20
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
26
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27
 */
28
29
#ifndef _FIDO_PARAM_H
30
#define _FIDO_PARAM_H
31
32
/* Authentication data flags. */
33
466
#define CTAP_AUTHDATA_USER_PRESENT      0x01
34
76
#define CTAP_AUTHDATA_USER_VERIFIED     0x04
35
1.18k
#define CTAP_AUTHDATA_ATT_CRED          0x40
36
2.44k
#define CTAP_AUTHDATA_EXT_DATA          0x80
37
38
/* CTAPHID command opcodes. */
39
#define CTAP_CMD_PING                   0x01
40
8.27k
#define CTAP_CMD_MSG                    0x03
41
#define CTAP_CMD_LOCK                   0x04
42
138k
#define CTAP_CMD_INIT                   0x06
43
2.08k
#define CTAP_CMD_WINK                   0x08
44
74.6k
#define CTAP_CMD_CBOR                   0x10
45
2.00k
#define CTAP_CMD_CANCEL                 0x11
46
63.0k
#define CTAP_KEEPALIVE                  0x3b
47
289k
#define CTAP_FRAME_INIT                 0x80
48
49
/* CTAPHID CBOR command opcodes. */
50
1.16k
#define CTAP_CBOR_MAKECRED              0x01
51
625
#define CTAP_CBOR_ASSERT                0x02
52
19.7k
#define CTAP_CBOR_GETINFO               0x04
53
8.48k
#define CTAP_CBOR_CLIENT_PIN            0x06
54
88
#define CTAP_CBOR_RESET                 0x07
55
263
#define CTAP_CBOR_NEXT_ASSERT           0x08
56
1.47k
#define CTAP_CBOR_LARGEBLOB             0x0c
57
5.88k
#define CTAP_CBOR_CONFIG                0x0d
58
2.82k
#define CTAP_CBOR_BIO_ENROLL_PRE        0x40
59
4.93k
#define CTAP_CBOR_CRED_MGMT_PRE         0x41
60
61
/* Supported CTAP PIN/UV Auth Protocols. */
62
29.3k
#define CTAP_PIN_PROTOCOL1              1
63
9.36k
#define CTAP_PIN_PROTOCOL2              2
64
65
/* U2F command opcodes. */
66
1.99k
#define U2F_CMD_REGISTER                0x01
67
1.24k
#define U2F_CMD_AUTH                    0x02
68
69
/* U2F command flags. */
70
212
#define U2F_AUTH_SIGN                   0x03
71
1.03k
#define U2F_AUTH_CHECK                  0x07
72
73
/* ISO7816-4 status words. */
74
647
#define SW1_MORE_DATA                   0x61
75
1.09k
#define SW_CONDITIONS_NOT_SATISFIED     0x6985
76
18
#define SW_WRONG_DATA                   0x6a80
77
1.52k
#define SW_NO_ERROR                     0x9000
78
79
/* HID Broadcast channel ID. */
80
1.26M
#define CTAP_CID_BROADCAST              0xffffffff
81
82
818k
#define CTAP_INIT_HEADER_LEN            7
83
287k
#define CTAP_CONT_HEADER_LEN            5
84
85
/* Maximum length of a CTAP HID report in bytes. */
86
405k
#define CTAP_MAX_REPORT_LEN             64
87
88
/* Minimum length of a CTAP HID report in bytes. */
89
540k
#define CTAP_MIN_REPORT_LEN             (CTAP_INIT_HEADER_LEN + 1)
90
91
/* Randomness device on UNIX-like platforms. */
92
#ifndef FIDO_RANDOM_DEV
93
#define FIDO_RANDOM_DEV                 "/dev/urandom"
94
#endif
95
96
/* Maximum message size in bytes. */
97
#ifndef FIDO_MAXMSG
98
131k
#define FIDO_MAXMSG     2048
99
#endif
100
101
/* CTAP capability bits. */
102
1.76k
#define FIDO_CAP_WINK   0x01 /* if set, device supports CTAP_CMD_WINK */
103
88.9k
#define FIDO_CAP_CBOR   0x04 /* if set, device supports CTAP_CMD_CBOR */
104
936
#define FIDO_CAP_NMSG   0x08 /* if set, device doesn't support CTAP_CMD_MSG */
105
106
/* Supported COSE algorithms. */
107
100
#define COSE_UNSPEC     0
108
15.2k
#define COSE_ES256      -7
109
2.82k
#define COSE_EDDSA      -8
110
2.97k
#define COSE_ECDH_ES256 -25
111
7.94k
#define COSE_ES384      -35
112
7.71k
#define COSE_RS256      -257
113
182
#define COSE_RS1        -65535
114
115
/* Supported COSE types. */
116
900
#define COSE_KTY_OKP    1
117
2.36k
#define COSE_KTY_EC2    2
118
173
#define COSE_KTY_RSA    3
119
120
/* Supported curves. */
121
1.05k
#define COSE_P256       1
122
86
#define COSE_P384       2
123
423
#define COSE_ED25519    6
124
125
/* Supported extensions. */
126
43.4k
#define FIDO_EXT_HMAC_SECRET    0x01
127
9.93k
#define FIDO_EXT_CRED_PROTECT   0x02
128
43.1k
#define FIDO_EXT_LARGEBLOB_KEY  0x04
129
43.1k
#define FIDO_EXT_CRED_BLOB      0x08
130
8.02k
#define FIDO_EXT_MINPINLEN      0x10
131
132
/* Supported credential protection policies. */
133
4.69k
#define FIDO_CRED_PROT_UV_OPTIONAL              0x01
134
3.78k
#define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID      0x02
135
870
#define FIDO_CRED_PROT_UV_REQUIRED              0x03
136
137
#ifdef _FIDO_INTERNAL
138
36.8k
#define FIDO_EXT_ASSERT_MASK    (FIDO_EXT_HMAC_SECRET|FIDO_EXT_LARGEBLOB_KEY| \
139
36.8k
                                 FIDO_EXT_CRED_BLOB)
140
3.52k
#define FIDO_EXT_CRED_MASK      (FIDO_EXT_HMAC_SECRET|FIDO_EXT_CRED_PROTECT| \
141
3.52k
                                 FIDO_EXT_LARGEBLOB_KEY|FIDO_EXT_CRED_BLOB| \
142
3.52k
                                 FIDO_EXT_MINPINLEN)
143
#endif /* _FIDO_INTERNAL */
144
145
/* Recognised UV modes. */
146
#define FIDO_UV_MODE_TUP        0x0001  /* internal test of user presence */
147
#define FIDO_UV_MODE_FP         0x0002  /* internal fingerprint check */
148
#define FIDO_UV_MODE_PIN        0x0004  /* internal pin check */
149
#define FIDO_UV_MODE_VOICE      0x0008  /* internal voice recognition */
150
#define FIDO_UV_MODE_FACE       0x0010  /* internal face recognition */
151
#define FIDO_UV_MODE_LOCATION   0x0020  /* internal location check */
152
#define FIDO_UV_MODE_EYE        0x0040  /* internal eyeprint check */
153
#define FIDO_UV_MODE_DRAWN      0x0080  /* internal drawn pattern check */
154
#define FIDO_UV_MODE_HAND       0x0100  /* internal handprint verification */
155
#define FIDO_UV_MODE_NONE       0x0200  /* TUP/UV not required */
156
#define FIDO_UV_MODE_ALL        0x0400  /* all supported UV modes required */
157
#define FIDO_UV_MODE_EXT_PIN    0x0800  /* external pin verification */
158
#define FIDO_UV_MODE_EXT_DRAWN  0x1000  /* external drawn pattern check */
159
160
#endif /* !_FIDO_PARAM_H */