Coverage Report

Created: 2024-06-03 09:43

/libfido2/src/fido/param.h
Line
Count
Source
1
/*
2
 * Copyright (c) 2018-2022 Yubico AB. All rights reserved.
3
 * SPDX-License-Identifier: BSD-2-Clause
4
 * 
5
 * Redistribution and use in source and binary forms, with or without
6
 * modification, are permitted provided that the following conditions are
7
 * met:
8
 * 
9
 *    1. Redistributions of source code must retain the above copyright
10
 *       notice, this list of conditions and the following disclaimer.
11
 *    2. Redistributions in binary form must reproduce the above copyright
12
 *       notice, this list of conditions and the following disclaimer in
13
 *       the documentation and/or other materials provided with the
14
 *       distribution.
15
 * 
16
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
20
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
26
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27
 */
28
29
#ifndef _FIDO_PARAM_H
30
#define _FIDO_PARAM_H
31
32
/* Authentication data flags. */
33
2.85k
#define CTAP_AUTHDATA_USER_PRESENT      0x01
34
136
#define CTAP_AUTHDATA_USER_VERIFIED     0x04
35
4.52k
#define CTAP_AUTHDATA_ATT_CRED          0x40
36
6.66k
#define CTAP_AUTHDATA_EXT_DATA          0x80
37
38
/* CTAPHID command opcodes. */
39
#define CTAP_CMD_PING                   0x01
40
16.4k
#define CTAP_CMD_MSG                    0x03
41
#define CTAP_CMD_LOCK                   0x04
42
235k
#define CTAP_CMD_INIT                   0x06
43
3.68k
#define CTAP_CMD_WINK                   0x08
44
128k
#define CTAP_CMD_CBOR                   0x10
45
3.30k
#define CTAP_CMD_CANCEL                 0x11
46
119k
#define CTAP_KEEPALIVE                  0x3b
47
534k
#define CTAP_FRAME_INIT                 0x80
48
49
/* CTAPHID CBOR command opcodes. */
50
2.06k
#define CTAP_CBOR_MAKECRED              0x01
51
902
#define CTAP_CBOR_ASSERT                0x02
52
36.8k
#define CTAP_CBOR_GETINFO               0x04
53
14.2k
#define CTAP_CBOR_CLIENT_PIN            0x06
54
205
#define CTAP_CBOR_RESET                 0x07
55
308
#define CTAP_CBOR_NEXT_ASSERT           0x08
56
15
#define CTAP_CBOR_BIO_ENROLL            0x09
57
30
#define CTAP_CBOR_CRED_MGMT             0x0a
58
2.40k
#define CTAP_CBOR_LARGEBLOB             0x0c
59
13.9k
#define CTAP_CBOR_CONFIG                0x0d
60
4.66k
#define CTAP_CBOR_BIO_ENROLL_PRE        0x40
61
8.72k
#define CTAP_CBOR_CRED_MGMT_PRE         0x41
62
63
/* Supported CTAP PIN/UV Auth Protocols. */
64
45.8k
#define CTAP_PIN_PROTOCOL1              1
65
13.1k
#define CTAP_PIN_PROTOCOL2              2
66
67
/* U2F command opcodes. */
68
4.03k
#define U2F_CMD_REGISTER                0x01
69
2.49k
#define U2F_CMD_AUTH                    0x02
70
71
/* U2F command flags. */
72
696
#define U2F_AUTH_SIGN                   0x03
73
1.80k
#define U2F_AUTH_CHECK                  0x07
74
75
/* ISO7816-4 status words. */
76
950
#define SW1_MORE_DATA                   0x61
77
3.39k
#define SW_CONDITIONS_NOT_SATISFIED     0x6985
78
20
#define SW_WRONG_DATA                   0x6a80
79
2.95k
#define SW_NO_ERROR                     0x9000
80
81
/* HID Broadcast channel ID. */
82
1.74M
#define CTAP_CID_BROADCAST              0xffffffff
83
84
1.41M
#define CTAP_INIT_HEADER_LEN            7
85
494k
#define CTAP_CONT_HEADER_LEN            5
86
87
/* Maximum length of a CTAP HID report in bytes. */
88
694k
#define CTAP_MAX_REPORT_LEN             64
89
90
/* Minimum length of a CTAP HID report in bytes. */
91
926k
#define CTAP_MIN_REPORT_LEN             (CTAP_INIT_HEADER_LEN + 1)
92
93
/* Randomness device on UNIX-like platforms. */
94
#ifndef FIDO_RANDOM_DEV
95
#define FIDO_RANDOM_DEV                 "/dev/urandom"
96
#endif
97
98
/* Maximum message size in bytes. */
99
#ifndef FIDO_MAXMSG
100
231k
#define FIDO_MAXMSG     2048
101
#endif
102
103
/* CTAP capability bits. */
104
3.25k
#define FIDO_CAP_WINK   0x01 /* if set, device supports CTAP_CMD_WINK */
105
165k
#define FIDO_CAP_CBOR   0x04 /* if set, device supports CTAP_CMD_CBOR */
106
1.16k
#define FIDO_CAP_NMSG   0x08 /* if set, device doesn't support CTAP_CMD_MSG */
107
108
/* Supported COSE algorithms. */
109
1.70k
#define COSE_UNSPEC     0
110
43.4k
#define COSE_ES256      -7
111
8.17k
#define COSE_EDDSA      -8
112
4.29k
#define COSE_ECDH_ES256 -25
113
21.9k
#define COSE_ES384      -35
114
21.0k
#define COSE_RS256      -257
115
1.04k
#define COSE_RS1        -65535
116
117
/* Supported COSE types. */
118
1.29k
#define COSE_KTY_OKP    1
119
7.99k
#define COSE_KTY_EC2    2
120
191
#define COSE_KTY_RSA    3
121
122
/* Supported curves. */
123
3.70k
#define COSE_P256       1
124
238
#define COSE_P384       2
125
617
#define COSE_ED25519    6
126
127
/* Supported extensions. */
128
66.9k
#define FIDO_EXT_HMAC_SECRET    0x01
129
16.5k
#define FIDO_EXT_CRED_PROTECT   0x02
130
68.6k
#define FIDO_EXT_LARGEBLOB_KEY  0x04
131
66.7k
#define FIDO_EXT_CRED_BLOB      0x08
132
13.0k
#define FIDO_EXT_MINPINLEN      0x10
133
134
/* Supported credential protection policies. */
135
6.44k
#define FIDO_CRED_PROT_UV_OPTIONAL              0x01
136
5.13k
#define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID      0x02
137
1.20k
#define FIDO_CRED_PROT_UV_REQUIRED              0x03
138
139
#ifdef _FIDO_INTERNAL
140
56.9k
#define FIDO_EXT_ASSERT_MASK    (FIDO_EXT_HMAC_SECRET|FIDO_EXT_LARGEBLOB_KEY| \
141
56.9k
                                 FIDO_EXT_CRED_BLOB)
142
5.63k
#define FIDO_EXT_CRED_MASK      (FIDO_EXT_HMAC_SECRET|FIDO_EXT_CRED_PROTECT| \
143
5.63k
                                 FIDO_EXT_LARGEBLOB_KEY|FIDO_EXT_CRED_BLOB| \
144
5.63k
                                 FIDO_EXT_MINPINLEN)
145
#endif /* _FIDO_INTERNAL */
146
147
/* Recognised UV modes. */
148
#define FIDO_UV_MODE_TUP        0x0001  /* internal test of user presence */
149
#define FIDO_UV_MODE_FP         0x0002  /* internal fingerprint check */
150
#define FIDO_UV_MODE_PIN        0x0004  /* internal pin check */
151
#define FIDO_UV_MODE_VOICE      0x0008  /* internal voice recognition */
152
#define FIDO_UV_MODE_FACE       0x0010  /* internal face recognition */
153
#define FIDO_UV_MODE_LOCATION   0x0020  /* internal location check */
154
#define FIDO_UV_MODE_EYE        0x0040  /* internal eyeprint check */
155
#define FIDO_UV_MODE_DRAWN      0x0080  /* internal drawn pattern check */
156
#define FIDO_UV_MODE_HAND       0x0100  /* internal handprint verification */
157
#define FIDO_UV_MODE_NONE       0x0200  /* TUP/UV not required */
158
#define FIDO_UV_MODE_ALL        0x0400  /* all supported UV modes required */
159
#define FIDO_UV_MODE_EXT_PIN    0x0800  /* external pin verification */
160
#define FIDO_UV_MODE_EXT_DRAWN  0x1000  /* external drawn pattern check */
161
162
#endif /* !_FIDO_PARAM_H */