xref: /openbsd-src/lib/libfido2/src/fido/param.h (revision 46035553bfdd96e63c94e32da0210227ec2e3cf1) 
1 /*
2  * Copyright (c) 2018 Yubico AB. All rights reserved.
3  * Use of this source code is governed by a BSD-style
4  * license that can be found in the LICENSE file.
5  */
6 
7 #ifndef _FIDO_PARAM_H
8 #define _FIDO_PARAM_H
9 
10 /* Authentication data flags. */
11 #define CTAP_AUTHDATA_USER_PRESENT	0x01
12 #define CTAP_AUTHDATA_USER_VERIFIED	0x04
13 #define CTAP_AUTHDATA_ATT_CRED		0x40
14 #define CTAP_AUTHDATA_EXT_DATA		0x80
15 
16 /* CTAPHID command opcodes. */
17 #define CTAP_CMD_PING			0x01
18 #define CTAP_CMD_MSG			0x03
19 #define CTAP_CMD_LOCK			0x04
20 #define CTAP_CMD_INIT			0x06
21 #define CTAP_CMD_WINK			0x08
22 #define CTAP_CMD_CBOR			0x10
23 #define CTAP_CMD_CANCEL			0x11
24 #define CTAP_KEEPALIVE			0x3b
25 #define CTAP_FRAME_INIT			0x80
26 
27 /* CTAPHID CBOR command opcodes. */
28 #define CTAP_CBOR_MAKECRED		0x01
29 #define CTAP_CBOR_ASSERT		0x02
30 #define CTAP_CBOR_GETINFO		0x04
31 #define CTAP_CBOR_CLIENT_PIN		0x06
32 #define CTAP_CBOR_RESET			0x07
33 #define CTAP_CBOR_NEXT_ASSERT		0x08
34 #define CTAP_CBOR_BIO_ENROLL_PRE	0x40
35 #define CTAP_CBOR_CRED_MGMT_PRE		0x41
36 
37 /* U2F command opcodes. */
38 #define U2F_CMD_REGISTER		0x01
39 #define U2F_CMD_AUTH			0x02
40 
41 /* U2F command flags. */
42 #define U2F_AUTH_SIGN			0x03
43 #define U2F_AUTH_CHECK			0x07
44 
45 /* ISO7816-4 status words. */
46 #define SW_CONDITIONS_NOT_SATISFIED	0x6985
47 #define SW_WRONG_DATA			0x6a80
48 #define SW_NO_ERROR			0x9000
49 
50 /* HID Broadcast channel ID. */
51 #define CTAP_CID_BROADCAST		0xffffffff
52 
53 #define CTAP_INIT_HEADER_LEN		7
54 #define CTAP_CONT_HEADER_LEN		5
55 
56 /* Maximum length of a CTAP HID report in bytes. */
57 #define CTAP_MAX_REPORT_LEN		64
58 
59 /* Minimum length of a CTAP HID report in bytes. */
60 #define CTAP_MIN_REPORT_LEN		(CTAP_INIT_HEADER_LEN + 1)
61 
62 /* Randomness device on UNIX-like platforms. */
63 #ifndef FIDO_RANDOM_DEV
64 #define FIDO_RANDOM_DEV			"/dev/urandom"
65 #endif
66 
67 /* Maximum message size in bytes. */
68 #ifndef FIDO_MAXMSG
69 #define FIDO_MAXMSG	2048
70 #endif
71 
72 /* CTAP capability bits. */
73 #define FIDO_CAP_WINK	0x01 /* if set, device supports CTAP_CMD_WINK */
74 #define FIDO_CAP_CBOR	0x04 /* if set, device supports CTAP_CMD_CBOR */
75 #define FIDO_CAP_NMSG	0x08 /* if set, device doesn't support CTAP_CMD_MSG */
76 
77 /* Supported COSE algorithms. */
78 #define	COSE_ES256	-7
79 #define	COSE_EDDSA	-8
80 #define	COSE_ECDH_ES256	-25
81 #define	COSE_RS256	-257
82 
83 /* Supported COSE types. */
84 #define COSE_KTY_OKP	1
85 #define COSE_KTY_EC2	2
86 #define COSE_KTY_RSA	3
87 
88 /* Supported curves. */
89 #define COSE_P256	1
90 #define COSE_ED25519	6
91 
92 /* Supported extensions. */
93 #define FIDO_EXT_HMAC_SECRET	0x01
94 #define FIDO_EXT_CRED_PROTECT	0x02
95 
96 /* Supported credential protection policies. */
97 #define FIDO_CRED_PROT_UV_OPTIONAL		0x01
98 #define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID	0x02
99 #define FIDO_CRED_PROT_UV_REQUIRED		0x03
100 
101 #endif /* !_FIDO_PARAM_H */
102