xref: /openbsd/lib/libfido2/src/fido/param.h (revision 4cfece93) 
1 /*
2  * Copyright (c) 2018 Yubico AB. All rights reserved.
3  * Use of this source code is governed by a BSD-style
4  * license that can be found in the LICENSE file.
5  */
6 
7 #ifndef _FIDO_PARAM_H
8 #define _FIDO_PARAM_H
9 
10 /* Authentication data flags. */
11 #define CTAP_AUTHDATA_USER_PRESENT	0x01
12 #define CTAP_AUTHDATA_USER_VERIFIED	0x04
13 #define CTAP_AUTHDATA_ATT_CRED		0x40
14 #define CTAP_AUTHDATA_EXT_DATA		0x80
15 
16 /* CTAPHID command opcodes. */
17 #define CTAP_CMD_PING			0x01
18 #define CTAP_CMD_MSG			0x03
19 #define CTAP_CMD_LOCK			0x04
20 #define CTAP_CMD_INIT			0x06
21 #define CTAP_CMD_WINK			0x08
22 #define CTAP_CMD_CBOR			0x10
23 #define CTAP_CMD_CANCEL			0x11
24 #define CTAP_KEEPALIVE			0x3b
25 #define CTAP_FRAME_INIT			0x80
26 
27 /* CTAPHID CBOR command opcodes. */
28 #define CTAP_CBOR_MAKECRED		0x01
29 #define CTAP_CBOR_ASSERT		0x02
30 #define CTAP_CBOR_GETINFO		0x04
31 #define CTAP_CBOR_CLIENT_PIN		0x06
32 #define CTAP_CBOR_RESET			0x07
33 #define CTAP_CBOR_NEXT_ASSERT		0x08
34 #define CTAP_CBOR_BIO_ENROLL_PRE	0x40
35 #define CTAP_CBOR_CRED_MGMT_PRE		0x41
36 
37 /* U2F command opcodes. */
38 #define U2F_CMD_REGISTER		0x01
39 #define U2F_CMD_AUTH			0x02
40 
41 /* U2F command flags. */
42 #define U2F_AUTH_SIGN			0x03
43 #define U2F_AUTH_CHECK			0x07
44 
45 /* ISO7816-4 status words. */
46 #define SW_CONDITIONS_NOT_SATISFIED	0x6985
47 #define SW_WRONG_DATA			0x6a80
48 #define SW_NO_ERROR			0x9000
49 
50 /* HID Broadcast channel ID. */
51 #define CTAP_CID_BROADCAST		0xffffffff
52 
53 /* Expected size of a HID report in bytes. */
54 #define CTAP_RPT_SIZE			64
55 
56 /* Randomness device on UNIX-like platforms. */
57 #ifndef FIDO_RANDOM_DEV
58 #define FIDO_RANDOM_DEV			"/dev/urandom"
59 #endif
60 
61 /* Maximum message size in bytes. */
62 #ifndef FIDO_MAXMSG
63 #define FIDO_MAXMSG	1200
64 #endif
65 
66 /* CTAP capability bits. */
67 #define FIDO_CAP_WINK	0x01 /* if set, device supports CTAP_CMD_WINK */
68 #define FIDO_CAP_CBOR	0x04 /* if set, device supports CTAP_CMD_CBOR */
69 #define FIDO_CAP_NMSG	0x08 /* if set, device doesn't support CTAP_CMD_MSG */
70 
71 /* Supported COSE algorithms. */
72 #define	COSE_ES256	-7
73 #define	COSE_EDDSA	-8
74 #define	COSE_ECDH_ES256	-25
75 #define	COSE_RS256	-257
76 
77 /* Supported COSE types. */
78 #define COSE_KTY_OKP	1
79 #define COSE_KTY_EC2	2
80 #define COSE_KTY_RSA	3
81 
82 /* Supported curves. */
83 #define COSE_P256	1
84 #define COSE_ED25519	6
85 
86 /* Supported extensions. */
87 #define FIDO_EXT_HMAC_SECRET	0x01
88 #define FIDO_EXT_CRED_PROTECT	0x02
89 
90 /* Supported credential protection policies. */
91 #define FIDO_CRED_PROT_UV_OPTIONAL		0x01
92 #define FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID	0x02
93 #define FIDO_CRED_PROT_UV_REQUIRED		0x03
94 
95 #endif /* !_FIDO_PARAM_H */
96