FIDO2 CTAP CBOR helper More...
FIDO2 CTAP CBOR helper
Files | |
| file | ctap_cbor.h |
| CTAP CBOR helper function declarations. | |
Macros | |
| #define | CTAP_CBOR_INFO_MAP_SZ 0x06 |
| CBOR map size of encoded getInfo response. | |
| #define | CTAP_CBOR_ATTESTATION_MAP_SZ 0x03 |
| CBOR map size of encoded attestation. | |
| #define | CTAP_CBOR_ATTESTATION_STMT_MAP_SZ 0x02 |
| CBOR map size of encoded attestation statement. | |
| #define | CTAP_CBOR_CRED_DESC_MAP_SZ 0x02 |
| CBOR map size of encoded credential description. | |
| #define | CTAP_CBOR_PIN_TOKEN_MAP_SZ 0x01 |
| CBOR map size of encoded pinToken. | |
| #define | CTAP_CBOR_USER_ENTITY_MAP_SZ 0x01 |
| CBOR map size of encoded user entity. | |
| #define | CTAP_CBOR_COSE_KEY_MAP_SZ 0x05 |
| CBOR map size of public key encoded in COSE format. | |
| #define | CTAP_CBOR_KEY_AGREEMENT_MAP_SZ 0x01 |
| CBOR map size of encoded clientPIN keyAgreement. | |
| #define | CTAP_CBOR_RETRIES_MAP_SZ 0x01 |
| CBOR map size of encoded clientPIN retries. | |
| #define | CTAP_CBOR_ATT_STMT_AUTH_DATA_SZ 0x134 |
| Attestation statement data buffer size. | |
| #define | CTAP_CBOR_MAP_MAX_KEY_LEN 0x10 |
| Max length of string key in CBOR map. | |
| #define | CTAP_CBOR_MAX_CREDENTIAL_TYPE_LEN 0x10 |
| Max length of PublicKeyCredentialType string. | |
Functions | |
| ctap_status_code_t | fido2_ctap_cbor_parse_make_credential_req (ctap_make_credential_req_t *req, const uint8_t *req_raw, size_t len) |
| Parse MakeCredential method. | |
| ctap_status_code_t | fido2_ctap_cbor_parse_get_assertion_req (ctap_get_assertion_req_t *req, const uint8_t *req_raw, size_t len) |
| Parse GetAssertion method. | |
| ctap_status_code_t | fido2_ctap_cbor_encode_info (const ctap_info_t *info) |
| Encode CBOR info map. | |
| ctap_status_code_t | fido2_ctap_cbor_parse_client_pin_req (ctap_client_pin_req_t *req, const uint8_t *req_raw, size_t len) |
| Parse ClientPIN method. | |
| ctap_status_code_t | fido2_ctap_cbor_encode_attestation_object (const ctap_auth_data_t *auth_data, const uint8_t *client_data_hash, ctap_resident_key_t *rk) |
| Encode attestation object. | |
| ctap_status_code_t | fido2_ctap_cbor_encode_assertion_object (const ctap_auth_data_header_t *auth_data, const uint8_t *client_data_hash, ctap_resident_key_t *rk, uint8_t valid_cred_count) |
| Encode assertion object. | |
| ctap_status_code_t | fido2_ctap_cbor_encode_key_agreement (const ctap_public_key_cose_t *key) |
| Encode key agreement. | |
| ctap_status_code_t | fido2_ctap_cbor_encode_pin_token (uint8_t *token, size_t len) |
| Encode encrypted pin token. | |
| ctap_status_code_t | fido2_ctap_cbor_encode_retries (uint8_t tries_left) |
| Encode PIN tries left. | |
| size_t | fido2_ctap_cbor_get_buffer_size (const uint8_t *buf) |
| Get size of CBOR encoded data. | |
| void | fido2_ctap_cbor_init_encoder (uint8_t *buf, size_t len) |
| Initialize CBOR encoder. | |
CTAP CBOR map key string values | |
| #define | CTAP_CBOR_STR_PACKED "packed" |
| packed key string | |
| #define | CTAP_CBOR_STR_ALG "alg" |
| algorithm key string | |
| #define | CTAP_CBOR_STR_SIG "sig" |
| signature key string | |
| #define | CTAP_CBOR_STR_ID "id" |
| id key string | |
| #define | CTAP_CBOR_STR_TYPE "type" |
| type key string | |
| #define | CTAP_CBOR_STR_PUBLIC_KEY "public-key" |
| public-key key string | |
| #define | CTAP_CBOR_STR_USER_VERIFIED "uv" |
| user verification key string | |
| #define | CTAP_CBOR_STR_USER_PRESENT "up" |
| user presence key string | |
| #define | CTAP_CBOR_STR_RESIDENT_KEY "rk" |
| resident key key string | |
| #define | CTAP_CBOR_STR_NAME "name" |
| name key string | |
| #define | CTAP_CBOR_STR_ICON "icon" |
| icon key string | |
| #define | CTAP_CBOR_DISPLAY_NAME "displayName" |
| displayName key string | |
CTAP Client PIN response CBOR map key values | |
| #define | CTAP_CBOR_CP_RESP_KEY_AGREEMENT 0x01 |
| KeyAgreement key value. | |
| #define | CTAP_CBOR_CP_PIN_TOKEN_RESP 0x02 |
| pinToken key value | |
| #define | CTAP_CBOR_CP_RETRIES_RESP 0x03 |
| retries key value | |
CTAP make credential request CBOR key values | |
| #define | CTAP_CBOR_MC_REQ_CLIENT_DATA_HASH 0x01 |
| clientDataHash key value | |
| #define | CTAP_CBOR_MC_REQ_RP 0x02 |
| relying party key value | |
| #define | CTAP_CBOR_MC_REQ_USER 0x03 |
| user key value | |
| #define | CTAP_CBOR_MC_REQ_PUB_KEY_CRED_PARAMS 0x04 |
| pubKeyCredParams key value | |
| #define | CTAP_CBOR_MC_REQ_EXCLUDE_LIST 0x05 |
| excludeList key value | |
| #define | CTAP_CBOR_MC_REQ_EXTENSIONS 0x06 |
| extensions key value | |
| #define | CTAP_CBOR_MC_REQ_OPTIONS 0x07 |
| options key value | |
| #define | CTAP_CBOR_MC_REQ_PIN_AUTH 0x08 |
| pinAuth key value | |
| #define | CTAP_CBOR_MC_REQ_PIN_PROTOCOL 0x09 |
| pinProtocol key value | |
CTAP get info response CBOR key values | |
| #define | CTAP_CBOR_GET_INFO_RESP_VERSIONS 0x01 |
| versions key value | |
| #define | CTAP_CBOR_GET_INFO_RESP_EXTENSIONS 0x02 |
| extensions key value | |
| #define | CTAP_CBOR_GET_INFO_RESP_AAGUID 0x03 |
| AAGUID key value. | |
| #define | CTAP_CBOR_GET_INFO_RESP_OPTIONS 0x04 |
| options key value | |
| #define | CTAP_CBOR_GET_INFO_RESP_MAX_MSG_SIZE 0x05 |
| maxMsgSize key value | |
| #define | CTAP_CBOR_GET_INFO_RESP_PIN_PROTOCOLS 0x06 |
| pinProtocol key value | |
CTAP version strings | |
| #define | CTAP_CBOR_VERSION_STRING_FIDO_PRE "FIDO_2_1_PRE" |
| FIDO 2.1 flag. | |
| #define | CTAP_CBOR_VERSION_STRING_FIDO "FIDO_2_0" |
| FIDO 2 flag. | |
| #define | CTAP_CBOR_VERSION_STRING_U2F_V2 "U2F_V2" |
| U2F V2 flag. | |
CTAP make credential response CBOR key values | |
| #define | CTAP_CBOR_MC_RESP_FMT 0x01 |
| attestation statement format identifier key value | |
| #define | CTAP_CBOR_MC_RESP_AUTH_DATA 0x02 |
| authData key value | |
| #define | CTAP_CBOR_MC_RESP_ATT_STMT 0x03 |
| attestation statement key value | |
CTAP get assertion request CBOR key values | |
| #define | CTAP_CBOR_GA_REQ_RP_ID 0x01 |
| relying party identifier key value | |
| #define | CTAP_CBOR_GA_REQ_CLIENT_DATA_HASH 0x02 |
| clientDataHash key value | |
| #define | CTAP_CBOR_GA_REQ_ALLOW_LIST 0x03 |
| allowList key value | |
| #define | CTAP_CBOR_GA_REQ_EXTENSIONS 0x04 |
| extensions key value | |
| #define | CTAP_CBOR_GA_REQ_OPTIONS 0x05 |
| options key value | |
| #define | CTAP_CBOR_GA_REQ_PIN_AUTH 0x06 |
| pinAuth key value | |
| #define | CTAP_CBOR_GA_REQ_PIN_PROTOCOL 0x07 |
| pinProtocol key value | |
CTAP get assertion response CBOR key values | |
| #define | CTAP_CBOR_GA_RESP_CREDENTIAL 0x01 |
| credential key value | |
| #define | CTAP_CBOR_GA_RESP_AUTH_DATA 0x02 |
| authData key value | |
| #define | CTAP_CBOR_GA_RESP_SIGNATURE 0x03 |
| signature key value | |
| #define | CTAP_CBOR_GA_RESP_USER 0x04 |
| user key value | |
| #define | CTAP_CBOR_GA_RESP_NUMBER_OF_CREDENTIALS 0x05 |
| numberOfCredentials key value | |
CTAP Client PIN request CBOR key values | |
| #define | CTAP_CBOR_CP_REQ_PIN_PROTOCOL 0x01 |
| pinProtocol key value | |
| #define | CTAP_CBOR_CP_REQ_SUB_COMMAND 0x02 |
| subCommand key value | |
| #define | CTAP_CBOR_CP_REQ_KEY_AGREEMENT 0x03 |
| keyAgreement key value | |
| #define | CTAP_CBOR_CP_REQ_PIN_AUTH 0x04 |
| pinAuth key value | |
| #define | CTAP_CBOR_CP_REQ_NEW_PIN_ENC 0x05 |
| newPinEnc key value | |
| #define | CTAP_CBOR_CP_REQ_PIN_HASH_ENC 0x06 |
| pinHashEnc key value | |
| #define CTAP_CBOR_ATT_STMT_AUTH_DATA_SZ 0x134 |
Attestation statement data buffer size.
Definition at line 79 of file ctap_cbor.h.
| #define CTAP_CBOR_ATTESTATION_MAP_SZ 0x03 |
CBOR map size of encoded attestation.
Definition at line 39 of file ctap_cbor.h.
| #define CTAP_CBOR_ATTESTATION_STMT_MAP_SZ 0x02 |
CBOR map size of encoded attestation statement.
Definition at line 44 of file ctap_cbor.h.
| #define CTAP_CBOR_COSE_KEY_MAP_SZ 0x05 |
CBOR map size of public key encoded in COSE format.
Definition at line 64 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_PIN_TOKEN_RESP 0x02 |
pinToken key value
Definition at line 115 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_REQ_KEY_AGREEMENT 0x03 |
keyAgreement key value
Definition at line 200 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_REQ_NEW_PIN_ENC 0x05 |
newPinEnc key value
Definition at line 202 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_REQ_PIN_AUTH 0x04 |
pinAuth key value
Definition at line 201 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_REQ_PIN_HASH_ENC 0x06 |
pinHashEnc key value
Definition at line 203 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_REQ_PIN_PROTOCOL 0x01 |
pinProtocol key value
Definition at line 198 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_REQ_SUB_COMMAND 0x02 |
subCommand key value
Definition at line 199 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_RESP_KEY_AGREEMENT 0x01 |
KeyAgreement key value.
Definition at line 114 of file ctap_cbor.h.
| #define CTAP_CBOR_CP_RETRIES_RESP 0x03 |
retries key value
Definition at line 116 of file ctap_cbor.h.
| #define CTAP_CBOR_CRED_DESC_MAP_SZ 0x02 |
CBOR map size of encoded credential description.
Definition at line 49 of file ctap_cbor.h.
| #define CTAP_CBOR_DISPLAY_NAME "displayName" |
displayName key string
Definition at line 106 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_ALLOW_LIST 0x03 |
allowList key value
Definition at line 174 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_CLIENT_DATA_HASH 0x02 |
clientDataHash key value
Definition at line 173 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_EXTENSIONS 0x04 |
extensions key value
Definition at line 175 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_OPTIONS 0x05 |
options key value
Definition at line 176 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_PIN_AUTH 0x06 |
pinAuth key value
Definition at line 177 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_PIN_PROTOCOL 0x07 |
pinProtocol key value
Definition at line 178 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_REQ_RP_ID 0x01 |
relying party identifier key value
Definition at line 172 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_RESP_AUTH_DATA 0x02 |
authData key value
Definition at line 187 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_RESP_CREDENTIAL 0x01 |
credential key value
Definition at line 186 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_RESP_NUMBER_OF_CREDENTIALS 0x05 |
numberOfCredentials key value
Definition at line 190 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_RESP_SIGNATURE 0x03 |
signature key value
Definition at line 188 of file ctap_cbor.h.
| #define CTAP_CBOR_GA_RESP_USER 0x04 |
user key value
Definition at line 189 of file ctap_cbor.h.
| #define CTAP_CBOR_GET_INFO_RESP_AAGUID 0x03 |
AAGUID key value.
Definition at line 142 of file ctap_cbor.h.
| #define CTAP_CBOR_GET_INFO_RESP_EXTENSIONS 0x02 |
extensions key value
Definition at line 141 of file ctap_cbor.h.
| #define CTAP_CBOR_GET_INFO_RESP_MAX_MSG_SIZE 0x05 |
maxMsgSize key value
Definition at line 144 of file ctap_cbor.h.
| #define CTAP_CBOR_GET_INFO_RESP_OPTIONS 0x04 |
options key value
Definition at line 143 of file ctap_cbor.h.
| #define CTAP_CBOR_GET_INFO_RESP_PIN_PROTOCOLS 0x06 |
pinProtocol key value
Definition at line 145 of file ctap_cbor.h.
| #define CTAP_CBOR_GET_INFO_RESP_VERSIONS 0x01 |
versions key value
Definition at line 140 of file ctap_cbor.h.
| #define CTAP_CBOR_INFO_MAP_SZ 0x06 |
CBOR map size of encoded getInfo response.
Definition at line 34 of file ctap_cbor.h.
| #define CTAP_CBOR_KEY_AGREEMENT_MAP_SZ 0x01 |
CBOR map size of encoded clientPIN keyAgreement.
Definition at line 69 of file ctap_cbor.h.
| #define CTAP_CBOR_MAP_MAX_KEY_LEN 0x10 |
Max length of string key in CBOR map.
Definition at line 84 of file ctap_cbor.h.
| #define CTAP_CBOR_MAX_CREDENTIAL_TYPE_LEN 0x10 |
Max length of PublicKeyCredentialType string.
Definition at line 89 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_CLIENT_DATA_HASH 0x01 |
clientDataHash key value
Definition at line 124 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_EXCLUDE_LIST 0x05 |
excludeList key value
Definition at line 128 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_EXTENSIONS 0x06 |
extensions key value
Definition at line 129 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_OPTIONS 0x07 |
options key value
Definition at line 130 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_PIN_AUTH 0x08 |
pinAuth key value
Definition at line 131 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_PIN_PROTOCOL 0x09 |
pinProtocol key value
Definition at line 132 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_PUB_KEY_CRED_PARAMS 0x04 |
pubKeyCredParams key value
Definition at line 127 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_RP 0x02 |
relying party key value
Definition at line 125 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_REQ_USER 0x03 |
user key value
Definition at line 126 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_RESP_ATT_STMT 0x03 |
attestation statement key value
Definition at line 164 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_RESP_AUTH_DATA 0x02 |
authData key value
Definition at line 163 of file ctap_cbor.h.
| #define CTAP_CBOR_MC_RESP_FMT 0x01 |
attestation statement format identifier key value
Definition at line 162 of file ctap_cbor.h.
| #define CTAP_CBOR_PIN_TOKEN_MAP_SZ 0x01 |
CBOR map size of encoded pinToken.
Definition at line 54 of file ctap_cbor.h.
| #define CTAP_CBOR_RETRIES_MAP_SZ 0x01 |
CBOR map size of encoded clientPIN retries.
Definition at line 74 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_ALG "alg" |
algorithm key string
Definition at line 96 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_ICON "icon" |
icon key string
Definition at line 105 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_ID "id" |
id key string
Definition at line 98 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_NAME "name" |
name key string
Definition at line 104 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_PACKED "packed" |
packed key string
Definition at line 95 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_PUBLIC_KEY "public-key" |
public-key key string
Definition at line 100 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_RESIDENT_KEY "rk" |
resident key key string
Definition at line 103 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_SIG "sig" |
signature key string
Definition at line 97 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_TYPE "type" |
type key string
Definition at line 99 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_USER_PRESENT "up" |
user presence key string
Definition at line 102 of file ctap_cbor.h.
| #define CTAP_CBOR_STR_USER_VERIFIED "uv" |
user verification key string
Definition at line 101 of file ctap_cbor.h.
| #define CTAP_CBOR_USER_ENTITY_MAP_SZ 0x01 |
CBOR map size of encoded user entity.
Definition at line 59 of file ctap_cbor.h.
| #define CTAP_CBOR_VERSION_STRING_FIDO "FIDO_2_0" |
FIDO 2 flag.
Definition at line 153 of file ctap_cbor.h.
| #define CTAP_CBOR_VERSION_STRING_FIDO_PRE "FIDO_2_1_PRE" |
FIDO 2.1 flag.
Definition at line 152 of file ctap_cbor.h.
| #define CTAP_CBOR_VERSION_STRING_U2F_V2 "U2F_V2" |
U2F V2 flag.
Definition at line 154 of file ctap_cbor.h.
| ctap_status_code_t fido2_ctap_cbor_encode_assertion_object | ( | const ctap_auth_data_header_t * | auth_data, |
| const uint8_t * | client_data_hash, | ||
| ctap_resident_key_t * | rk, | ||
| uint8_t | valid_cred_count ) |
Encode assertion object.
CTAP specification (version 20190130) section 5.2
| [in] | auth_data | authenticator data header |
| [in] | client_data_hash | SHA-256 hash of JSON serialized client data |
| [in] | rk | resident key |
| [in] | valid_cred_count | amount of valid credentials found in allow list |
| ctap_status_code_t fido2_ctap_cbor_encode_attestation_object | ( | const ctap_auth_data_t * | auth_data, |
| const uint8_t * | client_data_hash, | ||
| ctap_resident_key_t * | rk ) |
Encode attestation object.
Webauthn specification (version 20190304) section 6.5
| [in] | auth_data | authenticator data |
| [in] | client_data_hash | SHA-256 hash of JSON serialized client data |
| [in] | rk | resident key |
| ctap_status_code_t fido2_ctap_cbor_encode_info | ( | const ctap_info_t * | info | ) |
Encode CBOR info map.
CTAP specification (version 20190130) section 5.4
| [in] | info | information about capabilities |
| ctap_status_code_t fido2_ctap_cbor_encode_key_agreement | ( | const ctap_public_key_cose_t * | key | ) |
| ctap_status_code_t fido2_ctap_cbor_encode_pin_token | ( | uint8_t * | token, |
| size_t | len ) |
Encode encrypted pin token.
| [in] | token | encrypted pin token |
| [in] | len | length of token |
| ctap_status_code_t fido2_ctap_cbor_encode_retries | ( | uint8_t | tries_left | ) |
| size_t fido2_ctap_cbor_get_buffer_size | ( | const uint8_t * | buf | ) |
Get size of CBOR encoded data.
| [in] | buf | Buffer holding the data |
| void fido2_ctap_cbor_init_encoder | ( | uint8_t * | buf, |
| size_t | len ) |
Initialize CBOR encoder.
| [in] | buf | Buffer to hold CBOR encoded data |
| [in] | len | Length of buf |
| ctap_status_code_t fido2_ctap_cbor_parse_client_pin_req | ( | ctap_client_pin_req_t * | req, |
| const uint8_t * | req_raw, | ||
| size_t | len ) |
Parse ClientPIN method.
CTAP specification (version 20190130) section 5.5
| [in] | req | struct to parse into |
| [in] | req_raw | raw request |
| [in] | len | length of req_raw |
| ctap_status_code_t fido2_ctap_cbor_parse_get_assertion_req | ( | ctap_get_assertion_req_t * | req, |
| const uint8_t * | req_raw, | ||
| size_t | len ) |
Parse GetAssertion method.
CTAP specification (version 20190130) section 5.2
| [in] | req | struct to parse into |
| [in] | req_raw | raw request |
| [in] | len | length of req_raw |
| ctap_status_code_t fido2_ctap_cbor_parse_make_credential_req | ( | ctap_make_credential_req_t * | req, |
| const uint8_t * | req_raw, | ||
| size_t | len ) |
Parse MakeCredential method.
CTAP specification (version 20190130) section 5.1
| [in] | req | struct to parse into |
| [in] | req_raw | raw request |
| [in] | len | length of req_raw |
1.12.0