CDC Badge OS
Firmware for the CDC Badge v1.0 hardware security key
Loading...
Searching...
No Matches
ctap2.h File Reference
#include <stdint.h>
#include <stdbool.h>
#include "fido2.h"

Go to the source code of this file.

Macros

#define CTAP2_CMD_MAKE_CREDENTIAL   0x01
#define CTAP2_CMD_GET_ASSERTION   0x02
#define CTAP2_CMD_GET_INFO   0x04
#define CTAP2_CMD_CLIENT_PIN   0x06
#define CTAP2_CMD_RESET   0x07
#define CTAP2_CMD_GET_NEXT_ASSERTION   0x08
#define CTAP2_CMD_CRED_MANAGEMENT   0x0A
#define CTAP2_CMD_SELECTION   0x0B
#define CTAP2_CMD_LARGE_BLOBS   0x0C
#define CTAP2_CMD_CONFIG   0x0D
#define CTAP2_CMD_VENDOR_FIRST   0x40
#define CTAP2_CMD_VENDOR_LAST   0xBF
#define CTAP2_OK   0x00
#define CTAP1_ERR_INVALID_COMMAND   0x01
#define CTAP1_ERR_INVALID_PARAMETER   0x02
#define CTAP1_ERR_INVALID_LENGTH   0x03
#define CTAP1_ERR_INVALID_SEQ   0x04
#define CTAP1_ERR_TIMEOUT   0x05
#define CTAP1_ERR_CHANNEL_BUSY   0x06
#define CTAP1_ERR_LOCK_REQUIRED   0x0A
#define CTAP1_ERR_INVALID_CHANNEL   0x0B
#define CTAP2_ERR_CBOR_UNEXPECTED_TYPE   0x11
#define CTAP2_ERR_INVALID_CBOR   0x12
#define CTAP2_ERR_MISSING_PARAMETER   0x14
#define CTAP2_ERR_LIMIT_EXCEEDED   0x15
#define CTAP2_ERR_UNSUPPORTED_EXT   0x16
#define CTAP2_ERR_CREDENTIAL_EXCLUDED   0x19
#define CTAP2_ERR_PROCESSING   0x21
#define CTAP2_ERR_INVALID_CREDENTIAL   0x22
#define CTAP2_ERR_USER_ACTION_PENDING   0x23
#define CTAP2_ERR_OPERATION_PENDING   0x24
#define CTAP2_ERR_NO_OPERATIONS   0x25
#define CTAP2_ERR_UNSUPPORTED_ALGORITHM   0x26
#define CTAP2_ERR_OPERATION_DENIED   0x27
#define CTAP2_ERR_KEY_STORE_FULL   0x28
#define CTAP2_ERR_NO_OPERATION_PENDING   0x2A
#define CTAP2_ERR_UNSUPPORTED_OPTION   0x2B
#define CTAP2_ERR_INVALID_OPTION   0x2C
#define CTAP2_ERR_KEEPALIVE_CANCEL   0x2D
#define CTAP2_ERR_NO_CREDENTIALS   0x2E
#define CTAP2_ERR_USER_ACTION_TIMEOUT   0x2F
#define CTAP2_ERR_NOT_ALLOWED   0x30
#define CTAP2_ERR_PIN_INVALID   0x31
#define CTAP2_ERR_PIN_BLOCKED   0x32
#define CTAP2_ERR_PIN_AUTH_INVALID   0x33
#define CTAP2_ERR_PIN_AUTH_BLOCKED   0x34
#define CTAP2_ERR_PIN_NOT_SET   0x35
#define CTAP2_ERR_PIN_REQUIRED   0x36
#define CTAP2_ERR_PIN_POLICY_VIOLATION   0x37
#define CTAP2_ERR_PIN_TOKEN_EXPIRED   0x38
#define CTAP2_ERR_REQUEST_TOO_LARGE   0x39
#define CTAP2_ERR_ACTION_TIMEOUT   0x3A
#define CTAP2_ERR_UP_REQUIRED   0x3B
#define CTAP2_ERR_UV_BLOCKED   0x3C
#define CTAP2_ERR_OTHER   0x7F
#define COSE_ALG_ES256   -7
#define COSE_ALG_EDDSA   -8
#define COSE_ALG_RS256   -257
#define COSE_ALG_ECDH_ES_HKDF_256   -25
#define COSE_KEY_LABEL_KTY   1
#define COSE_KEY_LABEL_KID   2
#define COSE_KEY_LABEL_ALG   3
#define COSE_KEY_LABEL_OPS   4
#define COSE_KEY_LABEL_BASE_IV   5
#define COSE_KEY_LABEL_CRV   -1
#define COSE_KEY_LABEL_X   -2
#define COSE_KEY_LABEL_Y   -3
#define COSE_KEY_LABEL_D   -4
#define COSE_KEY_TYPE_OKP   1
#define COSE_KEY_TYPE_EC2   2
#define COSE_KEY_TYPE_SYMMETRIC   4
#define COSE_CRV_P256   1
#define COSE_CRV_P384   2
#define COSE_CRV_P521   3
#define COSE_CRV_X25519   4
#define COSE_CRV_X448   5
#define COSE_CRV_ED25519   6
#define COSE_CRV_ED448   7
#define CTAP2_INFO_VERSIONS   0x01
#define CTAP2_INFO_EXTENSIONS   0x02
#define CTAP2_INFO_AAGUID   0x03
#define CTAP2_INFO_OPTIONS   0x04
#define CTAP2_INFO_MAX_MSG_SIZE   0x05
#define CTAP2_INFO_PIN_UV_AUTH_PROTOCOLS   0x06
#define CTAP2_INFO_MAX_CRED_COUNT_IN_LIST   0x07
#define CTAP2_INFO_MAX_CRED_ID_LENGTH   0x08
#define CTAP2_INFO_TRANSPORTS   0x09
#define CTAP2_INFO_ALGORITHMS   0x0A
#define CTAP2_MC_CLIENT_DATA_HASH   0x01
#define CTAP2_MC_RP   0x02
#define CTAP2_MC_USER   0x03
#define CTAP2_MC_PUB_KEY_CRED_PARAMS   0x04
#define CTAP2_MC_EXCLUDE_LIST   0x05
#define CTAP2_MC_EXTENSIONS   0x06
#define CTAP2_MC_OPTIONS   0x07
#define CTAP2_MC_PIN_UV_AUTH_PARAM   0x08
#define CTAP2_MC_PIN_UV_AUTH_PROTOCOL   0x09
#define CTAP2_MC_RESP_FMT   0x01
#define CTAP2_MC_RESP_AUTH_DATA   0x02
#define CTAP2_MC_RESP_ATT_STMT   0x03
#define CTAP2_GA_RP_ID   0x01
#define CTAP2_GA_CLIENT_DATA_HASH   0x02
#define CTAP2_GA_ALLOW_LIST   0x03
#define CTAP2_GA_EXTENSIONS   0x04
#define CTAP2_GA_OPTIONS   0x05
#define CTAP2_GA_PIN_UV_AUTH_PARAM   0x06
#define CTAP2_GA_PIN_UV_AUTH_PROTOCOL   0x07
#define CTAP2_GA_RESP_CREDENTIAL   0x01
#define CTAP2_GA_RESP_AUTH_DATA   0x02
#define CTAP2_GA_RESP_SIGNATURE   0x03
#define CTAP2_GA_RESP_USER   0x04
#define CTAP2_GA_RESP_NUMBER_OF_CREDS   0x05
#define CTAP2_PIN_PROTOCOL   0x01
#define CTAP2_PIN_SUBCOMMAND   0x02
#define CTAP2_PIN_KEY_AGREEMENT   0x03
#define CTAP2_PIN_AUTH   0x04
#define CTAP2_PIN_NEW_PIN_ENC   0x05
#define CTAP2_PIN_HASH_ENC   0x06
#define CTAP2_PIN_PERMISSIONS   0x09
#define CTAP2_PIN_PERMISSIONS_RPID   0x0A
#define CTAP2_PIN_RESP_KEY_AGREEMENT   0x01
#define CTAP2_PIN_RESP_PIN_TOKEN   0x02
#define CTAP2_PIN_RESP_PIN_RETRIES   0x03
#define CTAP2_PIN_RESP_POWER_CYCLE_STATE   0x04
#define CTAP2_PIN_RESP_UV_RETRIES   0x05
#define CTAP2_CM_SUBCOMMAND   0x01
#define CTAP2_CM_SUBCOMMAND_PARAMS   0x02
#define CTAP2_CM_PIN_UV_AUTH_PROTOCOL   0x03
#define CTAP2_CM_PIN_UV_AUTH_PARAM   0x04
#define CTAP2_CM_SUB_RP_ID_HASH   0x01
#define CTAP2_CM_SUB_CREDENTIAL_ID   0x02
#define CTAP2_CM_RESP_EXISTING_CRED_COUNT   0x01
#define CTAP2_CM_RESP_REMAINING_CRED_COUNT   0x02
#define CTAP2_CM_RESP_RP   0x03
#define CTAP2_CM_RESP_RP_ID_HASH   0x04
#define CTAP2_CM_RESP_TOTAL_RPS   0x05
#define CTAP2_CM_RESP_USER   0x06
#define CTAP2_CM_RESP_CREDENTIAL_ID   0x07
#define CTAP2_CM_RESP_PUBLIC_KEY   0x08
#define CTAP2_CM_RESP_TOTAL_CREDENTIALS   0x09
#define CTAP2_CM_RESP_CRED_PROTECT   0x0A

Functions

bool ctap2_init (void)
 Initializes CTAP2 runtime state.
uint8_t ctap2_process_command (const uint8_t *cmd, uint16_t cmd_len, uint8_t *response, uint16_t *response_len)
 Dispatches one CTAP2 command and writes response payload.
void ctap2_send_keepalive (uint8_t status)
 Sends CTAPHID keepalive for currently active channel.
void ctap2_cancel (void)
 Marks current CTAP2 operation as cancelled.
void ctap2_clear_cancel (void)
 Clears the cancel flag. Called when a new CTAPHID channel is opened so a cancel from a previous channel doesn't poison responses on the new one (notably the INIT response itself).
bool ctap2_is_cancelled (void)
 Returns true if the current CTAP2 operation has been cancelled.
uint8_t ctap2_make_credential (const uint8_t *params, uint16_t params_len, uint8_t *response, uint16_t *response_len)
uint8_t ctap2_get_assertion (const uint8_t *params, uint16_t params_len, uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorGetAssertion (0x02).
uint8_t ctap2_get_info (uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorGetInfo (0x04).
uint8_t ctap2_client_pin (const uint8_t *params, uint16_t params_len, uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorClientPIN (0x06).
uint8_t ctap2_reset (uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorReset (0x07).
uint8_t ctap2_get_next_assertion (uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorGetNextAssertion (0x08).
uint8_t ctap2_cred_management (const uint8_t *params, uint16_t params_len, uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorCredentialManagement (0x0A).
uint8_t ctap2_selection (uint8_t *response, uint16_t *response_len)
 Handles CTAP2 authenticatorSelection (0x0B).

Macro Definition Documentation

◆ COSE_ALG_ECDH_ES_HKDF_256

#define COSE_ALG_ECDH_ES_HKDF_256   -25

Definition at line 87 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ COSE_ALG_EDDSA

#define COSE_ALG_EDDSA   -8

Definition at line 85 of file ctap2.h.

Referenced by cdc::mod_fido2::ctap2_make_credential(), encode_info_algorithms(), and cdc::mod_fido2::parse_pubkey_cred_params().

◆ COSE_ALG_ES256

#define COSE_ALG_ES256   -7

Definition at line 84 of file ctap2.h.

Referenced by ctap2_build_make_credential_response_packed(), cdc::mod_fido2::ctap2_make_credential(), encode_info_algorithms(), and cdc::mod_fido2::parse_pubkey_cred_params().

◆ COSE_ALG_RS256

#define COSE_ALG_RS256   -257

Definition at line 86 of file ctap2.h.

◆ COSE_CRV_ED25519

#define COSE_CRV_ED25519   6

Definition at line 117 of file ctap2.h.

◆ COSE_CRV_ED448

#define COSE_CRV_ED448   7

Definition at line 118 of file ctap2.h.

◆ COSE_CRV_P256

#define COSE_CRV_P256   1

Definition at line 112 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ COSE_CRV_P384

#define COSE_CRV_P384   2

Definition at line 113 of file ctap2.h.

◆ COSE_CRV_P521

#define COSE_CRV_P521   3

Definition at line 114 of file ctap2.h.

◆ COSE_CRV_X25519

#define COSE_CRV_X25519   4

Definition at line 115 of file ctap2.h.

◆ COSE_CRV_X448

#define COSE_CRV_X448   5

Definition at line 116 of file ctap2.h.

◆ COSE_KEY_LABEL_ALG

#define COSE_KEY_LABEL_ALG   3

Definition at line 98 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ COSE_KEY_LABEL_BASE_IV

#define COSE_KEY_LABEL_BASE_IV   5

Definition at line 100 of file ctap2.h.

◆ COSE_KEY_LABEL_CRV

#define COSE_KEY_LABEL_CRV   -1

Definition at line 101 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ COSE_KEY_LABEL_D

#define COSE_KEY_LABEL_D   -4

Definition at line 104 of file ctap2.h.

◆ COSE_KEY_LABEL_KID

#define COSE_KEY_LABEL_KID   2

Definition at line 97 of file ctap2.h.

◆ COSE_KEY_LABEL_KTY

#define COSE_KEY_LABEL_KTY   1

Definition at line 96 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ COSE_KEY_LABEL_OPS

#define COSE_KEY_LABEL_OPS   4

Definition at line 99 of file ctap2.h.

◆ COSE_KEY_LABEL_X

#define COSE_KEY_LABEL_X   -2

Definition at line 102 of file ctap2.h.

Referenced by client_pin_get_key_agreement(), client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ COSE_KEY_LABEL_Y

#define COSE_KEY_LABEL_Y   -3

Definition at line 103 of file ctap2.h.

Referenced by client_pin_get_key_agreement(), client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ COSE_KEY_TYPE_EC2

#define COSE_KEY_TYPE_EC2   2

Definition at line 108 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ COSE_KEY_TYPE_OKP

#define COSE_KEY_TYPE_OKP   1

Definition at line 107 of file ctap2.h.

◆ COSE_KEY_TYPE_SYMMETRIC

#define COSE_KEY_TYPE_SYMMETRIC   4

Definition at line 109 of file ctap2.h.

◆ CTAP1_ERR_CHANNEL_BUSY

#define CTAP1_ERR_CHANNEL_BUSY   0x06

Definition at line 42 of file ctap2.h.

◆ CTAP1_ERR_INVALID_CHANNEL

#define CTAP1_ERR_INVALID_CHANNEL   0x0B

Definition at line 44 of file ctap2.h.

◆ CTAP1_ERR_INVALID_COMMAND

#define CTAP1_ERR_INVALID_COMMAND   0x01

Definition at line 37 of file ctap2.h.

Referenced by ctap2_client_pin(), and ctap2_process_command().

◆ CTAP1_ERR_INVALID_LENGTH

#define CTAP1_ERR_INVALID_LENGTH   0x03

Definition at line 39 of file ctap2.h.

◆ CTAP1_ERR_INVALID_PARAMETER

#define CTAP1_ERR_INVALID_PARAMETER   0x02

Definition at line 38 of file ctap2.h.

Referenced by ctap2_client_pin().

◆ CTAP1_ERR_INVALID_SEQ

#define CTAP1_ERR_INVALID_SEQ   0x04

Definition at line 40 of file ctap2.h.

◆ CTAP1_ERR_LOCK_REQUIRED

#define CTAP1_ERR_LOCK_REQUIRED   0x0A

Definition at line 43 of file ctap2.h.

◆ CTAP1_ERR_TIMEOUT

#define CTAP1_ERR_TIMEOUT   0x05

Definition at line 41 of file ctap2.h.

◆ CTAP2_CM_PIN_UV_AUTH_PARAM

#define CTAP2_CM_PIN_UV_AUTH_PARAM   0x04

Definition at line 190 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_PIN_UV_AUTH_PROTOCOL

#define CTAP2_CM_PIN_UV_AUTH_PROTOCOL   0x03

Definition at line 189 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_RESP_CRED_PROTECT

#define CTAP2_CM_RESP_CRED_PROTECT   0x0A

Definition at line 206 of file ctap2.h.

Referenced by cred_mgmt_encode_credential().

◆ CTAP2_CM_RESP_CREDENTIAL_ID

#define CTAP2_CM_RESP_CREDENTIAL_ID   0x07

Definition at line 203 of file ctap2.h.

Referenced by cred_mgmt_encode_credential().

◆ CTAP2_CM_RESP_EXISTING_CRED_COUNT

#define CTAP2_CM_RESP_EXISTING_CRED_COUNT   0x01

Definition at line 197 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_RESP_PUBLIC_KEY

#define CTAP2_CM_RESP_PUBLIC_KEY   0x08

Definition at line 204 of file ctap2.h.

Referenced by cred_mgmt_encode_credential().

◆ CTAP2_CM_RESP_REMAINING_CRED_COUNT

#define CTAP2_CM_RESP_REMAINING_CRED_COUNT   0x02

Definition at line 198 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_RESP_RP

#define CTAP2_CM_RESP_RP   0x03

Definition at line 199 of file ctap2.h.

Referenced by cred_mgmt_encode_rp().

◆ CTAP2_CM_RESP_RP_ID_HASH

#define CTAP2_CM_RESP_RP_ID_HASH   0x04

Definition at line 200 of file ctap2.h.

Referenced by cred_mgmt_encode_rp().

◆ CTAP2_CM_RESP_TOTAL_CREDENTIALS

#define CTAP2_CM_RESP_TOTAL_CREDENTIALS   0x09

Definition at line 205 of file ctap2.h.

Referenced by cred_mgmt_encode_credential().

◆ CTAP2_CM_RESP_TOTAL_RPS

#define CTAP2_CM_RESP_TOTAL_RPS   0x05

Definition at line 201 of file ctap2.h.

Referenced by cred_mgmt_encode_rp().

◆ CTAP2_CM_RESP_USER

#define CTAP2_CM_RESP_USER   0x06

Definition at line 202 of file ctap2.h.

Referenced by cred_mgmt_encode_credential().

◆ CTAP2_CM_SUB_CREDENTIAL_ID

#define CTAP2_CM_SUB_CREDENTIAL_ID   0x02

Definition at line 194 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_SUB_RP_ID_HASH

#define CTAP2_CM_SUB_RP_ID_HASH   0x01

Definition at line 193 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_SUBCOMMAND

#define CTAP2_CM_SUBCOMMAND   0x01

Definition at line 187 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CM_SUBCOMMAND_PARAMS

#define CTAP2_CM_SUBCOMMAND_PARAMS   0x02

Definition at line 188 of file ctap2.h.

Referenced by ctap2_cred_management().

◆ CTAP2_CMD_CLIENT_PIN

#define CTAP2_CMD_CLIENT_PIN   0x06

Definition at line 20 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_CONFIG

#define CTAP2_CMD_CONFIG   0x0D

Definition at line 26 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_CRED_MANAGEMENT

#define CTAP2_CMD_CRED_MANAGEMENT   0x0A

Definition at line 23 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_GET_ASSERTION

#define CTAP2_CMD_GET_ASSERTION   0x02

Definition at line 18 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_GET_INFO

#define CTAP2_CMD_GET_INFO   0x04

Definition at line 19 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_GET_NEXT_ASSERTION

#define CTAP2_CMD_GET_NEXT_ASSERTION   0x08

Definition at line 22 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_LARGE_BLOBS

#define CTAP2_CMD_LARGE_BLOBS   0x0C

Definition at line 25 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_MAKE_CREDENTIAL

#define CTAP2_CMD_MAKE_CREDENTIAL   0x01

Definition at line 17 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_RESET

#define CTAP2_CMD_RESET   0x07

Definition at line 21 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_SELECTION

#define CTAP2_CMD_SELECTION   0x0B

Definition at line 24 of file ctap2.h.

Referenced by ctap2_process_command().

◆ CTAP2_CMD_VENDOR_FIRST

#define CTAP2_CMD_VENDOR_FIRST   0x40

Definition at line 29 of file ctap2.h.

◆ CTAP2_CMD_VENDOR_LAST

#define CTAP2_CMD_VENDOR_LAST   0xBF

Definition at line 30 of file ctap2.h.

◆ CTAP2_ERR_ACTION_TIMEOUT

#define CTAP2_ERR_ACTION_TIMEOUT   0x3A

Definition at line 75 of file ctap2.h.

◆ CTAP2_ERR_CBOR_UNEXPECTED_TYPE

#define CTAP2_ERR_CBOR_UNEXPECTED_TYPE   0x11

Definition at line 45 of file ctap2.h.

◆ CTAP2_ERR_CREDENTIAL_EXCLUDED

#define CTAP2_ERR_CREDENTIAL_EXCLUDED   0x19

Definition at line 50 of file ctap2.h.

Referenced by cdc::mod_fido2::check_appid_exclude().

◆ CTAP2_ERR_INVALID_CBOR

#define CTAP2_ERR_INVALID_CBOR   0x12

Definition at line 46 of file ctap2.h.

Referenced by client_pin_get_pin_token(), client_pin_get_pin_uv_auth_token(), ctap2_client_pin(), ctap2_cred_management(), ga_parse_allow_list(), ga_parse_extensions(), ga_parse_options(), ga_parse_params(), and cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_ERR_INVALID_CREDENTIAL

#define CTAP2_ERR_INVALID_CREDENTIAL   0x22

Definition at line 52 of file ctap2.h.

◆ CTAP2_ERR_INVALID_OPTION

#define CTAP2_ERR_INVALID_OPTION   0x2C

Definition at line 61 of file ctap2.h.

Referenced by cdc::mod_fido2::ctap2_make_credential().

◆ CTAP2_ERR_KEEPALIVE_CANCEL

#define CTAP2_ERR_KEEPALIVE_CANCEL   0x2D

Definition at line 62 of file ctap2.h.

◆ CTAP2_ERR_KEY_STORE_FULL

#define CTAP2_ERR_KEY_STORE_FULL   0x28

Definition at line 58 of file ctap2.h.

Referenced by cdc::mod_fido2::create_credential_and_respond().

◆ CTAP2_ERR_LIMIT_EXCEEDED

#define CTAP2_ERR_LIMIT_EXCEEDED   0x15

Definition at line 48 of file ctap2.h.

◆ CTAP2_ERR_MISSING_PARAMETER

#define CTAP2_ERR_MISSING_PARAMETER   0x14

Definition at line 47 of file ctap2.h.

Referenced by client_pin_get_pin_token(), client_pin_get_pin_uv_auth_token(), ctap2_cred_management(), ctap2_get_assertion(), and cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_ERR_NO_CREDENTIALS

#define CTAP2_ERR_NO_CREDENTIALS   0x2E

Definition at line 63 of file ctap2.h.

Referenced by ctap2_cred_management(), and ctap2_get_assertion().

◆ CTAP2_ERR_NO_OPERATION_PENDING

#define CTAP2_ERR_NO_OPERATION_PENDING   0x2A

Definition at line 59 of file ctap2.h.

◆ CTAP2_ERR_NO_OPERATIONS

#define CTAP2_ERR_NO_OPERATIONS   0x25

Definition at line 55 of file ctap2.h.

◆ CTAP2_ERR_NOT_ALLOWED

#define CTAP2_ERR_NOT_ALLOWED   0x30

Definition at line 65 of file ctap2.h.

Referenced by ctap2_get_next_assertion().

◆ CTAP2_ERR_OPERATION_DENIED

#define CTAP2_ERR_OPERATION_DENIED   0x27

Definition at line 57 of file ctap2.h.

Referenced by ctap2_get_assertion(), cdc::mod_fido2::ctap2_make_credential(), ctap2_reset(), ctap2_selection(), and cdc::mod_fido2::handle_browser_probe().

◆ CTAP2_ERR_OPERATION_PENDING

#define CTAP2_ERR_OPERATION_PENDING   0x24

Definition at line 54 of file ctap2.h.

◆ CTAP2_ERR_OTHER

#define CTAP2_ERR_OTHER   0x7F

Definition at line 78 of file ctap2.h.

Referenced by client_pin_get_key_agreement(), client_pin_get_pin_token(), client_pin_get_pin_uv_auth_token(), ctap2_build_make_credential_response_packed(), ctap2_cred_management(), ctap2_get_assertion(), ctap2_get_info(), ctap2_get_next_assertion(), ctap2_reset(), ga_build_response(), ga_sign_assertion(), cdc::mod_fido2::handle_browser_probe(), and cdc::mod_fido2::mc_rollback_credential().

◆ CTAP2_ERR_PIN_AUTH_BLOCKED

#define CTAP2_ERR_PIN_AUTH_BLOCKED   0x34

Definition at line 69 of file ctap2.h.

◆ CTAP2_ERR_PIN_AUTH_INVALID

#define CTAP2_ERR_PIN_AUTH_INVALID   0x33

Definition at line 68 of file ctap2.h.

Referenced by ctap2_cred_management(), ga_verify_pin_auth(), and cdc::mod_fido2::verify_pin_uv_auth().

◆ CTAP2_ERR_PIN_BLOCKED

#define CTAP2_ERR_PIN_BLOCKED   0x32

Definition at line 67 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_ERR_PIN_INVALID

#define CTAP2_ERR_PIN_INVALID   0x31

Definition at line 66 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_ERR_PIN_NOT_SET

#define CTAP2_ERR_PIN_NOT_SET   0x35

Definition at line 70 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_ERR_PIN_POLICY_VIOLATION

#define CTAP2_ERR_PIN_POLICY_VIOLATION   0x37

Definition at line 72 of file ctap2.h.

◆ CTAP2_ERR_PIN_REQUIRED

#define CTAP2_ERR_PIN_REQUIRED   0x36

Definition at line 71 of file ctap2.h.

◆ CTAP2_ERR_PIN_TOKEN_EXPIRED

#define CTAP2_ERR_PIN_TOKEN_EXPIRED   0x38

Definition at line 73 of file ctap2.h.

◆ CTAP2_ERR_PROCESSING

#define CTAP2_ERR_PROCESSING   0x21

Definition at line 51 of file ctap2.h.

◆ CTAP2_ERR_REQUEST_TOO_LARGE

#define CTAP2_ERR_REQUEST_TOO_LARGE   0x39

Definition at line 74 of file ctap2.h.

◆ CTAP2_ERR_UNSUPPORTED_ALGORITHM

#define CTAP2_ERR_UNSUPPORTED_ALGORITHM   0x26

Definition at line 56 of file ctap2.h.

Referenced by cdc::mod_fido2::ctap2_make_credential().

◆ CTAP2_ERR_UNSUPPORTED_EXT

#define CTAP2_ERR_UNSUPPORTED_EXT   0x16

Definition at line 49 of file ctap2.h.

◆ CTAP2_ERR_UNSUPPORTED_OPTION

#define CTAP2_ERR_UNSUPPORTED_OPTION   0x2B

Definition at line 60 of file ctap2.h.

Referenced by ctap2_client_pin(), ctap2_cred_management(), ctap2_get_assertion(), cdc::mod_fido2::ctap2_make_credential(), and ctap2_process_command().

◆ CTAP2_ERR_UP_REQUIRED

#define CTAP2_ERR_UP_REQUIRED   0x3B

Definition at line 76 of file ctap2.h.

◆ CTAP2_ERR_USER_ACTION_PENDING

#define CTAP2_ERR_USER_ACTION_PENDING   0x23

Definition at line 53 of file ctap2.h.

◆ CTAP2_ERR_USER_ACTION_TIMEOUT

#define CTAP2_ERR_USER_ACTION_TIMEOUT   0x2F

Definition at line 64 of file ctap2.h.

◆ CTAP2_ERR_UV_BLOCKED

#define CTAP2_ERR_UV_BLOCKED   0x3C

Definition at line 77 of file ctap2.h.

◆ CTAP2_GA_ALLOW_LIST

#define CTAP2_GA_ALLOW_LIST   0x03

Definition at line 156 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_GA_CLIENT_DATA_HASH

#define CTAP2_GA_CLIENT_DATA_HASH   0x02

Definition at line 155 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_GA_EXTENSIONS

#define CTAP2_GA_EXTENSIONS   0x04

Definition at line 157 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_GA_OPTIONS

#define CTAP2_GA_OPTIONS   0x05

Definition at line 158 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_GA_PIN_UV_AUTH_PARAM

#define CTAP2_GA_PIN_UV_AUTH_PARAM   0x06

Definition at line 159 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_GA_PIN_UV_AUTH_PROTOCOL

#define CTAP2_GA_PIN_UV_AUTH_PROTOCOL   0x07

Definition at line 160 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_GA_RESP_AUTH_DATA

#define CTAP2_GA_RESP_AUTH_DATA   0x02

Definition at line 164 of file ctap2.h.

Referenced by ctap2_get_next_assertion(), and ga_build_response().

◆ CTAP2_GA_RESP_CREDENTIAL

#define CTAP2_GA_RESP_CREDENTIAL   0x01

Definition at line 163 of file ctap2.h.

Referenced by ctap2_get_next_assertion(), and ga_build_response().

◆ CTAP2_GA_RESP_NUMBER_OF_CREDS

#define CTAP2_GA_RESP_NUMBER_OF_CREDS   0x05

Definition at line 167 of file ctap2.h.

Referenced by ga_build_response().

◆ CTAP2_GA_RESP_SIGNATURE

#define CTAP2_GA_RESP_SIGNATURE   0x03

Definition at line 165 of file ctap2.h.

Referenced by ctap2_get_next_assertion(), and ga_build_response().

◆ CTAP2_GA_RESP_USER

#define CTAP2_GA_RESP_USER   0x04

Definition at line 166 of file ctap2.h.

Referenced by ga_build_response().

◆ CTAP2_GA_RP_ID

#define CTAP2_GA_RP_ID   0x01

Definition at line 154 of file ctap2.h.

Referenced by ga_parse_params().

◆ CTAP2_INFO_AAGUID

#define CTAP2_INFO_AAGUID   0x03

Definition at line 128 of file ctap2.h.

Referenced by encode_info_aaguid().

◆ CTAP2_INFO_ALGORITHMS

#define CTAP2_INFO_ALGORITHMS   0x0A

Definition at line 135 of file ctap2.h.

Referenced by encode_info_algorithms().

◆ CTAP2_INFO_EXTENSIONS

#define CTAP2_INFO_EXTENSIONS   0x02

Definition at line 127 of file ctap2.h.

Referenced by encode_info_extensions().

◆ CTAP2_INFO_MAX_CRED_COUNT_IN_LIST

#define CTAP2_INFO_MAX_CRED_COUNT_IN_LIST   0x07

Definition at line 132 of file ctap2.h.

Referenced by encode_info_max_cred_count().

◆ CTAP2_INFO_MAX_CRED_ID_LENGTH

#define CTAP2_INFO_MAX_CRED_ID_LENGTH   0x08

Definition at line 133 of file ctap2.h.

Referenced by encode_info_max_cred_id_length().

◆ CTAP2_INFO_MAX_MSG_SIZE

#define CTAP2_INFO_MAX_MSG_SIZE   0x05

Definition at line 130 of file ctap2.h.

Referenced by encode_info_max_msg_size().

◆ CTAP2_INFO_OPTIONS

#define CTAP2_INFO_OPTIONS   0x04

Definition at line 129 of file ctap2.h.

Referenced by encode_info_options().

◆ CTAP2_INFO_PIN_UV_AUTH_PROTOCOLS

#define CTAP2_INFO_PIN_UV_AUTH_PROTOCOLS   0x06

Definition at line 131 of file ctap2.h.

Referenced by encode_info_pin_uv_auth_protocols().

◆ CTAP2_INFO_TRANSPORTS

#define CTAP2_INFO_TRANSPORTS   0x09

Definition at line 134 of file ctap2.h.

Referenced by encode_info_transports().

◆ CTAP2_INFO_VERSIONS

#define CTAP2_INFO_VERSIONS   0x01

Definition at line 126 of file ctap2.h.

Referenced by encode_info_versions().

◆ CTAP2_MC_CLIENT_DATA_HASH

#define CTAP2_MC_CLIENT_DATA_HASH   0x01

Definition at line 138 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_EXCLUDE_LIST

#define CTAP2_MC_EXCLUDE_LIST   0x05

Definition at line 142 of file ctap2.h.

◆ CTAP2_MC_EXTENSIONS

#define CTAP2_MC_EXTENSIONS   0x06

Definition at line 143 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_OPTIONS

#define CTAP2_MC_OPTIONS   0x07

Definition at line 144 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_PIN_UV_AUTH_PARAM

#define CTAP2_MC_PIN_UV_AUTH_PARAM   0x08

Definition at line 145 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_PIN_UV_AUTH_PROTOCOL

#define CTAP2_MC_PIN_UV_AUTH_PROTOCOL   0x09

Definition at line 146 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_PUB_KEY_CRED_PARAMS

#define CTAP2_MC_PUB_KEY_CRED_PARAMS   0x04

Definition at line 141 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_RESP_ATT_STMT

#define CTAP2_MC_RESP_ATT_STMT   0x03

Definition at line 151 of file ctap2.h.

Referenced by ctap2_build_make_credential_response_packed().

◆ CTAP2_MC_RESP_AUTH_DATA

#define CTAP2_MC_RESP_AUTH_DATA   0x02

Definition at line 150 of file ctap2.h.

Referenced by ctap2_build_make_credential_response_packed().

◆ CTAP2_MC_RESP_FMT

#define CTAP2_MC_RESP_FMT   0x01

Definition at line 149 of file ctap2.h.

Referenced by ctap2_build_make_credential_response_packed().

◆ CTAP2_MC_RP

#define CTAP2_MC_RP   0x02

Definition at line 139 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_MC_USER

#define CTAP2_MC_USER   0x03

Definition at line 140 of file ctap2.h.

Referenced by cdc::mod_fido2::parse_make_credential_params().

◆ CTAP2_OK

#define CTAP2_OK   0x00

Definition at line 36 of file ctap2.h.

Referenced by build_authenticator_data(), cdc::mod_fido2::check_appid_exclude(), client_pin_get_key_agreement(), client_pin_get_pin_token(), client_pin_get_pin_uv_auth_token(), client_pin_get_retries(), cdc::mod_fido2::create_credential_and_respond(), ctap2_build_auth_data_for_cred(), ctap2_build_make_credential_response_packed(), ctap2_cred_management(), ctap2_get_assertion(), ctap2_get_info(), ctap2_get_next_assertion(), cdc::mod_fido2::ctap2_make_credential(), ctap2_reset(), ctap2_selection(), ga_build_response(), ga_parse_allow_list(), ga_parse_extensions(), ga_parse_options(), ga_parse_params(), ga_sign_assertion(), ga_verify_pin_auth(), cdc::mod_fido2::parse_make_credential_params(), and cdc::mod_fido2::verify_pin_uv_auth().

◆ CTAP2_PIN_AUTH

#define CTAP2_PIN_AUTH   0x04

Definition at line 173 of file ctap2.h.

◆ CTAP2_PIN_HASH_ENC

#define CTAP2_PIN_HASH_ENC   0x06

Definition at line 175 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_PIN_KEY_AGREEMENT

#define CTAP2_PIN_KEY_AGREEMENT   0x03

Definition at line 172 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_PIN_NEW_PIN_ENC

#define CTAP2_PIN_NEW_PIN_ENC   0x05

Definition at line 174 of file ctap2.h.

◆ CTAP2_PIN_PERMISSIONS

#define CTAP2_PIN_PERMISSIONS   0x09

Definition at line 176 of file ctap2.h.

Referenced by client_pin_get_pin_uv_auth_token().

◆ CTAP2_PIN_PERMISSIONS_RPID

#define CTAP2_PIN_PERMISSIONS_RPID   0x0A

Definition at line 177 of file ctap2.h.

Referenced by client_pin_get_pin_uv_auth_token().

◆ CTAP2_PIN_PROTOCOL

#define CTAP2_PIN_PROTOCOL   0x01

Definition at line 170 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_PIN_RESP_KEY_AGREEMENT

#define CTAP2_PIN_RESP_KEY_AGREEMENT   0x01

Definition at line 180 of file ctap2.h.

Referenced by client_pin_get_key_agreement().

◆ CTAP2_PIN_RESP_PIN_RETRIES

#define CTAP2_PIN_RESP_PIN_RETRIES   0x03

Definition at line 182 of file ctap2.h.

Referenced by client_pin_get_retries().

◆ CTAP2_PIN_RESP_PIN_TOKEN

#define CTAP2_PIN_RESP_PIN_TOKEN   0x02

Definition at line 181 of file ctap2.h.

Referenced by client_pin_get_pin_token(), and client_pin_get_pin_uv_auth_token().

◆ CTAP2_PIN_RESP_POWER_CYCLE_STATE

#define CTAP2_PIN_RESP_POWER_CYCLE_STATE   0x04

Definition at line 183 of file ctap2.h.

◆ CTAP2_PIN_RESP_UV_RETRIES

#define CTAP2_PIN_RESP_UV_RETRIES   0x05

Definition at line 184 of file ctap2.h.

Referenced by client_pin_get_retries().

◆ CTAP2_PIN_SUBCOMMAND

#define CTAP2_PIN_SUBCOMMAND   0x02

Definition at line 171 of file ctap2.h.

Function Documentation

◆ ctap2_cancel()

void ctap2_cancel ( void )

Marks current CTAP2 operation as cancelled.

Cancel any pending operation.

Definition at line 3624 of file ctap2.cpp.

References CTAP2_DEBUG_COMMANDS, g_ctap2, LOG_D, and TAG.

Referenced by handle_cancel().

◆ ctap2_clear_cancel()

void ctap2_clear_cancel ( void )

Clears the cancel flag. Called when a new CTAPHID channel is opened so a cancel from a previous channel doesn't poison responses on the new one (notably the INIT response itself).

Clears the cancel flag. Called when a new CTAPHID channel is opened so a cancel from a previous channel doesn't poison responses on the new one (notably the INIT response itself).

Definition at line 3634 of file ctap2.cpp.

References g_ctap2.

Referenced by cdc::mod_fido2::fido2_ui_user_presence_callback(), and handle_init().

◆ ctap2_client_pin()

uint8_t ctap2_client_pin ( const uint8_t * params,
uint16_t params_len,
uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorClientPIN (0x06).

Parameters
paramsCBOR request payload.
params_lenLength of params.
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 2948 of file ctap2.cpp.

References cbor_read_map(), cbor_read_uint(), cbor_reader_init(), cbor_skip_item(), client_pin_get_key_agreement(), client_pin_get_pin_token(), client_pin_get_pin_uv_auth_token(), client_pin_get_retries(), CTAP1_ERR_INVALID_COMMAND, CTAP1_ERR_INVALID_PARAMETER, CTAP2_ERR_INVALID_CBOR, CTAP2_ERR_UNSUPPORTED_OPTION, g_client_pin, LOG_I, LOG_W, PIN_CMD_CHANGE_PIN, PIN_CMD_GET_KEY_AGREEMENT, PIN_CMD_GET_PIN_TOKEN, PIN_CMD_GET_PIN_UV_TOKEN, PIN_CMD_GET_RETRIES, PIN_CMD_SET_PIN, PIN_PROTOCOL_VERSION, PIN_RETRIES_MAX, PIN_UV_RETRIES_MAX, and TAG_PIN.

Referenced by ctap2_process_command().

◆ ctap2_cred_management()

uint8_t ctap2_cred_management ( const uint8_t * params,
uint16_t params_len,
uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorCredentialManagement (0x0A).

Parameters
paramsCBOR request payload.
params_lenLength of params.
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 3220 of file ctap2.cpp.

References cbor_encode_map(), cbor_encode_uint(), cbor_read_bytes(), cbor_read_map(), cbor_read_text(), cbor_read_uint(), cbor_reader_init(), cbor_skip_item(), cbor_writer_error(), cbor_writer_init(), cbor_writer_length(), cred_mgmt_count_unique_rps(), CRED_MGMT_DELETE_CREDENTIAL, cred_mgmt_encode_credential(), cred_mgmt_encode_rp(), CRED_MGMT_ENUMERATE_CREDS_BEGIN, CRED_MGMT_ENUMERATE_CREDS_GET_NEXT, CRED_MGMT_ENUMERATE_RPS_BEGIN, CRED_MGMT_ENUMERATE_RPS_GET_NEXT, cred_mgmt_find_creds_for_rp(), CRED_MGMT_GET_CREDS_METADATA, CTAP2_CM_PIN_UV_AUTH_PARAM, CTAP2_CM_PIN_UV_AUTH_PROTOCOL, CTAP2_CM_RESP_EXISTING_CRED_COUNT, CTAP2_CM_RESP_REMAINING_CRED_COUNT, CTAP2_CM_SUB_CREDENTIAL_ID, CTAP2_CM_SUB_RP_ID_HASH, CTAP2_CM_SUBCOMMAND, CTAP2_CM_SUBCOMMAND_PARAMS, CTAP2_ERR_INVALID_CBOR, CTAP2_ERR_MISSING_PARAMETER, CTAP2_ERR_NO_CREDENTIALS, CTAP2_ERR_OTHER, CTAP2_ERR_PIN_AUTH_INVALID, CTAP2_ERR_UNSUPPORTED_OPTION, CTAP2_OK, FIDO2_CRED_ID_LEN, FIDO2_MAX_CREDENTIALS, fido2_storage_delete_credential(), fido2_storage_find_slot_by_cred_id(), fido2_storage_is_resident(), g_client_pin, g_cred_mgmt, LOG_I, rp_id_hash, and TAG.

Referenced by ctap2_process_command().

◆ ctap2_get_assertion()

uint8_t ctap2_get_assertion ( const uint8_t * params,
uint16_t params_len,
uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorGetAssertion (0x02).

Parameters
paramsCBOR request payload.
params_lenLength of params.
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 1832 of file ctap2.cpp.

References build_authenticator_data(), creds, ctap2_build_appid_extension(), CTAP2_ERR_MISSING_PARAMETER, CTAP2_ERR_NO_CREDENTIALS, CTAP2_ERR_OPERATION_DENIED, CTAP2_ERR_OTHER, CTAP2_ERR_UNSUPPORTED_OPTION, CTAP2_OK, FIDO2_ACTION_AUTHENTICATE, FIDO2_CRED_ID_LEN, fido2_increment_auth_counter(), fido2_storage_get_cred_id(), fido2_storage_get_credential(), fido2_storage_increment_sign_count(), flags, g_ctap2, ga_build_response(), ga_find_credentials(), ga_parse_params(), ga_sign_assertion(), ga_verify_pin_auth(), LOG_E, LOG_I, sign_count, TAG, and wait_for_user_presence().

Referenced by ctap2_process_command().

◆ ctap2_get_info()

uint8_t ctap2_get_info ( uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorGetInfo (0x04).

Parameters
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 667 of file ctap2.cpp.

References cbor_encode_map(), cbor_writer_error(), cbor_writer_init(), cbor_writer_length(), CTAP2_ERR_OTHER, CTAP2_OK, encode_info_aaguid(), encode_info_algorithms(), encode_info_extensions(), encode_info_max_cred_count(), encode_info_max_cred_id_length(), encode_info_max_msg_size(), encode_info_options(), encode_info_pin_uv_auth_protocols(), encode_info_transports(), and encode_info_versions().

Referenced by ctap2_process_command().

◆ ctap2_get_next_assertion()

uint8_t ctap2_get_next_assertion ( uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorGetNextAssertion (0x08).

Parameters
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 1973 of file ctap2.cpp.

References build_authenticator_data(), cbor_encode_bytes(), cbor_encode_map(), cbor_encode_text(), cbor_encode_uint(), cbor_writer_init(), cbor_writer_length(), ctap2_build_appid_extension(), CTAP2_ERR_NOT_ALLOWED, CTAP2_ERR_OTHER, CTAP2_GA_RESP_AUTH_DATA, CTAP2_GA_RESP_CREDENTIAL, CTAP2_GA_RESP_SIGNATURE, CTAP2_OK, FIDO2_CRED_ID_LEN, fido2_storage_get_cred_id(), fido2_storage_get_credential(), fido2_storage_increment_sign_count(), fido2_storage_sign_raw(), g_ctap2, LOG_E, sign_count, and TAG.

Referenced by ctap2_process_command().

◆ ctap2_init()

bool ctap2_init ( void )

Initializes CTAP2 runtime state.

Initialize CTAP2 protocol handler.

Returns
true on success
true on success.

Definition at line 3513 of file ctap2.cpp.

References g_ctap2, LOG_I, and TAG.

Referenced by fido2_init().

◆ ctap2_is_cancelled()

bool ctap2_is_cancelled ( void )

Returns true if the current CTAP2 operation has been cancelled.

Definition at line 3641 of file ctap2.cpp.

References g_ctap2.

Referenced by ctaphid_get_response_packet(), and cdc::mod_fido2::fido2_ui_user_presence_callback().

◆ ctap2_make_credential()

uint8_t ctap2_make_credential ( const uint8_t * params,
uint16_t params_len,
uint8_t * response,
uint16_t * response_len )

Referenced by ctap2_process_command().

◆ ctap2_process_command()

uint8_t ctap2_process_command ( const uint8_t * cmd,
uint16_t cmd_len,
uint8_t * response,
uint16_t * response_len )

Dispatches one CTAP2 command and writes response payload.

Process a CTAP2 command.

Parameters
Plugin command channelCommand buffer (first byte is command code)
cmd_lenCommand length
responseOutput buffer for response
response_lenInput: max size, Output: actual size
Returns
CTAP2 status code (first byte of response)
Parameters
Plugin command channelCommand buffer (command byte || CBOR params).
cmd_lenLength of Plugin command channel.
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2/CTAP1 status code.

Definition at line 3529 of file ctap2.cpp.

References CTAP1_ERR_INVALID_COMMAND, ctap2_client_pin(), CTAP2_CMD_CLIENT_PIN, CTAP2_CMD_CONFIG, CTAP2_CMD_CRED_MANAGEMENT, CTAP2_CMD_GET_ASSERTION, CTAP2_CMD_GET_INFO, CTAP2_CMD_GET_NEXT_ASSERTION, CTAP2_CMD_LARGE_BLOBS, CTAP2_CMD_MAKE_CREDENTIAL, CTAP2_CMD_RESET, CTAP2_CMD_SELECTION, ctap2_cred_management(), CTAP2_ERR_UNSUPPORTED_OPTION, ctap2_get_assertion(), ctap2_get_info(), ctap2_get_next_assertion(), ctap2_make_credential(), ctap2_reset(), ctap2_selection(), g_ctap2, LOG_I, and TAG.

Referenced by handle_cbor().

◆ ctap2_reset()

uint8_t ctap2_reset ( uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorReset (0x07).

Parameters
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 3027 of file ctap2.cpp.

References CTAP2_ERR_OPERATION_DENIED, CTAP2_ERR_OTHER, CTAP2_OK, FIDO2_ACTION_AUTHENTICATE, fido2_factory_reset(), LOG_I, TAG, and wait_for_user_presence().

Referenced by ctap2_process_command().

◆ ctap2_selection()

uint8_t ctap2_selection ( uint8_t * response,
uint16_t * response_len )

Handles CTAP2 authenticatorSelection (0x0B).

Parameters
responseOutput response buffer.
response_lenIn/out response length.
Returns
CTAP2 status code.

Definition at line 3496 of file ctap2.cpp.

References CTAP2_ERR_OPERATION_DENIED, CTAP2_OK, FIDO2_ACTION_SELECT, and wait_for_user_presence().

Referenced by ctap2_process_command().

◆ ctap2_send_keepalive()

void ctap2_send_keepalive ( uint8_t status)

Sends CTAPHID keepalive for currently active channel.

Send keepalive during long operations. Called periodically to prevent timeout.

Parameters
statusKeepalive status byte.

Definition at line 3614 of file ctap2.cpp.

References ctaphid_get_current_cid(), and ctaphid_send_keepalive().

Referenced by cdc::mod_fido2::create_credential_and_respond().