CDC Badge OS
Firmware for the CDC Badge v1.0 hardware security key
Loading...
Searching...
No Matches
u2f.h
Go to the documentation of this file.
1// U2F/CTAP1 Protocol Implementation
2// Legacy U2F support for Chrome compatibility
3
4#pragma once
5#include <stdint.h>
6#include <stdbool.h>
7#include <stddef.h>
8
9#ifdef __cplusplus
10extern "C" {
11#endif
12
13// ============================================================================
14// U2F Constants
15// ============================================================================
16
17// U2F Command bytes (INS)
18#define U2F_INS_REGISTER 0x01
19#define U2F_INS_AUTHENTICATE 0x02
20#define U2F_INS_VERSION 0x03
21
22// U2F Authentication control bytes (P1)
23#define U2F_AUTH_CHECK_ONLY 0x07 // Check if key handle valid
24#define U2F_AUTH_ENFORCE 0x03 // Sign with user presence
25#define U2F_AUTH_DONT_ENFORCE 0x08 // Sign without user presence (not recommended)
26
27// U2F Status Words (SW1 || SW2)
28#define U2F_SW_NO_ERROR 0x9000
29#define U2F_SW_CONDITIONS_NOT_SATISFIED 0x6985 // User presence required
30#define U2F_SW_WRONG_DATA 0x6A80 // Invalid key handle
31#define U2F_SW_WRONG_LENGTH 0x6700
32#define U2F_SW_CLA_NOT_SUPPORTED 0x6E00
33#define U2F_SW_INS_NOT_SUPPORTED 0x6D00
34#define U2F_SW_WRONG_P1P2 0x6B00
35#define U2F_SW_WTF 0x6F00 // Internal error
36
37// U2F Sizes
38#define U2F_CHALLENGE_SIZE 32
39#define U2F_APPLICATION_SIZE 32
40#define U2F_KEY_HANDLE_SIZE 64 // Match FIDO2 credential ID
41#define U2F_REGISTER_ID 0x05 // Registration reserved byte
42#define U2F_EC_POINT_SIZE 65 // 0x04 || X || Y (uncompressed)
43#define U2F_EC_KEY_SIZE 32 // P-256 key component
44#define U2F_MAX_ATT_CERT_SIZE 1024
45#define U2F_MAX_EC_SIG_SIZE 72 // DER encoded ECDSA signature
46#define U2F_CTR_SIZE 4 // Counter size
47
48// ============================================================================
49// Functions
50// ============================================================================
51
59bool u2f_init_attestation(void);
60
69bool u2f_get_attestation_cert(const uint8_t **cert, uint16_t *cert_len);
70
81bool u2f_attestation_sign(const uint8_t *data, size_t data_len,
82 uint8_t *signature, uint8_t *sig_len);
83
93uint16_t u2f_process_apdu(const uint8_t *apdu, uint16_t apdu_len,
94 uint8_t *response, uint16_t response_max);
95
96#ifdef __cplusplus
97}
98#endif
99
u2f_init_attestation
bool u2f_init_attestation(void)
Initializes attestation key material and builds self-signed attestation certificate.
Definition u2f.cpp:122
u2f_get_attestation_cert
bool u2f_get_attestation_cert(const uint8_t **cert, uint16_t *cert_len)
Returns attestation certificate pointer and length, initializing attestation on demand if the boot-ti...
Definition u2f.cpp:338
u2f_process_apdu
uint16_t u2f_process_apdu(const uint8_t *apdu, uint16_t apdu_len, uint8_t *response, uint16_t response_max)
Parses U2F APDU and dispatches to instruction handlers.
Definition u2f.cpp:738
u2f_attestation_sign
bool u2f_attestation_sign(const uint8_t *data, size_t data_len, uint8_t *signature, uint8_t *sig_len)
Signs payload using the attestation key, initializing attestation on demand if the boot-time init did...
Definition u2f.cpp:359