#pragma once
#if ENABLE(WEB_AUTHN)
#include "PublicKeyCredentialType.h"
namespace fido {
enum class ProtocolVersion {
kCtap,
kU2f,
kUnknown,
};
constexpr size_t kU2fChallengeParamLength = 32;
constexpr size_t kU2fApplicationParamLength = 32;
constexpr size_t kReservedLength = 1;
constexpr size_t kU2fKeyHandleLengthOffset = 66;
constexpr size_t kU2fKeyHandleOffset = 67;
enum class CtapDeviceResponseCode : uint8_t {
kSuccess = 0x00,
kCtap1ErrInvalidCommand = 0x01,
kCtap1ErrInvalidParameter = 0x02,
kCtap1ErrInvalidLength = 0x03,
kCtap1ErrInvalidSeq = 0x04,
kCtap1ErrTimeout = 0x05,
kCtap1ErrChannelBusy = 0x06,
kCtap1ErrLockRequired = 0x0A,
kCtap1ErrInvalidChannel = 0x0B,
kCtap2ErrCBORParsing = 0x10,
kCtap2ErrUnexpectedType = 0x11,
kCtap2ErrInvalidCBOR = 0x12,
kCtap2ErrInvalidCBORType = 0x13,
kCtap2ErrMissingParameter = 0x14,
kCtap2ErrLimitExceeded = 0x15,
kCtap2ErrUnsupportedExtension = 0x16,
kCtap2ErrTooManyElements = 0x17,
kCtap2ErrExtensionNotSupported = 0x18,
kCtap2ErrCredentialExcluded = 0x19,
kCtap2ErrProcesssing = 0x21,
kCtap2ErrInvalidCredential = 0x22,
kCtap2ErrUserActionPending = 0x23,
kCtap2ErrOperationPending = 0x24,
kCtap2ErrNoOperations = 0x25,
kCtap2ErrUnsupportedAlgorithms = 0x26,
kCtap2ErrOperationDenied = 0x27,
kCtap2ErrKeyStoreFull = 0x28,
kCtap2ErrNotBusy = 0x29,
kCtap2ErrNoOperationPending = 0x2A,
kCtap2ErrUnsupportedOption = 0x2B,
kCtap2ErrInvalidOption = 0x2C,
kCtap2ErrKeepAliveCancel = 0x2D,
kCtap2ErrNoCredentials = 0x2E,
kCtap2ErrUserActionTimeout = 0x2F,
kCtap2ErrNotAllowed = 0x30,
kCtap2ErrPinInvalid = 0x31,
kCtap2ErrPinBlocked = 0x32,
kCtap2ErrPinAuthInvalid = 0x33,
kCtap2ErrPinAuthBlocked = 0x34,
kCtap2ErrPinNotSet = 0x35,
kCtap2ErrPinRequired = 0x36,
kCtap2ErrPinPolicyViolation = 0x37,
kCtap2ErrPinTokenExpired = 0x38,
kCtap2ErrRequestTooLarge = 0x39,
kCtap2ErrOther = 0x7F,
kCtap2ErrSpecLast = 0xDF,
kCtap2ErrExtensionFirst = 0xE0,
kCtap2ErrExtensionLast = 0xEF,
kCtap2ErrVendorFirst = 0xF0,
kCtap2ErrVendorLast = 0xFF
};
bool isCtapDeviceResponseCode(CtapDeviceResponseCode);
enum class FidoHidDeviceCommand : uint8_t {
kMsg = 0x03,
kCbor = 0x10,
kInit = 0x06,
kPing = 0x01,
kCancel = 0x11,
kError = 0x3F,
kKeepAlive = 0x3B,
kWink = 0x08,
kLock = 0x04,
};
bool isFidoHidDeviceCommand(FidoHidDeviceCommand);
const uint8_t kBogusAppParam[] = {
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41,
0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41
};
const uint8_t kBogusChallenge[] = {
0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42,
0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42,
0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42, 0x42
};
const char kResidentKeyMapKey[] = "rk";
const char kUserVerificationMapKey[] = "uv";
const char kUserPresenceMapKey[] = "up";
const char kClientPinMapKey[] = "clientPin";
const char kPlatformDeviceMapKey[] = "plat";
const char kEntityIdMapKey[] = "id";
const char kEntityNameMapKey[] = "name";
const char kDisplayNameMapKey[] = "displayName";
const char kIconUrlMapKey[] = "icon";
const char kCredentialTypeMapKey[] = "type";
const char kCredentialAlgorithmMapKey[] = "alg";
const char kCredentialIdKey[] = "id";
const char kCredentialTypeKey[] = "type";
const size_t kHidPacketSize = 64;
const uint32_t kHidBroadcastChannel = 0xffffffff;
const size_t kHidInitPacketHeaderSize = 7;
const size_t kHidContinuationPacketHeader = 5;
const size_t kHidMaxPacketSize = 64;
const size_t kHidInitPacketDataSize = kHidMaxPacketSize - kHidInitPacketHeaderSize;
const size_t kHidContinuationPacketDataSize = kHidMaxPacketSize - kHidContinuationPacketHeader;
const size_t kHidInitResponseSize = 17;
const size_t kHidInitNonceLength = 8;
const uint8_t kHidMaxLockSeconds = 10;
const size_t kHidMaxMessageSize = 7609;
const uint8_t kHidReportId = 0x00;
constexpr uint8_t kP1EnforceUserPresenceAndSign = 0x03;
constexpr uint8_t kP1CheckOnly = 0x07;
constexpr size_t kMaxKeyHandleLength = 255;
enum class CtapRequestCommand : uint8_t {
kAuthenticatorMakeCredential = 0x01,
kAuthenticatorGetAssertion = 0x02,
kAuthenticatorGetNextAssertion = 0x08,
kAuthenticatorGetInfo = 0x04,
kAuthenticatorClientPin = 0x06,
kAuthenticatorReset = 0x07,
};
enum class U2fApduInstruction : uint8_t {
kRegister = 0x01,
kSign = 0x02,
kVersion = 0x03,
kVendorFirst = 0x40,
kVenderLast = 0xBF,
};
const char kFormatKey[] = "fmt";
const char kAttestationStatementKey[] = "attStmt";
const char kAuthDataKey[] = "authData";
const char kPublicKey[] = "public-key";
const char* publicKeyCredentialTypeToString(WebCore::PublicKeyCredentialType);
const char kCtap2Version[] = "FIDO_2_0";
const char kU2fVersion[] = "U2F_V2";
const uint32_t kCtapHidUsagePage = 0xF1D0;
const uint32_t kCtapHidUsage = 0x01;
const uint8_t kCtapNfcU2fVersionCommand[] = {
0x00, 0x03, 0x00, 0x00, 0x00, };
const uint8_t kCtapNfcAppletSelectionCommand[] = {
0x00, 0xA4, 0x04, 0x00, 0x08, 0xA0, 0x00, 0x00, 0x06, 0x47, 0x2F, 0x00, 0x01 };
const uint8_t kCtapNfcAppletSelectionU2f[] = {
0x55, 0x32, 0x46, 0x5F, 0x56, 0x32, 0x90, 0x00 };
const uint8_t kCtapNfcAppletSelectionCtap[] = {
0x46, 0x49, 0x44, 0x4f, 0x5f, 0x32, 0x5f, 0x30, 0x90, 0x00 };
const uint8_t kCtapNfcApduCla = 0x80;
const uint8_t kCtapNfcApduIns = 0x10;
}
#endif // ENABLE(WEB_AUTHN)