1 files changed, 171 insertions, 0 deletions
diff --git a/src/types.h b/src/types.h
new file mode 100644
index 0000000..42ed1b7
--- /dev/null
+++ b/src/types.h
@@ -0,0 +1,171 @@
+/*
+ * Copyright (c) 2018 Yubico AB. All rights reserved.
+ * Use of this source code is governed by a BSD-style
+ * license that can be found in the LICENSE file.
+ */
+#ifndef _TYPES_H
+#define _TYPES_H
+#include "packed.h"
+/* COSE ES256 (ECDSA over P-256 with SHA-256) public key */
+typedef struct es256_pk {
+        unsigned char   x[32];
+        unsigned char   y[32];
+} es256_pk_t;
+/* COSE ES256 (ECDSA over P-256 with SHA-256) (secret) key */
+typedef struct es256_sk {
+        unsigned char   d[32];
+} es256_sk_t;
+/* COSE RS256 (2048-bit RSA with PKCS1 padding and SHA-256) public key */
+typedef struct rs256_pk {
+        unsigned char n[256];
+        unsigned char e[3];
+} rs256_pk_t;
+/* COSE EDDSA (ED25519) */
+typedef struct eddsa_pk {
+        unsigned char x[32];
+} eddsa_pk_t;
+PACKED_TYPE(fido_authdata_t,
+struct fido_authdata {
+        unsigned char rp_id_hash[32]; /* sha256 of fido_rp.id */
+        uint8_t       flags;          /* user present/verified */
+        uint32_t      sigcount;       /* signature counter */
+        /* actually longer */
+})
+PACKED_TYPE(fido_attcred_raw_t,
+struct fido_attcred_raw {
+        unsigned char aaguid[16]; /* credential's aaguid */
+        uint16_t      id_len;     /* credential id length */
+        uint8_t       body[];     /* credential id + pubkey */
+})
+typedef struct fido_attcred {
+        unsigned char aaguid[16]; /* credential's aaguid */
+        fido_blob_t   id;         /* credential id */
+        int           type;       /* credential's cose algorithm */
+        union {                   /* credential's public key */
+                es256_pk_t es256;
+                rs256_pk_t rs256;
+                eddsa_pk_t eddsa;
+        } pubkey;
+} fido_attcred_t;
+typedef struct fido_attstmt {
+        fido_blob_t x5c; /* attestation certificate */
+        fido_blob_t sig; /* attestation signature */
+} fido_attstmt_t;
+typedef struct fido_rp {
+        char *id;   /* relying party id */
+        char *name; /* relying party name */
+} fido_rp_t;
+typedef struct fido_user {
+        fido_blob_t  id;           /* required */
+        char        *icon;         /* optional */
+        char        *name;         /* optional */
+        char        *display_name; /* required */
+} fido_user_t;
+typedef struct fido_cred {
+        fido_blob_t       cdh;           /* client data hash */
+        fido_rp_t         rp;            /* relying party */
+        fido_user_t       user;          /* user entity */
+        fido_blob_array_t excl;          /* list of credential ids to exclude */
+        fido_opt_t        rk;            /* resident key */
+        fido_opt_t        uv;            /* user verification */
+        int               ext;           /* enabled extensions */
+        int               type;          /* cose algorithm */
+        char             *fmt;           /* credential format */
+        int               authdata_ext;  /* decoded extensions */
+        fido_blob_t       authdata_cbor; /* raw cbor payload */
+        fido_authdata_t   authdata;      /* decoded authdata payload */
+        fido_attcred_t    attcred;       /* returned credential (key + id) */
+        fido_attstmt_t    attstmt;       /* attestation statement (x509 + sig) */
+} fido_cred_t;
+typedef struct _fido_assert_stmt {
+        fido_blob_t     id;              /* credential id */
+        fido_user_t     user;            /* user attributes */
+        fido_blob_t     hmac_secret_enc; /* hmac secret, encrypted */
+        fido_blob_t     hmac_secret;     /* hmac secret */
+        int             authdata_ext;    /* decoded extensions */
+        fido_blob_t     authdata_cbor;   /* raw cbor payload */
+        fido_authdata_t authdata;        /* decoded authdata payload */
+        fido_blob_t     sig;             /* signature of cdh + authdata */
+} fido_assert_stmt;
+typedef struct fido_assert {
+        char              *rp_id;        /* relying party id */
+        fido_blob_t        cdh;          /* client data hash */
+        fido_blob_t        hmac_salt;    /* optional hmac-secret salt */
+        fido_blob_array_t  allow_list;   /* list of allowed credentials */
+        fido_opt_t         up;           /* user presence */
+        fido_opt_t         uv;           /* user verification */
+        int                ext;          /* enabled extensions */
+        fido_assert_stmt  *stmt;         /* array of expected assertions */
+        size_t             stmt_cnt;     /* number of allocated assertions */
+        size_t             stmt_len;     /* number of received assertions */
+} fido_assert_t;
+typedef struct fido_opt_array {
+        char **name;
+        bool *value;
+        size_t len;
+} fido_opt_array_t;
+typedef struct fido_str_array {
+        char **ptr;
+        size_t len;
+} fido_str_array_t;
+typedef struct fido_byte_array {
+        uint8_t *ptr;
+        size_t len;
+} fido_byte_array_t;
+typedef struct fido_cbor_info {
+        fido_str_array_t  versions;   /* supported versions: fido2|u2f */
+        fido_str_array_t  extensions; /* list of supported extensions */
+        unsigned char     aaguid[16]; /* aaguid */
+        fido_opt_array_t  options;    /* list of supported options */
+        uint64_t          maxmsgsiz;  /* maximum message size */
+        fido_byte_array_t protocols;  /* supported pin protocols */
+} fido_cbor_info_t;
+typedef struct fido_dev_info {
+        char    *path;         /* device path */
+        int16_t  vendor_id;    /* 2-byte vendor id */
+        int16_t  product_id;   /* 2-byte product id */
+        char    *manufacturer; /* manufacturer string */
+        char    *product;      /* product string */
+} fido_dev_info_t;
+PACKED_TYPE(fido_ctap_info_t,
+/* defined in section 8.1.9.1.3 (CTAPHID_INIT) of the fido2 ctap spec */
+struct fido_ctap_info {
+        uint64_t nonce;    /* echoed nonce */
+        uint32_t cid;      /* channel id */
+        uint8_t  protocol; /* ctaphid protocol id */
+        uint8_t  major;    /* major version number */
+        uint8_t  minor;    /* minor version number */
+        uint8_t  build;    /* build version number */
+        uint8_t  flags;    /* capabilities flags; see FIDO_CAP_* */
+})
+typedef struct fido_dev {
+        uint64_t          nonce;     /* issued nonce */
+        fido_ctap_info_t  attr;      /* device attributes */
+        uint32_t          cid;       /* assigned channel id */
+        void             *io_handle; /* abstract i/o handle */
+        fido_dev_io_t     io;        /* i/o functions & data */
+} fido_dev_t;
+#endif /* !_TYPES_H */

diff --git a/src/types.h b/src/types.h new file mode 100644 index 0000000..42ed1b7 --- /dev/null +++ b/src/types.h
@@ -0,0 +1,171 @@
	1	/*
	2	* Copyright (c) 2018 Yubico AB. All rights reserved.
	3	* Use of this source code is governed by a BSD-style
	4	* license that can be found in the LICENSE file.
	5	*/
	6
	7	#ifndef _TYPES_H
	8	#define _TYPES_H
	9
	10	#include "packed.h"
	11
	12	/* COSE ES256 (ECDSA over P-256 with SHA-256) public key */
	13	typedef struct es256_pk {
	14	unsigned char x[32];
	15	unsigned char y[32];
	16	} es256_pk_t;
	17
	18	/* COSE ES256 (ECDSA over P-256 with SHA-256) (secret) key */
	19	typedef struct es256_sk {
	20	unsigned char d[32];
	21	} es256_sk_t;
	22
	23	/* COSE RS256 (2048-bit RSA with PKCS1 padding and SHA-256) public key */
	24	typedef struct rs256_pk {
	25	unsigned char n[256];
	26	unsigned char e[3];
	27	} rs256_pk_t;
	28
	29	/* COSE EDDSA (ED25519) */
	30	typedef struct eddsa_pk {
	31	unsigned char x[32];
	32	} eddsa_pk_t;
	33
	34	PACKED_TYPE(fido_authdata_t,
	35	struct fido_authdata {
	36	unsigned char rp_id_hash[32]; /* sha256 of fido_rp.id */
	37	uint8_t flags; /* user present/verified */
	38	uint32_t sigcount; /* signature counter */
	39	/* actually longer */
	40	})
	41
	42	PACKED_TYPE(fido_attcred_raw_t,
	43	struct fido_attcred_raw {
	44	unsigned char aaguid[16]; /* credential's aaguid */
	45	uint16_t id_len; /* credential id length */
	46	uint8_t body[]; /* credential id + pubkey */
	47	})
	48
	49	typedef struct fido_attcred {
	50	unsigned char aaguid[16]; /* credential's aaguid */
	51	fido_blob_t id; /* credential id */
	52	int type; /* credential's cose algorithm */
	53	union { /* credential's public key */
	54	es256_pk_t es256;
	55	rs256_pk_t rs256;
	56	eddsa_pk_t eddsa;
	57	} pubkey;
	58	} fido_attcred_t;
	59
	60	typedef struct fido_attstmt {
	61	fido_blob_t x5c; /* attestation certificate */
	62	fido_blob_t sig; /* attestation signature */
	63	} fido_attstmt_t;
	64
	65	typedef struct fido_rp {
	66	char id; / relying party id */
	67	char name; / relying party name */
	68	} fido_rp_t;
	69
	70	typedef struct fido_user {
	71	fido_blob_t id; /* required */
	72	char icon; / optional */
	73	char name; / optional */
	74	char display_name; / required */
	75	} fido_user_t;
	76
	77	typedef struct fido_cred {
	78	fido_blob_t cdh; /* client data hash */
	79	fido_rp_t rp; /* relying party */
	80	fido_user_t user; /* user entity */
	81	fido_blob_array_t excl; /* list of credential ids to exclude */
	82	fido_opt_t rk; /* resident key */
	83	fido_opt_t uv; /* user verification */
	84	int ext; /* enabled extensions */
	85	int type; /* cose algorithm */
	86	char fmt; / credential format */
	87	int authdata_ext; /* decoded extensions */
	88	fido_blob_t authdata_cbor; /* raw cbor payload */
	89	fido_authdata_t authdata; /* decoded authdata payload */
	90	fido_attcred_t attcred; /* returned credential (key + id) */
	91	fido_attstmt_t attstmt; /* attestation statement (x509 + sig) */
	92	} fido_cred_t;
	93
	94	typedef struct _fido_assert_stmt {
	95	fido_blob_t id; /* credential id */
	96	fido_user_t user; /* user attributes */
	97	fido_blob_t hmac_secret_enc; /* hmac secret, encrypted */
	98	fido_blob_t hmac_secret; /* hmac secret */
	99	int authdata_ext; /* decoded extensions */
	100	fido_blob_t authdata_cbor; /* raw cbor payload */
	101	fido_authdata_t authdata; /* decoded authdata payload */
	102	fido_blob_t sig; /* signature of cdh + authdata */
	103	} fido_assert_stmt;
	104
	105	typedef struct fido_assert {
	106	char rp_id; / relying party id */
	107	fido_blob_t cdh; /* client data hash */
	108	fido_blob_t hmac_salt; /* optional hmac-secret salt */
	109	fido_blob_array_t allow_list; /* list of allowed credentials */
	110	fido_opt_t up; /* user presence */
	111	fido_opt_t uv; /* user verification */
	112	int ext; /* enabled extensions */
	113	fido_assert_stmt stmt; / array of expected assertions */
	114	size_t stmt_cnt; /* number of allocated assertions */
	115	size_t stmt_len; /* number of received assertions */
	116	} fido_assert_t;
	117
	118	typedef struct fido_opt_array {
	119	char **name;
	120	bool *value;
	121	size_t len;
	122	} fido_opt_array_t;
	123
	124	typedef struct fido_str_array {
	125	char **ptr;
	126	size_t len;
	127	} fido_str_array_t;
	128
	129	typedef struct fido_byte_array {
	130	uint8_t *ptr;
	131	size_t len;
	132	} fido_byte_array_t;
	133
	134	typedef struct fido_cbor_info {
	135	fido_str_array_t versions; /* supported versions: fido2\|u2f */
	136	fido_str_array_t extensions; /* list of supported extensions */
	137	unsigned char aaguid[16]; /* aaguid */
	138	fido_opt_array_t options; /* list of supported options */
	139	uint64_t maxmsgsiz; /* maximum message size */
	140	fido_byte_array_t protocols; /* supported pin protocols */
	141	} fido_cbor_info_t;
	142
	143	typedef struct fido_dev_info {
	144	char path; / device path */
	145	int16_t vendor_id; /* 2-byte vendor id */
	146	int16_t product_id; /* 2-byte product id */
	147	char manufacturer; / manufacturer string */
	148	char product; / product string */
	149	} fido_dev_info_t;
	150
	151	PACKED_TYPE(fido_ctap_info_t,
	152	/* defined in section 8.1.9.1.3 (CTAPHID_INIT) of the fido2 ctap spec */
	153	struct fido_ctap_info {
	154	uint64_t nonce; /* echoed nonce */
	155	uint32_t cid; /* channel id */
	156	uint8_t protocol; /* ctaphid protocol id */
	157	uint8_t major; /* major version number */
	158	uint8_t minor; /* minor version number */
	159	uint8_t build; /* build version number */
	160	uint8_t flags; /* capabilities flags; see FIDO_CAP_* */
	161	})
	162
	163	typedef struct fido_dev {
	164	uint64_t nonce; /* issued nonce */
	165	fido_ctap_info_t attr; /* device attributes */
	166	uint32_t cid; /* assigned channel id */
	167	void io_handle; / abstract i/o handle */
	168	fido_dev_io_t io; /* i/o functions & data */
	169	} fido_dev_t;
	170
	171	#endif /* !_TYPES_H */