Loading...
Searching...
No Matches

FIDO2 CTAP More...

Detailed Description

FIDO2 CTAP

The Client-to-Authenticator Protocol (CTAP) is an application layer protocol for the communication between an authenticator and a host.

Topics

 FIDO2 CTAP
 FIDO2 CTAP
 
 FIDO2 CTAP CBOR
 FIDO2 CTAP CBOR helper
 
 FIDO2 CTAP crypto
 FIDO2 CTAP crypto helper
 
 FIDO2 CTAP flash
 FIDO2 CTAP flash memory helper
 
 FIDO2 CTAP transport
 CTAP transport layer
 
 FIDO2 CTAP utils
 FIDO2 CTAP utility helper
 

Files

file  ctap.h
 Public FIDO2 CTAP defines, structures and function declarations.
 

Data Structures

struct  ctap_req_t
 CTAP request struct. More...
 
struct  ctap_resp_t
 CTAP response struct. More...
 

Macros

#define CTAP_MAX_MSG_SIZE   0x400
 CTAP max message size.
 

Functions

ctap_status_code_t fido2_ctap_init (void)
 Initialize ctap.
 
ctap_status_code_t fido2_ctap_handle_request (ctap_req_t *req, ctap_resp_t *resp)
 Handle CBOR encoded ctap request.
 
ctap_status_code_t fido2_ctap_make_credential (ctap_req_t *req, ctap_resp_t *resp)
 MakeCredential method.
 
ctap_status_code_t fido2_ctap_get_assertion (ctap_req_t *req, ctap_resp_t *resp)
 GetAssertion method.
 
ctap_status_code_t fido2_ctap_get_next_assertion (ctap_resp_t *resp)
 GetNextAssertion method.
 
ctap_status_code_t fido2_ctap_get_info (ctap_resp_t *resp)
 GetInfo method.
 
ctap_status_code_t fido2_ctap_client_pin (ctap_req_t *req, ctap_resp_t *resp)
 ClientPIN method.
 
ctap_status_code_t fido2_ctap_reset (ctap_resp_t *resp)
 Reset method.
 
enum  ctap_status_code_t {
  CTAP2_OK = 0x00 , CTAP1_ERR_INVALID_COMMAND = 0x01 , CTAP1_ERR_INVALID_PARAMETER = 0x02 , CTAP1_ERR_INVALID_LENGTH = 0x03 ,
  CTAP1_ERR_INVALID_SEQ = 0x04 , CTAP1_ERR_TIMEOUT = 0x05 , CTAP1_ERR_CHANNEL_BUSY = 0x06 , CTAP1_ERR_LOCK_REQUIRED = 0x0A ,
  CTAP1_ERR_INVALID_CHANNEL = 0x0B , CTAP2_ERR_CBOR_PARSING = 0x10 , CTAP2_ERR_CBOR_UNEXPECTED_TYPE = 0x11 , CTAP2_ERR_INVALID_CBOR = 0x12 ,
  CTAP2_ERR_INVALID_CBOR_TYPE = 0x13 , CTAP2_ERR_MISSING_PARAMETER = 0x14 , CTAP2_ERR_LIMIT_EXCEEDED = 0x15 , CTAP2_ERR_UNSUPPORTED_EXTENSION = 0x16 ,
  CTAP2_ERR_TOO_MANY_ELEMENTS = 0x17 , CTAP2_ERR_EXTENSION_NOT_SUPPORTED = 0x18 , CTAP2_ERR_CREDENTIAL_EXCLUDED = 0x19 , CTAP2_ERR_CREDENTIAL_NOT_VALID = 0x20 ,
  CTAP2_ERR_PROCESSING = 0x21 , CTAP2_ERR_INVALID_CREDENTIAL = 0x22 , CTAP2_ERR_USER_ACTION_PENDING = 0x23 , CTAP2_ERR_OPERATION_PENDING = 0x24 ,
  CTAP2_ERR_NO_OPERATIONS = 0x25 , CTAP2_ERR_UNSUPPORTED_ALGORITHM = 0x26 , CTAP2_ERR_OPERATION_DENIED = 0x27 , CTAP2_ERR_KEY_STORE_FULL = 0x28 ,
  CTAP2_ERR_NOT_BUSY = 0x29 , CTAP2_ERR_NO_OPERATION_PENDING = 0x2A , CTAP2_ERR_UNSUPPORTED_OPTION = 0x2B , CTAP2_ERR_INVALID_OPTION = 0x2C ,
  CTAP2_ERR_KEEPALIVE_CANCEL = 0x2D , CTAP2_ERR_NO_CREDENTIALS = 0x2E , CTAP2_ERR_USER_ACTION_TIMEOUT = 0x2F , CTAP2_ERR_NOT_ALLOWED = 0x30 ,
  CTAP2_ERR_PIN_INVALID = 0x31 , CTAP2_ERR_PIN_BLOCKED = 0x32 , CTAP2_ERR_PIN_AUTH_INVALID = 0x33 , CTAP2_ERR_PIN_AUTH_BLOCKED = 0x34 ,
  CTAP2_ERR_PIN_NOT_SET = 0x35 , CTAP2_ERR_PIN_REQUIRED = 0x36 , CTAP2_ERR_PIN_POLICY_VIOLATION = 0x37 , CTAP2_ERR_PIN_TOKEN_EXPIRED = 0x38 ,
  CTAP2_ERR_REQUEST_TOO_LARGE = 0x39 , CTAP2_ERR_ACTION_TIMEOUT = 0x3A , CTAP2_ERR_UP_REQUIRED = 0x3B , CTAP1_ERR_OTHER = 0x7F ,
  CTAP2_ERR_SPEC_LAST = 0xDF , CTAP2_ERR_EXTENSION_FIRST = 0xE0 , CTAP2_ERR_EXTENSION_LAST = 0xEF , CTAP2_ERR_VENDOR_FIRST = 0xF0 ,
  CTAP2_ERR_VENDOR_LAST = 0xFF
}
 CTAP status codes. More...
 
enum  ctap_method_t {
  CTAP_MAKE_CREDENTIAL = 0x01 , CTAP_GET_ASSERTION = 0x02 , CTAP_GET_INFO = 0x04 , CTAP_CLIENT_PIN = 0x06 ,
  CTAP_RESET = 0x07 , CTAP_GET_NEXT_ASSERTION = 0x08
}
 CTAP methods. More...
 

Macro Definition Documentation

◆ CTAP_MAX_MSG_SIZE

#define CTAP_MAX_MSG_SIZE   0x400

CTAP max message size.

CTAP specification (version 20190130) section 6

Definition at line 39 of file ctap.h.

Enumeration Type Documentation

◆ ctap_method_t

CTAP methods.

Definition at line 109 of file ctap.h.

◆ ctap_status_code_t

CTAP status codes.

CTAP specification (version 20190130) section 6.3

Definition at line 47 of file ctap.h.

Function Documentation

◆ fido2_ctap_client_pin()

ctap_status_code_t fido2_ctap_client_pin ( ctap_req_t * req,
ctap_resp_t * resp )

ClientPIN method.

CTAP specification (version 20190130) section 5.5

Parameters
[in]reqCTAP request
[in,out]respCTAP response
Returns
ctap_status_code_t

◆ fido2_ctap_get_assertion()

ctap_status_code_t fido2_ctap_get_assertion ( ctap_req_t * req,
ctap_resp_t * resp )

GetAssertion method.

CTAP specification (version 20190130) section 5.2

Parameters
[in]reqCTAP request
[in,out]respCTAP response
Returns
ctap_status_code_t

◆ fido2_ctap_get_info()

ctap_status_code_t fido2_ctap_get_info ( ctap_resp_t * resp)

GetInfo method.

CTAP specification (version 20190130) section 5.4

Parameters
[in,out]respCTAP response
Returns
ctap_status_code_t

◆ fido2_ctap_get_next_assertion()

ctap_status_code_t fido2_ctap_get_next_assertion ( ctap_resp_t * resp)

GetNextAssertion method.

CTAP specification (version 20190130) section 5.3

Parameters
[in,out]respCTAP response
Returns
ctap_status_code_t

◆ fido2_ctap_handle_request()

ctap_status_code_t fido2_ctap_handle_request ( ctap_req_t * req,
ctap_resp_t * resp )

Handle CBOR encoded ctap request.

This is a convenience function that checks req->method and calls the appropriate CTAP method handler function

Parameters
[in]reqrequest struct
[in]respresponse struct
Returns
ctap_status_code_t

◆ fido2_ctap_init()

ctap_status_code_t fido2_ctap_init ( void )

Initialize ctap.

Returns
ctap_status_code_t

◆ fido2_ctap_make_credential()

ctap_status_code_t fido2_ctap_make_credential ( ctap_req_t * req,
ctap_resp_t * resp )

MakeCredential method.

CTAP specification (version 20190130) section 5.1

Parameters
[in]reqCTAP request
[in,out]respCTAP response
Returns
ctap_status_code_t

◆ fido2_ctap_reset()

ctap_status_code_t fido2_ctap_reset ( ctap_resp_t * resp)

Reset method.

CTAP specification (version 20190130) section 5.6

Parameters
[in,out]respCTAP response
Returns
ctap_status_code_t