]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/shared/libfido2-util.h
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
analyze: fix typo
[thirdparty/systemd.git] / src / shared / libfido2-util.h
CommitLineData
69cb2896
LP		 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
2#pragma once
3
69a283c5 4#include "forward.h"
69cb2896 5
e262205e
KS		 6#define FIDO2_SALT_SIZE 32U
7
cde2f860
LB		 8typedef enum Fido2EnrollFlags {
9 FIDO2ENROLL_PIN = 1 << 0,
06f08719 10 FIDO2ENROLL_UP = 1 << 1, /* User presence (ie: touching token) */
896cc0da 11 FIDO2ENROLL_UV = 1 << 2, /* User verification (ie: fingerprint) */
3cc00ba6
LP		 12 FIDO2ENROLL_PIN_IF_NEEDED = 1 << 3, /* If auth doesn't work without PIN ask for one, as in systemd 248 */
13 FIDO2ENROLL_UP_IF_NEEDED = 1 << 4, /* If auth doesn't work without UP, enable it, as in systemd 248 */
14 FIDO2ENROLL_UV_OMIT = 1 << 5, /* Leave "uv" untouched, as in systemd 248 */
cde2f860
LB		 15 _FIDO2ENROLL_TYPE_MAX,
16 _FIDO2ENROLL_TYPE_INVALID = -EINVAL,
17} Fido2EnrollFlags;
18
69cb2896
LP		 19#if HAVE_LIBFIDO2
20#include <fido.h>
21
9dbabd0a
LP		 22#include "dlfcn-util.h"
23
5c672e90
ZJS		 24extern DLSYM_PROTOTYPE(fido_assert_allow_cred);
25extern DLSYM_PROTOTYPE(fido_assert_free);
26extern DLSYM_PROTOTYPE(fido_assert_hmac_secret_len);
27extern DLSYM_PROTOTYPE(fido_assert_hmac_secret_ptr);
28extern DLSYM_PROTOTYPE(fido_assert_new);
29extern DLSYM_PROTOTYPE(fido_assert_set_clientdata_hash);
30extern DLSYM_PROTOTYPE(fido_assert_set_extensions);
31extern DLSYM_PROTOTYPE(fido_assert_set_hmac_salt);
32extern DLSYM_PROTOTYPE(fido_assert_set_rp);
33extern DLSYM_PROTOTYPE(fido_assert_set_up);
34extern DLSYM_PROTOTYPE(fido_assert_set_uv);
35extern DLSYM_PROTOTYPE(fido_cbor_info_extensions_len);
36extern DLSYM_PROTOTYPE(fido_cbor_info_extensions_ptr);
37extern DLSYM_PROTOTYPE(fido_cbor_info_free);
38extern DLSYM_PROTOTYPE(fido_cbor_info_new);
39extern DLSYM_PROTOTYPE(fido_cbor_info_options_len);
40extern DLSYM_PROTOTYPE(fido_cbor_info_options_name_ptr);
41extern DLSYM_PROTOTYPE(fido_cbor_info_options_value_ptr);
42extern DLSYM_PROTOTYPE(fido_cred_free);
43extern DLSYM_PROTOTYPE(fido_cred_id_len);
44extern DLSYM_PROTOTYPE(fido_cred_id_ptr);
45extern DLSYM_PROTOTYPE(fido_cred_new);
46extern DLSYM_PROTOTYPE(fido_cred_set_clientdata_hash);
47extern DLSYM_PROTOTYPE(fido_cred_set_extensions);
48extern DLSYM_PROTOTYPE(fido_cred_set_prot);
49extern DLSYM_PROTOTYPE(fido_cred_set_rk);
50extern DLSYM_PROTOTYPE(fido_cred_set_rp);
51extern DLSYM_PROTOTYPE(fido_cred_set_type);
52extern DLSYM_PROTOTYPE(fido_cred_set_user);
53extern DLSYM_PROTOTYPE(fido_cred_set_uv);
d950f897 54extern DLSYM_PROTOTYPE(fido_dev_close);
5c672e90
ZJS		 55extern DLSYM_PROTOTYPE(fido_dev_free);
56extern DLSYM_PROTOTYPE(fido_dev_get_assert);
57extern DLSYM_PROTOTYPE(fido_dev_get_cbor_info);
58extern DLSYM_PROTOTYPE(fido_dev_info_free);
59extern DLSYM_PROTOTYPE(fido_dev_info_manifest);
60extern DLSYM_PROTOTYPE(fido_dev_info_manufacturer_string);
5c672e90
ZJS		 61extern DLSYM_PROTOTYPE(fido_dev_info_new);
62extern DLSYM_PROTOTYPE(fido_dev_info_path);
d950f897 63extern DLSYM_PROTOTYPE(fido_dev_info_product_string);
5c672e90
ZJS		 64extern DLSYM_PROTOTYPE(fido_dev_info_ptr);
65extern DLSYM_PROTOTYPE(fido_dev_is_fido2);
66extern DLSYM_PROTOTYPE(fido_dev_make_cred);
67extern DLSYM_PROTOTYPE(fido_dev_new);
68extern DLSYM_PROTOTYPE(fido_dev_open);
5c672e90
ZJS		 69extern DLSYM_PROTOTYPE(fido_init);
70extern DLSYM_PROTOTYPE(fido_set_log_handler);
71extern DLSYM_PROTOTYPE(fido_strerr);
69cb2896
LP		 72
73int dlopen_libfido2(void);
74
75static inline void fido_cbor_info_free_wrapper(fido_cbor_info_t **p) {
76 if (*p)
77 sym_fido_cbor_info_free(p);
78}
79
80static inline void fido_assert_free_wrapper(fido_assert_t **p) {
81 if (*p)
82 sym_fido_assert_free(p);
83}
84
85static inline void fido_dev_free_wrapper(fido_dev_t **p) {
b6aa89b0 86 if (*p) {
87 sym_fido_dev_close(*p);
69cb2896 88 sym_fido_dev_free(p);
b6aa89b0 89 }
69cb2896
LP		 90}
91
92static inline void fido_cred_free_wrapper(fido_cred_t **p) {
93 if (*p)
94 sym_fido_cred_free(p);
95}
96
ebcb3f38
LP		 97int fido2_use_hmac_hash(
98 const char *device,
99 const char *rp_id,
100 const void *salt,
101 size_t salt_size,
102 const void *cid,
103 size_t cid_size,
104 char **pins,
cde2f860 105 Fido2EnrollFlags required,
ebcb3f38
LP		 106 void **ret_hmac,
107 size_t *ret_hmac_size);
108
17599e12
LP		 109int fido2_generate_hmac_hash(
110 const char *device,
111 const char *rp_id,
112 const char *rp_name,
113 const void *user_id, size_t user_id_len,
114 const char *user_name,
115 const char *user_display_name,
116 const char *user_icon,
251c71b6
LP		 117 const char *askpw_icon,
118 const char *askpw_credential,
cde2f860 119 Fido2EnrollFlags lock_with,
70e723c0 120 int cred_alg,
e262205e 121 const struct iovec *salt,
17599e12 122 void **ret_cid, size_t *ret_cid_size,
17599e12 123 void **ret_secret, size_t *ret_secret_size,
0735ed95
LP		 124 char **ret_usedpin,
125 Fido2EnrollFlags *ret_locked_with);
17599e12 126
70e723c0
M		 127int parse_fido2_algorithm(const char *s, int *ret);
128#else
129static inline int parse_fido2_algorithm(const char *s, int *ret) {
130 return -EOPNOTSUPP;
131}
69cb2896 132#endif
fb2d839c
LP		 133
134int fido2_list_devices(void);
135int fido2_find_device_auto(char **ret);
4f0cfa77
LP		 136
137int fido2_have_device(const char *device);
Unnamed repository; edit this file 'description' to name the repository.