Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 612b1dd1ec91ffb1e01f58cca0c6eb1d47bf4423 / . / sk-api.h
blob: 5ada30a3d748b86195eaecd6f0c1ca33247cefd2 [file] [log] [blame]
markus@openbsd.orgfd1a3b52019-11-12 19:32:30 +0000[diff] [blame]1/* $OpenBSD: sk-api.h,v 1.2 2019/11/12 19:32:30 markus Exp $ */
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]2/*
3 * Copyright (c) 2019 Google LLC
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef _SK_API_H
19#define _SK_API_H 1
20
21#include <stddef.h>
Darren Tucker03ffc092019-11-02 23:25:01 +1100[diff] [blame]22#ifdef HAVE_STDINT_H
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]23#include <stdint.h>
Darren Tucker03ffc092019-11-02 23:25:01 +1100[diff] [blame]24#endif
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]25
26/* Flags */
27#define SSH_SK_USER_PRESENCE_REQD 0x01
28
markus@openbsd.orgfd1a3b52019-11-12 19:32:30 +0000[diff] [blame]29/* Algs */
30#define SSH_SK_ECDSA 0x00
31#define SSH_SK_ED25519 0x01
32
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]33struct sk_enroll_response {
34 uint8_t *public_key;
35 size_t public_key_len;
36 uint8_t *key_handle;
37 size_t key_handle_len;
38 uint8_t *signature;
39 size_t signature_len;
40 uint8_t *attestation_cert;
41 size_t attestation_cert_len;
42};
43
44struct sk_sign_response {
45 uint8_t flags;
46 uint32_t counter;
47 uint8_t *sig_r;
48 size_t sig_r_len;
49 uint8_t *sig_s;
50 size_t sig_s_len;
51};
52
markus@openbsd.orgfd1a3b52019-11-12 19:32:30 +0000[diff] [blame]53#define SSH_SK_VERSION_MAJOR 0x00020000 /* current API version */
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]54#define SSH_SK_VERSION_MAJOR_MASK 0xffff0000
55
56/* Return the version of the middleware API */
57uint32_t sk_api_version(void);
58
59/* Enroll a U2F key (private key generation) */
markus@openbsd.orgfd1a3b52019-11-12 19:32:30 +0000[diff] [blame]60int sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len,
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]61 const char *application, uint8_t flags,
62 struct sk_enroll_response **enroll_response);
63
64/* Sign a challenge */
markus@openbsd.orgfd1a3b52019-11-12 19:32:30 +0000[diff] [blame]65int sk_sign(int alg, const uint8_t *message, size_t message_len,
djm@openbsd.orged3467c2019-10-31 21:16:20 +0000[diff] [blame]66 const char *application, const uint8_t *key_handle, size_t key_handle_len,
67 uint8_t flags, struct sk_sign_response **sign_response);
68
69#endif /* _SK_API_H */