device/fido/pin_internal.h - chromium/src - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // This file contains additional declarations for CTAP2 PIN support. Only
 // implementations of the PIN protocol should need to include this file. For all
 // other code, see |pin.h|.

 #ifndef DEVICE_FIDO_PIN_INTERNAL_H_
 #define DEVICE_FIDO_PIN_INTERNAL_H_

 #include <stdint.h>

 #include "components/cbor/values.h"
 #include "device/fido/pin.h"
 #include "third_party/boringssl/src/include/openssl/ec.h"
 #include "third_party/boringssl/src/include/openssl/sha.h"

 namespace device {
 namespace pin {

 // Subcommand enumerates the subcommands to the main |authenticatorClientPIN|
 // command. See
 // https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-client-to-authenticator-protocol-v2.0-rd-20180702.html#authenticatorClientPIN
 enum class Subcommand : uint8_t {
   kGetRetries = 0x01,
   kGetKeyAgreement = 0x02,
   kSetPIN = 0x03,
   kChangePIN = 0x04,
   kGetPINToken = 0x05,
 };

 // RequestKey enumerates the keys in the top-level CBOR map for all PIN
 // commands.
 enum class RequestKey : int {
   kProtocol = 1,
   kSubcommand = 2,
   kKeyAgreement = 3,
   kPINAuth = 4,
   kNewPINEnc = 5,
   kPINHashEnc = 6,
 };

 // ResponseKey enumerates the keys in the top-level CBOR map for all PIN
 // responses.
 enum class ResponseKey : int {
   kKeyAgreement = 1,
   kPINToken = 2,
   kRetries = 3,
 };

 // PointFromKeyAgreementResponse returns an |EC_POINT| that represents the same
 // P-256 point as |response|. It returns |nullopt| if |response| encodes an
 // invalid point.
 base::Optional<bssl::UniquePtr<EC_POINT>> PointFromKeyAgreementResponse(
     const EC_GROUP* group,
     const KeyAgreementResponse& response);

 // CalculateSharedKey writes the CTAP2 shared key between |key| and |peers_key|
 // to |out_shared_key|.
 void CalculateSharedKey(const EC_KEY* key,
                         const EC_POINT* peers_key,
                         uint8_t out_shared_key[SHA256_DIGEST_LENGTH]);

 // EncodeCOSEPublicKey returns the public part of |key| as a COSE structure.
 cbor::Value::MapValue EncodeCOSEPublicKey(const EC_KEY* key);

 // Encrypt encrypts |plaintext| using |key|, writing the ciphertext to
 // |out_ciphertext|. |plaintext| must be a whole number of AES blocks.
 void Encrypt(const uint8_t key[SHA256_DIGEST_LENGTH],
              base::span<const uint8_t> plaintext,
              uint8_t* out_ciphertext);

 // Decrypt AES-256 CBC decrypts some number of whole blocks from |ciphertext|
 // into |plaintext|, using |key|.
 void Decrypt(const uint8_t key[SHA256_DIGEST_LENGTH],
              base::span<const uint8_t> ciphertext,
              uint8_t* out_plaintext);

 }  // namespace pin
 }  // namespace device

 #endif  // DEVICE_FIDO_PIN_INTERNAL_H_
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// This file contains additional declarations for CTAP2 PIN support. Only
	// implementations of the PIN protocol should need to include this file. For all
	// other code, see \|pin.h\|.

	#ifndef DEVICE_FIDO_PIN_INTERNAL_H_
	#define DEVICE_FIDO_PIN_INTERNAL_H_

	#include <stdint.h>

	#include "components/cbor/values.h"
	#include "device/fido/pin.h"
	#include "third_party/boringssl/src/include/openssl/ec.h"
	#include "third_party/boringssl/src/include/openssl/sha.h"

	namespace device {
	namespace pin {

	// Subcommand enumerates the subcommands to the main \|authenticatorClientPIN\|
	// command. See
	// https://fidoalliance.org/specs/fido-v2.0-rd-20180702/fido-client-to-authenticator-protocol-v2.0-rd-20180702.html#authenticatorClientPIN
	enum class Subcommand : uint8_t {
	kGetRetries = 0x01,
	kGetKeyAgreement = 0x02,
	kSetPIN = 0x03,
	kChangePIN = 0x04,
	kGetPINToken = 0x05,
	};

	// RequestKey enumerates the keys in the top-level CBOR map for all PIN
	// commands.
	enum class RequestKey : int {
	kProtocol = 1,
	kSubcommand = 2,
	kKeyAgreement = 3,
	kPINAuth = 4,
	kNewPINEnc = 5,
	kPINHashEnc = 6,
	};

	// ResponseKey enumerates the keys in the top-level CBOR map for all PIN
	// responses.
	enum class ResponseKey : int {
	kKeyAgreement = 1,
	kPINToken = 2,
	kRetries = 3,
	};

	// PointFromKeyAgreementResponse returns an \|EC_POINT\| that represents the same
	// P-256 point as \|response\|. It returns \|nullopt\| if \|response\| encodes an
	// invalid point.
	base::Optional<bssl::UniquePtr<EC_POINT>> PointFromKeyAgreementResponse(
	const EC_GROUP* group,
	const KeyAgreementResponse& response);

	// CalculateSharedKey writes the CTAP2 shared key between \|key\| and \|peers_key\|
	// to \|out_shared_key\|.
	void CalculateSharedKey(const EC_KEY* key,
	const EC_POINT* peers_key,
	uint8_t out_shared_key[SHA256_DIGEST_LENGTH]);

	// EncodeCOSEPublicKey returns the public part of \|key\| as a COSE structure.
	cbor::Value::MapValue EncodeCOSEPublicKey(const EC_KEY* key);

	// Encrypt encrypts \|plaintext\| using \|key\|, writing the ciphertext to
	// \|out_ciphertext\|. \|plaintext\| must be a whole number of AES blocks.
	void Encrypt(const uint8_t key[SHA256_DIGEST_LENGTH],
	base::span<const uint8_t> plaintext,
	uint8_t* out_ciphertext);

	// Decrypt AES-256 CBC decrypts some number of whole blocks from \|ciphertext\|
	// into \|plaintext\|, using \|key\|.
	void Decrypt(const uint8_t key[SHA256_DIGEST_LENGTH],
	base::span<const uint8_t> ciphertext,
	uint8_t* out_plaintext);

	} // namespace pin
	} // namespace device

	#endif // DEVICE_FIDO_PIN_INTERNAL_H_