Zephyr API Documentation 4.4.99
A Scalable Open Source RTOS
Loading...
Searching...
No Matches
fido2_storage.h
Go to the documentation of this file.
1/*
2 * Copyright (c) 2026 Siratul Islam <email@sirat.me>
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
11
12#ifndef ZEPHYR_INCLUDE_AUTHENTICATION_FIDO2_FIDO2_STORAGE_H_
13#define ZEPHYR_INCLUDE_AUTHENTICATION_FIDO2_FIDO2_STORAGE_H_
14
15#include <zephyr/authentication/fido2/fido2_types.h>
16#include <stddef.h>
17
23
24#ifdef __cplusplus
25extern "C" {
26#endif
27
35typedef int (*fido2_storage_iterate_cb_t)(const struct fido2_credential *cred, void *user_data);
36
38struct fido2_storage_api {
40 int (*init)(void);
42 int (*store)(const struct fido2_credential *cred);
44 int (*load)(const uint8_t *cred_id, size_t cred_id_len, struct fido2_credential *cred);
46 int (*remove)(const uint8_t *cred_id, size_t cred_id_len, struct fido2_credential *cred);
48 int (*find_by_rp)(const uint8_t rp_id_hash[FIDO2_SHA256_SIZE],
49 struct fido2_credential *creds, size_t max_creds, size_t *count);
51 int (*enumerate_rps)(size_t offset, struct fido2_credential *creds, size_t max_creds,
52 size_t *count);
54 int (*iterate)(fido2_storage_iterate_cb_t cb, void *user_data);
56 int (*sign_count_increment)(const uint8_t *cred_id, size_t cred_id_len,
57 uint32_t *new_count);
59 int (*update_user_info)(const uint8_t *cred_id, size_t cred_id_len, const char *user_name,
60 const char *user_display_name);
62 int (*credential_count)(size_t *count);
64 int (*wipe_all)(void);
66 int (*pin_set)(const uint8_t pin_hash[FIDO2_PIN_HASH_SIZE]);
68 int (*pin_get)(uint8_t pin_hash[FIDO2_PIN_HASH_SIZE]);
70 int (*pin_retries_get)(uint8_t *retries);
72 int (*pin_retries_decrement)(void);
74 int (*pin_retries_reset)(void);
75};
76
83extern const struct fido2_storage_api fido2_storage_backend;
84
88
94int fido2_storage_init(void);
95
102int fido2_storage_store(const struct fido2_credential *cred);
103
112int fido2_storage_load(const uint8_t *cred_id, size_t cred_id_len, struct fido2_credential *cred);
113
121int fido2_storage_remove(const uint8_t *cred_id, size_t cred_id_len);
122
131int fido2_storage_find_by_rp(const uint8_t rp_id_hash[FIDO2_SHA256_SIZE],
132 struct fido2_credential *creds, size_t max_creds, size_t *count);
133
143int fido2_storage_enumerate_rps(size_t offset, struct fido2_credential *creds, size_t max_creds,
144 size_t *count);
145
154int fido2_storage_sign_count_increment(const uint8_t *cred_id, size_t cred_id_len,
155 uint32_t *new_count);
156
160
161#ifdef __cplusplus
162}
163#endif
164
166
167#endif /* ZEPHYR_INCLUDE_AUTHENTICATION_FIDO2_FIDO2_STORAGE_H_ */
fido2_types.h
FIDO2 shared type definitions.
fido2_storage_backend
const struct fido2_storage_api fido2_storage_backend
FIDO2 storage backend instance.
FIDO2_PIN_HASH_SIZE
#define FIDO2_PIN_HASH_SIZE
PIN hash size.
Definition fido2_types.h:55
fido2_storage_iterate_cb_t
int(* fido2_storage_iterate_cb_t)(const struct fido2_credential *cred, void *user_data)
FIDO2 credential storage.
Definition fido2_storage.h:35
FIDO2_SHA256_SIZE
#define FIDO2_SHA256_SIZE
SHA-256 hash size.
Definition fido2_types.h:52
uint32_t
__UINT32_TYPE__ uint32_t
Definition stdint.h:90
uint8_t
__UINT8_TYPE__ uint8_t
Definition stdint.h:88
fido2_credential
A stored FIDO2 credential.
Definition fido2_types.h:186
fido2_storage_api
Storage backend API.
Definition fido2_storage.h:38
fido2_storage_api::enumerate_rps
int(* enumerate_rps)(size_t offset, struct fido2_credential *creds, size_t max_creds, size_t *count)
Enumerate unique Relying Party IDs from stored credentials.
Definition fido2_storage.h:51
fido2_storage_api::update_user_info
int(* update_user_info)(const uint8_t *cred_id, size_t cred_id_len, const char *user_name, const char *user_display_name)
Update user information for an existing credential.
Definition fido2_storage.h:59
fido2_storage_api::pin_get
int(* pin_get)(uint8_t pin_hash[16])
Load stored PIN hash.
Definition fido2_storage.h:68
fido2_storage_api::wipe_all
int(* wipe_all)(void)
Wipe all stored credentials and PIN state.
Definition fido2_storage.h:64
fido2_storage_api::iterate
int(* iterate)(fido2_storage_iterate_cb_t cb, void *user_data)
Iterate all stored credentials.
Definition fido2_storage.h:54
fido2_storage_api::find_by_rp
int(* find_by_rp)(const uint8_t rp_id_hash[32], struct fido2_credential *creds, size_t max_creds, size_t *count)
Find credentials by relying party ID hash.
Definition fido2_storage.h:48
fido2_storage_api::remove
int(* remove)(const uint8_t *cred_id, size_t cred_id_len, struct fido2_credential *cred)
Remove a credential by ID.
Definition fido2_storage.h:46
fido2_storage_api::load
int(* load)(const uint8_t *cred_id, size_t cred_id_len, struct fido2_credential *cred)
Load a credential by ID.
Definition fido2_storage.h:44
fido2_storage_api::init
int(* init)(void)
Initialize the storage backend.
Definition fido2_storage.h:40
fido2_storage_api::store
int(* store)(const struct fido2_credential *cred)
Store a credential.
Definition fido2_storage.h:42
fido2_storage_api::pin_retries_get
int(* pin_retries_get)(uint8_t *retries)
Get remaining PIN retry count.
Definition fido2_storage.h:70
fido2_storage_api::pin_retries_reset
int(* pin_retries_reset)(void)
Reset PIN retry counter to maximum.
Definition fido2_storage.h:74
fido2_storage_api::sign_count_increment
int(* sign_count_increment)(const uint8_t *cred_id, size_t cred_id_len, uint32_t *new_count)
Increment and return the signature counter.
Definition fido2_storage.h:56
fido2_storage_api::pin_retries_decrement
int(* pin_retries_decrement)(void)
Decrement PIN retry counter.
Definition fido2_storage.h:72
fido2_storage_api::credential_count
int(* credential_count)(size_t *count)
Get the total number of discoverable credentials stored.
Definition fido2_storage.h:62
fido2_storage_api::pin_set
int(* pin_set)(const uint8_t pin_hash[16])
Store PIN hash.
Definition fido2_storage.h:66