Tizen Native API  6.5

The FIDO Client APIs provide Fast IDentity Online UAF Client specification APIs.

Required Header

#include <fido.h>

Overview

The FIDO Universal Authentication Framework (UAF) Client APIs provide APIs for application developers to utilize Device's available authenticators for online service integration. The goal of this Universal Authentication Framework is to provide a unified and extensible authentication mechanism that supplants passwords while avoiding the shortcomings of current alternative authentication approaches. More details about the FIDO specification can be found in https://fidoalliance.org/specifications/download/

Related Features

This API is related with the following feature:

  • http://tizen.org/feature/fido.uaf

It is recommended to design feature related codes in your application for reliability.

You can check if a device supports the related features for this API by using System Information, thereby controlling the procedure of your application.

To ensure your application is only running on the device with specific features, please define the features in your manifest file using the manifest editor in the SDK.

More details on featuring your application can be found from Feature List.

Tizen FIDO UAF Client Framework. Refer to https://fidoalliance.org/specifications/download/ about FIDO UAF. Also FIDO server document needs to be referred for using end points and additional parameters.

Functions

int fido_get_client_vendor (char **vendor_name)
 Gets the FIDO client vendor name.
int fido_get_client_version (int *client_major_version, int *client_minor_version)
 Gets the FIDO client vendor version information.

Typedefs

typedef struct
fido_authenticator_s * 
fido_authenticator_h
 The structure type for the Authenticator handle.

Defines

#define FIDO_SERVER_STATUS_CODE_OK   1200
 The FIDO Server response for successful interaction.

Define Documentation

#define FIDO_SERVER_STATUS_CODE_OK   1200

The FIDO Server response for successful interaction.

Since :
3.0

Typedef Documentation

typedef struct fido_authenticator_s* fido_authenticator_h

The structure type for the Authenticator handle.

Since :
3.0

Enumeration Type Documentation

Authenticator's supported algorithm and encoding.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_ALGO_SECP256R1_ECDSA_SHA256_RAW 

SECP256R1 ECDSA SHA256 Raw

FIDO_AUTH_ALGO_SECP256R1_ECDSA_SHA256_DER 

SECP256R1 ECDSA SHA256 DER

FIDO_AUTH_ALGO_RSASSA_PSS_SHA256_RAW 

RSA PSS SHA256 Raw

FIDO_AUTH_ALGO_RSASSA_PSS_SHA256_DER 

RSA PSS SHA256 DER

FIDO_AUTH_ALGO_SECP256K1_ECDSA_SHA256_RAW 

SECP256K1 ECDSA SHA256 Raw

FIDO_AUTH_ALGO_SECP256K1_ECDSA_SHA256_DER 

SECP256K1 ECDSA SHA256 DER

Authenticator's supported method to communicate to FIDO user device.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_ATTACH_HINT_INTERNAL 

Authenticator is permanently attached to the FIDO User Device.

FIDO_AUTH_ATTACH_HINT_EXTERNAL 

Authenticator is removable or remote from the FIDO User Device.

FIDO_AUTH_ATTACH_HINT_WIRED 

The external authenticator currently has an exclusive wired connection.

FIDO_AUTH_ATTACH_HINT_WIRELESS 

The external authenticator communicates with the FIDO User Device through wireless means.

FIDO_AUTH_ATTACH_HINT_NFC 

Authenticator is able to communicate by NFC to the FIDO User Device.

FIDO_AUTH_ATTACH_HINT_BT 

Authenticator is able to communicate by Bluetooth to the FIDO User Device.

FIDO_AUTH_ATTACH_HINT_NW 

Authenticator is connected to the FIDO User Device over a non-exclusive network (e.g. over a TCP/IP LAN or WAN, as opposed to a PAN or point-to-point connection).

FIDO_AUTH_ATTACH_HINT_READY 

The external authenticator is in a "ready" state.

FIDO_AUTH_ATTACH_HINT_WIFI_DIRECT 

The external authenticator is able to communicate using WiFi Direct with the FIDO User Device.

Authenticator's supported Attestation type.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_ATT_TYPE_BASIC_FULL 

Full basic attestation.

FIDO_AUTH_ATT_TYPE_BASIC_SURROGATE 

Surrogate basic attestation.

Authenticator's supported key protection method type.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_KEY_PROT_TYPE_SOFTWARE 

Software based key management.

FIDO_AUTH_KEY_PROT_TYPE_HARDWARE 

Hardware based key management.

FIDO_AUTH_KEY_PROT_TYPE_TEE 

Trusted Execution Environment based key management.

FIDO_AUTH_KEY_PROT_TYPE_SECURE_ELEMENT 

Secure Element based key management.

FIDO_AUTH_KEY_PROT_TYPE_REMOTE_HANDLE 

Authenticator does not store (wrapped) UAuth keys at the client, but relies on a server-provided key handle.

Authenticator's supported matcher protection type.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_MATCH_PROT_TYPE_SOFTWARE 

Authenticator's matcher is running in software.

FIDO_AUTH_MATCH_PROT_TYPE_TEE 

Authenticator's matcher is running inside the Trusted Execution Environment.

FIDO_AUTH_MATCH_PROT_TYPE_ON_CHIP 

Authenticator's matcher is running on the chip.

Transaction confirmation display capability type.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_TC_DISP_TYPE_ANY 

Some form of transaction confirmation display is available on this authenticator.

FIDO_AUTH_TC_DISP_TYPE_PRIVILEGED_SOFTWARE 

Software-based transaction confirmation display operating in a privileged context is available on this authenticator.

FIDO_AUTH_TC_DISP_TYPE_TEE 

Transaction confirmation display is in a Trusted Execution Environment.

FIDO_AUTH_TC_DISP_TYPE_HW 

Transaction confirmation display based on hardware assisted capabilities is available on this authenticator.

FIDO_AUTH_TC_DISP_TYPE_REMOTE 

Transaction confirmation display is provided on a distinct device from the FIDO User Device.

Authenticator's supported user verification method type.

Remarks:
Refer to FIDO UAF Registry document for more details.
Since :
3.0
Enumerator:
FIDO_AUTH_USR_VERIFY_TYPE_PRESENCE 

User presence verification.

FIDO_AUTH_USR_VERIFY_TYPE_FINGERPRINT 

User fingerprint verification.

FIDO_AUTH_USR_VERIFY_TYPE_PASSCODE 

User passcode verification.

FIDO_AUTH_USR_VERIFY_TYPE_VOICEPRINT 

User voiceprint verification.

FIDO_AUTH_USR_VERIFY_TYPE_FACEPRINT 

User faceprint verification.

FIDO_AUTH_USR_VERIFY_TYPE_LOCATION 

User location verification.

FIDO_AUTH_USR_VERIFY_TYPE_EYEPRINT 

User eyeprint verification.

FIDO_AUTH_USR_VERIFY_TYPE_PATTERN 

User pattern verification.

FIDO_AUTH_USR_VERIFY_TYPE_HANDPRINT 

User handprint verification.

FIDO_AUTH_USR_VERIFY_TYPE_NONE 

Silent verification.

FIDO_AUTH_USR_VERIFY_TYPE_ALL 

If an authenticator sets multiple flags for user verification types, it may also set this flag to indicate that all verification methods will be enforced (e.g. faceprint AND voiceprint). If flags for multiple user verification methods are set and this flag is not set, verification with only one is necessary (e.g. fingerprint OR passcode).

Enumerations of error codes for FIDO APIs.

Since :
3.0
Enumerator:
FIDO_ERROR_NONE 

Successful.

FIDO_ERROR_OUT_OF_MEMORY 

Out of memory.

FIDO_ERROR_INVALID_PARAMETER 

Invalid parameter.

FIDO_ERROR_NO_DATA 

Empty data.

FIDO_ERROR_PERMISSION_DENIED 

Permission Denied.

FIDO_ERROR_NOT_SUPPORTED 

FIDO is unsupported.

FIDO_ERROR_USER_ACTION_IN_PROGRESS 

User action is in progress.

FIDO_ERROR_USER_CANCELLED 

User has canceled the operation.

FIDO_ERROR_UNSUPPORTED_VERSION 

UAF message's version is not supported.

FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR 

No suitable authenticators found.

FIDO_ERROR_PROTOCOL_ERROR 

Protocol error, the interaction may have timed out, or the UAF message is malformed.

FIDO_ERROR_UNTRUSTED_FACET_ID 

The caller's id is not allowed to use this operation.

FIDO_ERROR_UNKNOWN 

Unknown system error.


Function Documentation

int fido_get_client_vendor ( char **  vendor_name)

Gets the FIDO client vendor name.

Since :
3.0
Remarks:
The vendor_name should be released using free().
Parameters:
[out]vendor_nameThe vendor name
Returns:
0 on success, otherwise a negative error value
Return values:
FIDO_ERROR_NONESuccessful
FIDO_ERROR_OUT_OF_MEMORYOut of Memory
FIDO_ERROR_INVALID_PARAMETERInvalid parameter
int fido_get_client_version ( int *  client_major_version,
int *  client_minor_version 
)

Gets the FIDO client vendor version information.

Since :
3.0
Parameters:
[out]client_major_versionThe FIDO client major version
[out]client_minor_versionThe FIDO client minor version
Returns:
0 on success, otherwise a negative error value
Return values:
FIDO_ERROR_NONESuccessful
FIDO_ERROR_OUT_OF_MEMORYOut of Memory
FIDO_ERROR_INVALID_PARAMETERInvalid parameter