| Top | |
|
|
|
| GType | fpi_sdcp_claim_get_type () |
| FpiSdcpClaim * | fpi_sdcp_claim_new () |
| FpiSdcpClaim * | fpi_sdcp_claim_copy () |
| void | fpi_sdcp_claim_free () |
| void | fpi_sdcp_device_open_complete () |
| void | fpi_sdcp_device_get_connect_data () |
| void | fpi_sdcp_device_connect_complete () |
| void | fpi_sdcp_device_get_reconnect_data () |
| void | fpi_sdcp_device_reconnect_complete () |
| void | fpi_sdcp_device_list_complete () |
| void | fpi_sdcp_device_enroll_commit () |
| void | fpi_sdcp_device_enroll_commit_complete () |
| void | fpi_sdcp_device_get_identify_data () |
| void | fpi_sdcp_device_set_identify_data () |
| void | fpi_sdcp_device_identify_retry () |
| void | fpi_sdcp_device_identify_complete () |
| void | fpi_sdcp_device_get_print_id () |
| void | fpi_sdcp_device_set_print_id () |
| struct | FpiSdcpClaim |
| enum | FpiDeviceSdcpVerificationFlags |
| FpSdcpDeviceClass | |
| #define | FPI_SDCP_RANDOM_SIZE |
| #define | FPI_SDCP_APPLICATION_SECRET_SIZE |
| #define | FPI_SDCP_ENROLLMENT_ID_SIZE |
| #define | FPI_SDCP_NONCE_SIZE |
| #define | FPI_SDCP_MAC_SIZE |
| #define | FPI_SDCP_DIGEST_SIZE |
| #define | FPI_SDCP_CURVE_FIELD_SIZE |
| #define | FPI_SDCP_PUBLIC_KEY_SIZE |
| #define | FPI_SDCP_PRIVATE_KEY_SIZE |
| #define | FPI_SDCP_SIGNATURE_SIZE |
| #define | FPI_SDCP_ENCRYPTION_BLOCK_SIZE |
| #define | FPI_SDCP_ENCRYPTION_KEY_SIZE |
| #define | FPI_SDCP_DEFAULT_LABEL_MASTER_SECRET |
| #define | FPI_SDCP_DEFAULT_LABEL_APPLICATION_KEYS |
| #define | FPI_SDCP_DEFAULT_LABEL_CONNECT |
| #define | FPI_SDCP_DEFAULT_LABEL_RECONNECT |
| #define | FPI_SDCP_DEFAULT_LABEL_SAMPLE |
| #define | FPI_SDCP_DEFAULT_LABEL_ENROLL |
| #define | FPI_SDCP_DEFAULT_LABEL_IDENTIFY |
FpiSdcpClaim *
fpi_sdcp_claim_new (void);
Create an empty FpiSdcpClaim to provide to the base class.
FpiSdcpClaim *
fpi_sdcp_claim_copy (FpiSdcpClaim *other);
Create a (shallow) copy of a FpiSdcpClaim.
void
fpi_sdcp_claim_free (FpiSdcpClaim *claim);
Release the memory used by an FpiSdcpClaim.
void fpi_sdcp_device_open_complete (FpSdcpDevice *self,GError *error);
Reports completion of open operation. Responsible for triggering SDCP connect or reconnect as necessary.
void fpi_sdcp_device_get_connect_data (FpSdcpDevice *self,GBytes **host_random,GBytes **host_public_key);
void fpi_sdcp_device_connect_complete (FpSdcpDevice *self,GBytes *device_random,FpiSdcpClaim *claim,GBytes *mac,GError *error);
Reports completion of connect operation. Responsible for performing SDCP key agreement, deriving secrets necessary for processing all other SDCP-related payloads, and verifying the device connection is trusted.
self |
a FpSdcpDevice fingerprint device |
|
device_random |
The device random |
|
claim |
The device FpiSdcpClaim |
|
mac |
The MAC authenticating |
|
error |
A GError or |
void fpi_sdcp_device_get_reconnect_data (FpSdcpDevice *self,GBytes **reconnect_random);
void fpi_sdcp_device_reconnect_complete (FpSdcpDevice *self,GBytes *mac,GError *error);
Reports completion of a reconnect (i.e. open) operation.
self |
a FpSdcpDevice fingerprint device |
|
mac |
The MAC authenticating |
|
error |
A GError or |
void fpi_sdcp_device_list_complete (FpSdcpDevice *self,GPtrArray *ids,GError *error);
Convenience function to create the minimally required FpPrint list for
FpSdcpDevice prints using the provided ids
, then uses that FpPrint list to
report completion of the list operation.
If the device provides additional attributes that should be stored on each
FpPrint as part of the list operation, a GPtrArray of FpPrint can instead
be created with the additional attributes and fpi_device_list_complete() can
be used instead of this function.
Please note that the ids
array will be freed using g_ptr_array_unref() and
the elements are destroyed automatically. As such, you must use
g_ptr_array_new_with_free_func() with (GDestroyNotify) g_bytes_unref as the
free func when creating the GPtrArray.
self |
a FpSdcpDevice fingerprint device |
|
ids |
A GPtrArray of GBytes of each SDCP enrollment ID stored on the device |
|
error |
A GError or |
void fpi_sdcp_device_enroll_commit (FpSdcpDevice *self,GBytes *nonce,GError *error);
Called when the print is ready to be committed to device memory.
During enrollment, fpi_device_enroll_progress() must be called for each
successful stage before the print can be committed.
The nonce
generated by the device-specific EnrollmentNonce response must be
provided in order for the enrollment ID to be generated.
The driver's enroll_commit() vfunc will be triggered upon successfully
generating the enrollment ID.
self |
a FpSdcpDevice fingerprint device |
|
nonce |
The device generated nonce |
|
error |
a GError or |
void fpi_sdcp_device_enroll_commit_complete (FpSdcpDevice *self,GError *error);
Called when device has committed the given print to memory. This finalizes the enroll operation.
void fpi_sdcp_device_get_identify_data (FpSdcpDevice *self,GBytes **nonce);
void fpi_sdcp_device_set_identify_data (FpSdcpDevice *self,GBytes *nonce);
void fpi_sdcp_device_identify_retry (FpSdcpDevice *self,GError *error);
Called when the device requires the finger to be presented again. This should not be called for a verified no-match, it should only be called if e.g. the finger was not centered properly or similar.
Effectively this simply raises the error up. This function exists to bridge the difference in semantics that SDPC has from how libfprint works internally.
void fpi_sdcp_device_identify_complete (FpSdcpDevice *self,GBytes *id,GBytes *mac,GError *error);
Called when device is done with the identification routine. The
returned ID may be NULL if none of the in-device templates matched.
self |
a FpSdcpDevice fingerprint device |
|
id |
the ID as reported by the device. |
[transfer none] |
mac |
MAC authenticating the message. |
[transfer none] |
error |
GError if an error occured. |
[transfer full] |
void fpi_sdcp_device_get_print_id (FpPrint *print,GBytes **id);
Gets the SDCP enrollment ID from the print
data.
The returned id
may be NULL if the data was not set or in the wrong format.
struct FpiSdcpClaim {
const char *master_secret_label;
const char *application_keys_label;
const char *connect_label;
const char *reconnect_label;
const char *enroll_label;
const char *identify_label;
const char *sample_label;
GBytes *model_certificate; /* cert_m */
GBytes *device_public_key; /* pk_d */
GBytes *firmware_public_key; /* pk_f */
GBytes *firmware_hash; /* h_f */
GBytes *model_signature; /* s_m */
GBytes *device_signature; /* s_d */
};
Structure to hold the claim as produced by the device during a secure connect. See the SDCP specification for more details.
Note all of these may simply be memory views into a larger GBytes created
using g_bytes_new_from_bytes().
HMAC label for master secret derivation, or |
||
HMAC label for application keys derivation, or |
||
HMAC label for connect operations, or |
||
HMAC label for reconnect operations, or |
||
HMAC label for enroll operations, or |
||
HMAC label for identify operations, or |
||
HMAC label for sample operations, or |
||
Microsoft-issued per-model certificate encoded in x509
ASN.1 DER format ( |
||
The per-device ECDSA public key ( |
||
The ephemeral public key generated by the device
firmware ( |
||
Hash of the firmware and firmware public key ( |
||
Device public key signed by the model key ( |
||
Firmware hash and public key signed by the device private
key ( |
Bitfield of SDCP verification flags for a device.
|
No flags. Perform all verifications. |
||
|
Skip validating the device's FpiSdcpClaim.model_certificate against the SDCP truststore. SDCP truststore. It determines if the model certificate (cert_m) should be parsed and its trust chain validated as issued from Microsoft's well-known issuers. |
||
|
Skip validating the FpiSdcpClaim.model_signature and FpiSdcpClaim.device_signature. It determines if the model signature (s_m) and device signature (s_d) should be validated against the certificate and keys provided in the claim. |
||
|
Skip validating the certificate's validity period. |
||
|
Use a less strict validation approach for the certificate, allowing certain non-critical issues to be ignored. |
||
FPI_DEVICE_SDCP_VERIFICATION_CERTIFICATE_ALLOW_PARTIAL_CHAIN |
Allow validation of the certificate even if the trust chain is incomplete. |
typedef struct {
FpDeviceClass parent_class;
FpiDeviceSdcpVerificationFlags verification_flags;
void (*open) (FpSdcpDevice *sdcp_device);
void (*connect) (FpSdcpDevice *sdcp_device);
void (*reconnect) (FpSdcpDevice *sdcp_device);
void (*list) (FpSdcpDevice *sdcp_device);
void (*enroll) (FpSdcpDevice *sdcp_device);
void (*enroll_commit) (FpSdcpDevice *sdcp_device,
GBytes *id);
void (*identify) (FpSdcpDevice *sdcp_device);
} FpSdcpDeviceClass;
These are the main entry points for drivers implementing SDCP.
Drivers *must* eventually call the corresponding function to finish the operation.
The following FpDeviceClass entry points are also compatible and can be set on the FpDeviceClass if supported for a given device:
Drivers *must* also handle cancellation properly for any long running operation (i.e. any operation that requires capturing). It is entirely fine to ignore cancellation requests for short operations (e.g. open/close).
This API is solely intended for drivers. It is purely internal and neither API nor ABI stable.
FpiDeviceSdcpVerificationFlags |
Bitfield of FpiDeviceSdcpVerificationFlags to control verification behavior. |
|
Open the device. Similar to FpDeviceClass.open except that
completion with |
||
Establish SDCP connection. |
||
Perform a faster reconnect. Drivers do not need to provide this function. If reconnect fails, then a normal connect will be tried. |
||
List prints stored on the device. The driver must create a GPtrArray
of GBytes with each enrollment ID stored on the device and use it to call
|
||
Start the enrollment procedure and capture all samples. The driver
must report enrollment progress using |
||
Commit the newly-enrolled print to the device memory using
the passed id. id may be |
||
Start identification process. On completion, the driver must call
|
#define FPI_SDCP_DEFAULT_LABEL_APPLICATION_KEYS "application keys"