The FIDO Client APIs provide Fast IDentity Online UAF Client specification APIs.
Required Header
#include <fido.h>
Overview
The FIDO Universal Authentication Framework (UAF) Client APIs provide APIs for application developers to utilize Device's available authenticators for online service integration. The goal of this Universal Authentication Framework is to provide a unified and extensible authentication mechanism that supplants passwords while avoiding the shortcomings of current alternative authentication approaches. More details about the FIDO specification can be found in https://fidoalliance.org/specifications/download/
Related Features
This API is related with the following feature:
It is recommended to design feature related codes in your application for reliability.
You can check if a device supports the related features for this API by using System Information, thereby controlling the procedure of your application.
To ensure your application is only running on the device with specific features, please define the features in your manifest file using the manifest editor in the SDK.
More details on featuring your application can be found from Feature List.
Tizen FIDO UAF Client Framework. Refer to https://fidoalliance.org/specifications/download/ about FIDO UAF. Also FIDO server document needs to be referred for using end points and additional parameters.
Define Documentation
The FIDO Server response for successful interaction.
- Since :
- 3.0
Typedef Documentation
The structure type for the Authenticator handle.
- Since :
- 3.0
Enumeration Type Documentation
Authenticator's supported algorithm and encoding.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_ALGO_SECP256R1_ECDSA_SHA256_RAW |
SECP256R1 ECDSA SHA256 Raw
|
| FIDO_AUTH_ALGO_SECP256R1_ECDSA_SHA256_DER |
SECP256R1 ECDSA SHA256 DER
|
| FIDO_AUTH_ALGO_RSASSA_PSS_SHA256_RAW |
RSA PSS SHA256 Raw
|
| FIDO_AUTH_ALGO_RSASSA_PSS_SHA256_DER |
RSA PSS SHA256 DER
|
| FIDO_AUTH_ALGO_SECP256K1_ECDSA_SHA256_RAW |
SECP256K1 ECDSA SHA256 Raw
|
| FIDO_AUTH_ALGO_SECP256K1_ECDSA_SHA256_DER |
SECP256K1 ECDSA SHA256 DER
|
Authenticator's supported method to communicate to FIDO user device.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_ATTACH_HINT_INTERNAL |
Authenticator is permanently attached to the FIDO User Device.
|
| FIDO_AUTH_ATTACH_HINT_EXTERNAL |
Authenticator is removable or remote from the FIDO User Device.
|
| FIDO_AUTH_ATTACH_HINT_WIRED |
The external authenticator currently has an exclusive wired connection.
|
| FIDO_AUTH_ATTACH_HINT_WIRELESS |
The external authenticator communicates with the FIDO User Device through wireless means.
|
| FIDO_AUTH_ATTACH_HINT_NFC |
Authenticator is able to communicate by NFC to the FIDO User Device.
|
| FIDO_AUTH_ATTACH_HINT_BT |
Authenticator is able to communicate by Bluetooth to the FIDO User Device.
|
| FIDO_AUTH_ATTACH_HINT_NW |
Authenticator is connected to the FIDO User Device over a non-exclusive network (e.g. over a TCP/IP LAN or WAN, as opposed to a PAN or point-to-point connection).
|
| FIDO_AUTH_ATTACH_HINT_READY |
The external authenticator is in a "ready" state.
|
| FIDO_AUTH_ATTACH_HINT_WIFI_DIRECT |
The external authenticator is able to communicate using WiFi Direct with the FIDO User Device.
|
Authenticator's supported Attestation type.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_ATT_TYPE_BASIC_FULL |
Full basic attestation.
|
| FIDO_AUTH_ATT_TYPE_BASIC_SURROGATE |
Surrogate basic attestation.
|
Authenticator's supported key protection method type.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_KEY_PROT_TYPE_SOFTWARE |
Software based key management.
|
| FIDO_AUTH_KEY_PROT_TYPE_HARDWARE |
Hardware based key management.
|
| FIDO_AUTH_KEY_PROT_TYPE_TEE |
Trusted Execution Environment based key management.
|
| FIDO_AUTH_KEY_PROT_TYPE_SECURE_ELEMENT |
Secure Element based key management.
|
| FIDO_AUTH_KEY_PROT_TYPE_REMOTE_HANDLE |
Authenticator does not store (wrapped) UAuth keys at the client, but relies on a server-provided key handle.
|
Authenticator's supported matcher protection type.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_MATCH_PROT_TYPE_SOFTWARE |
Authenticator's matcher is running in software.
|
| FIDO_AUTH_MATCH_PROT_TYPE_TEE |
Authenticator's matcher is running inside the Trusted Execution Environment.
|
| FIDO_AUTH_MATCH_PROT_TYPE_ON_CHIP |
Authenticator's matcher is running on the chip.
|
Transaction confirmation display capability type.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_TC_DISP_TYPE_ANY |
Some form of transaction confirmation display is available on this authenticator.
|
| FIDO_AUTH_TC_DISP_TYPE_PRIVILEGED_SOFTWARE |
Software-based transaction confirmation display operating in a privileged context is available on this authenticator.
|
| FIDO_AUTH_TC_DISP_TYPE_TEE |
Transaction confirmation display is in a Trusted Execution Environment.
|
| FIDO_AUTH_TC_DISP_TYPE_HW |
Transaction confirmation display based on hardware assisted capabilities is available on this authenticator.
|
| FIDO_AUTH_TC_DISP_TYPE_REMOTE |
Transaction confirmation display is provided on a distinct device from the FIDO User Device.
|
Authenticator's supported user verification method type.
- Since :
- 3.0
- Enumerator:
| FIDO_AUTH_USR_VERIFY_TYPE_PRESENCE |
User presence verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_FINGERPRINT |
User fingerprint verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_PASSCODE |
User passcode verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_VOICEPRINT |
User voiceprint verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_FACEPRINT |
User faceprint verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_LOCATION |
User location verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_EYEPRINT |
User eyeprint verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_PATTERN |
User pattern verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_HANDPRINT |
User handprint verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_NONE |
Silent verification.
|
| FIDO_AUTH_USR_VERIFY_TYPE_ALL |
If an authenticator sets multiple flags for user verification types, it may also set this flag to indicate that all verification methods will be enforced (e.g. faceprint AND voiceprint). If flags for multiple user verification methods are set and this flag is not set, verification with only one is necessary (e.g. fingerprint OR passcode).
|
Enumerations of error codes for FIDO APIs.
- Since :
- 3.0
- Enumerator:
| FIDO_ERROR_NONE |
Successful.
|
| FIDO_ERROR_OUT_OF_MEMORY |
Out of memory.
|
| FIDO_ERROR_INVALID_PARAMETER |
Invalid parameter.
|
| FIDO_ERROR_NO_DATA |
Empty data.
|
| FIDO_ERROR_PERMISSION_DENIED |
Permission Denied.
|
| FIDO_ERROR_NOT_SUPPORTED |
FIDO is unsupported.
|
| FIDO_ERROR_USER_ACTION_IN_PROGRESS |
User action is in progress.
|
| FIDO_ERROR_USER_CANCELLED |
User has canceled the operation.
|
| FIDO_ERROR_UNSUPPORTED_VERSION |
UAF message's version is not supported.
|
| FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR |
No suitable authenticators found.
|
| FIDO_ERROR_PROTOCOL_ERROR |
Protocol error, the interaction may have timed out, or the UAF message is malformed.
|
| FIDO_ERROR_UNTRUSTED_FACET_ID |
The caller's id is not allowed to use this operation.
|
| FIDO_ERROR_UNKNOWN |
Unknown system error.
|
Function Documentation
Gets the FIDO client vendor name.
- Since :
- 3.0
- Parameters:
-
| [out] | vendor_name | The vendor name |
- Returns:
0 on success, otherwise a negative error value
- Return values:
-
Gets the FIDO client vendor version information.
- Since :
- 3.0
- Parameters:
-
| [out] | client_major_version | The FIDO client major version |
| [out] | client_minor_version | The FIDO client minor version |
- Returns:
0 on success, otherwise a negative error value
- Return values:
-