/* * oxAuth is available under the MIT License (2008). See http://opensource.org/licenses/MIT for full text. * * Copyright (c) 2014, Gluu */ package org.xdi.oxauth.model.fido.u2f.message; import org.xdi.oxauth.model.fido.u2f.exception.BadInputException; /** * The authenticate response produced by the token/key, which is transformed by * the client into an AuthenticateResponse and sent to the server. * * @author Yuriy Movchan Date: 05/14/2015 */ public class RawAuthenticateResponse { public static final byte USER_PRESENT_FLAG = 0x01; private final byte userPresence; private final long counter; private final byte[] signature; public RawAuthenticateResponse(byte userPresence, long counter, byte[] signature) { this.userPresence = userPresence; this.counter = counter; this.signature = signature; } /** * Bit 0 is set to 1, which means that user presence was verified. (This * version of the protocol doesn't specify a way to request authentication * responses without requiring user presence.) A different value of bit 0, * as well as bits 1 through 7, are reserved for future use. The values of * bit 1 through 7 SHOULD be 0 */ public byte getUserPresence() { return userPresence; } /** * This is the big-endian representation of a counter value that the U2F * device increments every time it performs an authentication operation. */ public long getCounter() { return counter; } /** * This is a ECDSA signature (on P-256) */ public byte[] getSignature() { return signature; } public void checkUserPresence() throws BadInputException { if (userPresence != USER_PRESENT_FLAG) { throw new BadInputException("User presence invalid during authentication"); } } }