1 files changed, 13 insertions, 2 deletions

diff --git a/include/u2f_impl.h b/include/u2f_impl.h
index 5bd69309c6..2c63d11d87 100644
--- a/include/u2f_impl.h
+++ b/include/u2f_impl.h
@@ -76,13 +76,14 @@ int u2f_origin_user_keyhandle(const uint8_t *origin, const uint8_t *user,
  * @param user pointer to user secret
  * @param seed pointer to origin-specific random seed
  * @param version the version byte to pack; should be greater than 0.
- * @param key_handle buffer to hold the output key handle
+ * @param key_handle_header buffer to hold the output key handle header
  *
  * @return EC_SUCCESS if a valid keypair was created.
  */
 int u2f_origin_user_versioned_keyhandle(
 	const uint8_t *origin, const uint8_t *user, const uint8_t *seed,
-	uint8_t version, struct u2f_versioned_key_handle *key_handle);
+	uint8_t version,
+	struct u2f_versioned_key_handle_header *key_handle_header);
 
 /**
  * Generate an origin and user-specific ECDSA keypair from the specified
@@ -101,6 +102,16 @@ int u2f_origin_user_versioned_keyhandle(
 int u2f_origin_user_keypair(const uint8_t *key_handle, size_t key_handle_size,
 			    p256_int *d, p256_int *pk_x, p256_int *pk_y);
 
+/**
+ * Derive an hmac from the given salt, key handle and hash. The salt is to make
+ * sure the hmac is different for different key handles of one user. The key
+ * handle header is encoded into the authorization hmac to protect against
+ * swapping auth time secret.
+ */
+int u2f_authorization_hmac(const uint8_t *authorization_salt,
+			   const struct u2f_versioned_key_handle_header *header,
+			   const uint8_t *auth_time_secret_hash, uint8_t *hmac);
+
 /***
  * Generate a hardware derived 256b private key.
  *