Move 3 pure constants to new file

src/api/customization.rs

@@ -68,6 +68,16 @@ pub trait Customization {
     /// the minimum PIN length with the minPinLength extension.
     fn default_min_pin_length_rp_ids(&self) -> &[&str];
 
+    /// Enforces the alwaysUv option.
+    ///
+    /// When setting to true, commands require a PIN.
+    /// Also, alwaysUv can not be disabled by commands.
+    ///
+    /// A certification (additional to FIDO Alliance's) might require enforcing
+    /// alwaysUv. Otherwise, users should have the choice to configure alwaysUv.
+    /// Calling toggleAlwaysUv is preferred over enforcing alwaysUv here.
+    fn enforce_always_uv(&self) -> bool;
+
     /// Maximum message size send for CTAP commands.
     ///
     /// The maximum value is 7609, as HID packets can not encode longer messages.
@@ -77,6 +87,28 @@ pub trait Customization {
     /// this value.
     fn max_msg_size(&self) -> usize;
 
+    /// Sets the number of consecutive failed PINs before blocking interaction.
+    ///
+    /// # Invariant
+    ///
+    /// - CTAP2.0: Maximum PIN retries must be 8.
+    /// - CTAP2.1: Maximum PIN retries must be 8 at most.
+    ///
+    /// The fail retry counter is reset after entering the correct PIN.
+    fn max_pin_retries(&self) -> u8;
+
+    /// Enables or disables signature counters.
+    ///
+    /// The signature counter is currently implemented as a global counter.
+    /// The specification strongly suggests to have per-credential counters.
+    /// Implementing those means you can't have an infinite amount of server-side
+    /// credentials anymore. Also, since counters need frequent writes on the
+    /// persistent storage, we might need a flash friendly implementation. This
+    /// solution is a compromise to be compatible with U2F and not wasting storage.
+    ///
+    /// https://www.w3.org/TR/webauthn/#signature-counter
+    fn use_signature_counter(&self) -> bool;
+
     // ###########################################################################
     // Constants for performance optimization or adapting to different hardware.
     //
@@ -102,18 +134,24 @@ pub trait Customization {
 
 #[derive(Clone)]
 pub struct CustomizationImpl {
+    pub default_cred_protect: Option<CredentialProtectionPolicy>,
     pub default_min_pin_length: u8,
     pub default_min_pin_length_rp_ids: &'static [&'static str],
-    pub default_cred_protect: Option<CredentialProtectionPolicy>,
+    pub enforce_always_uv: bool,
     pub max_msg_size: usize,
+    pub max_pin_retries: u8,
+    pub use_signature_counter: bool,
     pub max_rp_ids_length: usize,
 }
 
 pub const DEFAULT_CUSTOMIZATION: CustomizationImpl = CustomizationImpl {
     default_min_pin_length: 4,
     default_min_pin_length_rp_ids: &[],
+    enforce_always_uv: false,
     default_cred_protect: None,
     max_msg_size: 7609,
+    max_pin_retries: 8,
+    use_signature_counter: true,
     max_rp_ids_length: 8,
 };
 
@@ -130,10 +168,22 @@ impl Customization for CustomizationImpl {
         self.default_min_pin_length_rp_ids
     }
 
+    fn enforce_always_uv(&self) -> bool {
+        self.enforce_always_uv
+    }
+
     fn max_msg_size(&self) -> usize {
         self.max_msg_size
     }
 
+    fn max_pin_retries(&self) -> u8 {
+        self.max_pin_retries
+    }
+
+    fn use_signature_counter(&self) -> bool {
+        self.use_signature_counter
+    }
+
     fn max_rp_ids_length(&self) -> usize {
         self.max_rp_ids_length
     }
@@ -151,6 +201,11 @@ pub fn is_valid(customization: &impl Customization) -> bool {
         return false;
     }
 
+    // Max pin retries must be less or equal than 8.
+    if customization.max_pin_retries() > 8 {
+        return false;
+    }
+
     // Default min pin length rp ids must be non-empty if max rp ids length is 0.
     if customization.max_rp_ids_length() == 0
         && customization.default_min_pin_length_rp_ids().is_empty()