Scroll to navigation

FIDO_DEV_MAKE_CRED(3) Library Functions Manual FIDO_DEV_MAKE_CRED(3)

NAME

fido_dev_make_credgenerates a new credential on a FIDO2 device

SYNOPSIS

#include <fido.h>

int
fido_dev_make_cred(fido_dev_t *dev, fido_cred_t *cred, const char *pin);

DESCRIPTION

The () function asks the FIDO2 device represented by dev to generate a new credential according to the following parameters defined in cred:

  • type;
  • client data hash;
  • relying party;
  • user attributes;
  • list of excluded credential IDs;
  • resident/discoverable key and user verification attributes.

See fido_cred_set_authdata(3) for information on how these values are set.

If a PIN is not needed to authenticate the request against dev, then pin may be NULL. Otherwise pin must point to a NUL-terminated UTF-8 string.

After a successful call to (), the fido_cred_authdata_ptr(3), fido_cred_pubkey_ptr(3), fido_cred_x5c_ptr(3), and fido_cred_sig_ptr(3) functions may be invoked on cred to retrieve the various parts of the generated credential.

Please note that () is synchronous and will block if necessary.

RETURN VALUES

The error codes returned by fido_dev_make_cred() are defined in <fido/err.h>. On success, FIDO_OK is returned.

SEE ALSO

fido_cred_new(3), fido_cred_set_authdata(3)

May 23, 2018 Linux 6.4.0-150600.23.17-default