Scroll to navigation

FIDO_DEV_MAKE_CRED(3) Library Functions Manual FIDO_DEV_MAKE_CRED(3)


fido_dev_make_credgenerates a new credential on a FIDO2 device


#include <fido.h>

fido_dev_make_cred(fido_dev_t *dev, fido_cred_t *cred, const char *pin);


The () function asks the FIDO2 device represented by dev to generate a new credential according to the following parameters defined in cred:

  • type;
  • client data hash;
  • relying party;
  • user attributes;
  • list of excluded credential IDs;
  • resident/discoverable key and user verification attributes.

See fido_cred_set_authdata(3) for information on how these values are set.

If a PIN is not needed to authenticate the request against dev, then pin may be NULL. Otherwise pin must point to a NUL-terminated UTF-8 string.

After a successful call to (), the fido_cred_authdata_ptr(3), fido_cred_pubkey_ptr(3), fido_cred_x5c_ptr(3), and fido_cred_sig_ptr(3) functions may be invoked on cred to retrieve the various parts of the generated credential.

Please note that () is synchronous and will block if necessary.


The error codes returned by fido_dev_make_cred() are defined in <fido/err.h>. On success, FIDO_OK is returned.


fido_cred_new(3), fido_cred_set_authdata(3)

May 23, 2018 Linux 6.4.0-150600.23.7-default