10afa8e06SEd Maste.\" Copyright (c) 2018 Yubico AB. All rights reserved. 2*2ccfa855SEd Maste.\" 3*2ccfa855SEd Maste.\" Redistribution and use in source and binary forms, with or without 4*2ccfa855SEd Maste.\" modification, are permitted provided that the following conditions are 5*2ccfa855SEd Maste.\" met: 6*2ccfa855SEd Maste.\" 7*2ccfa855SEd Maste.\" 1. Redistributions of source code must retain the above copyright 8*2ccfa855SEd Maste.\" notice, this list of conditions and the following disclaimer. 9*2ccfa855SEd Maste.\" 2. Redistributions in binary form must reproduce the above copyright 10*2ccfa855SEd Maste.\" notice, this list of conditions and the following disclaimer in 11*2ccfa855SEd Maste.\" the documentation and/or other materials provided with the 12*2ccfa855SEd Maste.\" distribution. 13*2ccfa855SEd Maste.\" 14*2ccfa855SEd Maste.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 15*2ccfa855SEd Maste.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 16*2ccfa855SEd Maste.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 17*2ccfa855SEd Maste.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 18*2ccfa855SEd Maste.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 19*2ccfa855SEd Maste.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 20*2ccfa855SEd Maste.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21*2ccfa855SEd Maste.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22*2ccfa855SEd Maste.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23*2ccfa855SEd Maste.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 24*2ccfa855SEd Maste.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25*2ccfa855SEd Maste.\" 26*2ccfa855SEd Maste.\" SPDX-License-Identifier: BSD-2-Clause 270afa8e06SEd Maste.\" 280afa8e06SEd Maste.Dd $Mdocdate: May 23 2018 $ 290afa8e06SEd Maste.Dt FIDO_DEV_MAKE_CRED 3 300afa8e06SEd Maste.Os 310afa8e06SEd Maste.Sh NAME 320afa8e06SEd Maste.Nm fido_dev_make_cred 333e696dfbSEd Maste.Nd generates a new credential on a FIDO2 device 340afa8e06SEd Maste.Sh SYNOPSIS 350afa8e06SEd Maste.In fido.h 360afa8e06SEd Maste.Ft int 370afa8e06SEd Maste.Fn fido_dev_make_cred "fido_dev_t *dev" "fido_cred_t *cred" "const char *pin" 380afa8e06SEd Maste.Sh DESCRIPTION 390afa8e06SEd MasteThe 400afa8e06SEd Maste.Fn fido_dev_make_cred 413e696dfbSEd Mastefunction asks the FIDO2 device represented by 420afa8e06SEd Maste.Fa dev 430afa8e06SEd Masteto generate a new credential according to the following parameters 440afa8e06SEd Mastedefined in 450afa8e06SEd Maste.Fa cred : 460afa8e06SEd Maste.Pp 470afa8e06SEd Maste.Bl -dash -compact 480afa8e06SEd Maste.It 490afa8e06SEd Maste.Nm type ; 500afa8e06SEd Maste.It 510afa8e06SEd Maste.Nm client data hash ; 520afa8e06SEd Maste.It 530afa8e06SEd Maste.Nm relying party ; 540afa8e06SEd Maste.It 550afa8e06SEd Maste.Nm user attributes ; 560afa8e06SEd Maste.It 570afa8e06SEd Maste.Nm list of excluded credential IDs ; 580afa8e06SEd Maste.It 590afa8e06SEd Maste.Nm resident/discoverable key and user verification attributes . 600afa8e06SEd Maste.El 610afa8e06SEd Maste.Pp 620afa8e06SEd MasteSee 630afa8e06SEd Maste.Xr fido_cred_set_authdata 3 640afa8e06SEd Mastefor information on how these values are set. 650afa8e06SEd Maste.Pp 660afa8e06SEd MasteIf a PIN is not needed to authenticate the request against 670afa8e06SEd Maste.Fa dev , 680afa8e06SEd Mastethen 690afa8e06SEd Maste.Fa pin 700afa8e06SEd Mastemay be NULL. 710afa8e06SEd MasteOtherwise 720afa8e06SEd Maste.Fa pin 730afa8e06SEd Mastemust point to a NUL-terminated UTF-8 string. 740afa8e06SEd Maste.Pp 750afa8e06SEd MasteAfter a successful call to 760afa8e06SEd Maste.Fn fido_dev_make_cred , 770afa8e06SEd Mastethe 780afa8e06SEd Maste.Xr fido_cred_authdata_ptr 3 , 790afa8e06SEd Maste.Xr fido_cred_pubkey_ptr 3 , 800afa8e06SEd Maste.Xr fido_cred_x5c_ptr 3 , 810afa8e06SEd Masteand 820afa8e06SEd Maste.Xr fido_cred_sig_ptr 3 830afa8e06SEd Mastefunctions may be invoked on 840afa8e06SEd Maste.Fa cred 850afa8e06SEd Masteto retrieve the various parts of the generated credential. 860afa8e06SEd Maste.Pp 870afa8e06SEd MastePlease note that 880afa8e06SEd Maste.Fn fido_dev_make_cred 890afa8e06SEd Masteis synchronous and will block if necessary. 900afa8e06SEd Maste.Sh RETURN VALUES 910afa8e06SEd MasteThe error codes returned by 920afa8e06SEd Maste.Fn fido_dev_make_cred 930afa8e06SEd Masteare defined in 940afa8e06SEd Maste.In fido/err.h . 950afa8e06SEd MasteOn success, 960afa8e06SEd Maste.Dv FIDO_OK 970afa8e06SEd Masteis returned. 980afa8e06SEd Maste.Sh SEE ALSO 990afa8e06SEd Maste.Xr fido_cred_new 3 , 1000afa8e06SEd Maste.Xr fido_cred_set_authdata 3 101