xref: /freebsd/contrib/libfido2/man/fido_dev_make_cred.3 (revision e6bfd18d21b225af6a0ed67ceeaf1293b7b9eba5)
1.\" Copyright (c) 2018 Yubico AB. All rights reserved.
2.\" Use of this source code is governed by a BSD-style
3.\" license that can be found in the LICENSE file.
4.\"
5.Dd $Mdocdate: May 23 2018 $
6.Dt FIDO_DEV_MAKE_CRED 3
7.Os
8.Sh NAME
9.Nm fido_dev_make_cred
10.Nd generates a new credential on a FIDO2 device
11.Sh SYNOPSIS
12.In fido.h
13.Ft int
14.Fn fido_dev_make_cred "fido_dev_t *dev" "fido_cred_t *cred" "const char *pin"
15.Sh DESCRIPTION
16The
17.Fn fido_dev_make_cred
18function asks the FIDO2 device represented by
19.Fa dev
20to generate a new credential according to the following parameters
21defined in
22.Fa cred :
23.Pp
24.Bl -dash -compact
25.It
26.Nm type ;
27.It
28.Nm client data hash ;
29.It
30.Nm relying party ;
31.It
32.Nm user attributes ;
33.It
34.Nm list of excluded credential IDs ;
35.It
36.Nm resident/discoverable key and user verification attributes .
37.El
38.Pp
39See
40.Xr fido_cred_set_authdata 3
41for information on how these values are set.
42.Pp
43If a PIN is not needed to authenticate the request against
44.Fa dev ,
45then
46.Fa pin
47may be NULL.
48Otherwise
49.Fa pin
50must point to a NUL-terminated UTF-8 string.
51.Pp
52After a successful call to
53.Fn fido_dev_make_cred ,
54the
55.Xr fido_cred_authdata_ptr 3 ,
56.Xr fido_cred_pubkey_ptr 3 ,
57.Xr fido_cred_x5c_ptr 3 ,
58and
59.Xr fido_cred_sig_ptr 3
60functions may be invoked on
61.Fa cred
62to retrieve the various parts of the generated credential.
63.Pp
64Please note that
65.Fn fido_dev_make_cred
66is synchronous and will block if necessary.
67.Sh RETURN VALUES
68The error codes returned by
69.Fn fido_dev_make_cred
70are defined in
71.In fido/err.h .
72On success,
73.Dv FIDO_OK
74is returned.
75.Sh SEE ALSO
76.Xr fido_cred_new 3 ,
77.Xr fido_cred_set_authdata 3
78