Man page - fido_cred_type(3)

Packages contains this manual

Package:  libfido2-doc
apt-get install libfido2-doc

Manuals in package:
• fido_cred_set_uv(3)
• fido_cred_flags(3)
• fido_cred_type(3)
• fido_assert_set_count(3)
• es384_pk_from_ptr(3)
• fido_credman_rk_new(3)
• fido_assert_blob_ptr(3)
• fido_dev_set_timeout(3)
• fido_assert_user_id_len(3)
• fido_assert_set_extensions(3)
• fido_cbor_info_certs_value_ptr(3)
• fido_dev_close(3)
• fido_dev_info_set(3)
• fido_cred_sigcount(3)
• fido_cred_x5c_ptr(3)
• fido_cbor_info_maxcredbloblen(3)
• fido_bio_info_type(3)
• fido_dev_get_cbor_info(3)
• fido_cbor_info_protocols_ptr(3)
• fido_dev_info_product_string(3)
• fido_credman_rp_id(3)
• fido_dev_info_manufacturer_string(3)
• fido_bio_template_id_len(3)
• es384_pk_new(3)
• fido_credman_get_dev_rk(3)
• fido_bio_template_set_id(3)
• fido_cred_set_clientdata(3)
• fido_dev_largeblob_get(3)
• eddsa_pk_new(3)
• fido_dev_set_pin(3)
• fido_assert_set_authdata_raw(3)
• fido_cbor_info_extensions_len(3)
• fido_cred_set_rp(3)
• fido_cred_id_len(3)
• fido_cbor_info_algorithm_type(3)
• rs256_pk_from_ptr(3)
• fido_assert_id_len(3)
• fido_cbor_info_maxcredidlen(3)
• fido_cred_authdata_len(3)
• fido_cred_set_attstmt(3)
• fido_dev_get_retry_count(3)
• fido_credman_rp_name(3)
• fido_assert_set_hmac_secret(3)
• fido_cred_verify(3)
• fido_credman_rk_remaining(3)
• fido_cred_set_user(3)
• fido_dev_force_fido2(3)
• fido_bio_template_name(3)
• es256_pk_free(3)
• fido_cbor_info_certs_name_ptr(3)
• fido_cbor_info_uv_modality(3)
• fido_dev_flags(3)
• fido_cred_clientdata_hash_len(3)
• fido_dev_supports_permissions(3)
• fido_dev_open_with_info(3)
• fido_dev_is_winhello(3)
• fido_bio_template_free(3)
• fido_cred_pin_minlen(3)
• rs256_pk_free(3)
• fido_dev_largeblob_set(3)
• fido_dev_supports_pin(3)
• fido_dev_is_fido2(3)
• fido_bio_template_array_new(3)
• fido_cred_attstmt_ptr(3)
• fido_assert_sig_ptr(3)
• fido_credman_rk(3)
• fido_cbor_info_free(3)
• fido_bio_dev_get_template_array(3)
• fido_assert_allow_cred(3)
• fido_dev_set_pin_minlen(3)
• fido_cred_exclude(3)
• fido_cred_aaguid_ptr(3)
• fido_cbor_info_algorithm_count(3)
• fido_bio_info_max_samples(3)
• fido_credman_rp_id_hash_ptr(3)
• fido_cred_new(3)
• fido_bio_template(3)
• fido_dev_info_product(3)
• fido_credman_rp_id_hash_len(3)
• fido_cred_verify_self(3)
• eddsa_pk_free(3)
• fido_assert_set_winhello_appid(3)
• fido_cred_x5c_list_count(3)
• fido_bio_dev_get_info(3)
• fido_dev_get_assert(3)
• fido_credman_rk_count(3)
• fido_dev_reset(3)
• fido_credman_rp_free(3)
• fido_assert_set_sig(3)
• es384_pk_free(3)
• fido_cbor_info_maxmsgsiz(3)
• fido_cbor_info_transports_ptr(3)
• fido_cred_set_clientdata_hash(3)
• fido_cred_authdata_raw_ptr(3)
• fido_cred_set_sig(3)
• fido_assert_hmac_secret_len(3)
• fido_cbor_info_maxcredcntlst(3)
• fido_dev_info_ptr(3)
• fido_bio_dev_set_template_name(3)
• fido_dev_info_free(3)
• fido_cbor_info_extensions_ptr(3)
• fido_cbor_info_new_pin_required(3)
• fido_dev_has_uv(3)
• fido_assert_set_hmac_salt(3)
• fido_cbor_info_fwversion(3)
• fido_cred_set_authdata_raw(3)
• fido_cred_display_name(3)
• fido_credman_get_dev_metadata(3)
• fido_cred_user_id_ptr(3)
• fido_bio_info_free(3)
• fido_dev_largeblob_remove(3)
• fido_dev_info_manifest(3)
• fido_strerr(3)
• fido_cred_empty_exclude_list(3)
• fido_cred_set_fmt(3)
• fido_assert_authdata_raw_len(3)
• fido_assert_hmac_secret_ptr(3)
• fido_cred_set_type(3)
• fido_dev_set_transport_functions(3)
• es256_pk_from_ptr(3)
• fido_cred_prot(3)
• rs256_pk_new(3)
• fido_assert_rp_id(3)
• fido_assert_set_authdata(3)
• fido_dev_supports_uv(3)
• fido_dev_free(3)
• fido_dev_cancel(3)
• fido_cred_free(3)
• fido_cred_user_name(3)
• fido_cbor_info_algorithm_cose(3)
• fido_cred_set_prot(3)
• fido_assert_authdata_len(3)
• fido_dev_toggle_always_uv(3)
• fido_assert_largeblob_key_len(3)
• fido_cred_set_authdata(3)
• fido_assert_authdata_ptr(3)
• fido_dev_get_touch_status(3)
• fido_assert_set_uv(3)
• fido_cred_pubkey_len(3)
• fido_dev_open(3)
• fido_cbor_info_aaguid_len(3)
• fido_set_log_handler(3)
• fido_assert_free(3)
• fido_dev_supports_credman(3)
• fido_bio_enroll_remaining_samples(3)
• fido_assert_user_icon(3)
• fido_assert_sigcount(3)
• fido_credman_metadata_new(3)
• fido_cbor_info_new(3)
• fido_cred_x5c_list_len(3)
• es256_pk_new(3)
• fido_cred_fmt(3)
• fido_assert_count(3)
• fido_bio_dev_enroll_begin(3)
• fido_init(3)
• fido_assert_sig_len(3)
• fido_dev_largeblob_set_array(3)
• fido_dev_minor(3)
• fido_cbor_info_versions_len(3)
• fido_dev_info_vendor(3)
• fido_credman_metadata_free(3)
• fido_bio_dev_enroll_continue(3)
• fido_bio_dev_enroll_cancel(3)
• fido_cred_authdata_raw_len(3)
• fido_cred_set_id(3)
• fido_dev_new(3)
• fido_dev_force_pin_change(3)
• fido_cbor_info_options_name_ptr(3)
• fido_credman_rk_existing(3)
• fido_assert_empty_allow_list(3)
• fido_cbor_info_options_len(3)
• fido_bio_template_id_ptr(3)
• fido_cred_largeblob_key_ptr(3)
• fido_cred_aaguid_len(3)
• fido_cred_set_x509(3)
• fido_bio_template_new(3)
• fido_dev_get_uv_retry_count(3)
• fido_dev_enable_entattest(3)
• fido_credman_get_dev_rp(3)
• fido_cred_sig_len(3)
• fido_dev_get_touch_begin(3)
• fido_dev_new_with_info(3)
• fido_cred_authdata_ptr(3)
• fido_cred_set_attobj(3)
• fido_cbor_info_rk_remaining(3)
• fido_bio_dev_enroll_remove(3)
• fido_cbor_info_transports_len(3)
• fido_cbor_info_aaguid_ptr(3)
• fido_cred_set_rk(3)
• fido_assert_blob_len(3)
• fido_bio_template_array_count(3)
• fido_dev_make_cred(3)
• fido_cred_attstmt_len(3)
• fido_assert_flags(3)
• fido_dev_set_io_functions(3)
• fido_assert_set_rp(3)
• fido_cred_user_id_len(3)
• fido_dev_info_new(3)
• fido_cbor_info_maxlargeblob(3)
• fido_cbor_info_protocols_len(3)
• fido_credman_set_dev_rk(3)
• eddsa_pk_from_ptr(3)
• fido_assert_user_id_ptr(3)
• fido_cbor_info_certs_len(3)
• fido_credman_del_dev_rk(3)
• fido_bio_info_new(3)
• fido_bio_enroll_free(3)
• fido_dev_major(3)
• fido_assert_verify(3)
• fido_cbor_info_options_value_ptr(3)
• fido_cred_pubkey_ptr(3)
• fido_cbor_info_versions_ptr(3)
• fido_cred_rp_name(3)
• fido_cbor_info_uv_attempts(3)
• fido_dev_supports_cred_prot(3)
• fido_credman_rp_count(3)
• fido_cred_largeblob_key_len(3)
• fido_assert_id_ptr(3)
• fido_assert_largeblob_key_ptr(3)
• fido_assert_clientdata_hash_ptr(3)
• fido_assert_set_up(3)
• fido_cbor_info_maxrpid_minpinlen(3)
• fido_assert_set_clientdata(3)
• fido_cred_set_pin_minlen(3)
• fido_assert_user_name(3)
• fido_dev_force_u2f(3)
• fido_cred_rp_id(3)
• fido_assert_user_display_name(3)
• fido_cred_id_ptr(3)
• fido_dev_set_sigmask(3)
• fido_bio_enroll_new(3)
• fido_dev_info_path(3)
• fido_cred_x5c_len(3)
• fido_cred_x5c_list_ptr(3)
• fido_assert_new(3)
• fido_assert_authdata_raw_ptr(3)
• fido_dev_has_pin(3)
• fido_assert_set_clientdata_hash(3)
• fido_dev_build(3)
• fido_dev_protocol(3)
• fido_credman_rk_free(3)
• fido_bio_template_array_free(3)
• fido_dev_set_pin_minlen_rpid(3)
• fido_assert_clientdata_hash_len(3)
• fido_cred_set_blob(3)
• fido_cred_clientdata_hash_ptr(3)
• fido_bio_enroll_last_status(3)
• fido_cbor_info_minpinlen(3)
• fido_dev_largeblob_get_array(3)
• fido_cred_set_extensions(3)
• fido_cred_sig_ptr(3)
• fido_dev_io_handle(3)
• fido_bio_template_set_name(3)
• fido_credman_rp_new(3)
Documentations in package:
• libfido2
• libfido2-doc

Manual

---

FIDO_CRED_NEW (3) Library Functions Manual FIDO_CRED_NEW (3)

NAME

fido_cred_new, fido_cred_free, fido_cred_pin_minlen, fido_cred_prot, fido_cred_fmt, fido_cred_rp_id, fido_cred_rp_name, fido_cred_user_name, fido_cred_display_name, fido_cred_authdata_ptr, fido_cred_authdata_raw_ptr, fido_cred_clientdata_hash_ptr, fido_cred_id_ptr, fido_cred_aaguid_ptr, fido_cred_largeblob_key_ptr, fido_cred_pubkey_ptr, fido_cred_sig_ptr, fido_cred_user_id_ptr, fido_cred_x5c_list_count, fido_cred_x5c_list_ptr, fido_cred_x5c_ptr, fido_cred_attstmt_ptr, fido_cred_authdata_len, fido_cred_authdata_raw_len, fido_cred_clientdata_hash_len, fido_cred_id_len, fido_cred_aaguid_len, fido_cred_largeblob_key_len, fido_cred_pubkey_len, fido_cred_sig_len, fido_cred_user_id_len, fido_cred_x5c_list_len, fido_cred_x5c_len, fido_cred_attstmt_len, fido_cred_type, fido_cred_flags, fido_cred_sigcount — FIDO2 credential API

SYNOPSIS

#include <fido.h>

fido_cred_t *

fido_cred_new ( void );

void

fido_cred_free ( fido_cred_t **cred_p );

size_t

fido_cred_pin_minlen ( const fido_cred_t *cred );

int

fido_cred_prot ( const fido_cred_t *cred );

const char *

fido_cred_fmt ( const fido_cred_t *cred );

const char *

fido_cred_rp_id ( const fido_cred_t *cred );

const char *

fido_cred_rp_name ( const fido_cred_t *cred );

const char *

fido_cred_user_name ( const fido_cred_t *cred );

const char *

fido_cred_display_name ( const fido_cred_t *cred );

const unsigned char *

fido_cred_authdata_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_authdata_raw_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_clientdata_hash_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_id_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_aaguid_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_largeblob_key_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_pubkey_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_sig_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_user_id_ptr ( const fido_cred_t *cred );

size_t

fido_cred_x5c_list_count ( const fido_cred_t *cred );

const unsigned char *

fido_cred_x5c_list_ptr ( const fido_cred_t *cred , size_t idx );

const unsigned char *

fido_cred_x5c_ptr ( const fido_cred_t *cred );

const unsigned char *

fido_cred_attstmt_ptr ( const fido_cred_t *cred );

size_t

fido_cred_authdata_len ( const fido_cred_t *cred );

size_t

fido_cred_authdata_raw_len ( const fido_cred_t *cred );

size_t

fido_cred_clientdata_hash_len ( const fido_cred_t *cred );

size_t

fido_cred_id_len ( const fido_cred_t *cred );

size_t

fido_cred_aaguid_len ( const fido_cred_t *cred );

size_t

fido_cred_largeblob_key_len ( const fido_cred_t *cred );

size_t

fido_cred_pubkey_len ( const fido_cred_t *cred );

size_t

fido_cred_sig_len ( const fido_cred_t *cred );

size_t

fido_cred_user_id_len ( const fido_cred_t *cred );

size_t

fido_cred_x5c_list_len ( const fido_cred_t *cred , size_t idx );

size_t

fido_cred_x5c_len ( const fido_cred_t *cred );

size_t

fido_cred_attstmt_len ( const fido_cred_t *cred );

int

fido_cred_type ( const fido_cred_t *cred );

uint8_t

fido_cred_flags ( const fido_cred_t *cred );

uint32_t

fido_cred_sigcount ( const fido_cred_t *cred );

DESCRIPTION

FIDO2 credentials are abstracted in libfido2 by the fido_cred_t type. The functions described in this page allow a fido_cred_t type to be allocated, deallocated, and inspected. For other operations on fido_cred_t , please refer to fido_cred_set_authdata (3), fido_cred_exclude (3), fido_cred_verify (3), and fido_dev_make_cred (3).

The fido_cred_new () function returns a pointer to a newly allocated, empty fido_cred_t type. If memory cannot be allocated, NULL is returned.

The fido_cred_free () function releases the memory backing *cred_p , where *cred_p must have been previously allocated by fido_cred_new (). On return, *cred_p is set to NULL. Either cred_p or *cred_p may be NULL, in which case fido_cred_free () is a NOP.

If the CTAP 2.1 FIDO_EXT_MINPINLEN extension is enabled on cred , then the fido_cred_pin_minlen () function returns the minimum PIN length of cred . Otherwise, fido_cred_pin_minlen () returns zero. See fido_cred_set_pin_minlen (3) on how to enable this extension.

If the CTAP 2.1 FIDO_EXT_CRED_PROTECT extension is enabled on cred , then the fido_cred_prot () function returns the protection of cred . Otherwise, fido_cred_prot () returns zero. See fido_cred_set_prot (3) for the protection policies understood by libfido2 .

The fido_cred_fmt () function returns a pointer to a NUL-terminated string containing the attestation statement format identifier of cred , or NULL if cred does not have a format set.

The fido_cred_rp_id (), fido_cred_rp_name (), fido_cred_user_name (), and fido_cred_display_name () functions return pointers to NUL-terminated strings holding the relying party ID, relying party name, user name, and user display name attributes of cred , or NULL if the respective entry is not set.

The fido_cred_authdata_ptr (), fido_cred_authdata_raw_ptr (), fido_cred_clientdata_hash_ptr (), fido_cred_id_ptr (), fido_cred_aaguid_ptr (), fido_cred_largeblob_key_ptr (), fido_cred_pubkey_ptr (), fido_cred_sig_ptr (), fido_cred_user_id_ptr (), fido_cred_x5c_ptr (), and fido_cred_attstmt_ptr () functions return pointers to the CBOR-encoded and raw authenticator data, client data hash, ID, authenticator attestation GUID, “largeBlobKey”, public key, signature, user ID, x509 leaf certificate, and attestation statement parts of cred , or NULL if the respective entry is not set.

The corresponding length can be obtained by fido_cred_authdata_len (), fido_cred_authdata_raw_len (), fido_cred_clientdata_hash_len (), fido_cred_id_len (), fido_cred_aaguid_len (), fido_cred_largeblob_key_len (), fido_cred_pubkey_len (), fido_cred_sig_len (), fido_cred_user_id_len (), fido_cred_x5c_len (), and fido_cred_attstmt_len ().

The fido_cred_x5c_list_count () function returns the length of the x509 certificate chain in cred and the fido_cred_x5c_list_ptr () and fido_cred_x5c_list_len () functions return a pointer to and length of the x509 certificate at index idx respectively. Please note that the leaf certificate has an idx (index) value of 0 and calling fido_cred_x5c_list_ptr ( cred , 0 ) and fido_cred_x5c_list_len ( cred , 0 ) is equivalent to fido_cred_x5c_ptr ( cred ) and fido_cred_x5c_len ( cred ) respectively. If idx exceeds the return value of fido_cred_x5c_list_count (), fido_cred_x5c_list_ptr () returns NULL and fido_cred_x5c_list_len () returns 0.

The authenticator data, x509 certificate, and signature parts of a credential are typically passed to a FIDO2 server for verification.

The fido_cred_type () function returns the COSE algorithm of cred .

The fido_cred_flags () function returns the authenticator data flags of cred .

The fido_cred_sigcount () function returns the authenticator data signature counter of cred .

RETURN VALUES

The authenticator data returned by fido_cred_authdata_ptr () is a CBOR-encoded byte string, as obtained from the authenticator. To obtain the decoded byte string, use fido_cred_authdata_raw_ptr ().

If not NULL, pointers returned by fido_cred_fmt (), fido_cred_authdata_ptr (), fido_cred_clientdata_hash_ptr (), fido_cred_id_ptr (), fido_cred_aaguid_ptr (), fido_cred_largeblob_key_ptr (), fido_cred_pubkey_ptr (), fido_cred_sig_ptr (), and fido_cred_x5c_ptr () are guaranteed to exist until any API function that takes cred without the const qualifier is invoked.

SEE ALSO

fido_cred_exclude (3), fido_cred_set_authdata (3), fido_cred_set_pin_minlen (3), fido_cred_set_prot (3), fido_cred_verify (3), fido_credman_metadata_new (3), fido_dev_largeblob_get (3), fido_dev_make_cred (3) Debian May 23, 2018 FIDO_CRED_NEW (3)

---