diff options
author | Colin Watson <cjwatson@debian.org> | 2020-04-17 20:57:17 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-04-17 20:57:17 +0100 |
commit | 75073d0a8478441cc97a6efa10b566c5fb1dac81 (patch) | |
tree | b73bff259e1b16829ed8b19ee92df2bbbf36ef7d /man | |
parent | c923f422b1e455bdd8ec3bdb10d005e3bfbacfe0 (diff) |
New upstream version 1.4.0
Diffstat (limited to 'man')
-rw-r--r-- | man/CMakeLists.txt | 23 | ||||
-rw-r--r-- | man/es256_pk_new.3 | 4 | ||||
-rw-r--r-- | man/fido2-token.1 | 2 | ||||
-rw-r--r-- | man/fido_bio_dev_get_info.3 | 10 | ||||
-rw-r--r-- | man/fido_bio_template.3 | 22 | ||||
-rw-r--r-- | man/fido_cbor_info_new.3 | 12 | ||||
-rw-r--r-- | man/fido_cred_new.3 | 12 | ||||
-rw-r--r-- | man/fido_cred_set_authdata.3 | 25 | ||||
-rw-r--r-- | man/fido_credman_metadata_new.3 | 11 | ||||
-rw-r--r-- | man/fido_dev_set_io_functions.3 | 69 |
10 files changed, 159 insertions, 31 deletions
diff --git a/man/CMakeLists.txt b/man/CMakeLists.txt index c903ab8..44e4a96 100644 --- a/man/CMakeLists.txt +++ b/man/CMakeLists.txt | |||
@@ -5,7 +5,7 @@ | |||
5 | find_program(MANDOC_PATH mandoc) | 5 | find_program(MANDOC_PATH mandoc) |
6 | message(STATUS "MANDOC_PATH: ${MANDOC_PATH}") | 6 | message(STATUS "MANDOC_PATH: ${MANDOC_PATH}") |
7 | 7 | ||
8 | if(CMAKE_SYSTEM_NAME STREQUAL "Linux") | 8 | if(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD" OR CMAKE_SYSTEM_NAME STREQUAL "Linux") |
9 | find_program(GZIP_PATH gzip) | 9 | find_program(GZIP_PATH gzip) |
10 | message(STATUS "GZIP_PATH: ${GZIP_PATH}") | 10 | message(STATUS "GZIP_PATH: ${GZIP_PATH}") |
11 | endif() | 11 | endif() |
@@ -101,6 +101,7 @@ list(APPEND MAN_ALIAS | |||
101 | fido_cbor_info_new fido_cbor_info_extensions_ptr | 101 | fido_cbor_info_new fido_cbor_info_extensions_ptr |
102 | fido_cbor_info_new fido_cbor_info_free | 102 | fido_cbor_info_new fido_cbor_info_free |
103 | fido_cbor_info_new fido_cbor_info_maxmsgsiz | 103 | fido_cbor_info_new fido_cbor_info_maxmsgsiz |
104 | fido_cbor_info_new fido_cbor_info_fwversion | ||
104 | fido_cbor_info_new fido_cbor_info_options_len | 105 | fido_cbor_info_new fido_cbor_info_options_len |
105 | fido_cbor_info_new fido_cbor_info_options_name_ptr | 106 | fido_cbor_info_new fido_cbor_info_options_name_ptr |
106 | fido_cbor_info_new fido_cbor_info_options_value_ptr | 107 | fido_cbor_info_new fido_cbor_info_options_value_ptr |
@@ -117,6 +118,7 @@ list(APPEND MAN_ALIAS | |||
117 | fido_cred_new fido_cred_free | 118 | fido_cred_new fido_cred_free |
118 | fido_cred_new fido_cred_id_len | 119 | fido_cred_new fido_cred_id_len |
119 | fido_cred_new fido_cred_id_ptr | 120 | fido_cred_new fido_cred_id_ptr |
121 | fido_cred_new fido_cred_prot | ||
120 | fido_cred_new fido_cred_pubkey_len | 122 | fido_cred_new fido_cred_pubkey_len |
121 | fido_cred_new fido_cred_pubkey_ptr | 123 | fido_cred_new fido_cred_pubkey_ptr |
122 | fido_cred_new fido_cred_sig_len | 124 | fido_cred_new fido_cred_sig_len |
@@ -145,6 +147,7 @@ list(APPEND MAN_ALIAS | |||
145 | fido_cred_set_authdata fido_cred_set_clientdata_hash | 147 | fido_cred_set_authdata fido_cred_set_clientdata_hash |
146 | fido_cred_set_authdata fido_cred_set_extensions | 148 | fido_cred_set_authdata fido_cred_set_extensions |
147 | fido_cred_set_authdata fido_cred_set_fmt | 149 | fido_cred_set_authdata fido_cred_set_fmt |
150 | fido_cred_set_authdata fido_cred_set_prot | ||
148 | fido_cred_set_authdata fido_cred_set_rk | 151 | fido_cred_set_authdata fido_cred_set_rk |
149 | fido_cred_set_authdata fido_cred_set_rp | 152 | fido_cred_set_authdata fido_cred_set_rp |
150 | fido_cred_set_authdata fido_cred_set_sig | 153 | fido_cred_set_authdata fido_cred_set_sig |
@@ -261,17 +264,17 @@ if(MANDOC_PATH) | |||
261 | add_dependencies(man man_symlink_html) | 264 | add_dependencies(man man_symlink_html) |
262 | add_dependencies(man_gzip man_lint) | 265 | add_dependencies(man_gzip man_lint) |
263 | install(FILES ${CMAKE_SOURCE_DIR}/man/style.css | 266 | install(FILES ${CMAKE_SOURCE_DIR}/man/style.css |
264 | DESTINATION ${CMAKE_INSTALL_PREFIX}/share/doc/libfido2) | 267 | DESTINATION "${CMAKE_INSTALL_DOCDIR}/html") |
265 | foreach(f ${MAN_SOURCES}) | 268 | foreach(f ${MAN_SOURCES}) |
266 | string(REGEX REPLACE ".[13]" "" f ${f}) | 269 | string(REGEX REPLACE ".[13]" "" f ${f}) |
267 | install(FILES ${CMAKE_BINARY_DIR}/man/${f}.html | 270 | install(FILES ${CMAKE_BINARY_DIR}/man/${f}.html |
268 | DESTINATION ${CMAKE_INSTALL_PREFIX}/share/doc/libfido2) | 271 | DESTINATION "${CMAKE_INSTALL_DOCDIR}/html") |
269 | endforeach() | 272 | endforeach() |
270 | foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) | 273 | foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) |
271 | math(EXPR j "${i} + 1") | 274 | math(EXPR j "${i} + 1") |
272 | list(GET MAN_ALIAS ${j} DST) | 275 | list(GET MAN_ALIAS ${j} DST) |
273 | install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.html | 276 | install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.html |
274 | DESTINATION ${CMAKE_INSTALL_PREFIX}/share/doc/libfido2) | 277 | DESTINATION "${CMAKE_INSTALL_DOCDIR}/html") |
275 | endforeach() | 278 | endforeach() |
276 | endif() | 279 | endif() |
277 | 280 | ||
@@ -282,33 +285,33 @@ if(GZIP_PATH) | |||
282 | foreach(f ${MAN_SOURCES}) | 285 | foreach(f ${MAN_SOURCES}) |
283 | if (${f} MATCHES ".1$") | 286 | if (${f} MATCHES ".1$") |
284 | install(FILES ${CMAKE_BINARY_DIR}/man/${f}.gz | 287 | install(FILES ${CMAKE_BINARY_DIR}/man/${f}.gz |
285 | DESTINATION "${CMAKE_INSTALL_PREFIX}/share/man/man1") | 288 | DESTINATION "${CMAKE_INSTALL_MANDIR}/man1") |
286 | elseif(${f} MATCHES ".3$") | 289 | elseif(${f} MATCHES ".3$") |
287 | install(FILES ${CMAKE_BINARY_DIR}/man/${f}.gz | 290 | install(FILES ${CMAKE_BINARY_DIR}/man/${f}.gz |
288 | DESTINATION "${CMAKE_INSTALL_PREFIX}/share/man/man3") | 291 | DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") |
289 | endif() | 292 | endif() |
290 | endforeach() | 293 | endforeach() |
291 | foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) | 294 | foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) |
292 | math(EXPR j "${i} + 1") | 295 | math(EXPR j "${i} + 1") |
293 | list(GET MAN_ALIAS ${j} DST) | 296 | list(GET MAN_ALIAS ${j} DST) |
294 | install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.3.gz | 297 | install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.3.gz |
295 | DESTINATION ${CMAKE_INSTALL_PREFIX}/share/man/man3) | 298 | DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") |
296 | endforeach() | 299 | endforeach() |
297 | elseif(NOT MSVC) | 300 | elseif(NOT MSVC) |
298 | add_dependencies(man man_symlink) | 301 | add_dependencies(man man_symlink) |
299 | foreach(f ${MAN_SOURCES}) | 302 | foreach(f ${MAN_SOURCES}) |
300 | if (${f} MATCHES ".1$") | 303 | if (${f} MATCHES ".1$") |
301 | install(FILES ${CMAKE_BINARY_DIR}/man/${f} | 304 | install(FILES ${CMAKE_BINARY_DIR}/man/${f} |
302 | DESTINATION "${CMAKE_INSTALL_PREFIX}/man/man1") | 305 | DESTINATION "${CMAKE_INSTALL_MANDIR}/man1") |
303 | elseif(${f} MATCHES ".3$") | 306 | elseif(${f} MATCHES ".3$") |
304 | install(FILES ${CMAKE_BINARY_DIR}/man/${f} | 307 | install(FILES ${CMAKE_BINARY_DIR}/man/${f} |
305 | DESTINATION "${CMAKE_INSTALL_PREFIX}/man/man3") | 308 | DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") |
306 | endif() | 309 | endif() |
307 | endforeach() | 310 | endforeach() |
308 | foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) | 311 | foreach(i RANGE 0 ${MAN_ALIAS_MAX} 2) |
309 | math(EXPR j "${i} + 1") | 312 | math(EXPR j "${i} + 1") |
310 | list(GET MAN_ALIAS ${j} DST) | 313 | list(GET MAN_ALIAS ${j} DST) |
311 | install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.3 | 314 | install(FILES ${CMAKE_BINARY_DIR}/man/${DST}.3 |
312 | DESTINATION ${CMAKE_INSTALL_PREFIX}/man/man3) | 315 | DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") |
313 | endforeach() | 316 | endforeach() |
314 | endif() | 317 | endif() |
diff --git a/man/es256_pk_new.3 b/man/es256_pk_new.3 index 48eda0b..54439cd 100644 --- a/man/es256_pk_new.3 +++ b/man/es256_pk_new.3 | |||
@@ -89,6 +89,10 @@ where | |||
89 | points to | 89 | points to |
90 | .Fa len | 90 | .Fa len |
91 | bytes. | 91 | bytes. |
92 | The | ||
93 | .Fa ptr | ||
94 | pointer may point to an uncompressed point, or to the | ||
95 | concatenation of the x and y coordinates. | ||
92 | No references to | 96 | No references to |
93 | .Fa ptr | 97 | .Fa ptr |
94 | are kept. | 98 | are kept. |
diff --git a/man/fido2-token.1 b/man/fido2-token.1 index d5a5734..b59463a 100644 --- a/man/fido2-token.1 +++ b/man/fido2-token.1 | |||
@@ -156,3 +156,5 @@ authenticator. | |||
156 | Yubico authenticators do not allow resets after 5 seconds from | 156 | Yubico authenticators do not allow resets after 5 seconds from |
157 | power-up, and expect a reset to be confirmed by the user through | 157 | power-up, and expect a reset to be confirmed by the user through |
158 | touch within 30 seconds. | 158 | touch within 30 seconds. |
159 | .Pp | ||
160 | An authenticator's path may contain spaces. | ||
diff --git a/man/fido_bio_dev_get_info.3 b/man/fido_bio_dev_get_info.3 index bde1396..d18c9ec 100644 --- a/man/fido_bio_dev_get_info.3 +++ b/man/fido_bio_dev_get_info.3 | |||
@@ -35,6 +35,8 @@ | |||
35 | The functions described in this page allow biometric | 35 | The functions described in this page allow biometric |
36 | templates on a FIDO2 authenticator to be listed, created, | 36 | templates on a FIDO2 authenticator to be listed, created, |
37 | removed, and customised. | 37 | removed, and customised. |
38 | Please note that not all FIDO2 authenticators support biometric | ||
39 | enrollment. | ||
38 | For a description of the types involved, please refer to | 40 | For a description of the types involved, please refer to |
39 | .Xr fido_bio_info_new 3 , | 41 | .Xr fido_bio_info_new 3 , |
40 | .Xr fido_bio_enroll_new 3 , | 42 | .Xr fido_bio_enroll_new 3 , |
@@ -118,3 +120,11 @@ is returned. | |||
118 | .Xr fido_bio_enroll_new 3 , | 120 | .Xr fido_bio_enroll_new 3 , |
119 | .Xr fido_bio_info_new 3 , | 121 | .Xr fido_bio_info_new 3 , |
120 | .Xr fido_bio_template 3 | 122 | .Xr fido_bio_template 3 |
123 | .Sh CAVEATS | ||
124 | Biometric enrollment is a tentative feature of FIDO 2.1. | ||
125 | Applications willing to strictly abide by FIDO 2.0 should refrain | ||
126 | from using biometric enrollment. | ||
127 | Applications using biometric enrollment should ensure it is | ||
128 | supported by the authenticator prior to using the API. | ||
129 | Since FIDO 2.1 hasn't been finalised, there is a chance the | ||
130 | functionality and associated data structures may change. | ||
diff --git a/man/fido_bio_template.3 b/man/fido_bio_template.3 index 6140926..8414937 100644 --- a/man/fido_bio_template.3 +++ b/man/fido_bio_template.3 | |||
@@ -38,11 +38,11 @@ | |||
38 | .Ft fido_bio_template_array_t * | 38 | .Ft fido_bio_template_array_t * |
39 | .Fn fido_bio_template_array_new "void" | 39 | .Fn fido_bio_template_array_new "void" |
40 | .Ft void | 40 | .Ft void |
41 | .Fn fido_bio_template_array_free "fido_bio_template_array_t **template_array_p" | 41 | .Fn fido_bio_template_array_free "fido_bio_template_array_t **array_p" |
42 | .Ft size_t | 42 | .Ft size_t |
43 | .Fn fido_bio_template_array_count "const fido_bio_template_array_t *template_array" | 43 | .Fn fido_bio_template_array_count "const fido_bio_template_array_t *array" |
44 | .Ft const fido_bio_template_t * | 44 | .Ft const fido_bio_template_t * |
45 | .Fn fido_bio_template "const fido_bio_template_array_t *template_array" "size_t idx" | 45 | .Fn fido_bio_template "const fido_bio_template_array_t *array" "size_t idx" |
46 | .Sh DESCRIPTION | 46 | .Sh DESCRIPTION |
47 | Existing FIDO 2 biometric enrollments are abstracted in | 47 | Existing FIDO 2 biometric enrollments are abstracted in |
48 | .Em libfido2 | 48 | .Em libfido2 |
@@ -132,18 +132,18 @@ If memory cannot be allocated, NULL is returned. | |||
132 | The | 132 | The |
133 | .Fn fido_bio_template_array_free | 133 | .Fn fido_bio_template_array_free |
134 | function releases the memory backing | 134 | function releases the memory backing |
135 | .Fa *template_array_p , | 135 | .Fa *array_p , |
136 | where | 136 | where |
137 | .Fa *template_array_p | 137 | .Fa *array_p |
138 | must have been previously allocated by | 138 | must have been previously allocated by |
139 | .Fn fido_bio_template_array_new . | 139 | .Fn fido_bio_template_array_new . |
140 | On return, | 140 | On return, |
141 | .Fa *template_array_p | 141 | .Fa *array_p |
142 | is set to NULL. | 142 | is set to NULL. |
143 | Either | 143 | Either |
144 | .Fa template_array_p | 144 | .Fa array_p |
145 | or | 145 | or |
146 | .Fa *template_array_p | 146 | .Fa *array_p |
147 | may be NULL, in which case | 147 | may be NULL, in which case |
148 | .Fn fido_bio_template_array_free | 148 | .Fn fido_bio_template_array_free |
149 | is a NOP. | 149 | is a NOP. |
@@ -151,16 +151,16 @@ is a NOP. | |||
151 | The | 151 | The |
152 | .Fn fido_bio_template_array_count | 152 | .Fn fido_bio_template_array_count |
153 | function returns the number of templates in | 153 | function returns the number of templates in |
154 | .Fa template_array . | 154 | .Fa array . |
155 | .Pp | 155 | .Pp |
156 | The | 156 | The |
157 | .Fn fido_bio_template | 157 | .Fn fido_bio_template |
158 | function returns a pointer to the template at index | 158 | function returns a pointer to the template at index |
159 | .Fa idx | 159 | .Fa idx |
160 | in | 160 | in |
161 | .Fa template_array . | 161 | .Fa array . |
162 | Please note that the first template in | 162 | Please note that the first template in |
163 | .Fa template_array | 163 | .Fa array |
164 | has an | 164 | has an |
165 | .Fa idx | 165 | .Fa idx |
166 | (index) value of 0. | 166 | (index) value of 0. |
diff --git a/man/fido_cbor_info_new.3 b/man/fido_cbor_info_new.3 index d1e4c41..3e7de1f 100644 --- a/man/fido_cbor_info_new.3 +++ b/man/fido_cbor_info_new.3 | |||
@@ -20,7 +20,8 @@ | |||
20 | .Nm fido_cbor_info_protocols_len , | 20 | .Nm fido_cbor_info_protocols_len , |
21 | .Nm fido_cbor_info_versions_len , | 21 | .Nm fido_cbor_info_versions_len , |
22 | .Nm fido_cbor_info_options_len , | 22 | .Nm fido_cbor_info_options_len , |
23 | .Nm fido_cbor_info_maxmsgsiz | 23 | .Nm fido_cbor_info_maxmsgsiz , |
24 | .Nm fido_cbor_info_fwversion | ||
24 | .Nd FIDO 2 CBOR Info API | 25 | .Nd FIDO 2 CBOR Info API |
25 | .Sh SYNOPSIS | 26 | .Sh SYNOPSIS |
26 | .In fido.h | 27 | .In fido.h |
@@ -54,6 +55,8 @@ | |||
54 | .Fn fido_cbor_info_options_len "const fido_cbor_info_t *ci" | 55 | .Fn fido_cbor_info_options_len "const fido_cbor_info_t *ci" |
55 | .Ft uint64_t | 56 | .Ft uint64_t |
56 | .Fn fido_cbor_info_maxmsgsiz "const fido_cbor_info_t *ci" | 57 | .Fn fido_cbor_info_maxmsgsiz "const fido_cbor_info_t *ci" |
58 | .Ft uint64_t | ||
59 | .Fn fido_cbor_info_fwversion "const fido_cbor_info_t *ci" | ||
57 | .Sh DESCRIPTION | 60 | .Sh DESCRIPTION |
58 | The | 61 | The |
59 | .Fn fido_cbor_info_new | 62 | .Fn fido_cbor_info_new |
@@ -124,7 +127,12 @@ The length of the options array is returned by | |||
124 | .Pp | 127 | .Pp |
125 | The | 128 | The |
126 | .Fn fido_cbor_info_maxmsgsiz | 129 | .Fn fido_cbor_info_maxmsgsiz |
127 | function returns the maximum message size of | 130 | function returns the maximum message size attribute of |
131 | .Fa ci . | ||
132 | .Pp | ||
133 | The | ||
134 | .Fn fido_cbor_info_fwversion | ||
135 | function returns the firmware version attribute of | ||
128 | .Fa ci . | 136 | .Fa ci . |
129 | .Pp | 137 | .Pp |
130 | A complete example of how to use these functions can be found in the | 138 | A complete example of how to use these functions can be found in the |
diff --git a/man/fido_cred_new.3 b/man/fido_cred_new.3 index 47eeba8..22af60c 100644 --- a/man/fido_cred_new.3 +++ b/man/fido_cred_new.3 | |||
@@ -8,6 +8,7 @@ | |||
8 | .Sh NAME | 8 | .Sh NAME |
9 | .Nm fido_cred_new , | 9 | .Nm fido_cred_new , |
10 | .Nm fido_cred_free , | 10 | .Nm fido_cred_free , |
11 | .Nm fido_cred_prot , | ||
11 | .Nm fido_cred_fmt , | 12 | .Nm fido_cred_fmt , |
12 | .Nm fido_cred_authdata_ptr , | 13 | .Nm fido_cred_authdata_ptr , |
13 | .Nm fido_cred_clientdata_hash_ptr , | 14 | .Nm fido_cred_clientdata_hash_ptr , |
@@ -28,6 +29,8 @@ | |||
28 | .Fn fido_cred_new "void" | 29 | .Fn fido_cred_new "void" |
29 | .Ft void | 30 | .Ft void |
30 | .Fn fido_cred_free "fido_cred_t **cred_p" | 31 | .Fn fido_cred_free "fido_cred_t **cred_p" |
32 | .Ft int | ||
33 | .Fn fido_cred_prot "fido_cred_t *cred" | ||
31 | .Ft const char * | 34 | .Ft const char * |
32 | .Fn fido_cred_fmt "const fido_cred_t *cred" | 35 | .Fn fido_cred_fmt "const fido_cred_t *cred" |
33 | .Ft const unsigned char * | 36 | .Ft const unsigned char * |
@@ -99,6 +102,15 @@ may be NULL, in which case | |||
99 | is a NOP. | 102 | is a NOP. |
100 | .Pp | 103 | .Pp |
101 | The | 104 | The |
105 | .Fn fido_cred_prot | ||
106 | function returns the protection of | ||
107 | .Fa cred . | ||
108 | See | ||
109 | .Xr fido_cred_set_prot 3 | ||
110 | for the values understood by | ||
111 | .Em libfido2 . | ||
112 | .Pp | ||
113 | The | ||
102 | .Fn fido_cred_fmt | 114 | .Fn fido_cred_fmt |
103 | function returns a pointer to a NUL-terminated string containing | 115 | function returns a pointer to a NUL-terminated string containing |
104 | the format of | 116 | the format of |
diff --git a/man/fido_cred_set_authdata.3 b/man/fido_cred_set_authdata.3 index 8b087fa..d28c61e 100644 --- a/man/fido_cred_set_authdata.3 +++ b/man/fido_cred_set_authdata.3 | |||
@@ -14,6 +14,7 @@ | |||
14 | .Nm fido_cred_set_rp , | 14 | .Nm fido_cred_set_rp , |
15 | .Nm fido_cred_set_user , | 15 | .Nm fido_cred_set_user , |
16 | .Nm fido_cred_set_extensions , | 16 | .Nm fido_cred_set_extensions , |
17 | .Nm fido_cred_set_prot , | ||
17 | .Nm fido_cred_set_rk , | 18 | .Nm fido_cred_set_rk , |
18 | .Nm fido_cred_set_uv , | 19 | .Nm fido_cred_set_uv , |
19 | .Nm fido_cred_set_fmt , | 20 | .Nm fido_cred_set_fmt , |
@@ -45,6 +46,8 @@ typedef enum { | |||
45 | .Ft int | 46 | .Ft int |
46 | .Fn fido_cred_set_extensions "fido_cred_t *cred" "int flags" | 47 | .Fn fido_cred_set_extensions "fido_cred_t *cred" "int flags" |
47 | .Ft int | 48 | .Ft int |
49 | .Fn fido_cred_set_prot "fido_cred_t *cred" "int prot" | ||
50 | .Ft int | ||
48 | .Fn fido_cred_set_rk "fido_cred_t *cred" "fido_opt_t rk" | 51 | .Fn fido_cred_set_rk "fido_cred_t *cred" "fido_opt_t rk" |
49 | .Ft int | 52 | .Ft int |
50 | .Fn fido_cred_set_uv "fido_cred_t *cred" "fido_opt_t uv" | 53 | .Fn fido_cred_set_uv "fido_cred_t *cred" "fido_opt_t uv" |
@@ -149,7 +152,9 @@ to the bitmask | |||
149 | .Fa flags . | 152 | .Fa flags . |
150 | At the moment, only the | 153 | At the moment, only the |
151 | .Dv FIDO_EXT_HMAC_SECRET | 154 | .Dv FIDO_EXT_HMAC_SECRET |
152 | extension is supported. | 155 | and |
156 | .Dv FIDO_EXT_CRED_PROTECT | ||
157 | extensions are supported. | ||
153 | If | 158 | If |
154 | .Fa flags | 159 | .Fa flags |
155 | is zero, the extensions of | 160 | is zero, the extensions of |
@@ -157,6 +162,24 @@ is zero, the extensions of | |||
157 | are cleared. | 162 | are cleared. |
158 | .Pp | 163 | .Pp |
159 | The | 164 | The |
165 | .Fn fido_cred_set_prot | ||
166 | function sets the protection of | ||
167 | .Fa cred | ||
168 | to the scalar | ||
169 | .Fa prot . | ||
170 | At the moment, only the | ||
171 | .Dv FIDO_CRED_PROT_UV_OPTIONAL , | ||
172 | .Dv FIDO_CRED_PROT_UV_OPTIONAL_WITH_ID , | ||
173 | and | ||
174 | .Dv FIDO_CRED_PROT_UV_REQUIRED | ||
175 | protections are supported. | ||
176 | If | ||
177 | .Fa prot | ||
178 | is zero, the protection of | ||
179 | .Fa cred | ||
180 | is cleared. | ||
181 | .Pp | ||
182 | The | ||
160 | .Fn fido_cred_set_rk | 183 | .Fn fido_cred_set_rk |
161 | and | 184 | and |
162 | .Fn fido_cred_set_uv | 185 | .Fn fido_cred_set_uv |
diff --git a/man/fido_credman_metadata_new.3 b/man/fido_credman_metadata_new.3 index 16f0192..1a65978 100644 --- a/man/fido_credman_metadata_new.3 +++ b/man/fido_credman_metadata_new.3 | |||
@@ -72,7 +72,8 @@ The credential management API of | |||
72 | .Em libfido2 | 72 | .Em libfido2 |
73 | allows resident credentials on a FIDO2 authenticator to be listed, | 73 | allows resident credentials on a FIDO2 authenticator to be listed, |
74 | inspected, and removed. | 74 | inspected, and removed. |
75 | Please note that not all authenticators support credential management. | 75 | Please note that not all FIDO2 authenticators support credential |
76 | management. | ||
76 | To obtain information on what an authenticator supports, please | 77 | To obtain information on what an authenticator supports, please |
77 | refer to | 78 | refer to |
78 | .Xr fido_cbor_info_new 3 . | 79 | .Xr fido_cbor_info_new 3 . |
@@ -297,3 +298,11 @@ should have their return values checked for NULL. | |||
297 | .Sh SEE ALSO | 298 | .Sh SEE ALSO |
298 | .Xr fido_cbor_info_new 3 , | 299 | .Xr fido_cbor_info_new 3 , |
299 | .Xr fido_cred_new 3 | 300 | .Xr fido_cred_new 3 |
301 | .Sh CAVEATS | ||
302 | Credential management is a tentative feature of FIDO 2.1. | ||
303 | Applications willing to strictly abide by FIDO 2.0 should refrain | ||
304 | from using credential management. | ||
305 | Applications using credential management should ensure it is | ||
306 | supported by the authenticator prior to using the API. | ||
307 | Since FIDO 2.1 hasn't been finalised, there is a chance the | ||
308 | functionality and associated data structures may change. | ||
diff --git a/man/fido_dev_set_io_functions.3 b/man/fido_dev_set_io_functions.3 index adc4a9e..67bc6d0 100644 --- a/man/fido_dev_set_io_functions.3 +++ b/man/fido_dev_set_io_functions.3 | |||
@@ -15,12 +15,16 @@ typedef void *fido_dev_io_open_t(const char *); | |||
15 | typedef void fido_dev_io_close_t(void *); | 15 | typedef void fido_dev_io_close_t(void *); |
16 | typedef int fido_dev_io_read_t(void *, unsigned char *, size_t, int); | 16 | typedef int fido_dev_io_read_t(void *, unsigned char *, size_t, int); |
17 | typedef int fido_dev_io_write_t(void *, const unsigned char *, size_t); | 17 | typedef int fido_dev_io_write_t(void *, const unsigned char *, size_t); |
18 | typedef int fido_dev_io_rx_t(struct fido_dev *, uint8_t, unsigned char *, size_t, int); | ||
19 | typedef int fido_dev_io_tx_t(struct fido_dev *, uint8_t, const unsigned char *, size_t); | ||
18 | 20 | ||
19 | typedef struct fido_dev_io { | 21 | typedef struct fido_dev_io { |
20 | fido_dev_io_open_t *open; | 22 | fido_dev_io_open_t *open; |
21 | fido_dev_io_close_t *close; | 23 | fido_dev_io_close_t *close; |
22 | fido_dev_io_read_t *read; | 24 | fido_dev_io_read_t *read; |
23 | fido_dev_io_write_t *write; | 25 | fido_dev_io_write_t *write; |
26 | fido_dev_io_rx_t *rx; | ||
27 | fido_dev_io_tx_t *tx; | ||
24 | } fido_dev_io_t; | 28 | } fido_dev_io_t; |
25 | .Ed | 29 | .Ed |
26 | .Ft int | 30 | .Ft int |
@@ -28,12 +32,12 @@ typedef struct fido_dev_io { | |||
28 | .Sh DESCRIPTION | 32 | .Sh DESCRIPTION |
29 | The | 33 | The |
30 | .Nm | 34 | .Nm |
31 | interface defines the I/O handlers used to talk to | 35 | interface defines the I/O and transmission handlers used to talk to |
32 | .Fa dev . | 36 | .Fa dev . |
33 | Its usage is optional. | 37 | Its usage is optional. |
34 | By default, | 38 | By default, |
35 | .Em libfido2 | 39 | .Em libfido2 |
36 | will use the operating system's native HID interface to talk to | 40 | will use the operating system's native HID interface to talk CTAP2 to |
37 | a FIDO device. | 41 | a FIDO device. |
38 | .Pp | 42 | .Pp |
39 | A | 43 | A |
@@ -51,13 +55,13 @@ It is not expected to be idempotent. | |||
51 | .Pp | 55 | .Pp |
52 | A | 56 | A |
53 | .Vt fido_dev_io_read_t | 57 | .Vt fido_dev_io_read_t |
54 | function reads from | 58 | function reads a single HID report from |
55 | .Fa dev . | 59 | .Fa dev . |
56 | The first parameter taken is the opaque handle obtained from | 60 | The first parameter taken is the opaque handle obtained from |
57 | .Vt fido_dev_io_open_t . | 61 | .Vt fido_dev_io_open_t . |
58 | The read buffer is pointed to by the second parameter, and the | 62 | The read buffer is pointed to by the second parameter, and the |
59 | third parameter holds its size. | 63 | third parameter holds its size. |
60 | Finally, the last argument passed to | 64 | The last argument passed to |
61 | .Vt fido_dev_io_read_t | 65 | .Vt fido_dev_io_read_t |
62 | is the number of milliseconds the caller is willing to sleep, | 66 | is the number of milliseconds the caller is willing to sleep, |
63 | should the call need to block. | 67 | should the call need to block. |
@@ -67,9 +71,9 @@ may block indefinitely. | |||
67 | The number of bytes read is returned. | 71 | The number of bytes read is returned. |
68 | On error, -1 is returned. | 72 | On error, -1 is returned. |
69 | .Pp | 73 | .Pp |
70 | Conversely, a | 74 | A |
71 | .Vt fido_dev_io_write_t | 75 | .Vt fido_dev_io_write_t |
72 | function writes to | 76 | function writes a single HID report to |
73 | .Fa dev . | 77 | .Fa dev . |
74 | The first parameter taken is the opaque handle returned by | 78 | The first parameter taken is the opaque handle returned by |
75 | .Vt fido_dev_io_open_t . | 79 | .Vt fido_dev_io_open_t . |
@@ -81,6 +85,59 @@ function may block. | |||
81 | The number of bytes written is returned. | 85 | The number of bytes written is returned. |
82 | On error, -1 is returned. | 86 | On error, -1 is returned. |
83 | .Pp | 87 | .Pp |
88 | A | ||
89 | .Vt fido_dev_io_rx_t | ||
90 | function receives a complete CTAP2 message from | ||
91 | .Fa dev . | ||
92 | The first parameter taken is a pointer to | ||
93 | .Fa dev . | ||
94 | The second parameter holds the expected CTAP2 command byte. | ||
95 | The read buffer is pointed to by the third parameter, and the | ||
96 | fourth parameter holds its size. | ||
97 | The last argument passed to | ||
98 | .Vt fido_dev_io_rx_t | ||
99 | is the number of milliseconds the caller is willing to sleep, | ||
100 | should the call need to block. | ||
101 | If this value holds -1, | ||
102 | .Vt fido_dev_io_rx_t | ||
103 | may block indefinitely. | ||
104 | The number of bytes read is returned. | ||
105 | On error, -1 is returned. | ||
106 | .Pp | ||
107 | A | ||
108 | .Vt fido_dev_io_tx_t | ||
109 | function transmits a complete CTAP2 message to | ||
110 | .Fa dev . | ||
111 | The first parameter taken is a pointer to | ||
112 | .Fa dev . | ||
113 | The second parameter holds the CTAP2 command byte. | ||
114 | The write buffer is pointed to by the third parameter, and the | ||
115 | fourth parameter holds its size. | ||
116 | A | ||
117 | .Vt fido_dev_io_tx_t | ||
118 | function may block. | ||
119 | On success, 0 is returned. | ||
120 | On error, -1 is returned. | ||
121 | .Pp | ||
122 | When calling | ||
123 | .Fn fido_dev_set_io_functions , | ||
124 | the | ||
125 | .Fa open , | ||
126 | .Fa close , | ||
127 | .Fa read | ||
128 | and | ||
129 | .Fa write | ||
130 | fields of | ||
131 | .Fa io | ||
132 | may not be NULL. | ||
133 | Either | ||
134 | .Fa rx | ||
135 | or | ||
136 | .Fa tx | ||
137 | may be NULL, in which case | ||
138 | .Em libfido2 | ||
139 | uses its corresponding CTAP2 HID transport method. | ||
140 | .Pp | ||
84 | No references to | 141 | No references to |
85 | .Fa io | 142 | .Fa io |
86 | are held by | 143 | are held by |