1 files changed, 220 insertions, 0 deletions
diff --git a/man/fido2-assert.1 b/man/fido2-assert.1
new file mode 100644
index 0000000..67883e2
--- /dev/null
+++ b/man/fido2-assert.1
@@ -0,0 +1,220 @@
+.\" Copyright (c) 2018 Yubico AB. All rights reserved.
+.\" Use of this source code is governed by a BSD-style
+.\" license that can be found in the LICENSE file.
+.\"
+.Dd $Mdocdate: November 5 2019 $
+.Dt FIDO2-ASSERT 1
+.Os
+.Sh NAME
+.Nm fido2-assert
+.Nd get/verify a FIDO 2 assertion
+.Sh SYNOPSIS
+.Nm
+.Fl G
+.Op Fl dhpruv
+.Op Fl i Ar input_file
+.Op Fl o Ar output_file
+.Ar device
+.Nm
+.Fl V
+.Op Fl dhpv
+.Op Fl i Ar input_file
+.Ar key_file
+.Op Ar type
+.Sh DESCRIPTION
+.Nm
+gets or verifies a FIDO 2 assertion.
+.Pp
+The input of
+.Nm
+is defined by the parameters of the assertion to be obtained/verified.
+See the
+.Sx INPUT FORMAT
+section for details.
+.Pp
+The output of
+.Nm
+is defined by the result of the selected operation.
+See the
+.Sx OUTPUT FORMAT
+section for details.
+.Pp
+If an assertion is successfully obtained or verified,
+.Nm
+exits 0.
+Otherwise,
+.Nm
+exits 1.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl G
+Tells
+.Nm
+to obtain a new assertion from
+.Ar device .
+.It Fl V
+Tells
+.Nm
+to verify an assertion using the PEM-encoded public key in
+.Ar key_file
+of type
+.Ar type ,
+where
+.Ar type
+may be
+.Em es256
+(denoting ECDSA over NIST P-256 with SHA-256),
+.Em rs256
+(denoting 2048-bit RSA with PKCS#1.5 padding and SHA-256), or
+.Em eddsa
+(denoting EDDSA over Curve25519 with SHA-512).
+If
+.Ar type
+is not specified,
+.Em es256
+is assumed.
+.It Fl h
+If obtaining an assertion, enable the FIDO2 hmac-secret
+extension.
+If verifying an assertion, check whether the extension data bit was
+signed by the authenticator.
+.It Fl d
+Causes
+.Nm
+to emit debugging output on
+.Em stderr .
+.It Fl i Ar input_file
+Tells
+.Nm
+to read the parameters of the assertion from
+.Ar input_file
+instead of
+.Em stdin .
+.It Fl o Ar output_file
+Tells
+.Nm
+to write output on
+.Ar output_file
+instead of
+.Em stdout .
+.It Fl p
+If obtaining an assertion, request user presence.
+If verifying an assertion, check whether the user presence bit was
+signed by the authenticator.
+.It Fl r
+Obtain an assertion using a resident credential.
+If
+.Fl r
+is specified,
+.Nm
+will not expect a credential id in its input, and may output
+multiple assertions.
+.It Fl u
+Obtain an assertion using U2F.
+By default,
+.Nm
+will use FIDO2 if supported by the authenticator, and fallback to
+U2F otherwise.
+.It Fl v
+If obtaining an assertion, prompt the user for a PIN and request
+user verification from the authenticator.
+If a
+.Em tty
+is available,
+.Nm
+will use it to obtain the PIN.
+Otherwise,
+.Em stdin
+is used.
+If verifying an assertion, check whether the user verification bit
+was signed by the authenticator.
+.El
+.Sh INPUT FORMAT
+The input of
+.Nm
+consists of base64 blobs and UTF-8 strings separated
+by newline characters ('\\n').
+.Pp
+When obtaining an assertion,
+.Nm
+expects its input to consist of:
+.Pp
+.Bl -enum -offset indent -compact                                   
+.It
+client data hash (base64 blob);
+.It
+relying party id (UTF-8 string);
+.It
+credential id, if credential not resident (base64 blob);
+.It
+hmac salt, if the FIDO2 hmac-secret extension is enabled
+(base64 blob);
+.El
+.Pp
+When verifying an assertion,
+.Nm
+expects its input to consist of:
+.Pp
+.Bl -enum -offset indent -compact
+.It
+client data hash (base64 blob);
+.It
+relying party id (UTF-8 string);
+.It
+authenticator data (base64 blob);
+.It
+assertion signature (base64 blob);
+.El
+.Pp
+UTF-8 strings passed to
+.Nm
+must not contain embedded newline or NUL characters.
+.Sh OUTPUT FORMAT
+The output of
+.Nm
+consists of base64 blobs and UTF-8 strings separated
+by newline characters ('\\n').
+.Pp
+For each generated assertion,
+.Nm
+outputs:
+.Pp
+.Bl -enum -offset indent -compact
+.It
+client data hash (base64 blob);
+.It
+relying party id (UTF-8 string);
+.It
+authenticator data (base64 blob);
+.It
+assertion signature (base64 blob);
+.It
+user id, if credential resident (base64 blob);
+.It
+hmac secret, if the FIDO2 hmac-secret extension is enabled
+(base64 blob);
+.El
+.Pp
+When verifying an assertion,
+.Nm
+produces no output.
+.Sh EXAMPLES
+Assuming
+.Pa cred
+contains a
+.Em es256
+credential created according to the steps outlined in
+.Xr fido2-cred 1 ,
+obtain an assertion from an authenticator at
+.Pa /dev/hidraw5
+and verify it:
+.Pp
+.Dl $ echo assertion challenge | openssl sha256 -binary | base64 > assert_param
+.Dl $ echo relying party >> assert_param
+.Dl $ head -1 cred >> assert_param
+.Dl $ tail -n +2 cred > pubkey
+.Dl $ fido2-assert -G -i assert_param /dev/hidraw5 | fido2-assert -V pubkey es256
+.Sh SEE ALSO
+.Xr fido2-cred 1 ,
+.Xr fido2-token 1

diff --git a/man/fido2-assert.1 b/man/fido2-assert.1 new file mode 100644 index 0000000..67883e2 --- /dev/null +++ b/man/fido2-assert.1
@@ -0,0 +1,220 @@
	1	.\" Copyright (c) 2018 Yubico AB. All rights reserved.
	2	.\" Use of this source code is governed by a BSD-style
	3	.\" license that can be found in the LICENSE file.
	4	.\"
	5	.Dd $Mdocdate: November 5 2019 $
	6	.Dt FIDO2-ASSERT 1
	7	.Os
	8	.Sh NAME
	9	.Nm fido2-assert
	10	.Nd get/verify a FIDO 2 assertion
	11	.Sh SYNOPSIS
	12	.Nm
	13	.Fl G
	14	.Op Fl dhpruv
	15	.Op Fl i Ar input_file
	16	.Op Fl o Ar output_file
	17	.Ar device
	18	.Nm
	19	.Fl V
	20	.Op Fl dhpv
	21	.Op Fl i Ar input_file
	22	.Ar key_file
	23	.Op Ar type
	24	.Sh DESCRIPTION
	25	.Nm
	26	gets or verifies a FIDO 2 assertion.
	27	.Pp
	28	The input of
	29	.Nm
	30	is defined by the parameters of the assertion to be obtained/verified.
	31	See the
	32	.Sx INPUT FORMAT
	33	section for details.
	34	.Pp
	35	The output of
	36	.Nm
	37	is defined by the result of the selected operation.
	38	See the
	39	.Sx OUTPUT FORMAT
	40	section for details.
	41	.Pp
	42	If an assertion is successfully obtained or verified,
	43	.Nm
	44	exits 0.
	45	Otherwise,
	46	.Nm
	47	exits 1.
	48	.Pp
	49	The options are as follows:
	50	.Bl -tag -width Ds
	51	.It Fl G
	52	Tells
	53	.Nm
	54	to obtain a new assertion from
	55	.Ar device .
	56	.It Fl V
	57	Tells
	58	.Nm
	59	to verify an assertion using the PEM-encoded public key in
	60	.Ar key_file
	61	of type
	62	.Ar type ,
	63	where
	64	.Ar type
	65	may be
	66	.Em es256
	67	(denoting ECDSA over NIST P-256 with SHA-256),
	68	.Em rs256
	69	(denoting 2048-bit RSA with PKCS#1.5 padding and SHA-256), or
	70	.Em eddsa
	71	(denoting EDDSA over Curve25519 with SHA-512).
	72	If
	73	.Ar type
	74	is not specified,
	75	.Em es256
	76	is assumed.
	77	.It Fl h
	78	If obtaining an assertion, enable the FIDO2 hmac-secret
	79	extension.
	80	If verifying an assertion, check whether the extension data bit was
	81	signed by the authenticator.
	82	.It Fl d
	83	Causes
	84	.Nm
	85	to emit debugging output on
	86	.Em stderr .
	87	.It Fl i Ar input_file
	88	Tells
	89	.Nm
	90	to read the parameters of the assertion from
	91	.Ar input_file
	92	instead of
	93	.Em stdin .
	94	.It Fl o Ar output_file
	95	Tells
	96	.Nm
	97	to write output on
	98	.Ar output_file
	99	instead of
	100	.Em stdout .
	101	.It Fl p
	102	If obtaining an assertion, request user presence.
	103	If verifying an assertion, check whether the user presence bit was
	104	signed by the authenticator.
	105	.It Fl r
	106	Obtain an assertion using a resident credential.
	107	If
	108	.Fl r
	109	is specified,
	110	.Nm
	111	will not expect a credential id in its input, and may output
	112	multiple assertions.
	113	.It Fl u
	114	Obtain an assertion using U2F.
	115	By default,
	116	.Nm
	117	will use FIDO2 if supported by the authenticator, and fallback to
	118	U2F otherwise.
	119	.It Fl v
	120	If obtaining an assertion, prompt the user for a PIN and request
	121	user verification from the authenticator.
	122	If a
	123	.Em tty
	124	is available,
	125	.Nm
	126	will use it to obtain the PIN.
	127	Otherwise,
	128	.Em stdin
	129	is used.
	130	If verifying an assertion, check whether the user verification bit
	131	was signed by the authenticator.
	132	.El
	133	.Sh INPUT FORMAT
	134	The input of
	135	.Nm
	136	consists of base64 blobs and UTF-8 strings separated
	137	by newline characters ('\\n').
	138	.Pp
	139	When obtaining an assertion,
	140	.Nm
	141	expects its input to consist of:
	142	.Pp
	143	.Bl -enum -offset indent -compact
	144	.It
	145	client data hash (base64 blob);
	146	.It
	147	relying party id (UTF-8 string);
	148	.It
	149	credential id, if credential not resident (base64 blob);
	150	.It
	151	hmac salt, if the FIDO2 hmac-secret extension is enabled
	152	(base64 blob);
	153	.El
	154	.Pp
	155	When verifying an assertion,
	156	.Nm
	157	expects its input to consist of:
	158	.Pp
	159	.Bl -enum -offset indent -compact
	160	.It
	161	client data hash (base64 blob);
	162	.It
	163	relying party id (UTF-8 string);
	164	.It
	165	authenticator data (base64 blob);
	166	.It
	167	assertion signature (base64 blob);
	168	.El
	169	.Pp
	170	UTF-8 strings passed to
	171	.Nm
	172	must not contain embedded newline or NUL characters.
	173	.Sh OUTPUT FORMAT
	174	The output of
	175	.Nm
	176	consists of base64 blobs and UTF-8 strings separated
	177	by newline characters ('\\n').
	178	.Pp
	179	For each generated assertion,
	180	.Nm
	181	outputs:
	182	.Pp
	183	.Bl -enum -offset indent -compact
	184	.It
	185	client data hash (base64 blob);
	186	.It
	187	relying party id (UTF-8 string);
	188	.It
	189	authenticator data (base64 blob);
	190	.It
	191	assertion signature (base64 blob);
	192	.It
	193	user id, if credential resident (base64 blob);
	194	.It
	195	hmac secret, if the FIDO2 hmac-secret extension is enabled
	196	(base64 blob);
	197	.El
	198	.Pp
	199	When verifying an assertion,
	200	.Nm
	201	produces no output.
	202	.Sh EXAMPLES
	203	Assuming
	204	.Pa cred
	205	contains a
	206	.Em es256
	207	credential created according to the steps outlined in
	208	.Xr fido2-cred 1 ,
	209	obtain an assertion from an authenticator at
	210	.Pa /dev/hidraw5
	211	and verify it:
	212	.Pp
	213	.Dl $ echo assertion challenge \| openssl sha256 -binary \| base64 > assert_param
	214	.Dl $ echo relying party >> assert_param
	215	.Dl $ head -1 cred >> assert_param
	216	.Dl $ tail -n +2 cred > pubkey
	217	.Dl $ fido2-assert -G -i assert_param /dev/hidraw5 \| fido2-assert -V pubkey es256
	218	.Sh SEE ALSO
	219	.Xr fido2-cred 1 ,
	220	.Xr fido2-token 1