summaryrefslogtreecommitdiff
path: root/man/fido2-assert.1
diff options
context:
space:
mode:
Diffstat (limited to 'man/fido2-assert.1')
-rw-r--r--man/fido2-assert.133
1 files changed, 29 insertions, 4 deletions
diff --git a/man/fido2-assert.1 b/man/fido2-assert.1
index 67883e2..e77e771 100644
--- a/man/fido2-assert.1
+++ b/man/fido2-assert.1
@@ -12,6 +12,7 @@
12.Nm 12.Nm
13.Fl G 13.Fl G
14.Op Fl dhpruv 14.Op Fl dhpruv
15.Op Fl t Ar option
15.Op Fl i Ar input_file 16.Op Fl i Ar input_file
16.Op Fl o Ar output_file 17.Op Fl o Ar output_file
17.Ar device 18.Ar device
@@ -110,6 +111,29 @@ is specified,
110.Nm 111.Nm
111will not expect a credential id in its input, and may output 112will not expect a credential id in its input, and may output
112multiple assertions. 113multiple assertions.
114.It Fl t Ar option
115Toggles a key/value
116.Ar option ,
117where
118.Ar option
119is a string of the form
120.Dq key=value .
121The options supported at present are:
122.Bl -tag -width Ds
123.It Cm up Ns = Ns Ar true|false
124Asks the authenticator for user presence to be enabled or disabled.
125.It Cm uv Ns = Ns Ar true|false
126Asks the authenticator for user verification to be enabled or
127disabled.
128.It Cm pin Ns = Ns Ar true|false
129Tells
130.Nm
131whether to prompt for a PIN and request user verification.
132.El
133.Pp
134The
135.Fl t
136option may be specified multiple times.
113.It Fl u 137.It Fl u
114Obtain an assertion using U2F. 138Obtain an assertion using U2F.
115By default, 139By default,
@@ -119,6 +143,10 @@ U2F otherwise.
119.It Fl v 143.It Fl v
120If obtaining an assertion, prompt the user for a PIN and request 144If obtaining an assertion, prompt the user for a PIN and request
121user verification from the authenticator. 145user verification from the authenticator.
146If verifying an assertion, check whether the user verification bit
147was signed by the authenticator.
148.El
149.Pp
122If a 150If a
123.Em tty 151.Em tty
124is available, 152is available,
@@ -127,9 +155,6 @@ will use it to obtain the PIN.
127Otherwise, 155Otherwise,
128.Em stdin 156.Em stdin
129is used. 157is used.
130If verifying an assertion, check whether the user verification bit
131was signed by the authenticator.
132.El
133.Sh INPUT FORMAT 158.Sh INPUT FORMAT
134The input of 159The input of
135.Nm 160.Nm
@@ -140,7 +165,7 @@ When obtaining an assertion,
140.Nm 165.Nm
141expects its input to consist of: 166expects its input to consist of:
142.Pp 167.Pp
143.Bl -enum -offset indent -compact 168.Bl -enum -offset indent -compact
144.It 169.It
145client data hash (base64 blob); 170client data hash (base64 blob);
146.It 171.It