diff options
Diffstat (limited to 'man/fido2-assert.1')
-rw-r--r-- | man/fido2-assert.1 | 33 |
1 files changed, 29 insertions, 4 deletions
diff --git a/man/fido2-assert.1 b/man/fido2-assert.1 index 67883e2..e77e771 100644 --- a/man/fido2-assert.1 +++ b/man/fido2-assert.1 | |||
@@ -12,6 +12,7 @@ | |||
12 | .Nm | 12 | .Nm |
13 | .Fl G | 13 | .Fl G |
14 | .Op Fl dhpruv | 14 | .Op Fl dhpruv |
15 | .Op Fl t Ar option | ||
15 | .Op Fl i Ar input_file | 16 | .Op Fl i Ar input_file |
16 | .Op Fl o Ar output_file | 17 | .Op Fl o Ar output_file |
17 | .Ar device | 18 | .Ar device |
@@ -110,6 +111,29 @@ is specified, | |||
110 | .Nm | 111 | .Nm |
111 | will not expect a credential id in its input, and may output | 112 | will not expect a credential id in its input, and may output |
112 | multiple assertions. | 113 | multiple assertions. |
114 | .It Fl t Ar option | ||
115 | Toggles a key/value | ||
116 | .Ar option , | ||
117 | where | ||
118 | .Ar option | ||
119 | is a string of the form | ||
120 | .Dq key=value . | ||
121 | The options supported at present are: | ||
122 | .Bl -tag -width Ds | ||
123 | .It Cm up Ns = Ns Ar true|false | ||
124 | Asks the authenticator for user presence to be enabled or disabled. | ||
125 | .It Cm uv Ns = Ns Ar true|false | ||
126 | Asks the authenticator for user verification to be enabled or | ||
127 | disabled. | ||
128 | .It Cm pin Ns = Ns Ar true|false | ||
129 | Tells | ||
130 | .Nm | ||
131 | whether to prompt for a PIN and request user verification. | ||
132 | .El | ||
133 | .Pp | ||
134 | The | ||
135 | .Fl t | ||
136 | option may be specified multiple times. | ||
113 | .It Fl u | 137 | .It Fl u |
114 | Obtain an assertion using U2F. | 138 | Obtain an assertion using U2F. |
115 | By default, | 139 | By default, |
@@ -119,6 +143,10 @@ U2F otherwise. | |||
119 | .It Fl v | 143 | .It Fl v |
120 | If obtaining an assertion, prompt the user for a PIN and request | 144 | If obtaining an assertion, prompt the user for a PIN and request |
121 | user verification from the authenticator. | 145 | user verification from the authenticator. |
146 | If verifying an assertion, check whether the user verification bit | ||
147 | was signed by the authenticator. | ||
148 | .El | ||
149 | .Pp | ||
122 | If a | 150 | If a |
123 | .Em tty | 151 | .Em tty |
124 | is available, | 152 | is available, |
@@ -127,9 +155,6 @@ will use it to obtain the PIN. | |||
127 | Otherwise, | 155 | Otherwise, |
128 | .Em stdin | 156 | .Em stdin |
129 | is used. | 157 | is used. |
130 | If verifying an assertion, check whether the user verification bit | ||
131 | was signed by the authenticator. | ||
132 | .El | ||
133 | .Sh INPUT FORMAT | 158 | .Sh INPUT FORMAT |
134 | The input of | 159 | The input of |
135 | .Nm | 160 | .Nm |
@@ -140,7 +165,7 @@ When obtaining an assertion, | |||
140 | .Nm | 165 | .Nm |
141 | expects its input to consist of: | 166 | expects its input to consist of: |
142 | .Pp | 167 | .Pp |
143 | .Bl -enum -offset indent -compact | 168 | .Bl -enum -offset indent -compact |
144 | .It | 169 | .It |
145 | client data hash (base64 blob); | 170 | client data hash (base64 blob); |
146 | .It | 171 | .It |