1 files changed, 190 insertions, 0 deletions
diff --git a/man/fido_assert_new.3 b/man/fido_assert_new.3
new file mode 100644
index 0000000..0c2f92f
--- /dev/null
+++ b/man/fido_assert_new.3
@@ -0,0 +1,190 @@
+.\" Copyright (c) 2018 Yubico AB. All rights reserved.
+.\" Use of this source code is governed by a BSD-style
+.\" license that can be found in the LICENSE file.
+.\"
+.Dd $Mdocdate: October 22 2019 $
+.Dt FIDO_ASSERT_NEW 3
+.Os
+.Sh NAME
+.Nm fido_assert_new ,
+.Nm fido_assert_free ,
+.Nm fido_assert_count ,
+.Nm fido_assert_user_display_name ,
+.Nm fido_assert_user_icon ,
+.Nm fido_assert_user_name ,
+.Nm fido_assert_authdata_ptr ,
+.Nm fido_assert_clientdata_hash_ptr ,
+.Nm fido_assert_hmac_secret_ptr ,
+.Nm fido_assert_user_id_ptr ,
+.Nm fido_assert_sig_ptr ,
+.Nm fido_assert_authdata_len ,
+.Nm fido_assert_clientdata_hash_len ,
+.Nm fido_assert_hmac_secret_len ,
+.Nm fido_assert_user_id_len ,
+.Nm fido_assert_sig_len ,
+.Nm fido_assert_sigcount
+.Nd FIDO 2 assertion API
+.Sh SYNOPSIS
+.In fido.h
+.Ft fido_assert_t *
+.Fn fido_assert_new "void"
+.Ft void
+.Fn fido_assert_free "fido_assert_t **assert_p"
+.Ft size_t
+.Fn fido_assert_count "const fido_assert_t *assert"
+.Ft const char *
+.Fn fido_assert_user_display_name "const fido_assert_t *assert" "size_t idx"
+.Ft const char *
+.Fn fido_assert_user_icon "const fido_assert_t *assert" "size_t idx"
+.Ft const char *
+.Fn fido_assert_user_name "const fido_assert_t *assert" "size_t idx"
+.Ft const unsigned char *
+.Fn fido_assert_authdata_ptr "const fido_assert_t *assert" "size_t idx"
+.Ft const unsigned char *
+.Fn fido_assert_clientdata_hash_ptr "const fido_assert_t *assert"
+.Ft const unsigned char *
+.Fn fido_assert_hmac_secret_ptr "const fido_assert_t *assert" "size_t idx"
+.Ft const unsigned char *
+.Fn fido_assert_user_id_ptr "const fido_assert_t *assert" "size_t idx"
+.Ft const unsigned char *
+.Fn fido_assert_sig_ptr "const fido_assert_t *assert" "size_t idx"
+.Ft size_t
+.Fn fido_assert_authdata_len "const fido_assert_t *assert" "size_t idx"
+.Ft size_t
+.Fn fido_assert_clientdata_hash_len "const fido_assert_t *assert"
+.Ft size_t
+.Fn fido_assert_hmac_secret_len "const fido_assert_t *assert" "size_t idx"
+.Ft size_t
+.Fn fido_assert_user_id_len "const fido_assert_t *assert" "size_t idx"
+.Ft size_t
+.Fn fido_assert_sig_len "const fido_assert_t *assert" "size_t idx"
+.Ft uint32_t
+.Fn fido_assert_sigcount "const fido_assert_t *assert" "size_t idx"
+.Sh DESCRIPTION
+FIDO 2 assertions are abstracted in
+.Em libfido2
+by the
+.Vt fido_assert_t
+type.
+The functions described in this page allow a
+.Vt fido_assert_t
+type to be allocated, deallocated, and inspected.
+For other operations on
+.Vt fido_assert_t ,
+please refer to
+.Xr fido_assert_set_authdata 3 ,
+.Xr fido_assert_allow_cred 3 ,
+.Xr fido_assert_verify 3 ,
+and
+.Xr fido_dev_get_assert 3 .
+.Pp
+The
+.Fn fido_assert_new
+function returns a pointer to a newly allocated, empty
+.Vt fido_assert_t
+type.
+If memory cannot be allocated, NULL is returned.
+.Pp
+The
+.Fn fido_assert_free
+function releases the memory backing
+.Fa *assert_p ,
+where
+.Fa *assert_p
+must have been previously allocated by
+.Fn fido_assert_new .
+On return,
+.Fa *assert_p
+is set to NULL.
+Either
+.Fa assert_p
+or
+.Fa *assert_p
+may be NULL, in which case
+.Fn fido_assert_free
+is a NOP.
+.Pp
+The
+.Fn fido_assert_count
+function returns the number of statements in
+.Fa assert .
+.Pp
+The
+.Fn fido_assert_user_display_name ,
+.Fn fido_assert_user_icon ,
+and
+.Fn fido_assert_user_name ,
+functions return pointers to the user display name, icon, and
+name attributes of statement
+.Fa idx
+in
+.Fa assert .
+If not NULL, the values returned by these functions point to
+NUL-terminated UTF-8 strings.
+.Pp
+The
+.Fn fido_assert_user_id_ptr ,
+.Fn fido_assert_authdata_ptr ,
+.Fn fido_assert_hmac_secret_ptr ,
+and
+.Fn fido_assert_sig_ptr
+functions return pointers to the user ID, authenticator data,
+hmac-secret, and signature attributes of statement
+.Fa idx
+in
+.Fa assert .
+The
+.Fn fido_assert_user_id_len ,
+.Fn fido_assert_authdata_len ,
+.Fn fido_assert_hmac_secret_len ,
+and
+.Fn fido_assert_sig_len
+functions can be used to retrieve the corresponding length of a
+specific attribute.
+.Pp
+The
+.Fn fido_assert_sigcount
+function can be used to obtain the signature counter of statement
+.Fa idx
+in
+.Fa assert .
+.Pp
+Please note that the first statement in
+.Fa assert
+has an
+.Fa idx
+(index) value of 0.
+.Pp
+The authenticator data and signature parts of an assertion
+statement are typically passed to a FIDO 2 server for verification.
+.Pp
+The
+.Fn fido_assert_clientdata_hash_ptr
+function returns a pointer to the client data hash of
+.Fa assert .
+The corresponding length can be obtained by
+.Fn fido_assert_clientdata_hash_len .
+.Sh RETURN VALUES
+The
+.Fn fido_assert_user_display_name ,
+.Fn fido_assert_user_icon ,
+.Fn fido_assert_user_name ,
+.Fn fido_assert_authdata_ptr ,
+.Fn fido_assert_clientdata_hash_ptr ,
+.Fn fido_assert_user_id_ptr ,
+and
+.Fn fido_assert_sig_ptr
+functions return NULL if the respective field in
+.Fa assert
+is not set.
+If not NULL, returned pointers are guaranteed to exist until any API
+function that takes
+.Fa assert
+without the
+.Em const
+qualifier is invoked.
+.Sh SEE ALSO
+.Xr fido_assert_allow_cred 3 ,
+.Xr fido_assert_set_authdata 3 ,
+.Xr fido_assert_verify 3 ,
+.Xr fido_dev_get_assert 3

diff --git a/man/fido_assert_new.3 b/man/fido_assert_new.3 new file mode 100644 index 0000000..0c2f92f --- /dev/null +++ b/man/fido_assert_new.3
@@ -0,0 +1,190 @@
	1	.\" Copyright (c) 2018 Yubico AB. All rights reserved.
	2	.\" Use of this source code is governed by a BSD-style
	3	.\" license that can be found in the LICENSE file.
	4	.\"
	5	.Dd $Mdocdate: October 22 2019 $
	6	.Dt FIDO_ASSERT_NEW 3
	7	.Os
	8	.Sh NAME
	9	.Nm fido_assert_new ,
	10	.Nm fido_assert_free ,
	11	.Nm fido_assert_count ,
	12	.Nm fido_assert_user_display_name ,
	13	.Nm fido_assert_user_icon ,
	14	.Nm fido_assert_user_name ,
	15	.Nm fido_assert_authdata_ptr ,
	16	.Nm fido_assert_clientdata_hash_ptr ,
	17	.Nm fido_assert_hmac_secret_ptr ,
	18	.Nm fido_assert_user_id_ptr ,
	19	.Nm fido_assert_sig_ptr ,
	20	.Nm fido_assert_authdata_len ,
	21	.Nm fido_assert_clientdata_hash_len ,
	22	.Nm fido_assert_hmac_secret_len ,
	23	.Nm fido_assert_user_id_len ,
	24	.Nm fido_assert_sig_len ,
	25	.Nm fido_assert_sigcount
	26	.Nd FIDO 2 assertion API
	27	.Sh SYNOPSIS
	28	.In fido.h
	29	.Ft fido_assert_t *
	30	.Fn fido_assert_new "void"
	31	.Ft void
	32	.Fn fido_assert_free "fido_assert_t **assert_p"
	33	.Ft size_t
	34	.Fn fido_assert_count "const fido_assert_t *assert"
	35	.Ft const char *
	36	.Fn fido_assert_user_display_name "const fido_assert_t *assert" "size_t idx"
	37	.Ft const char *
	38	.Fn fido_assert_user_icon "const fido_assert_t *assert" "size_t idx"
	39	.Ft const char *
	40	.Fn fido_assert_user_name "const fido_assert_t *assert" "size_t idx"
	41	.Ft const unsigned char *
	42	.Fn fido_assert_authdata_ptr "const fido_assert_t *assert" "size_t idx"
	43	.Ft const unsigned char *
	44	.Fn fido_assert_clientdata_hash_ptr "const fido_assert_t *assert"
	45	.Ft const unsigned char *
	46	.Fn fido_assert_hmac_secret_ptr "const fido_assert_t *assert" "size_t idx"
	47	.Ft const unsigned char *
	48	.Fn fido_assert_user_id_ptr "const fido_assert_t *assert" "size_t idx"
	49	.Ft const unsigned char *
	50	.Fn fido_assert_sig_ptr "const fido_assert_t *assert" "size_t idx"
	51	.Ft size_t
	52	.Fn fido_assert_authdata_len "const fido_assert_t *assert" "size_t idx"
	53	.Ft size_t
	54	.Fn fido_assert_clientdata_hash_len "const fido_assert_t *assert"
	55	.Ft size_t
	56	.Fn fido_assert_hmac_secret_len "const fido_assert_t *assert" "size_t idx"
	57	.Ft size_t
	58	.Fn fido_assert_user_id_len "const fido_assert_t *assert" "size_t idx"
	59	.Ft size_t
	60	.Fn fido_assert_sig_len "const fido_assert_t *assert" "size_t idx"
	61	.Ft uint32_t
	62	.Fn fido_assert_sigcount "const fido_assert_t *assert" "size_t idx"
	63	.Sh DESCRIPTION
	64	FIDO 2 assertions are abstracted in
	65	.Em libfido2
	66	by the
	67	.Vt fido_assert_t
	68	type.
	69	The functions described in this page allow a
	70	.Vt fido_assert_t
	71	type to be allocated, deallocated, and inspected.
	72	For other operations on
	73	.Vt fido_assert_t ,
	74	please refer to
	75	.Xr fido_assert_set_authdata 3 ,
	76	.Xr fido_assert_allow_cred 3 ,
	77	.Xr fido_assert_verify 3 ,
	78	and
	79	.Xr fido_dev_get_assert 3 .
	80	.Pp
	81	The
	82	.Fn fido_assert_new
	83	function returns a pointer to a newly allocated, empty
	84	.Vt fido_assert_t
	85	type.
	86	If memory cannot be allocated, NULL is returned.
	87	.Pp
	88	The
	89	.Fn fido_assert_free
	90	function releases the memory backing
	91	.Fa *assert_p ,
	92	where
	93	.Fa *assert_p
	94	must have been previously allocated by
	95	.Fn fido_assert_new .
	96	On return,
	97	.Fa *assert_p
	98	is set to NULL.
	99	Either
	100	.Fa assert_p
	101	or
	102	.Fa *assert_p
	103	may be NULL, in which case
	104	.Fn fido_assert_free
	105	is a NOP.
	106	.Pp
	107	The
	108	.Fn fido_assert_count
	109	function returns the number of statements in
	110	.Fa assert .
	111	.Pp
	112	The
	113	.Fn fido_assert_user_display_name ,
	114	.Fn fido_assert_user_icon ,
	115	and
	116	.Fn fido_assert_user_name ,
	117	functions return pointers to the user display name, icon, and
	118	name attributes of statement
	119	.Fa idx
	120	in
	121	.Fa assert .
	122	If not NULL, the values returned by these functions point to
	123	NUL-terminated UTF-8 strings.
	124	.Pp
	125	The
	126	.Fn fido_assert_user_id_ptr ,
	127	.Fn fido_assert_authdata_ptr ,
	128	.Fn fido_assert_hmac_secret_ptr ,
	129	and
	130	.Fn fido_assert_sig_ptr
	131	functions return pointers to the user ID, authenticator data,
	132	hmac-secret, and signature attributes of statement
	133	.Fa idx
	134	in
	135	.Fa assert .
	136	The
	137	.Fn fido_assert_user_id_len ,
	138	.Fn fido_assert_authdata_len ,
	139	.Fn fido_assert_hmac_secret_len ,
	140	and
	141	.Fn fido_assert_sig_len
	142	functions can be used to retrieve the corresponding length of a
	143	specific attribute.
	144	.Pp
	145	The
	146	.Fn fido_assert_sigcount
	147	function can be used to obtain the signature counter of statement
	148	.Fa idx
	149	in
	150	.Fa assert .
	151	.Pp
	152	Please note that the first statement in
	153	.Fa assert
	154	has an
	155	.Fa idx
	156	(index) value of 0.
	157	.Pp
	158	The authenticator data and signature parts of an assertion
	159	statement are typically passed to a FIDO 2 server for verification.
	160	.Pp
	161	The
	162	.Fn fido_assert_clientdata_hash_ptr
	163	function returns a pointer to the client data hash of
	164	.Fa assert .
	165	The corresponding length can be obtained by
	166	.Fn fido_assert_clientdata_hash_len .
	167	.Sh RETURN VALUES
	168	The
	169	.Fn fido_assert_user_display_name ,
	170	.Fn fido_assert_user_icon ,
	171	.Fn fido_assert_user_name ,
	172	.Fn fido_assert_authdata_ptr ,
	173	.Fn fido_assert_clientdata_hash_ptr ,
	174	.Fn fido_assert_user_id_ptr ,
	175	and
	176	.Fn fido_assert_sig_ptr
	177	functions return NULL if the respective field in
	178	.Fa assert
	179	is not set.
	180	If not NULL, returned pointers are guaranteed to exist until any API
	181	function that takes
	182	.Fa assert
	183	without the
	184	.Em const
	185	qualifier is invoked.
	186	.Sh SEE ALSO
	187	.Xr fido_assert_allow_cred 3 ,
	188	.Xr fido_assert_set_authdata 3 ,
	189	.Xr fido_assert_verify 3 ,
	190	.Xr fido_dev_get_assert 3