fido_dev_make_cred —
generates a new credential on a FIDO2
device
#include
<fido.h>
int
fido_dev_make_cred(
fido_dev_t
*dev,
fido_cred_t
*cred,
const
char *pin);
The
fido_dev_make_cred() function asks the FIDO2
device represented by
dev to generate a new
credential according to the following parameters defined in
cred:
- type;
- client data hash;
- relying party;
- user attributes;
- list of excluded credential
IDs;
- resident/discoverable key and
user verification attributes.
See
fido_cred_set_authdata(3)
for information on how these values are set.
If a PIN is not needed to authenticate the request against
dev, then
pin may be NULL. Otherwise
pin must point to a NUL-terminated UTF-8
string.
After a successful call to
fido_dev_make_cred(),
the
fido_cred_authdata_ptr(3),
fido_cred_pubkey_ptr(3),
fido_cred_x5c_ptr(3),
and
fido_cred_sig_ptr(3)
functions may be invoked on
cred to retrieve
the various parts of the generated credential.
Please note that
fido_dev_make_cred() is
synchronous and will block if necessary.
The error codes returned by
fido_dev_make_cred()
are defined in
<fido/err.h>.
On success,
FIDO_OK
is returned.
fido_cred_new(3),
fido_cred_set_authdata(3)