fido_assert_allow_cred,
fido_assert_empty_allow_list —
manage allow lists in a FIDO2 assertion
#include
<fido.h>
int
fido_assert_allow_cred(
fido_assert_t
*assert,
const
unsigned char *ptr,
size_t len);
int
fido_assert_empty_allow_list(
fido_assert_t
*assert);
The
fido_assert_allow_cred() function adds
ptr to the list of credentials allowed in
assert, where
ptr points to a credential ID of
len bytes. A copy of
ptr is made, and no references to the passed
pointer are kept. If
fido_assert_allow_cred()
fails, the existing list of allowed credentials is preserved.
For the format of a FIDO2 credential ID, please refer to the Web Authentication
(webauthn) standard.
The
fido_assert_empty_allow_list() function empties
the list of credentials allowed in
assert.
The error codes returned by
fido_assert_allow_cred() and
fido_assert_empty_allow_list() are defined in
<fido/err.h>.
On success,
FIDO_OK
is returned.
fido_assert_new(3),
fido_assert_set_authdata(3),
fido_dev_get_assert(3)