1FIDO_DEV_SET_PIN(3) BSD Library Functions Manual FIDO_DEV_SET_PIN(3)
2
4 fido_dev_set_pin, fido_dev_get_retry_count, fido_dev_get_uv_retry_count,
5 fido_dev_reset — FIDO2 device management functions
6
8 #include <fido.h>
9 int
11 fido_dev_set_pin(fido_dev_t *dev, const char *pin, const char *oldpin);
12 int
14 fido_dev_get_retry_count(fido_dev_t *dev, int *retries);
15 int
17 fido_dev_get_uv_retry_count(fido_dev_t *dev, int *retries);
18 int
20 fido_dev_reset(fido_dev_t *dev);
21
23 The fido_dev_set_pin() function sets the PIN of device dev to pin, where
24 pin is a NUL-terminated UTF-8 string. If oldpin is not NULL, the de‐
25 vice's PIN is changed from oldpin to pin, where pin and oldpin are NUL-
26 terminated UTF-8 strings.
27 The fido_dev_get_retry_count() function fills retries with the number of
29 PIN retries left in dev before lock-out, where retries is an addressable
30 pointer.
31 The fido_dev_get_uv_retry_count() function fills retries with the number
33 of built-in UV retries left in dev before built-in UV is disabled, where
34 retries is an addressable pointer.
35 The fido_dev_reset() function performs a reset on dev, resetting the de‐
37 vice's PIN and erasing credentials stored on the device.
38 Please note that fido_dev_set_pin(), fido_dev_get_retry_count(),
40 fido_dev_get_uv_retry_count(), and fido_dev_reset() are synchronous and
41 will block if necessary.
42
44 The error codes returned by fido_dev_set_pin(),
45 fido_dev_get_retry_count(), fido_dev_get_uv_retry_count(), and
46 fido_dev_reset() are defined in <fido/err.h>. On success, FIDO_OK is re‐
47 turned.
48
50 Regarding fido_dev_reset(), the actual user-flow to perform a reset is
51 outside the scope of the FIDO2 specification, and may therefore vary de‐
52 pending on the authenticator. Yubico authenticators will return
53 FIDO_ERR_NOT_ALLOWED if a reset is issued later than 5 seconds after
54 power-up, and FIDO_ERR_ACTION_TIMEOUT if the user fails to confirm the
55 reset by touching the key within 30 seconds.
56BSD May 25, 2018 BSD