1FIDO_CBOR_INFO_NEW(3) BSD Library Functions Manual FIDO_CBOR_INFO_NEW(3)
2
4 fido_cbor_info_new, fido_cbor_info_free, fido_dev_get_cbor_info,
5 fido_cbor_info_aaguid_ptr, fido_cbor_info_extensions_ptr,
6 fido_cbor_info_protocols_ptr, fido_cbor_info_transports_ptr,
7 fido_cbor_info_versions_ptr, fido_cbor_info_options_name_ptr,
8 fido_cbor_info_options_value_ptr, fido_cbor_info_algorithm_type,
9 fido_cbor_info_algorithm_cose, fido_cbor_info_algorithm_count,
10 fido_cbor_info_certs_name_ptr, fido_cbor_info_certs_value_ptr,
11 fido_cbor_info_certs_len, fido_cbor_info_aaguid_len,
12 fido_cbor_info_extensions_len, fido_cbor_info_protocols_len,
13 fido_cbor_info_transports_len, fido_cbor_info_versions_len,
14 fido_cbor_info_options_len, fido_cbor_info_maxmsgsiz,
15 fido_cbor_info_maxcredbloblen, fido_cbor_info_maxcredcntlst,
16 fido_cbor_info_maxcredidlen, fido_cbor_info_maxlargeblob,
17 fido_cbor_info_maxrpid_minpinlen, fido_cbor_info_minpinlen,
18 fido_cbor_info_fwversion, fido_cbor_info_uv_attempts,
19 fido_cbor_info_uv_modality, fido_cbor_info_rk_remaining,
20 fido_cbor_info_new_pin_required — FIDO2 CBOR Info API
21
23 #include <fido.h>
24 fido_cbor_info_t *
26 fido_cbor_info_new(void);
27 void
29 fido_cbor_info_free(fido_cbor_info_t **ci_p);
30 int
32 fido_dev_get_cbor_info(fido_dev_t *dev, fido_cbor_info_t *ci);
33 const unsigned char *
35 fido_cbor_info_aaguid_ptr(const fido_cbor_info_t *ci);
36 char **
38 fido_cbor_info_extensions_ptr(const fido_cbor_info_t *ci);
39 const uint8_t *
41 fido_cbor_info_protocols_ptr(const fido_cbor_info_t *ci);
42 char **
44 fido_cbor_info_transports_ptr(const fido_cbor_info_t *ci);
45 char **
47 fido_cbor_info_versions_ptr(const fido_cbor_info_t *ci);
48 char **
50 fido_cbor_info_options_name_ptr(const fido_cbor_info_t *ci);
51 const bool *
53 fido_cbor_info_options_value_ptr(const fido_cbor_info_t *ci);
54 const char *
56 fido_cbor_info_algorithm_type(const fido_cbor_info_t *ci, size_t idx);
57 int
59 fido_cbor_info_algorithm_cose(const fido_cbor_info_t *ci, size_t idx);
60 size_t
62 fido_cbor_info_algorithm_count(const fido_cbor_info_t *ci);
63 char **
65 fido_cbor_info_certs_name_ptr(const fido_cbor_info_t *ci);
66 const uint64_t *
68 fido_cbor_info_certs_value_ptr(const fido_cbor_info_t *ci);
69 size_t
71 fido_cbor_info_certs_len(const fido_cbor_info_t *ci);
72 size_t
74 fido_cbor_info_aaguid_len(const fido_cbor_info_t *ci);
75 size_t
77 fido_cbor_info_extensions_len(const fido_cbor_info_t *ci);
78 size_t
80 fido_cbor_info_protocols_len(const fido_cbor_info_t *ci);
81 size_t
83 fido_cbor_info_transports_len(const fido_cbor_info_t *ci);
84 size_t
86 fido_cbor_info_versions_len(const fido_cbor_info_t *ci);
87 size_t
89 fido_cbor_info_options_len(const fido_cbor_info_t *ci);
90 uint64_t
92 fido_cbor_info_maxmsgsiz(const fido_cbor_info_t *ci);
93 uint64_t
95 fido_cbor_info_maxcredbloblen(const fido_cbor_info_t *ci);
96 uint64_t
98 fido_cbor_info_maxcredcntlst(const fido_cbor_info_t *ci);
99 uint64_t
101 fido_cbor_info_maxcredidlen(const fido_cbor_info_t *ci);
102 uint64_t
104 fido_cbor_info_maxlargeblob(const fido_cbor_info_t *ci);
105 uint64_t
107 fido_cbor_info_maxrpid_minpinlen(const fido_cbor_info_t *ci);
108 uint64_t
110 fido_cbor_info_minpinlen(const fido_cbor_info_t *ci);
111 uint64_t
113 fido_cbor_info_fwversion(const fido_cbor_info_t *ci);
114 uint64_t
116 fido_cbor_info_uv_attempts(const fido_cbor_info_t *ci);
117 uint64_t
119 fido_cbor_info_uv_modality(const fido_cbor_info_t *ci);
120 int64_t
122 fido_cbor_info_rk_remaining(const fido_cbor_info_t *ci);
123 bool
125 fido_cbor_info_new_pin_required(const fido_cbor_info_t *ci);
126
128 The fido_cbor_info_new() function returns a pointer to a newly allocated,
129 empty fido_cbor_info_t type. If memory cannot be allocated, NULL is re‐
130 turned.
131 The fido_cbor_info_free() function releases the memory backing *ci_p,
133 where *ci_p must have been previously allocated by fido_cbor_info_new().
134 On return, *ci_p is set to NULL. Either ci_p or *ci_p may be NULL, in
135 which case fido_cbor_info_free() is a NOP.
136 The fido_dev_get_cbor_info() function transmits a CTAP_CBOR_GETINFO com‐
138 mand to dev and fills ci with attributes retrieved from the command's re‐
139 sponse. The fido_dev_get_cbor_info() function may block.
140 The fido_cbor_info_aaguid_ptr(), fido_cbor_info_extensions_ptr(),
142 fido_cbor_info_protocols_ptr(), fido_cbor_info_transports_ptr(), and
143 fido_cbor_info_versions_ptr() functions return pointers to the authenti‐
144 cator attestation GUID, supported extensions, PIN protocol, transports,
145 and CTAP version strings of ci. The corresponding length of a given at‐
146 tribute can be obtained by fido_cbor_info_aaguid_len(),
147 fido_cbor_info_extensions_len(), fido_cbor_info_protocols_len(),
148 fido_cbor_info_transports_len(), or fido_cbor_info_versions_len().
149 The fido_cbor_info_options_name_ptr() and
151 fido_cbor_info_options_value_ptr() functions return pointers to the array
152 of option names and their respective values in ci. The length of the op‐
153 tions array is returned by fido_cbor_info_options_len().
154 The fido_cbor_info_algorithm_count() function returns the number of sup‐
156 ported algorithms in ci. The fido_cbor_info_algorithm_cose() function
157 returns the COSE identifier of algorithm idx in ci, or 0 if the COSE
158 identifier is unknown or unset. The fido_cbor_info_algorithm_type()
159 function returns the type of algorithm idx in ci, or NULL if the type is
160 unset. Please note that the first algorithm in ci has an idx (index)
161 value of 0.
162 The fido_cbor_info_certs_name_ptr() and fido_cbor_info_certs_value_ptr()
164 functions return pointers to the array of certification names and their
165 respective values in ci. The length of the certifications array is re‐
166 turned by fido_cbor_info_certs_len().
167 The fido_cbor_info_maxmsgsiz() function returns the maximum message size
169 attribute of ci.
170 The fido_cbor_info_maxcredbloblen() function returns the maximum
172 “credBlob” length in bytes supported by the authenticator as reported in
173 ci.
174 The fido_cbor_info_maxcredcntlst() function returns the maximum supported
176 number of credentials in a single credential ID list as reported in ci.
177 The fido_cbor_info_maxcredidlen() function returns the maximum supported
179 length of a credential ID as reported in ci.
180 The fido_cbor_info_maxrpid_minpinlen() function returns the maximum num‐
182 ber of RP IDs that may be passed to fido_dev_set_pin_minlen_rpid(3), as
183 reported in ci. The minimum PIN length attribute is a CTAP 2.1 addition.
184 If the attribute is not advertised by the authenticator, the
185 fido_cbor_info_maxrpid_minpinlen() function returns zero.
186 The fido_cbor_info_maxlargeblob() function returns the maximum length in
188 bytes of an authenticator's serialized largeBlob array as reported in ci.
189 The fido_cbor_info_minpinlen() function returns the minimum PIN length
191 enforced by the authenticator as reported in ci. The minimum PIN length
192 attribute is a CTAP 2.1 addition. If the attribute is not advertised by
193 the authenticator, the fido_cbor_info_minpinlen() function returns zero.
194 The fido_cbor_info_fwversion() function returns the firmware version at‐
196 tribute of ci.
197 The fido_cbor_info_uv_attempts() function returns the number of UV at‐
199 tempts that the platform may attempt before falling back to PIN authenti‐
200 cation. If 1, then all fido_dev_get_uv_retry_count(3) retries are han‐
201 dled internally by the authenticator and the platform may only attempt
202 non-PIN UV once. The UV attempts attribute is a CTAP 2.1 addition. If
203 the attribute is not advertised by the authenticator, the
204 fido_cbor_info_uv_attempts() function returns zero.
205 The fido_cbor_info_uv_modality() function returns a bitmask representing
207 different UV modes supported by the authenticator, as defined in the FIDO
208 Registry of Predefined Values and reported in ci. See the FIDO_UV_MODE_*
209 definitions in <fido/param.h> for the set of values defined by libfido2
210 and a brief description of each. The UV modality attribute is a CTAP 2.1
211 addition. If the attribute is not advertised by the authenticator, the
212 fido_cbor_info_uv_modality() function returns zero.
213 The fido_cbor_info_rk_remaining() function returns the estimated number
215 of additional resident/discoverable credentials that can be stored on the
216 authenticator as reported in ci. The estimated number of remaining resi‐
217 dent credentials is a CTAP 2.1 addition. If the attribute is not adver‐
218 tised by the authenticator, the fido_cbor_info_rk_remaining() function
219 returns -1.
220 The fido_cbor_info_new_pin_required() function returns whether a new PIN
222 is required by the authenticator as reported in ci. If
223 fido_cbor_info_new_pin_required() returns true, operations requiring PIN
224 authentication will fail until a new PIN is set on the authenticator.
225 The fido_dev_set_pin(3) function can be used to set a new PIN.
226 A complete example of how to use these functions can be found in the
228 example/info.c file shipped with libfido2.
229
231 The fido_cbor_info_aaguid_ptr(), fido_cbor_info_extensions_ptr(),
232 fido_cbor_info_protocols_ptr(), fido_cbor_info_transports_ptr(),
233 fido_cbor_info_versions_ptr(), fido_cbor_info_options_name_ptr(), and
234 fido_cbor_info_options_value_ptr() functions return NULL if the respec‐
235 tive field in ci is absent. If not NULL, returned pointers are guaran‐
236 teed to exist until any API function that takes ci without the const
237 qualifier is invoked.
238
240 fido_dev_get_uv_retry_count(3), fido_dev_open(3), fido_dev_set_pin(3),
241 fido_dev_set_pin_minlen_rpid(3)
242 FIDO Registry of Predefined Values,
244 https://fidoalliance.org/specs/common-specs/fido-registry-
245 v2.2-rd-20210525.html, FIDO Alliance, 2021-05-25, Review Draft, Version
246 2.2.
247BSD April 22, 2022 BSD