table of contents
other versions
- buster-backports 1.5.0-2~bpo10+1
- testing 1.5.0-2
- unstable 1.6.0-2
| FIDO_ASSERT_VERIFY(3) | Library Functions Manual | FIDO_ASSERT_VERIFY(3) |
NAME¶
fido_assert_verify —
verifies the signature of a FIDO 2 assertion statement
SYNOPSIS¶
#include <fido.h>
int
fido_assert_verify(fido_assert_t
*assert, size_t
idx, int cose_alg,
const void *pk);
DESCRIPTION¶
Thefido_assert_verify() function verifies whether the
signature contained in statement index idx of
assert matches the parameters of the assertion. Before
using fido_assert_verify() in a sensitive context, the
reader is strongly encouraged to make herself familiar with the FIDO 2
assertion statement process as defined in the Web Authentication (webauthn)
standard.
A brief description follows:
The fido_assert_verify() function verifies
whether the client data hash, relying party ID, user presence and user
verification attributes of assert have been attested
by the holder of the private counterpart of the public key
pk of COSE type cose_alg, where
cose_alg is COSE_ES256,
COSE_RS256, or COSE_EDDSA,
and pk points to a es256_pk_t,
rs256_pk_t, or eddsa_pk_t type
accordingly.
Please note that the first statement in assert has an idx of 0.
RETURN VALUES¶
The error codes returned byfido_assert_verify() are
defined in <fido/err.h>. If
statement idx of assert passes
verification with pk, then
FIDO_OK is returned.
SEE ALSO¶
fido_assert_new(3), fido_assert_set_authdata(3)| May 24, 2018 | Linux 4.19.0-12-amd64 |