Provided by: libfido2-doc_1.3.1-1ubuntu2_all bug

NAME
       fido_cred_verify — verifies the signature of a FIDO 2 credential


SYNOPSIS
       #include <fido.h>

       int
       fido_cred_verify(const fido_cred_t *cred);


DESCRIPTION
       The  fido_cred_verify()  function verifies whether the signature contained in cred matches the attributes
       of the credential.  Before using fido_cred_verify() in  a  sensitive  context,  the  reader  is  strongly
       encouraged  to make herself familiar with the FIDO 2 credential attestation process as defined in the Web
       Authentication (webauthn) standard.

       A brief description follows:

       The fido_cred_verify() function verifies whether the client data hash, relying party ID,  credential  ID,
       type,  and  resident key and user verification attributes of cred have been attested by the holder of the
       private counterpart of the public key contained in the credential's x509 certificate.

       Please note that the x509 certificate itself is not verified.

       The attestation  statement  formats  supported  by  fido_cred_verify()  are  packed  and  fido-u2f.   The
       attestation  type  implemented  by  fido_cred_verify() is Basic Attestation.  The attestation key pair is
       assumed to be of the type ES256.  Other attestation formats and types are not supported.


RETURN VALUES
       The error codes returned by fido_cred_verify() are defined in <fido/err.h>.  If cred passes verification,
       then FIDO_OK is returned.


SEE ALSO
       fido_cred_new(3), fido_cred_set_authdata(3)

Debian                                            May 23, 2018                               FIDO_CRED_VERIFY(3)