1.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved.
2.\"
3.\" Redistribution and use in source and binary forms, with or without
4.\" modification, are permitted provided that the following conditions are
5.\" met:
6.\"
7.\"    1. Redistributions of source code must retain the above copyright
8.\"       notice, this list of conditions and the following disclaimer.
9.\"    2. Redistributions in binary form must reproduce the above copyright
10.\"       notice, this list of conditions and the following disclaimer in
11.\"       the documentation and/or other materials provided with the
12.\"       distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
15.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
16.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
17.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
18.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
19.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
20.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
24.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25.\"
26.\" SPDX-License-Identifier: BSD-2-Clause
27.\"
28.Dd $Mdocdate: December 2 2022 $
29.Dt FIDO_CRED_EXCLUDE 3
30.Os
31.Sh NAME
32.Nm fido_cred_exclude ,
33.Nm fido_cred_empty_exclude_list
34.Nd manage exclude lists in a FIDO2 credential
35.Sh SYNOPSIS
36.In fido.h
37.Ft int
38.Fn fido_cred_exclude "fido_cred_t *cred" "const unsigned char *ptr" "size_t len"
39.Ft int
40.Fn fido_cred_empty_exclude_list "fido_cred_t *cred"
41.Sh DESCRIPTION
42The
43.Fn fido_cred_exclude
44function adds
45.Fa ptr
46to the list of credentials excluded by
47.Fa cred ,
48where
49.Fa ptr
50points to a credential ID of
51.Fa len
52bytes.
53A copy of
54.Fa ptr
55is made, and no references to the passed pointer are kept.
56If
57.Fn fido_cred_exclude
58fails, the existing list of excluded credentials is preserved.
59.Pp
60If
61.Nm
62returns success and
63.Fa cred
64is later passed to
65.Xr fido_dev_make_cred 3
66on a device that contains the credential
67denoted by
68.Fa ptr ,
69then
70.Xr fido_dev_make_cred 3
71will fail.
72.Pp
73For the format of a FIDO2 credential ID, please refer to the
74Web Authentication (webauthn) standard.
75.Pp
76The
77.Fn fido_cred_empty_exclude_list
78function empties the list of credentials excluded by
79.Fa cred .
80.Sh RETURN VALUES
81The error codes returned by
82.Fn fido_cred_exclude
83and
84.Fn fido_cred_empty_exclude_list
85are defined in
86.In fido/err.h .
87On success,
88.Dv FIDO_OK
89is returned.
90.Sh SEE ALSO
91.Xr fido_cred_new 3 ,
92.Xr fido_cred_set_authdata 3 ,
93.Xr fido_dev_make_cred 3
94