1.\" Copyright (c) 2018 Yubico AB. All rights reserved.
2.\"
3.\" Redistribution and use in source and binary forms, with or without
4.\" modification, are permitted provided that the following conditions are
5.\" met:
6.\"
7.\"    1. Redistributions of source code must retain the above copyright
8.\"       notice, this list of conditions and the following disclaimer.
9.\"    2. Redistributions in binary form must reproduce the above copyright
10.\"       notice, this list of conditions and the following disclaimer in
11.\"       the documentation and/or other materials provided with the
12.\"       distribution.
13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
15.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
16.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
17.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
18.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
19.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
20.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
24.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25.\"
26.\" SPDX-License-Identifier: BSD-2-Clause
27.\"
28.Dd $Mdocdate: May 25 2018 $
29.Dt FIDO_DEV_SET_PIN 3
30.Os
31.Sh NAME
32.Nm fido_dev_set_pin ,
33.Nm fido_dev_get_retry_count ,
34.Nm fido_dev_get_uv_retry_count ,
35.Nm fido_dev_reset
36.Nd FIDO2 device management functions
37.Sh SYNOPSIS
38.In fido.h
39.Ft int
40.Fn fido_dev_set_pin "fido_dev_t *dev" "const char *pin" "const char *oldpin"
41.Ft int
42.Fn fido_dev_get_retry_count "fido_dev_t *dev" "int *retries"
43.Ft int
44.Fn fido_dev_get_uv_retry_count "fido_dev_t *dev" "int *retries"
45.Ft int
46.Fn fido_dev_reset "fido_dev_t *dev"
47.Sh DESCRIPTION
48The
49.Fn fido_dev_set_pin
50function sets the PIN of device
51.Fa dev
52to
53.Fa pin ,
54where
55.Fa pin
56is a NUL-terminated UTF-8 string.
57If
58.Fa oldpin
59is not NULL, the device's PIN is changed from
60.Fa oldpin
61to
62.Fa pin ,
63where
64.Fa pin
65and
66.Fa oldpin
67are NUL-terminated UTF-8 strings.
68.Pp
69The
70.Fn fido_dev_get_retry_count
71function fills
72.Fa retries
73with the number of PIN retries left in
74.Fa dev
75before lock-out, where
76.Fa retries
77is an addressable pointer.
78.Pp
79The
80.Fn fido_dev_get_uv_retry_count
81function fills
82.Fa retries
83with the number of built-in UV retries left in
84.Fa dev
85before built-in UV is disabled, where
86.Fa retries
87is an addressable pointer.
88.Pp
89The
90.Fn fido_dev_reset
91function performs a reset on
92.Fa dev ,
93resetting the device's PIN and erasing credentials stored on the
94device.
95.Pp
96Please note that
97.Fn fido_dev_set_pin ,
98.Fn fido_dev_get_retry_count ,
99.Fn fido_dev_get_uv_retry_count ,
100and
101.Fn fido_dev_reset
102are synchronous and will block if necessary.
103.Sh RETURN VALUES
104The error codes returned by
105.Fn fido_dev_set_pin ,
106.Fn fido_dev_get_retry_count ,
107.Fn fido_dev_get_uv_retry_count ,
108and
109.Fn fido_dev_reset
110are defined in
111.In fido/err.h .
112On success,
113.Dv FIDO_OK
114is returned.
115.Sh SEE ALSO
116.Xr fido_cbor_info_uv_attempts 3
117.Sh CAVEATS
118Regarding
119.Fn fido_dev_reset ,
120the actual user-flow to perform a reset is outside the scope of the
121FIDO2 specification, and may therefore vary depending on the
122authenticator.
123Yubico authenticators will return
124.Dv FIDO_ERR_NOT_ALLOWED
125if a reset is issued later than 5 seconds after power-up, and
126.Dv FIDO_ERR_ACTION_TIMEOUT
127if the user fails to confirm the reset by touching the key
128within 30 seconds.
129