1.\" Copyright (c) 2018-2022 Yubico AB. All rights reserved. 2.\" 3.\" Redistribution and use in source and binary forms, with or without 4.\" modification, are permitted provided that the following conditions are 5.\" met: 6.\" 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in 11.\" the documentation and/or other materials provided with the 12.\" distribution. 13.\" 14.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 15.\" "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 16.\" LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 17.\" A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 18.\" HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 19.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 20.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 24.\" OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25.\" 26.\" SPDX-License-Identifier: BSD-2-Clause 27.\" 28.Dd $Mdocdate: July 15 2022 $ 29.Dt FIDO_ASSERT_VERIFY 3 30.Os 31.Sh NAME 32.Nm fido_assert_verify 33.Nd verifies the signature of a FIDO2 assertion statement 34.Sh SYNOPSIS 35.In fido.h 36.Ft int 37.Fn fido_assert_verify "const fido_assert_t *assert" "size_t idx" "int cose_alg" "const void *pk" 38.Sh DESCRIPTION 39The 40.Fn fido_assert_verify 41function verifies whether the signature contained in statement index 42.Fa idx 43of 44.Fa assert 45matches the parameters of the assertion. 46Before using 47.Fn fido_assert_verify 48in a sensitive context, the reader is strongly encouraged to make 49herself familiar with the FIDO2 assertion statement process 50as defined in the Web Authentication (webauthn) standard. 51.Pp 52A brief description follows: 53.Pp 54The 55.Fn fido_assert_verify 56function verifies whether the client data hash, relying party ID, 57user presence and user verification attributes of 58.Fa assert 59have been attested by the holder of the private counterpart of 60the public key 61.Fa pk 62of COSE type 63.Fa cose_alg , 64where 65.Fa cose_alg 66is 67.Dv COSE_ES256 , 68.Dv COSE_ES384 , 69.Dv COSE_RS256 , 70or 71.Dv COSE_EDDSA , 72and 73.Fa pk 74points to a 75.Vt es256_pk_t , 76.Vt es384_pk_t , 77.Vt rs256_pk_t , 78or 79.Vt eddsa_pk_t 80type accordingly. 81.Pp 82Please note that the first statement in 83.Fa assert 84has an 85.Fa idx 86of 0. 87.Sh RETURN VALUES 88The error codes returned by 89.Fn fido_assert_verify 90are defined in 91.In fido/err.h . 92If 93statement 94.Fa idx 95of 96.Fa assert 97passes verification with 98.Fa pk , 99then 100.Dv FIDO_OK 101is returned. 102.Sh SEE ALSO 103.Xr fido_assert_new 3 , 104.Xr fido_assert_set_authdata 3 105