fido_dev_set_pin,
fido_dev_get_retry_count,
fido_dev_get_uv_retry_count,
fido_dev_reset —
FIDO2 device management functions
#include
<fido.h>
int
fido_dev_set_pin(
fido_dev_t
*dev,
const char
*pin,
const char
*oldpin);
int
fido_dev_get_retry_count(
fido_dev_t
*dev,
int
*retries);
int
fido_dev_get_uv_retry_count(
fido_dev_t
*dev,
int
*retries);
int
fido_dev_reset(
fido_dev_t
*dev);
The
fido_dev_set_pin() function sets the PIN
of device
dev to
pin, where
pin is a NUL-terminated UTF-8 string. If
oldpin is not NULL, the device's PIN is
changed from
oldpin to
pin, where
pin and
oldpin are NUL-terminated UTF-8 strings.
The
fido_dev_get_retry_count() function fills
retries with the number of PIN retries left
in
dev before lock-out, where
retries is an addressable pointer.
The
fido_dev_get_uv_retry_count() function
fills
retries with the number of built-in UV
retries left in
dev before built-in UV is
disabled, where
retries is an addressable
pointer.
The
fido_dev_reset() function performs a
reset on
dev, resetting the device's PIN and
erasing credentials stored on the device.
Please note that
fido_dev_set_pin(),
fido_dev_get_retry_count(),
fido_dev_get_uv_retry_count(), and
fido_dev_reset() are synchronous and will
block if necessary.
The error codes returned by
fido_dev_set_pin(),
fido_dev_get_retry_count(),
fido_dev_get_uv_retry_count(), and
fido_dev_reset() are defined in
<fido/err.h>.
On success,
FIDO_OK is returned.
fido_cbor_info_uv_attempts(3)
Regarding
fido_dev_reset(), the actual
user-flow to perform a reset is outside the scope of the FIDO2 specification,
and may therefore vary depending on the authenticator. Yubico authenticators
will return
FIDO_ERR_NOT_ALLOWED if a reset
is issued later than 5 seconds after power-up, and
FIDO_ERR_ACTION_TIMEOUT if the user fails
to confirm the reset by touching the key within 30 seconds.