libssh  0.11.0
The SSH library
Loading...
Searching...
No Matches
sk_enroll_response Struct Reference

Response structure for FIDO2/U2F key enrollment operations. More...

#include <sk_api.h>

Data Fields

uint8_t flags
 FIDO2/U2F authenticator flags from the enrollment operation.
uint8_t * public_key
 Public key data in standard format.
size_t public_key_len
 Length of public_key buffer in bytes.
uint8_t * key_handle
 Opaque credential handle/ID used to identify this key.
size_t key_handle_len
 Length of key_handle buffer in bytes.
uint8_t * signature
 Enrollment signature over the enrollment data.
size_t signature_len
 Length of signature buffer in bytes.
uint8_t * attestation_cert
 X.509 attestation certificate.
size_t attestation_cert_len
 Length of attestation_cert buffer in bytes.
uint8_t * authdata
 FIDO2/U2F authenticator data from enrollment.
size_t authdata_len
 Length of authdata buffer in bytes.

Detailed Description

Response structure for FIDO2/U2F key enrollment operations.

Contains all data returned by a FIDO2/U2F authenticator after successful enrollment of a new credential.

Field Documentation

◆ attestation_cert

uint8_t* sk_enroll_response::attestation_cert

X.509 attestation certificate.

Certificate that attests to the authenticity of the authenticator and the enrollment operation. Used to verify the authenticator's identity and manufacturer.

◆ authdata

uint8_t* sk_enroll_response::authdata

FIDO2/U2F authenticator data from enrollment.

CBOR-encoded authenticator data containing RP ID hash, flags, counter, and attested credential data. Used for attestation verification according to the FIDO2 specification.

◆ authdata_len

size_t sk_enroll_response::authdata_len

Length of authdata buffer in bytes.

Length varies depending on credential data and extensions.

◆ flags

uint8_t sk_enroll_response::flags

FIDO2/U2F authenticator flags from the enrollment operation.

Contains flags indicating authenticator capabilities and state during enrollment, such as user presence (UP), user verification (UV), and resident key.

◆ key_handle

uint8_t* sk_enroll_response::key_handle

Opaque credential handle/ID used to identify this key.

Authenticator-generated binary data that uniquely identifies this credential. Used in subsequent sign operations to specify which key to use. Format and contents are authenticator-specific.

◆ key_handle_len

size_t sk_enroll_response::key_handle_len

Length of key_handle buffer in bytes.

Length varies by authenticator.

◆ public_key

uint8_t* sk_enroll_response::public_key

Public key data in standard format.

For ECDSA (P-256): 65 bytes in SEC1 uncompressed point format (0x04 prefix + 32-byte X coordinate + 32-byte Y coordinate) For Ed25519: 32 bytes containing the raw public key (FIDO2 only)

◆ public_key_len

size_t sk_enroll_response::public_key_len

Length of public_key buffer in bytes.

Expected values: 65 for ECDSA P-256, 32 for Ed25519

◆ signature

uint8_t* sk_enroll_response::signature

Enrollment signature over the enrollment data.

FIDO2/U2F authenticator signature proving the credential was created by this specific authenticator. Used for enrollment verification. Format depends on algorithm.

◆ signature_len

size_t sk_enroll_response::signature_len

Length of signature buffer in bytes.

Length varies by algorithm.

The documentation for this struct was generated from the following file: