From 721df55900a1c4bc4d70b81f2d983262978614f6 Mon Sep 17 00:00:00 2001
From: Ludvig Michaelsson <ludvig.michaelsson@yubico.com>
Date: Mon, 3 Jul 2023 08:22:30 +0200
Subject: [PATCH] man: document fido2-{assert,cred} -w flag

---
 man/fido2-assert.1 | 13 ++++++++++---
 man/fido2-cred.1   | 13 ++++++++++---
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/man/fido2-assert.1 b/man/fido2-assert.1
index 0ee6e094..882b7ab1 100644
--- a/man/fido2-assert.1
+++ b/man/fido2-assert.1
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2018 Yubico AB. All rights reserved.
+.\" Copyright (c) 2018-2023 Yubico AB. All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions are
@@ -25,7 +25,7 @@
 .\"
 .\" SPDX-License-Identifier: BSD-2-Clause
 .\"
-.Dd $Mdocdate: November 5 2019 $
+.Dd $Mdocdate: July 3 2023 $
 .Dt FIDO2-ASSERT 1
 .Os
 .Sh NAME
@@ -34,7 +34,7 @@
 .Sh SYNOPSIS
 .Nm
 .Fl G
-.Op Fl bdhpruv
+.Op Fl bdhpruvw
 .Op Fl t Ar option
 .Op Fl i Ar input_file
 .Op Fl o Ar output_file
@@ -175,6 +175,13 @@ If obtaining an assertion, prompt the user for a PIN and request
 user verification from the authenticator.
 If verifying an assertion, check whether the user verification bit
 was signed by the authenticator.
+.It Fl w
+Tells
+.Nm
+that the first line of input when obtaining an assertion shall be
+interpreted as unhashed client data.
+This is required by Windows Hello, which calculates the client data hash
+internally.
 .El
 .Pp
 If a
diff --git a/man/fido2-cred.1 b/man/fido2-cred.1
index bd82499a..3f181db6 100644
--- a/man/fido2-cred.1
+++ b/man/fido2-cred.1
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2018 Yubico AB. All rights reserved.
+.\" Copyright (c) 2018-2023 Yubico AB. All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions are
@@ -25,7 +25,7 @@
 .\"
 .\" SPDX-License-Identifier: BSD-2-Clause
 .\"
-.Dd $Mdocdate: November 5 2019 $
+.Dd $Mdocdate: July 3 2023 $
 .Dt FIDO2-CRED 1
 .Os
 .Sh NAME
@@ -34,7 +34,7 @@
 .Sh SYNOPSIS
 .Nm
 .Fl M
-.Op Fl bdhqruv
+.Op Fl bdhqruvw
 .Op Fl c Ar cred_protect
 .Op Fl i Ar input_file
 .Op Fl o Ar output_file
@@ -177,6 +177,13 @@ U2F otherwise.
 If making a credential, request user verification.
 If verifying a credential, check whether the user verification bit
 was signed by the authenticator.
+.It Fl w
+Tells
+.Nm
+that the first line of input when making a credential shall be
+interpreted as unhashed client data.
+This is required by Windows Hello, which calculates the client data hash
+internally.
 .El
 .Sh INPUT FORMAT
 The input of