Provides library functionality for communicating with a FIDO device over USB as well as verifying attestation and assertion signatures.
|
Warning
|
This project is in beta. Expect things to change or break at any time! |
This library aims to support the FIDO U2F and FIDO 2.0 protocols for communicating with a USB authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2).
For usage, see the examples/ directory.
This project is licensed under the BSD 2-clause license. See the LICENSE file for the full license text.
libfido2 uses CMake, and can be built with the following commands:
# (rm -rf build && mkdir build && cd build && cmake ..) # make -C build
Depending on the platform, the PKG_CONFIG_PATH environment variable may need to be set.
Under Linux you will need to add a Udev rule to be able to access the FIDO device, or run as root. For example, the Udev rule may contain the following:
#Udev rule for allowing HID access to Yubico devices for FIDO support.
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \
MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"
This project depends on hidapi, libcbor and OpenSSL 1.1. For instructions on installing these dependencies, see http://www.signal11.us/oss/hidapi/, http://libcbor.org/, and https://www.openssl.org/.
As of April 2018, libcbor was available as a package on Debian Buster and Ubuntu 18.04 (Bionic Beaver).