Provides library functionality for communicating with a FIDO device over USB as well as verifying attestation and assertion signatures.
|
Warning
|
This project is in beta. Expect things to change or break at any time! |
libfido2 aims to support the FIDO U2F and FIDO 2.0 protocols for communicating with a USB authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2).
For usage, see the examples/ directory.
libfido2 is licensed under the BSD 2-clause license. See the LICENSE file for the full license text.
Documentation is available in troff and HTML formats. An online mirror of libfido2's documentation is also available.
$ sudo apt-add-repository ppa:yubico/stable $ sudo apt update $ sudo apt install libfido2-dev
Or from source:
$ (rm -rf build && mkdir build && cd build && cmake ..) $ make -C build $ sudo make -C build install
Depending on the platform, the PKG_CONFIG_PATH environment variable may need to be set.
libfido2 depends on hidapi, libcbor and OpenSSL. For instructions on installing these dependencies, see http://www.signal11.us/oss/hidapi/, http://libcbor.org/, and https://www.openssl.org/.
Under Linux you will need to add a Udev rule to be able to access the FIDO device, or run as root. For example, the Udev rule may contain the following:
#Udev rule for allowing HID access to Yubico devices for FIDO support.
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \
MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"