Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/bulwarkid/virtual-fido

A Virtual FIDO2 USB Device
https://github.com/bulwarkid/virtual-fido

Last synced: 24 days ago
JSON representation

A Virtual FIDO2 USB Device

Host: GitHub
URL: https://github.com/bulwarkid/virtual-fido
Owner: bulwarkid
License: mit
Created: 2022-09-15T22:47:15.000Z (about 2 years ago)
Default Branch: master
Last Pushed: 2024-04-14T22:52:16.000Z (7 months ago)
Last Synced: 2024-04-28T02:24:54.868Z (6 months ago)
Language: C
Size: 2.82 MB
Stars: 1,127
Watchers: 23
Forks: 49
Open Issues: 18
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-webauthn - bulwarkid: virtual-fido - virtual-fido is an Golang based commandline application which emulates an USB security token. This can also be used as a library. (Software Authenticators)

README

# Virtual FIDO

> Also check out [Bulwark Passkey](https://bulwark.id), a passkey manager based on VirtualFIDO that is currently in beta!

Virtual FIDO is a virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) to support 2FA and WebAuthN. Please note that this software is still in beta and under active development, so APIs may be subject to change.

## Features

- Support for both Windows and Linux through USB/IP (Mac support coming later)
- Connect using both U2F and FIDO2 protocols for both normal 2FA and WebAuthN
- Store credentials in an encrypted format with a passphrase
- Store credential data anywhere (example provided: a local file)
- Generic approval mechanism for credential creation and login (example provided: terminal-based)

## How it works

Virtual FIDO creates a USB/IP server over local TCP to attach a virtual USB device. This USB device then emulates the USB/CTAP protocols to provide U2F/FIDO services to the host computer. In the demo, credentials created by the virtual device are stored in a local file, and approvals are done using the terminal.

## Demo Usage

Go to the [YubiKey test page](https://demo.yubico.com/webauthn-technical/registration) in order to test WebAuthN.

### Windows

Run `go run ./cmd/demo start` to attach the USB device. Run `go run ./cmd/demo --help` to see more commands, such as to list or delete credentials from the file.

### Linux

Note that this tool requires elevated permissions.

1. Run `sudo modprobe vhci-hcd` to load the necessary drivers.
2. Run `sudo go run ./cmd/demo start` to start up the USB device server. Authenticate when `sudo` prompts you; this is necessary to attach the device.