Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/keys-pub/go-libfido2
libfido2 bindings for golang
https://github.com/keys-pub/go-libfido2
fido2 fido2-authenticator golang libfido2 webauthn
Last synced: 3 months ago
JSON representation
libfido2 bindings for golang
- Host: GitHub
- URL: https://github.com/keys-pub/go-libfido2
- Owner: keys-pub
- License: other
- Created: 2020-04-20T00:10:13.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-06-28T15:30:50.000Z (over 1 year ago)
- Last Synced: 2024-06-19T16:08:07.634Z (5 months ago)
- Topics: fido2, fido2-authenticator, golang, libfido2, webauthn
- Language: C
- Homepage: https://keys.pub
- Size: 5.05 MB
- Stars: 69
- Watchers: 2
- Forks: 21
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-webauthn - keys.pub: go-libfido2 - Go client library (wraps Yubico: libfido2). (Client Libraries)
README
# go-libfido2
Go wrapper for libfido2.
```go
import (
"github.com/keys-pub/go-libfido2"
)
func ExampleDevice_Assertion() {
locs, err := libfido2.DeviceLocations()
if err != nil {
log.Fatal(err)
}
if len(locs) == 0 {
log.Println("No devices")
return
}
log.Printf("Using device: %+v\n", locs[0])
path := locs[0].Path
device, err := libfido2.NewDevice(path)
if err != nil {
log.Fatal(err)
}
cdh := libfido2.RandBytes(32)
userID := libfido2.RandBytes(32)
salt := libfido2.RandBytes(32)
pin := "12345"
attest, err := device.MakeCredential(
cdh,
libfido2.RelyingParty{
ID: "keys.pub",
},
libfido2.User{
ID: userID,
Name: "gabriel",
},
libfido2.ES256, // Algorithm
pin,
&libfido2.MakeCredentialOpts{
Extensions: []libfido2.Extension{libfido2.HMACSecretExtension},
},
)
if err != nil {
log.Fatal(err)
}
log.Printf("Attestation:\n")
log.Printf("AuthData: %s\n", hex.EncodeToString(attest.AuthData))
log.Printf("ClientDataHash: %s\n", hex.EncodeToString(attest.ClientDataHash))
log.Printf("ID: %s\n", hex.EncodeToString(attest.CredentialID))
log.Printf("Type: %s\n", attest.CredentialType)
log.Printf("Sig: %s\n", hex.EncodeToString(attest.Sig))
assertion, err := device.Assertion(
"keys.pub",
cdh,
[][]byte{attest.CredentialID},
pin,
&libfido2.AssertionOpts{
Extensions: []libfido2.Extension{libfido2.HMACSecretExtension},
HMACSalt: salt,
},
)
if err != nil {
log.Fatal(err)
}
log.Printf("Assertion:\n")
log.Printf("%s\n", hex.EncodeToString(assertion.AuthData))
log.Printf("%s\n", hex.EncodeToString(assertion.HMACSecret))
log.Printf("%s\n", hex.EncodeToString(assertion.Sig))
// Output:
//
}
```
## Examples
The examples require a device.
To run an example, set FIDO2_EXAMPLES=1.
```shell
FIDO2_EXAMPLES=1 go test -v -run ExampleDeviceLocations
FIDO2_EXAMPLES=1 go test -v -run ExampleDevice_Assertion
FIDO2_EXAMPLES=1 go test -v -run ExampleDevice_Credentials
FIDO2_EXAMPLES=1 go test -v -run ExampleDevice_BioList
```
## Dependencies
### Linux
```shell
sudo apt install software-properties-common
sudo apt-add-repository ppa:yubico/stable
sudo apt update
sudo apt install libfido2-dev
```
### macOS
```shell
brew install libfido2
```
### Windows
```shell
scoop bucket add keys.pub https://github.com/keys-pub/scoop-bucket
scoop install libfido2
```
### Building libfido2
#### macOS
```shell
export CFLAGS="-I/usr/local/include -I/usr/local/opt/[email protected]/include"
export LDFLAGS="-L/usr/local/lib -L/usr/local/opt/[email protected]/lib/"
(rm -rf build && mkdir build && cd build && cmake ..) && make -C build
```