Provides library functionality for communicating with a FIDO device over USB as well as verifying attestation and assertion signatures.
|
Warning
|
This project is in beta. Expect things to change or break at any time! |
This library aims to support the FIDO U2F and FIDO 2.0 protocols for
communicating with a USB authenticator via the Client-to-Authenticator Protocol
(CTAP 1 and 2). In addition to this low-level device access, classes defined in
the fido2.client implement higher level device operations.
For usage, see the examples/ directory.
This project, with the exception of the files mentioned below, is licensed under the BSD 2-clause license. See the COPYING file for the full license text.
This project contains source code from pyu2f (https://github.com/google/pyu2f)
which is licensed under the Apache License, version 2.0.
These files are located in fido2/pyu2f/ and test/pyu2f/.
See http://www.apache.org/licenses/LICENSE-2.0,
or the COPYING.APLv2 file for the full license text.
This project also bundles the public suffix list (https://publicsuffix.org)
which is licensed under the Mozilla Public License, version 2.0.
This file is stored as fido2/public_suffix_list.dat.
See https://mozilla.org/MPL/2.0/,
or the COPYING.MPLv2 file for the full license text.
fido2 is installable by running the following command:
# pip install fido2
Under Linux you will need to add a Udev rule to be able to access the FIDO device, or run as root. For example, the Udev rule may contain the following:
#Udev rule for allowing HID access to Yubico devices for FIDO support.
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \
MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"
fido2 is compatible with CPython 2.7, 3.4 onwards, and is tested on Windows, MacOS, and Linux.
This project depends on Cryptography. For instructions on installing this dependency, see https://cryptography.io/en/latest/installation/.