libfido2 provides library functionality and command-line tools to communicate with a FIDO device over USB or NFC, and to verify attestation and assertion signatures.
libfido2 supports the FIDO U2F (CTAP 1) and FIDO2 (CTAP 2) protocols.
For usage, see the examples/
directory.
libfido2 is licensed under the BSD 2-clause license. See the LICENSE file for the full license text.
Documentation is available in troff and HTML formats. An online mirror of libfido2's documentation is also available.
-
.NET: Fido2Net
-
Go: go-libfido2
-
Perl: p5-FIDO-Raw
-
Rust: libfido2
The current release of libfido2 is 1.14.0. Signed release tarballs are available at Yubico’s release page.
$ sudo apt install libfido2-1 libfido2-dev libfido2-doc fido2-tools
Alternatively, newer versions of libfido2 are available in Yubico’s PPA. Follow the instructions for Ubuntu 18.04 (Bionic) below.
$ sudo apt install software-properties-common $ sudo apt-add-repository ppa:yubico/stable $ sudo apt update $ sudo apt install libfido2-1 libfido2-dev libfido2-doc fido2-tools
On Linux, you may need to add a udev rule to be able to access the FIDO device. For example, the udev rule may contain the following:
#udev rule for allowing HID access to Yubico devices for FIDO support. KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \ MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"
Please consult Yubico’s release page for ARM, ARM64, Win32, and Win64 artefacts.
On UNIX-like systems:
$ cmake -B build $ make -C build $ sudo make -C build install
Depending on the platform,
pkg-config may need to
be installed, or the PKG_CONFIG_PATH environment variable set. For complete,
OS-specific build instructions, please refer to the .actions/
(Linux, macOS, BSD) and windows/
directories.
libfido2 supports a number of CMake options. Some of the options require additional dependencies. Options that are disabled by default are not officially supported.
Option |
Description |
Default |
BUILD_EXAMPLES |
Build example programs |
ON |
BUILD_MANPAGES |
Build man pages |
ON |
BUILD_SHARED_LIBS |
Build a shared library |
ON |
BUILD_STATIC_LIBS |
Build a static library |
ON |
BUILD_TOOLS |
Build auxiliary tools |
ON |
FUZZ |
Enable fuzzing instrumentation |
OFF |
NFC_LINUX |
Enable netlink NFC support on Linux |
ON |
USE_HIDAPI |
Use hidapi as the HID backend |
OFF |
USE_PCSC |
Enable experimental PCSC support |
OFF |
USE_WINHELLO |
Abstract Windows Hello as a FIDO device |
ON |
Please use GitHub Discussions to ask questions and suggest features, and GitHub pull-requests for code contributions.
Please use GitHub Issues to report bugs. To report security issues, please contact [email protected]. A PGP public key can be found at https://www.yubico.com/support/security-advisories/issue-rating-system/.