• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..24-Mar-2022-

.gitignoreH A D24-Mar-202223 44

.travis.ymlH A D24-Mar-202213 21

LICENSEH A D24-Mar-20221.1 KiB2217

README.mdH A D24-Mar-20222.5 KiB9868

auth.goH A D24-Mar-20223.4 KiB13796

certs.goH A D24-Mar-20223.9 KiB9077

messages.goH A D24-Mar-20222.6 KiB8855

register.goH A D24-Mar-20226.1 KiB231160

util.goH A D24-Mar-20223 KiB12666

README.md

1# Go FIDO U2F Library
2
3This Go package implements the parts of the FIDO U2F specification required on
4the server side of an application.
5
6[![Build Status](https://travis-ci.org/tstranex/u2f.svg?branch=master)](https://travis-ci.org/tstranex/u2f)
7
8## Features
9
10- Native Go implementation
11- No dependancies other than the Go standard library
12- Token attestation certificate verification
13
14## Usage
15
16Please visit http://godoc.org/github.com/tstranex/u2f for the full
17documentation.
18
19### How to enrol a new token
20
21```go
22app_id := "http://localhost"
23
24// Send registration request to the browser.
25c, _ := NewChallenge(app_id, []string{app_id})
26req, _ := c.RegisterRequest()
27
28// Read response from the browser.
29var resp RegisterResponse
30reg, err := Register(resp, c, nil)
31if err != nil {
32    // Registration failed.
33}
34
35// Store registration in the database.
36```
37
38### How to perform an authentication
39
40```go
41// Fetch registration and counter from the database.
42var reg Registration
43var counter uint32
44
45// Send authentication request to the browser.
46c, _ := NewChallenge(app_id, []string{app_id})
47req, _ := c.SignRequest(reg)
48
49// Read response from the browser.
50var resp SignResponse
51newCounter, err := reg.Authenticate(resp, c, counter)
52if err != nil {
53    // Authentication failed.
54}
55
56// Store updated counter in the database.
57```
58
59## Installation
60
61```
62$ go get github.com/tstranex/u2f
63```
64
65## Example
66
67See u2fdemo/main.go for an full example server. To run it:
68
69```
70$ go install github.com/tstranex/u2f/u2fdemo
71$ ./bin/u2fdemo
72```
73
74Open https://localhost:3483 in Chrome.
75Ignore the SSL warning (due to the self-signed certificate for localhost).
76You can then test registering and authenticating using your token.
77
78## Changelog
79
80- 2016-12-18: The package has been updated to work with the new
81  U2F Javascript 1.1 API specification. This causes some breaking changes.
82
83  `SignRequest` has been replaced by `WebSignRequest` which now includes
84  multiple registrations. This is useful when the user has multiple devices
85  registered since you can now authenticate against any of them with a single
86  request.
87
88  `WebRegisterRequest` has been introduced, which should generally be used
89  instead of using `RegisterRequest` directly. It includes the list of existing
90  registrations with the new registration request. If the user's device already
91  matches one of the existing registrations, it will refuse to re-register.
92
93  `Challenge.RegisterRequest` has been replaced by `NewWebRegisterRequest`.
94
95## License
96
97The Go FIDO U2F Library is licensed under the MIT License.
98