Documentation
¶
Overview ¶
Package fido2 implements a provider that derives a 32-byte secret from a FIDO2 hardware key using the hmac-secret extension.
Requires: libfido2 development headers and CGO_ENABLED=1.
This file calls fido_init(FIDO_DISABLE_U2F_FALLBACK) via a GCC constructor before go-libfido2's init() runs fido_init(0). The U2F fallback path probes PC/SC readers, which grabs an exclusive handle and prevents go-piv from establishing its own PC/SC context for PIV operations. Disabling the fallback lets both providers coexist.
fido_init ignores subsequent calls (libfido2 >= 1.5), so the upstream init() becomes a no-op.
Index ¶
- type DeviceInfo
- type FIDO2
- func (f *FIDO2) Derive(ctx context.Context, params map[string]string) ([]byte, error)
- func (f *FIDO2) DeriveTimeout() time.Duration
- func (f *FIDO2) Description() string
- func (f *FIDO2) Enroll(ctx context.Context, id string) (*provider.EnrollResult, error)
- func (f *FIDO2) EnrollOptions() []provider.EnrollOption
- func (f *FIDO2) InteractiveDerive() bool
- func (f *FIDO2) PreDerive(ctx context.Context, params map[string]string) (context.Context, error)
- func (f *FIDO2) Type() string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DeviceInfo ¶
DeviceInfo holds device metadata safe for use outside CGo contexts.
func ListDevices ¶
func ListDevices() ([]DeviceInfo, error)
ListDevices returns available FIDO2 devices.
type FIDO2 ¶
type FIDO2 struct{}
func (*FIDO2) DeriveTimeout ¶
func (*FIDO2) Description ¶
func (*FIDO2) EnrollOptions ¶
func (f *FIDO2) EnrollOptions() []provider.EnrollOption
Source Files