soft-fido2-transport
| Crates.io | soft-fido2-transport |
| lib.rs | soft-fido2-transport |
| version | 0.10.1 |
| created_at | 2025-11-19 20:38:06.447873+00 |
| updated_at | 2026-01-18 22:31:31.025267+00 |
| description | Transport layer implementations for the soft-fido2 FIDO2/WebAuthn authenticator |
| homepage | |
| repository | https://github.com/pando85/soft-fido2 |
| max_upload_size | |
| id | 1940753 |
| size | 129,103 |
(pando85)
documentation
README
🦀 soft-fido2
A pure Rust implementation of FIDO2/WebAuthn CTAP 2.0/2.1/2.2 protocol.
soft-fido2 provides both authenticator and client FIDO2 capabilities for complete WebAuthn authentication flows.
Features
- Full CTAP 2.0/2.1/2.2 Protocol - Complete implementation of FIDO2 Authenticator Protocol
- no_std Support - Core protocol and cryptography work in embedded environments
- Multiple Transports - USB HID and Linux UHID virtual device support
- Testing-First - Designed for WebAuthn integration testing and development
- Well-Audited Crypto - Uses industry-standard cryptographic libraries (p256, sha2, aes)
Architecture
soft-fido2 is organized into four main crates:
soft-fido2/
├── soft-fido2 # High-level API and examples
├── soft-fido2-crypto # Cryptographic primitives (ECDSA, ECDH, PIN protocols)
├── soft-fido2-ctap # CTAP 2.0/2.1 protocol implementation
└── soft-fido2-transport # Transport layers (USB HID, UHID)
Crate Overview
| Crate | Description | no_std |
|---|---|---|
soft-fido2 |
High-level API combining all components | Core only |
soft-fido2-crypto |
P-256 ECDSA/ECDH, PIN protocols V1/V2 | Yes |
soft-fido2-ctap |
CTAP command handlers and authenticator logic | Yes |
soft-fido2-transport |
USB HID and UHID transport implementations | Requires std |
Documentation
Comprehensive documentation is available on docs.rs/soft-fido2.
Examples
The soft-fido2/examples directory contains several complete examples. Check
them out to see how to use the library!
Run examples:
# Run virtual authenticator (requires UHID permissions)
cargo run --example virtual_authenticator
# Complete WebAuthn flow
cargo run --example webauthn_flow
UHID Requirements (Linux only)
Make sure you have the uhid kernel module loaded and proper permissions.
Run the following commands as root:
modprobe uhid
echo uhid > /etc/modules-load.d/fido.conf
groupadd fido 2>/dev/null || true
usermod -a -G fido $YOUR_USERNAME
echo 'KERNEL=="uhid", GROUP="fido", MODE="0660"' > /etc/udev/rules.d/90-uinput.rules
udevadm control --reload-rules && udevadm trigger
Projects Using soft-fido2
- passless - Virtual FIDO2 device and client FIDO 2 utility, it runs as a virtual UHID device on Linux.
Contributing
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
Development Setup
# Clone repository
git clone https://github.com/pando85/soft-fido2
cd soft-fido2
# Install pre-commit hooks
make pre-commit-install
# Run formatting and linting
make lint
# Run tests
make test
# Run end-to-end tests (requires UHID permissions)
make test-e2e
License
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.
References
Note: This is a community project and is not affiliated with the FIDO Alliance.