Awesome
FIDO2 HID Bridge
This repository contains sources for a Linux virtual USB-HID FIDO2 device.
This device will receive FIDO2 CTAP2.1 commands, and forward them to an attached PC/SC authenticator.
This allows using authenticators over PC/SC from applications that only support USB-HID, such as Firefox; with this program running you can use NFC authenticators or Smartcards.
Note that this is a very early-stage application, but it does work with Chrome and Firefox.
Running It
You'll need to install dependencies:
poetry install
And then launch the application in the created virtualenv. You might need to be root
or otherwise get access to raw HID devices (permissions on /dev/uhid
):
sudo -E ./.venv/bin/fido2-hid-bridge
Alternative installation
You can also install the project via pipx
pipx install git+https://github.com/BryanJacobs/fido2-hid-bridge
The argument '--system-site-packages' is advised when you already have installed python dependecies system wide (e.g. pyscard).
Assuming pipx is configured correctly simply lauch:
sudo -E fido2-hid-bridge
Implementation Details
This uses the Linux kernel UHID device facility, and the python-fido2
library.
It relays USB-HID packets to PC/SC.
Nothing more to it than that.