File: PKG-INFO

package info (click to toggle)
python-fido2 2.0.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 1,456 kB
  • sloc: python: 11,423; javascript: 181; sh: 21; makefile: 9
file content (170 lines) | stat: -rw-r--r-- 7,051 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
 
Metadata-Version: 2.3
Name: fido2
Version: 2.0.0
Summary: FIDO2/WebAuthn library for implementing clients and servers.
License: Copyright (c) 2018 Yubico AB
         All rights reserved.
         
         Redistribution and use in source and binary forms, with or without
         modification, are permitted provided that the following conditions are
         met:
         
           * Redistributions of source code must retain the above copyright
             notice, this list of conditions and the following disclaimer.
         
           * Redistributions in binary form must reproduce the above
             copyright notice, this list of conditions and the following
             disclaimer in the documentation and/or other materials provided
             with the distribution.
         
         THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
         "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
         LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
         A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
         OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
         SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
         LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
         DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
         THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
         (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
         OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Keywords: fido2,webauthn,ctap,u2f
Author: Dain Nilsson
Author-email: <dain@yubico.com>
Requires-Python: >=3.10, <4
Classifier: License :: OSI Approved :: BSD License
Classifier: License :: OSI Approved :: Apache Software License
Classifier: License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)
Classifier: Operating System :: MacOS
Classifier: Operating System :: Microsoft :: Windows
Classifier: Operating System :: POSIX :: Linux
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: Topic :: Internet
Classifier: Topic :: Security :: Cryptography
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Provides-Extra: pcsc
Requires-Dist: cryptography (>=2.6,!=35,<48)
Requires-Dist: pyscard (>=1.9,<3) ; extra == "pcsc"
Project-URL: Homepage, https://github.com/Yubico/python-fido2
Description-Content-Type: text/plain

== python-fido2
image:https://github.com/Yubico/python-fido2/workflows/build/badge.svg["Github actions build", link="https://github.com/Yubico/python-fido2/actions"]

Provides library functionality for communicating with a FIDO device over USB as
well as verifying attestation and assertion signatures.

NOTE: Version 2.0 is now released. For help with migration from version 1.x, see
link:doc/Migration_1-2.adoc[the migration guide].

This library aims to support the FIDO U2F and FIDO 2 protocols for
communicating with a USB authenticator via the Client-to-Authenticator Protocol
(CTAP 1 and 2). In addition to this low-level device access, classes defined in
the `fido2.client` and `fido2.server` modules implement higher level operations
which are useful when interfacing with an Authenticator, or when implementing
WebAuthn support for a Relying Party.

For usage, see the `examples/` directory and
link:https://developers.yubico.com/python-fido2/API_Documentation/[API documentation].


=== References
These links related to WebAuthn and FIDO2 can help you get started:

* Yubico WebAuthn/FIDO2 guide: https://developers.yubico.com/FIDO2/
* W3C WebAuthn specification: https://www.w3.org/TR/webauthn/
* FIDO specifications: https://fidoalliance.org/specifications/download/


=== License
This project, with the exception of the files mentioned below, is licensed
under the BSD 2-clause license.
See the _COPYING_ file for the full license text.

This project contains source code from pyu2f (https://github.com/google/pyu2f)
which is licensed under the Apache License, version 2.0.
These files are located in `fido2/hid/`.
See http://www.apache.org/licenses/LICENSE-2.0,
or the _COPYING.APLv2_ file for the full license text.

This project also bundles the public suffix list (https://publicsuffix.org)
which is licensed under the Mozilla Public License, version 2.0.
This file is stored as `fido2/public_suffix_list.dat`.
See https://mozilla.org/MPL/2.0/,
or the _COPYING.MPLv2_ file for the full license text.


=== Requirements
fido2 is compatible with Python 3.10 and later, and is tested on Windows, MacOS,
and Linux. Support for OpenBSD, FreeBSD, and NetBSD is provided as-is and
relies on community contributions.


=== Installation

fido2 is installable by running the following command:

  pip install fido2

To install the dependencies required for communication with NFC authenticators,
instead use:

  pip install fido2[pcsc]

Under Windows 10 (1903 or later) access to FIDO devices is restricted and
requires running as Administrator. This library can still be used when running
as non-administrator, via the  `fido.client.WindowsClient` class. An example of
this is included in the file `examples/credential.py`.


Under Linux you will need to add a Udev rule to be able to access the FIDO
device, or run as root. For example, the Udev rule may contain the following:

----
#Udev rule for allowing HID access to Yubico devices for FIDO support.

KERNEL=="hidraw*", SUBSYSTEM=="hidraw", \
  MODE="0664", GROUP="plugdev", ATTRS{idVendor}=="1050"
----

There may be a package already available for your distribution that does this
for you, see:
https://support.yubico.com/hc/en-us/articles/360013708900-Using-Your-U2F-YubiKey-with-Linux

Under FreeBSD you will either need to run as root or add rules for your device
to /etc/devd.conf, which can be automated by installing security/u2f-devd:

  # pkg install u2f-devd

==== Dependencies
This project depends on Cryptography. For instructions on installing this
dependency, see https://cryptography.io/en/latest/installation/.

NFC support is optionally available via PC/SC, using the pyscard library. For
instructions on installing this dependency, see
https://github.com/LudovicRousseau/pyscard/blob/master/INSTALL.md.


=== Development
For development of the library we use https://python-poetry.org/[poetry]. To
set up the dev environment, run this command in the root directory of the
repository:

  poetry install

We also use https://pre-commit.com/[pre-commit] to run some scans on the code
prior to committing.


==== Running tests
While some tests can run on their own, most require a connected FIDO2 device to run.

WARNING: These tests are destructive, and will factory reset the device under test.
As a safety precaution, the tests will only run on a device that is in a newly reset
state, as far as the test runner can tell.

  poetry run pytest