This repository has been merged into https://github.com/github/SoftU2F. This repo only exists to preserve Git history.
This is a toolset for implementing HID U2F tokens in software. This includes an OSX driver that emulates HID U2F devices as well as a library for sending/receiving messages using emulated device. See SoftU2FTool for an example of a fully functional U2F authenticator.
You must have Xcode Command Line Tools installed to build this project.
# Install Commaned Line Tools
xcode-select --install
# Build softu2f.kext and libsoftu2f.a.
script/build
I'm waiting on Apple to get a certificate for signing kernel extension. In the meantime, you'll have to disable System Integrity Protection before trying to load softu2f.kext
.
# Load softu2f.kext (requires sudo)
script/load
#include "softu2f.h"
void main() {
softu2f_ctx *ctx = softu2f_init(SOFTU2F_DEBUG);
// do stuff...
softu2f_deinit(ctx);
}
#include "softu2f.h"
// Called with HID messages while the main run loop is going.
bool handle_message(softu2f_ctx *ctx, softu2f_hid_message *req) {
printf("Received U2F message (code %d) on channel %d.\n", req->cmd, req->cid);
// Stop the main run loop once we receive a message.
softu2f_shutdown(ctx);
// Indicate that we didn't actually "handle" the message.
return false;
}
void main() {
// initialize...
// Register callback for any U2F-level messages.
softu2f_hid_msg_handler_register(ctx, U2FHID_MSG, handle_message);
// Wait for messages.
softu2f_run(ctx);
// deinitialize...
}
#include "softu2f.h"
bool handle_message(softu2f_ctx *ctx, softu2f_hid_message *req) {
bool ret;
softu2f_hid_message *resp;
// Build a response to send.
resp = build_response(req);
if (!resp) {
printf("Error processing request.\n");
return false;
}
// Send the response to the client.
ret = softu2f_hid_msg_send(ctx, resp);
if (!ret) {
printf("Error sending response.\n");
}
// Deallocate memory from response.
softu2f_hid_msg_free(resp);
// Indicate whether we were able to handle the message.
return ret;
}
softu2f_hid_message *build_response(softu2f_hid_message *req) {
// Process U2F level message and build response...
}
void main() {
// initialize, register message/signal handlers, deinitialize...
}