fido2 1.1.0 copy "fido2: ^1.1.0" to clipboard
fido2: ^1.1.0 copied to clipboard

Published 23 days agoverified publishernfc.im
SDKDartFlutter
PlatformAndroidiOSLinuxmacOSwebWindows

Metadata

Library to parse FIDO2 request / response and interactive with authenticators via CTAP2.

More...

fido2 for Dart #

pub version Test

A pure Dart library for FIDO2 / WebAuthn.

  • Parse and build CTAP2 commands / responses (CBOR)
  • Interact with authenticators via CTAP2 (ClientPin, CredentialManagement)
  • Stateless WebAuthn server for registration and authentication (signature verification, rpIdHash / flags / signCount checks)
  • COSE verification: ES256 and EdDSA (Ed25519)

Usage — CTAP2 client #

Import combined API:

import 'package:fido2/fido2.dart';

// Provide a CtapDevice implementation for your transport (see example/pcsc_example.dart)
Future<void> demo(CtapDevice device) async {
  final ctap = await Ctap2.create(device);
  print(ctap.info.versions);

  final cp = ClientPin(ctap, pinProtocol: PinProtocolV2());
  final retries = await cp.getPinRetries();
  print(retries);
}

More end-to-end CTAP examples are in example/pcsc_example.dart.

Usage — WebAuthn server #

The server is stateless; you persist challenges, public keys, and counters.

import 'package:fido2/fido2.dart';
import 'package:cbor/cbor.dart';

final server = Fido2Server(Fido2Config(rpId: 'example.com', rpName: 'Example'));

// 1) Registration
final regOptions = server.generateRegistrationOptions('user@example.com', 'User');
// send regOptions to client and store regOptions['challenge']

// After client returns base64url strings: clientDataJSON, attestationObject
final regResult = server.completeRegistration(
  clientDataBase64,
  attestationObjectBase64,
  expectedChallenge,
);
// Persist regResult.credentialId and regResult.credentialPublicKey (CborMap)

// 2) Authentication (Assertion)
final assertOptions = server.generateVerificationOptions();
// send to client and store assertOptions['challenge']

final verification = await server.completeVerification(
  clientDataBase64,
  authenticatorDataBase64,
  signatureBase64,
  expectedChallenge,
  regResult.credentialPublicKey,
  storedSignCount, // 0 if unknown
);

print(verification.userPresent);

Notes:

  • Attestation statement is not verified (use 'none' attestation).
  • Supported algorithms: ES256, EdDSA (Ed25519) with strict DER parsing and low-S normalization.

Serialization #

Entities / requests use json_serializable for toJson and toString for readable logs. Special cases with manual toJson: CoseKey and CtapError.

Examples #

  • See example/ for snippets and the PC/SC transport demo.

Additional information #

The following libraries might help:

Metadata

3
likes
160
points
338
downloads

Publisher

verified publishernfc.im

Weekly Downloads

Metadata

Library to parse FIDO2 request / response and interactive with authenticators via CTAP2.

Repository (GitHub)
View/report issues

Documentation

API reference

License

MIT (license)

Dependencies

asn1lib, cbor, convert, crypto, cryptography, elliptic, json_annotation, pointycastle, quiver

More

Packages that depend on fido2

Back