pool/libfido2
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1177589 from home:pperego:branches:security

Browse Source 
- enabling PC Smartcard API support

OBS-URL: https://build.opensuse.org/request/show/1177589
OBS-URL: https://build.opensuse.org/package/show/security/libfido2?expand=0&rev=54
This commit is contained in:
Torsten Gruner 2024-06-02 07:56:45 +00:00 committed by Git OBS Bridge
commit acd55c9c72
7 changed files with 592 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
.osc

3
libfido2-1.14.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3601792e320032d428002c4cce8499a4c7b803319051a25a0c9f1f138ffee45a
size 660289

BIN
libfido2-1.14.0.tar.gz.sig Normal file
View File

Binary file not shown.

383
libfido2.changes Normal file
View File

@ -0,0 +1,383 @@
-------------------------------------------------------------------
Wed May 29 12:53:17 UTC 2024 - Paolo Perego <paolo.perego@suse.com>
- enabling PC Smartcard API support
-------------------------------------------------------------------
Sat Nov 18 17:13:07 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 1.14.0:
* fido2-cred -M, fido2-token -G: support raw client data
via -w flag.
* New API calls:
** fido_assert_authdata_raw_len;
** fido_assert_authdata_raw_ptr;
** fido_assert_set_winhello_appid.
- add keyring for gpg validation
-------------------------------------------------------------------
Fri Feb 24 10:08:21 UTC 2023 - Martin Sirringhaus <martin.sirringhaus@suse.com>
- Version 1.13.0 (2023-02-20)
* Support for linking against OpenSSL on Windows; gh#668.
* New API calls:
+ fido_assert_empty_allow_list;
+ fido_cred_empty_exclude_list.
* fido2-token: fix issue when listing large blobs.
* Improved support for different fuzzing engines.
-------------------------------------------------------------------
Wed Oct 5 20:40:55 UTC 2022 - Torsten Gruner <simmphonie@opensuse.org>
- Version 1.12.0 (2022-09-22)
* Support for COSE_ES384.
* Support for hidraw(4) on FreeBSD; gh#597.
* Improved support for FIDO 2.1 authenticators.
* New API calls:
+ es384_pk_free;
+ es384_pk_from_EC_KEY;
+ es384_pk_from_EVP_PKEY;
+ es384_pk_from_ptr;
+ es384_pk_new;
+ es384_pk_to_EVP_PKEY;
+ fido_cbor_info_certs_len;
+ fido_cbor_info_certs_name_ptr;
+ fido_cbor_info_certs_value_ptr;
+ fido_cbor_info_maxrpid_minpinlen;
+ fido_cbor_info_minpinlen;
+ fido_cbor_info_new_pin_required;
+ fido_cbor_info_rk_remaining;
+ fido_cbor_info_uv_attempts;
+ fido_cbor_info_uv_modality.
* Documentation and reliability fixes.
- Version 1.11.0 (2022-05-03)
* Experimental PCSC support; enable with -DUSE_PCSC.
* Improved OpenSSL 3.0 compatibility.
* Use RFC1951 raw deflate to compress CTAP 2.1 largeBlobs.
* winhello: advertise "uv" instead of "clientPin".
* winhello: support hmac-secret in fido_dev_get_assert().
* New API calls:
+ fido_cbor_info_maxlargeblob.
* Documentation and reliability fixes.
* Separate build and regress targets.
-------------------------------------------------------------------
Mon Mar 28 16:53:52 UTC 2022 - Torsten Gruner <simmphonie@opensuse.org>
- Version 1.10.0 (2022-01-17)
* hid_osx: handle devices with paths > 511 bytes; gh#462.
* bio: fix CTAP2 canonical CBOR encoding in fido_bio_dev_enroll_*(); gh#480.
* winhello: fallback to GetTopWindow() if GetForegroundWindow() fails.
* winhello: fallback to hid_win.c if webauthn.dll isnt available.
* New API calls:
- fido_dev_info_set;
- fido_dev_io_handle;
- fido_dev_new_with_info;
- fido_dev_open_with_info.
* Cygwin and NetBSD build fixes.
* Documentation and reliability fixes.
* Support for TPM 2.0 attestation of COSE_ES256 credentials.
-------------------------------------------------------------------
Mon Jan 10 17:22:01 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Use BuildRequires: openssl-devel instead of forcing 1.1 since 3.x
is now supported.
-------------------------------------------------------------------
Mon Nov 1 14:39:51 UTC 2021 - Torsten Gruner <simmphonie@opensuse.org>
- Version 1.9.0 (2021-10-27)
* Enabled NFC support on Linux.
* Added OpenSSL 3.0 compatibility.
* Removed OpenSSL 1.0 compatibility.
* Support for FIDO 2.1 "minPinLength" extension.
* Support for COSE_EDDSA, COSE_ES256, and COSE_RS1 attestation.
* Support for TPM 2.0 attestation.
* Support for device timeouts; see fido_dev_set_timeout().
* New API calls:
- es256_pk_from_EVP_PKEY;
- fido_cred_attstmt_len;
- fido_cred_attstmt_ptr;
- fido_cred_pin_minlen;
- fido_cred_set_attstmt;
- fido_cred_set_pin_minlen;
- fido_dev_set_pin_minlen_rpid;
- fido_dev_set_timeout;
- rs256_pk_from_EVP_PKEY.
* Reliability and portability fixes.
* Better handling of HID devices without identification strings; gh#381.
* Fixed detection of Windowss native webauthn API; gh#382.
-------------------------------------------------------------------
Tue Sep 21 08:33:36 UTC 2021 - Paolo Perego <paolo.perego@suse.com>
- Removed fix-cmake-linking.patch because no longer needed
-------------------------------------------------------------------
Tue Sep 14 13:49:56 UTC 2021 - Paolo Perego <paolo.perego@suse.com>
- Update to version 1.8.0:
* Dropped 'Requires.private' entry from pkg-config file.
* Better support for FIDO 2.1 authenticators.
* Support for Windows's native webauthn API.
* Support for attestation format 'none'.
* New API calls:
- fido_assert_set_clientdata;
- fido_cbor_info_algorithm_cose;
- fido_cbor_info_algorithm_count;
- fido_cbor_info_algorithm_type;
- fido_cbor_info_transports_len;
- fido_cbor_info_transports_ptr;
- fido_cred_set_clientdata;
- fido_cred_set_id;
- fido_credman_set_dev_rk;
- fido_dev_is_winhello.
* fido2-token: new -Sc option to update a resident credential.
* Documentation and reliability fixes.
* HID access serialisation on Linux.
- disable fix-cmake-linking.patch, not needed currently
-------------------------------------------------------------------
Sat Apr 17 01:41:49 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 1.7.0:
* hid_win: detect devices with vendor or product IDs > 0x7fff
* Support for FIDO 2.1 authenticator configuration.
* Support for FIDO 2.1 UV token permissions.
* Support for FIDO 2.1 "credBlobs" and "largeBlobs" extensions.
* New API calls
* New fido_init flag to disable fido_dev_opens U2F fallback
* Experimental NFC support on Linux.
- Enabled hidapi again, issues related to hidapi are fixed upstream
* Added fix-cmake-linking.patch to fix linking
-------------------------------------------------------------------
Wed Jan 20 09:46:41 UTC 2021 - Martin Pluskal <mpluskal@suse.com>
- Update to version 1.6.0:
* Fix OpenSSL 1.0 and Cygwin builds.
* hid_linux: fix build on 32-bit systems.
* hid_osx: allow reads from spawned threads.
* Documentation and reliability fixes.
* New API calls:
+ fido_cred_authdata_raw_len;
+ fido_cred_authdata_raw_ptr;
+ fido_cred_sigcount;
+ fido_dev_get_uv_retry_count;
+ fido_dev_supports_credman.
* Hardened Windows build.
* Native FreeBSD and NetBSD support.
* Use CTAP2 canonical CBOR when combining hmac-secret and credProtect.
- Drop 7a17a4e9127fb6df6278f19396760e7d60a5862c.patch
- Do not build examples as their build fails
-------------------------------------------------------------------
Tue Nov 17 17:59:21 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
- Add Conflicts: to supersede version 1.0.0. This is needed for
a clean upgrade path on SLE.
-------------------------------------------------------------------
Wed Sep 9 13:33:47 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
- Add 7a17a4e9127fb6df6278f19396760e7d60a5862c.patch from upstream
to fix 32bit compilation issues.
-------------------------------------------------------------------
Tue Sep 1 11:17:49 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
- Update to version 1.5.0
* hid_linux: return FIDO_OK if no devices are found.
* hid_osx:
+ repair communication with U2F tokens, gh#166;
+ reliability fixes.
* fido2-{assert,cred}: new options to explicitly toggle UP, UV.
* Support for configurable report lengths.
* New API calls:
+ fido_cbor_info_maxcredcntlst
+ fido_cbor_info_maxcredidlen
+ fido_cred_aaguid_len
+ fido_cred_aaguid_ptr
+ fido_dev_get_touch_begin
+ fido_dev_get_touch_status
* Use COSE_ECDH_ES256 with CTAP_CBOR_CLIENT_PIN; gh#154.
* Allow CTAP messages up to 2048 bytes; gh#171.
* Ensure we only list USB devices by default.
-------------------------------------------------------------------
Fri Jul 24 19:33:15 UTC 2020 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
- Cleanup udev rules, trying to use the Debian specific plugdev
group fills up the journal.
- Make the udev rules package noarch, correct Summary
-------------------------------------------------------------------
Fri Jul 3 09:11:31 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
- Create a udev subpackage and ship the udev rule
-------------------------------------------------------------------
Thu Jul 2 13:03:31 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
- Don't build with hidapi support to fix issues with Yubikey 5Ci
https://github.com/Yubico/libfido2/issues/190
-------------------------------------------------------------------
Mon May 25 08:11:27 UTC 2020 - Ismail Dönmez <idonmez@suse.com>
- Update to version 1.4.0
* hid_hidapi: hidapi backend; enable with -DUSE_HIDAPI=1.
* Fall back to U2F if the key claims to, but does not support FIDO2.
* FIDO2 credential protection (credprot) support.
* New API calls:
+ fido_cbor_info_fwversion;
+ fido_cred_prot;
+ fido_cred_set_prot;
+ fido_dev_set_transport_functions;
+ fido_set_log_handler.
* Fixed EdDSA and RSA self-attestation.
-------------------------------------------------------------------
Sun Mar 1 00:28:37 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- Version 1.3.1
- fix zero-ing of le1 and le2 when talking to a U2F device.
- dropping sk-libfido2 middleware, please find it in the openssh
tree.
-------------------------------------------------------------------
Sun Dec 8 23:00:20 UTC 2019 - Karol Babioch <kbabioch@suse.de>
- Version 1.3.0 (2019-11-28)
* assert/hmac: encode public key as per spec, gh#60.
* fido2-cred: fix creation of resident keys.
* fido2-{assert,cred}: support for hmac-secret extension.
* hid_osx: detect device removal, gh#56.
* hid_osx: fix device detection in MacOS Catalina.
* New API calls:
- fido_assert_set_authdata_raw;
- fido_assert_sigcount;
- fido_cred_set_authdata_raw;
- fido_dev_cancel.
* Middleware library for use by OpenSSH.
* Support for biometric enrollment.
* Support for OpenBSD.
* Support for self-attestation.
-------------------------------------------------------------------
Mon Sep 16 13:51:47 UTC 2019 - simmphonie@opensuse.org
- Version 1.2.0 (released 2019-07-26)
* Credential management support.
* New API reflecting FIDOs 3-state booleans (true, false, absent):
- fido_assert_set_up;
- fido_assert_set_uv;
- fido_cred_set_rk;
- fido_cred_set_uv.
* Command-line tools for Windows.
* Documentation and reliability fixes.
* fido_{assert,cred}_set_options() are now marked as deprecated.
-------------------------------------------------------------------
Tue May 28 21:26:35 UTC 2019 - Karol Babioch <kbabioch@suse.de>
- Version 1.1.0 (released 2019-05-08)
* EdDSA (Ed25519) support.
* fido_dev_make_cred: fix order of CBOR map keys.
* fido_dev_get_assert: plug memory leak when operating on U2F devices.
-------------------------------------------------------------------
Sat Apr 20 18:50:23 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Use automatic dependency discovery for
libfido2-utils -> libfido2-1_0-0.
-------------------------------------------------------------------
Tue Apr 16 06:52:58 UTC 2019 - Karol Babioch <kbabioch@suse.de>
- Added Conflicts to libfido2-0_4_0 to make sure upgrade goes smoothly as
outline in sr#690566
-------------------------------------------------------------------
Tue Apr 2 07:05:19 UTC 2019 - Karol Babioch <kbabioch@suse.de>
- Split utilities into sub-package libfido2-utils and package man pages
correctly (bsc#1131163)
-------------------------------------------------------------------
Thu Mar 21 09:10:24 UTC 2019 - Karol Babioch <kbabioch@suse.de>
- Version 1.0.0 (released 2019-03-21)
* Native HID support on Linux, MacOS, and Windows.
* fido2-{assert,cred}: new -u option to force U2F on dual authenticators.
* fido2-assert: support for multiple resident keys with the same RP.
* Strict checks for CTAP2 compliance on received CBOR payloads.
* Better fuzzing harnesses.
* Documentation and reliability fixes.
-------------------------------------------------------------------
Wed Jan 9 09:32:01 UTC 2019 - Karol Babioch <kbabioch@suse.de>
- Version 0.4.0 (released 2019-01-07)
* fido2-assert: print the user id for resident credentials.
* Fix encoding of COSE algorithms when making a credential.
* Rework purpose of fido_cred_set_type; no ABI change.
* Minor documentation and code fixes.
- Dropped patch that is included upstream now: fix-release-build.patch
-------------------------------------------------------------------
Mon Oct 1 16:35:14 UTC 2018 - Karol Babioch <kbabioch@suse.com>
- Added patch:
* fix-release-build.patch: Disables regression tests as proposed by upstream
-------------------------------------------------------------------
Mon Oct 1 06:56:58 UTC 2018 - Karol Babioch <kbabioch@suse.com>
- Applied spec-cleaner
-------------------------------------------------------------------
Sun Sep 30 08:41:05 UTC 2018 - t.gruner@katodev.de
- Build package without regression tests
- Version 0.3.0 (released 2018-09-11)
- Various reliability fixes.
- Merged fuzzing instrumentation.
- Added regress tests.
- Added support for FIDO 2s hmac-secret extension.
- New API calls:
* fido_assert_hmac_secret_len;
* fido_assert_hmac_secret_ptr;
* fido_assert_set_extensions;
* fido_assert_set_hmac_salt;
* fido_cred_set_extensions;
* fido_dev_force_fido2.
- Support for native builds with Microsoft Visual Studio 17.
-------------------------------------------------------------------
Fri Sep 28 19:05:32 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
- Fix RPM group. Wrap description.
-------------------------------------------------------------------
Thu Jun 21 08:51:47 UTC 2018 - t.gruner@katodev.de
- Version 0.2.0 (released 2018-06-20)
- Added command-line tools.
- Added a couple of missing get functions.
- Version 0.1.1 (released 2018-06-05)
- Added documentation.
- Added OpenSSL 1.0 support.
- Minor fixes.
-------------------------------------------------------------------
Sun May 27 20:10:41 UTC 2018 - t.gruner@katodev.de
- update to version 0.1.0
-------------------------------------------------------------------
Mon Apr 30 20:03:20 UTC 2018 - t.gruner@katodev.de
- Initial release version 0_git

38
libfido2.keyring Normal file
View File

@ -0,0 +1,38 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEX2GtChYJKwYBBAHaRw8BAQdAXtF26PPVnk3a2UWoHe61aN1EwpBWXbKDhel3
QrBTSVi0MUx1ZHZpZyBNaWNoYWVsc3NvbiA8bHVkdmlnLm1pY2hhZWxzc29uQGdt
YWlsLmNvbT6IkQQTFgoAOQIbAQQLCQgHBBUKCQgFFgIDAQACHgECF4AWIQR42ZfV
PpwKKiBTku0UoZeEcjyZiAUCX2Gu5wIZAQAKCRAUoZeEcjyZiNAZAP9GQtAV2Hwo
OUFmlzIR14BYpmSeMkafm3rvBFudTgwZpgEAp7tSOkar9lglvt+JzuT3/HakxUUJ
YiwqIDey9xhiTgy0Mkx1ZHZpZyBNaWNoYWVsc3NvbiA8bHVkdmlnLm1pY2hhZWxz
c29uQHl1Ymljby5jb20+iI4EExYKADYWIQR42ZfVPpwKKiBTku0UoZeEcjyZiAUC
X2GuMQIbAQQLCQgHBBUKCQgFFgIDAQACHgECF4AACgkQFKGXhHI8mYiYRwD+OGtP
gKJYD5n1W6fDWnt+YHOVPkpqTJqVWXsYYe6SACABAP3mduQ4XB/ZmwCk67VT6b5T
lAUamAKeqSPAcjD5fwMDuDMEX2Gt0BYJKwYBBAHaRw8BAQdARvrBRyA4/r+Lz80F
c+4kRpIOTnCcGkqrzIyVbKYuNAeIfgQYFgoAJgIbIBYhBHjZl9U+nAoqIFOS7RSh
l4RyPJmIBQJhLHrtBQkDwpt2AAoJEBShl4RyPJmIS7EBAJbpbnsFuYHfwbZxA5Wp
XYAx8soXp+VLK9Rr1ysj4D4kAP4+XGsRuxHz51/ozDmLrg0N1LCJUu8kSgJvLxaF
N16lB4h+BBgWCgAmAhsgFiEEeNmX1T6cCiogU5LtFKGXhHI8mYgFAmTkTAMFCQeG
U9IACgkQFKGXhHI8mYiYFgD8CMfL31/Hsbe0ljGwzIl4q6l3pwxpRdw6AGlKOdBH
OysA/jvnvn72GObyvEbO7Cn9Bl4IWYM7r58YKZvGoGpiPPcPuDgEX2GtqBIKKwYB
BAGXVQEFAQEHQGWO4s7Lq78mRIAz37j6Xed/CGUjL+L7KbR/k2va24p+AwEIB4h+
BBgWCgAmAhsMFiEEeNmX1T6cCiogU5LtFKGXhHI8mYgFAmEseu0FCQPCm54ACgkQ
FKGXhHI8mYjjhgEAk//4GzFq6fVCYbFMjxx0yDL4jeHv2pk0NNfG1ZC/oDYBAJ2k
OUygl4/Bj1qkJGwVXQ+rRyUzQjamTeA/zbK/D24IiH4EGBYKACYCGwwWIQR42ZfV
PpwKKiBTku0UoZeEcjyZiAUCZORMAwUJB4ZT+gAKCRAUoZeEcjyZiJRPAP9uSXQ8
3okDTOKnW5Gc/C9LdnVoEecJLIGZ+dBG/RTVqQEA/NyEnt+Z24lpISK3GPsQA4/l
wRBoxyx0l1lvhm+TcgW4MwRfYa18FgkrBgEEAdpHDwEBB0BKG/DHdgwhKvp9LzNW
IkeQd6YsRWimcz8pMb5WzpKObYj1BBgWCgAmAhsCFiEEeNmX1T6cCiogU5LtFKGX
hHI8mYgFAmEseucFCQPCm8oAgXYgBBkWCgAdFiEEs3AD/xWgaKQT5QscPWpJ5MTg
tnMFAl9hrXwACgkQPWpJ5MTgtnMdlgD7BguE7EqfAqnoJVyrWK0SeyRiBn8wji4T
aKo0MBOkAMgBALk3dIm1zGlcVEFiRYY5CRX9shJyg6Zq76JDF5GmpKcACRAUoZeE
cjyZiPdnAQDA10QUzP3Fjs0dd6T6kyn1aIUPk8HDzDlVHAYznQzErQEA8uLC8a7V
m0IE/6ycNbeHnxeicKNQwrTxyU13FntdUQ+I9QQYFgoAJgIbAhYhBHjZl9U+nAoq
IFOS7RShl4RyPJmIBQJk5EvwBQkHhlQmAIF2IAQZFgoAHRYhBLNwA/8VoGikE+UL
HD1qSeTE4LZzBQJfYa18AAoJED1qSeTE4LZzHZYA+wYLhOxKnwKp6CVcq1itEnsk
YgZ/MI4uE2iqNDATpADIAQC5N3SJtcxpXFRBYkWGOQkV/bIScoOmau+iQxeRpqSn
AAkQFKGXhHI8mYhjHAD8Dk6wgszX3xUKWZ9e2VJG66PkMhEN5KKfhFNEPuiq2mQA
/1lHVz/OkZJFeDN9KRCb8OnL9KyIdC92taU2FRTqbhAC
=0rPN
-----END PGP PUBLIC KEY BLOCK-----

144
libfido2.spec Normal file
View File

@ -0,0 +1,144 @@
#
# spec file for package libfido2
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define sover 1
Name: libfido2
Version: 1.14.0
Release: 0
Summary: FIDO U2F and FIDO 2.0 protocols
License: BSD-2-Clause
Group: Development/Libraries/C and C++
URL: https://developers.yubico.com/
Source0: https://developers.yubico.com/libfido2/Releases/%{name}-%{version}.tar.gz
Source1: https://developers.yubico.com/libfido2/Releases/%{name}-%{version}.tar.gz.sig
Source2: libfido2.keyring
BuildRequires: cmake
BuildRequires: gcc-c++
%if 0%{?suse_version} >= 1540 || 0%{?sle_version} >= 150400
BuildRequires: libopenssl-3-devel
%else
BuildRequires: pkgconfig(openssl)
%endif
BuildRequires: ninja
BuildRequires: pkgconfig
BuildRequires: pkgconfig(hidapi-hidraw)
BuildRequires: pkgconfig(libcbor)
BuildRequires: pkgconfig(libudev)
BuildRequires: pkgconfig(zlib)
# For PCSC API
BuildRequires: pcsc-lite-devel
%description
Provides library functionality for communicating with a FIDO device
over USB as well as verifying attestation and assertion signatures.
%package -n %{name}-%{sover}
Summary: FIDO U2F and FIDO 2.0 protocols
Group: Development/Libraries/C and C++
Provides: %{name} = %{version}
Obsoletes: %{name} < %{version}
%description -n %{name}-%{sover}
This library supports the FIDO U2F and FIDO 2.0 protocols for
communicating with a USB authenticator via the
Client-to-Authenticator Protocol (CTAP 1 and 2).
This library is compiled with experimental support for Smardcard API (PC/SC)
%package -n %{name}-devel
Summary: Development files for FIDO U2F and FIDO 2.0 protocols
Group: Development/Libraries/C and C++
Requires: %{name}-%{sover} = %{version}
Requires: openssl-devel
Conflicts: libfido2-0_4_0
Conflicts: libfido2-1_0_0
%description -n %{name}-devel
This package contains the header file needed to develop applications that
use FIDO U2F and FIDO 2.0 protocols.
%package -n %{name}-utils
Summary: Utility programs making use of libfido2, a library for FIDO U2F and FIDO 2.0
Group: Hardware/Other
Conflicts: libfido2-0_4_0
Conflicts: libfido2-1_0_0
%description -n %{name}-utils
This package contains utilities to use FIDO U2F and FIDO 2.0 protocols.
%package -n %{name}-udev
Summary: Udev rules for libfido2
Group: Development/Libraries/C and C++
BuildArch: noarch
%description -n %{name}-udev
This package contains the udev rules for FIDO2 compatible devices.
%prep
%autosetup -p1
%build
%define __builder ninja
%cmake \
-DCBOR_LIBRARY_DIRS=%{_libdir} \
-DBUILD_EXAMPLES=OFF \
-DUSE_HIDAPI=ON \
-DUSE_PCSC=ON \
-DNFC_LINUX=ON
%cmake_build
%install
%cmake_install
# Remove Debian specific plugdev setting from udev rules
sed -i -e 's/, GROUP="plugdev"//g ; s/, MODE="0660"//g' udev/70-u2f.rules
# u2f-host has the same udev rule, use a different name
mkdir -p %{buildroot}%{_udevrulesdir}
install -m 0644 udev/70-u2f.rules %{buildroot}%{_udevrulesdir}/70-fido2.rules
find %{buildroot} -type f -name "*.a" -delete -print
%post -n %{name}-%{sover} -p /sbin/ldconfig
%postun -n %{name}-%{sover} -p /sbin/ldconfig
%post udev
%{udev_rules_update}
%postun udev
%{udev_rules_update}
%files -n %{name}-%{sover}
%license LICENSE
%doc README.adoc
%{_libdir}/%{name}.so.*
%files -n %{name}-devel
%{_includedir}/*.h
%dir %{_includedir}/fido
%{_includedir}/fido/*.h
%{_libdir}/%{name}.so
%{_mandir}/man3/*
%{_libdir}/pkgconfig/*
%files udev
%{_udevrulesdir}/70-fido2.rules
%files -n %{name}-utils
%{_bindir}/fido2-*
%{_mandir}/man1/*
%changelog