Revision control

Copy as Markdown

Other Tools

# A Rust library for interacting with CTAP1/CTAP2 Security Keys
This is a cross-platform library for interacting with Security Key-type devices via Rust.
* **Supported Platforms**: Windows, Linux, FreeBSD, NetBSD, OpenBSD, and macOS.
* **Supported Transports**: USB HID.
This library currently focuses on USB security keys, but is expected to be extended to
support additional transports.
## Usage
There's only a simple example function that tries to register and sign right now. It uses
[env_logger](http://rust-lang-nursery.github.io/log/env_logger/) for logging, which you
configure with the `RUST_LOG` environment variable:
```
cargo build --example main
RUST_LOG=debug cargo run --example main
```
Proper usage should be to call into this library from something else - e.g., Firefox. There are
some [C headers exposed for the purpose](./src/u2fhid-capi.h).
## Tests
There are some tests of the cross-platform runloop logic and the protocol decoder:
```
cargo test
```
## Fuzzing
There are fuzzers for the USB protocol reader, basically fuzzing inputs from the HID layer.
There are not (yet) fuzzers for the C API used by callers (such as Gecko).
To fuzz, you will need cargo-fuzz (the latest version from GitHub) as well as Rust Nightly.
```
rustup install nightly
cargo install cargo-fuzz
cargo +nightly fuzz run u2f_read -- -max_len=512
cargo +nightly fuzz run u2f_read_write -- -max_len=512
```