# # spec file for package libfido2 # # Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define sover 1 Name: libfido2 Version: 1.4.0 Release: 2.1 Summary: FIDO U2F and FIDO 2.0 protocols License: BSD-2-Clause URL: https://developers.yubico.com/ Source0: https://developers.yubico.com/libfido2/Releases/%{name}-%{version}.tar.gz Source1: https://developers.yubico.com/libfido2/Releases/%{name}-%{version}.tar.gz.sig BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: libopenssl-1_1-devel BuildRequires: ninja BuildRequires: pkgconfig BuildRequires: pkgconfig(libcbor) BuildRequires: pkgconfig(libudev) %description Provides library functionality for communicating with a FIDO device over USB as well as verifying attestation and assertion signatures. %package -n %{name}-%{sover} Summary: FIDO U2F and FIDO 2.0 protocols Requires: %{name}-udev Provides: %{name} = %{version} Obsoletes: %{name} < %{version} %description -n %{name}-%{sover} This library supports the FIDO U2F and FIDO 2.0 protocols for communicating with a USB authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2). %package -n %{name}-devel Summary: Development files for FIDO U2F and FIDO 2.0 protocols Requires: %{name}-%{sover} = %{version} Requires: libopenssl-1_1-devel Conflicts: libfido2-0_4_0 %description -n %{name}-devel This package contains the header file needed to develop applications that use FIDO U2F and FIDO 2.0 protocols. %package -n %{name}-utils Summary: Utility programs making use of libfido2, a library for FIDO U2F and FIDO 2.0 Conflicts: libfido2-0_4_0 %description -n %{name}-utils This package contains utilities to use FIDO U2F and FIDO 2.0 protocols. %package udev Summary: Utility programs making use of libfido2, a library for FIDO U2F and FIDO 2.0 %description udev This package contains the udev rules for FIDO2 compatible devices. %prep %setup -q %build %define __builder ninja %cmake \ -DCBOR_LIBRARY_DIRS=%{_libdir} \ -DUSE_HIDAPI=0 %cmake_build %install %cmake_install # u2f-host has the same udev rule, use a different name mkdir -p %{buildroot}%{_udevrulesdir} install -m 0644 udev/70-u2f.rules %{buildroot}%{_udevrulesdir}/70-fido2.rules find %{buildroot} -type f -name "*.a" -delete -print %post -n %{name}-%{sover} -p /sbin/ldconfig %postun -n %{name}-%{sover} -p /sbin/ldconfig %post udev %{udev_rules_update} %postun udev %{udev_rules_update} %files -n %{name}-%{sover} %license LICENSE %doc README.adoc %{_libdir}/%{name}.so.* %files -n %{name}-devel %{_includedir}/*.h %dir %{_includedir}/fido %{_includedir}/fido/*.h %{_libdir}/%{name}.so %{_mandir}/man3/* %{_libdir}/pkgconfig/* %files udev %{_udevrulesdir}/70-fido2.rules %files -n %{name}-utils %{_bindir}/fido2-* %{_mandir}/man1/* %changelog * Fri Jul 3 2020 Ismail Dönmez - Create a udev subpackage and ship the udev rule * Thu Jul 2 2020 Ismail Dönmez - Don't build with hidapi support to fix issues with Yubikey 5Ci https://github.com/Yubico/libfido2/issues/190 * Mon May 25 2020 Ismail Dönmez - Update to version 1.4.0 * hid_hidapi: hidapi backend; enable with -DUSE_HIDAPI=1. * Fall back to U2F if the key claims to, but does not support FIDO2. * FIDO2 credential protection (credprot) support. * New API calls: + fido_cbor_info_fwversion; + fido_cred_prot; + fido_cred_set_prot; + fido_dev_set_transport_functions; + fido_set_log_handler. * Fixed EdDSA and RSA self-attestation. * Sun Mar 1 2020 Marcus Rueckert - Version 1.3.1 - fix zero-ing of le1 and le2 when talking to a U2F device. - dropping sk-libfido2 middleware, please find it in the openssh tree. * Sun Dec 8 2019 Karol Babioch - Version 1.3.0 (2019-11-28) * assert/hmac: encode public key as per spec, gh#60. * fido2-cred: fix creation of resident keys. * fido2-{assert,cred}: support for hmac-secret extension. * hid_osx: detect device removal, gh#56. * hid_osx: fix device detection in MacOS Catalina. * New API calls: - fido_assert_set_authdata_raw; - fido_assert_sigcount; - fido_cred_set_authdata_raw; - fido_dev_cancel. * Middleware library for use by OpenSSH. * Support for biometric enrollment. * Support for OpenBSD. * Support for self-attestation. * Mon Sep 16 2019 simmphonie@opensuse.org - Version 1.2.0 (released 2019-07-26) * Credential management support. * New API reflecting FIDO’s 3-state booleans (true, false, absent): - fido_assert_set_up; - fido_assert_set_uv; - fido_cred_set_rk; - fido_cred_set_uv. * Command-line tools for Windows. * Documentation and reliability fixes. * fido_{assert,cred}_set_options() are now marked as deprecated. * Tue May 28 2019 Karol Babioch - Version 1.1.0 (released 2019-05-08) * EdDSA (Ed25519) support. * fido_dev_make_cred: fix order of CBOR map keys. * fido_dev_get_assert: plug memory leak when operating on U2F devices. * Sat Apr 20 2019 Jan Engelhardt - Use automatic dependency discovery for libfido2-utils -> libfido2-1_0-0. * Tue Apr 16 2019 Karol Babioch - Added Conflicts to libfido2-0_4_0 to make sure upgrade goes smoothly as outline in sr#690566 * Tue Apr 2 2019 Karol Babioch - Split utilities into sub-package libfido2-utils and package man pages correctly (bsc#1131163) * Thu Mar 21 2019 Karol Babioch - Version 1.0.0 (released 2019-03-21) * Native HID support on Linux, MacOS, and Windows. * fido2-{assert,cred}: new -u option to force U2F on dual authenticators. * fido2-assert: support for multiple resident keys with the same RP. * Strict checks for CTAP2 compliance on received CBOR payloads. * Better fuzzing harnesses. * Documentation and reliability fixes. * Wed Jan 9 2019 Karol Babioch - Version 0.4.0 (released 2019-01-07) * fido2-assert: print the user id for resident credentials. * Fix encoding of COSE algorithms when making a credential. * Rework purpose of fido_cred_set_type; no ABI change. * Minor documentation and code fixes. - Dropped patch that is included upstream now: fix-release-build.patch * Mon Oct 1 2018 Karol Babioch - Added patch: * fix-release-build.patch: Disables regression tests as proposed by upstream * Mon Oct 1 2018 Karol Babioch - Applied spec-cleaner * Sun Sep 30 2018 t.gruner@katodev.de - Build package without regression tests - Version 0.3.0 (released 2018-09-11) - Various reliability fixes. - Merged fuzzing instrumentation. - Added regress tests. - Added support for FIDO 2’s hmac-secret extension. - New API calls: * fido_assert_hmac_secret_len; * fido_assert_hmac_secret_ptr; * fido_assert_set_extensions; * fido_assert_set_hmac_salt; * fido_cred_set_extensions; * fido_dev_force_fido2. - Support for native builds with Microsoft Visual Studio 17. * Fri Sep 28 2018 Jan Engelhardt - Fix RPM group. Wrap description. * Thu Jun 21 2018 t.gruner@katodev.de - Version 0.2.0 (released 2018-06-20) - Added command-line tools. - Added a couple of missing get functions. - Version 0.1.1 (released 2018-06-05) - Added documentation. - Added OpenSSL 1.0 support. - Minor fixes. * Sun May 27 2018 t.gruner@katodev.de - update to version 0.1.0 * Mon Apr 30 2018 t.gruner@katodev.de - Initial release version 0_git