FIDO2 roaming authenticator implementation using a Raspberry Pi zero
Required:
- Raspberry Pi Zero (WiFi is not used so no need for the more expensive Pi Zero W)
- SD card (8 GB is more than enough)
- USB cable (micro USB B male to whatever your computer uses, eg USB A male or USB C male)
Optional:
- Adafruit Infineon Trust M Breakout Board (for protection against cloning)
- Qwiic button (for User Presence)
- SparkFun Qwiic SHIM for Raspberry Pi (when using Qwicc/Stemma boards)
- 2x20-pin strip male header (when using Qwicc/Stemma boards)
- Qwiic Cable (0-2, one for each Qwicc/Stemma devices used)
Total costs: around 10-20 USD.
Primary use case is testing FIDO2 clients using a real USB-HID device. But using the secure element you can build one for production use.
U2FDevice - A program to allow Raspberry Pi Zeros to act as U2F tokens . a similar project implemented in C++, but without cloning protection and CTAP2 support.