Is a pure NodeJS implementation of the SRP6a protocol.
It's a derived work of Jed Parson's node-srp and Tom Wu's jsbn.
import { SRP } from 'fast-srp-hap';
/**
* Computes the verifier of a user. Only needed to add the user to the auth system.
*
* @param {string} I Username to compute verifier
* @param {string} P Password
* @return {Promise<{salt: Buffer, verifier: Buffer}>}
*/
async function srp6a_create_user(I: string, P: string) {
const salt = await SRP.genKey(32);
return {
// The salt is required for authenticating the user later
salt,
verifier: SRP.computeVerifier(SRP.params[4096], salt, Buffer.from(I), Buffer.from(P)),
};
}
await srp6a_create_user('Zarmack Tanen', '*****').then(({salt, verifier}) => {
console.log('SRP6a verifier and salt of Zarmack Tanen user is %s and %s',
verifier.toString('hex'), salt.toString('hex'));
});
import {SRP, SrpServer} from 'fast-srp-hap';
(async () => {
// Get the user details from somewhere
const user = {
username: 'username', // Or a Buffer
// If we have the plaintext password
salt: await SRP.genKey(32),
password: 'password', // Or a Buffer
// If we have a saved verifier
salt: Buffer.from('...'),
verifier: Buffer.from('...'),
};
// Generate a secret key
const secret = await SRP.genKey(32);
const server = new SrpServer(SRP.params[3076], user, secret); // For Apple SRP use params.hap
// ...
})();