mirror of
https://github.com/danog/fast-srp.git
synced 2024-11-30 04:19:18 +01:00
9188deabd4
Bumps [json5](https://github.com/json5/json5) from 2.1.3 to 2.2.3. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v2.1.3...v2.2.3) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> |
||
---|---|---|
.github/workflows | ||
docs | ||
jsbn | ||
src | ||
.eslintrc | ||
.gitignore | ||
LICENSE | ||
package-lock.json | ||
package.json | ||
README.md | ||
SRP Design.md | ||
tsconfig.json | ||
typedoc.json |
fast-srp-hap
Is a pure NodeJS implementation of the SRP6a protocol.
It's a derived work of Jed Parson's node-srp and Tom Wu's jsbn.
Full documentation can be found here.
Creating the Verifier
import { SRP } from 'fast-srp-hap';
/**
* Computes the verifier of a user. Only needed to add the user to the auth system.
*
* @param {string} I Username to compute verifier
* @param {string} P Password
* @return {Promise<{salt: Buffer, verifier: Buffer}>}
*/
async function srp6a_create_user(I: string, P: string) {
const salt = await SRP.genKey(32);
return {
// The salt is required for authenticating the user later
salt,
verifier: SRP.computeVerifier(SRP.params[4096], salt, Buffer.from(I), Buffer.from(P)),
};
}
await srp6a_create_user('Zarmack Tanen', '*****').then(({salt, verifier}) => {
console.log('SRP6a verifier and salt of Zarmack Tanen user is %s and %s',
verifier.toString('hex'), salt.toString('hex'));
});
Server
import {SRP, SrpServer} from 'fast-srp-hap';
(async () => {
// Get the user details from somewhere
const user = {
username: 'username', // Or a Buffer
// If we have the plaintext password
salt: await SRP.genKey(32),
password: 'password', // Or a Buffer
// If we have a saved verifier
salt: Buffer.from('...'),
verifier: Buffer.from('...'),
};
// Generate a secret key
const secret = await SRP.genKey(32);
const server = new SrpServer(SRP.params[3076], user, secret); // For Apple SRP use params.hap
// ...
})();