1.0.3 • Published 1 year ago

@chihuo/srpclient v1.0.3

Weekly downloads
-
License
MIT
Repository
-
Last release
1 year ago

@chihuo/srpclient

Secure Remote Password For JS Client (node/browserify)

server for go link: chi_go_srp

install

import srp from "@chihuo/srpclient";

example

server is chi_go_srp for go

  1. register: client send salt, username, verifier to server
import srp from "@chihuo/srpclient";

const username = "chihuo";
const password = "123456";

const params = srp.params["2048"];
const salt = srp.genKey();
const u = Buffer.from(username, "utf-8");
const p = Buffer.from(password, "utf8");
const verifier = srp.computeVerifier(params, salt, u, p);
var req = {
  username: username,
  salt: salt.toString("hex"),
  verifier: verifier.toString("hex"),
};
  1. login: client send public key (computeA) to server and save to database
let secretClient = srp.genKey();
let client = new srp.Client(params, secretClient);
let ephemeralA = client.computeA();
var req = {
    username: username,
    ephemeralA: ephemeralA.toString("hex"),
};

  1. login: server send public key (computeB), salt to client

  2. login: client send match key (m1) to server, salt from server response

let salt = Buffer.from(response.salt, "hex");
const u = Buffer.from(username, "utf-8");
const p = Buffer.from(password, "utf8");

client.setPrivate(params, salt, u, p);
client.setB(ephemeralB);
let m1 = client.computeM1();

req = {
username: username,
m1: m1.toString("hex"),
};

  1. login: server check m1, if ok return m2 to client

  2. login: client check m2 (optional step)

let m2 = Buffer.from(response.m2, "hex");
let ok = client.checkM2(m2)
assertbignum-browserifybuffercrypto-browserifycrypto-random-hexjs-sha256stream-browserify
@everything-registry/sub-chunk-168
1.0.3

1 year ago

1.0.2

1 year ago

1.0.1

1 year ago

1.0.0

1 year ago