0.0.3 • Published 8 years ago

yubikey-validator v0.0.3

Weekly downloads
4
License
MIT
Repository
-
Last release
8 years ago

yubikey-validator

Installation

npm install --save yubikey-validator

Usage

const YubikeyValidator = require('yubikey-validator');

const validator = new YubikeyValidator('aesKey', 'expectedUID', 'apiClientID', 'apiSecretKey');
validator.validate('eidfccegieunchetbgurtuhbgeichgubhfllkhfubfut', (err) => {
  console.log(err);  // null if the OTP valid
});

Motivation

There are many Yubikey OTP validation libraries available already, but none of them (as far as I can tell) combine identity validation and YubiCloud OTP validation. The former is especially important for uses cases that you want a specific Yubikey for validation against a personal service.

This library both

  1. Decrypts the OTP with a known AES key to ensure that the key's identity (UID) matches a specified truth-value UID
  2. Queries the YubiCloud API to ensure the validity of the OTP (given a client ID and secret key generated for use with the API)
yubikeyotp
0.0.3

8 years ago