ZeroTwo

这是由Laurent Chuat, Sarah Plocher, Adrian Perrig设计的认证方案的椭圆曲线实现。

这是一个最先进且用户友好的协议，结合了SRS、PAKE和2FA的最佳特性。

使用方法

// Initial setup
let master_secret = "Keep my secret darling!".as_bytes().to_vec();
let user_id = "Hiro".as_bytes().to_vec();
let server_id = "Strelizia".as_bytes().to_vec();
let duration = 10000u32;
// On registration
let verifier = register(&user_id, &server_id, &master_secret);
// Called on every login attempt by the server
// It's the server's responsibility to look up the verifier data associated with a user
// This challenge can be shown on independent plaintext channels like QR codes
let challenge = gen_challenge(&verifier.public);
// Called on every login attempt by the client
let proof = prove(&user_id, &server_id, &challenge.public,
				   &master_secret, duration);
// Verification
assert!(verify(&user_id, &server_id, challenge, proof, &verifier.public, duration));

Wasm绑定

如果您已设置wasm-pack，则可以使用以下命令构建库：

wasm-pack build 或 wasm-pack build --target=nodejs 用于Node

这将在/pkg下生成绑定，您可以在test.js中看到如何使用

const user_id = 'hiro'
const server_id = 'Strelizia'
const master_secret = 'Keep my secret darling!'
const duration = 10000
const zeroTwo = require('./pkg/zerotwo.js')

const verifier = zeroTwo.register(user_id, server_id, master_secret)
// save as verifier.to_js()
// load as zeroTwo.KeyPair.from_js(...)
const challenge = zeroTwo.gen_challenge(verifier.pubkey())
// save as challenge.to_js()
// load as zeroTwo.KeyPair.from_js(...)
const proof = zeroTwo.prove(user_id, server_id, challenge.pubkey(),
                            master_secret, duration)
// save as proof.to_js()
// load as zeroTwo.Proof.from_js(...)
const authenticated = zeroTwo.verify(user_id, server_id, challenge, 
                                     proof, verifier.pubkey(), duration)
if (authenticated) {
  console.log("you are my darling!");
}

免责声明

此发行版包含加密软件。您当前居住的国家可能对加密软件的进口、拥有、使用和/或重新出口到另一个国家/地区有限制。在使用任何加密软件之前，请检查您国家有关加密软件的进口、拥有或使用以及重新出口的法律、法规和政策，以查看是否允许。更多信息请参见http://www.wassenaar.org/。