npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

spake2-ee

v0.1.0

Published

Implementation of SPAKE2-EE password authenticated key agreement protocol described [here](https://moderncrypto.org/mail-archive/curves/2015/000424.html)

Downloads

3

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

chm-diederichschm-diederichs

Keywords

Readme

SPAKE2-EE

Implementation of SPAKE2-EE password authenticated key agreement protocol described here

Installation

npm install --save spake2-ee

Usage

const { Client, SpakeSharedKeys } = require('spake2-ee')

const pwd = Buffer.from('password')

const server = new Server(Buffer.from('serverId'))
const client = new Client(Buffer.from('clientId'))

server.register(pwd, OPS, MEM, Buffer.from('579daa4d7bf3ca0e0b6c48b90c4ec515', 'hex'))

// server initiates protocol
const public = server.init()

// send to server
const step = client.generate(public, pwd)

// server processes response
const response1 = server.respond(client.id, step1)

// send result to server, store sharedKeys safely
const sharedKeys = new SpakeSharedKeys()
const step2 = client.finalise(sharedKeys, server.id, res)

// server verifies result and stores key
const serverSharedKeys = server.finalise(step2)

API

Server

Class implementing server-side logic.

const server = new Server(serverId)

Instantiate a server. serverId should be passed as a buffer or TypedArray.

Calling server.id will return the server's id.

const publicData = server.register(pwd, opslimit, memlimit)

Server registers a user and their password. pwd should be a buffer, opslimit and memlimit are constants passed to argon2id password hashing algorithm, see sodium-native docs for appropriate constants.

const res = server.respond(clientId, msg)

Respond to a registered user initiating a key agreement protocol. clientId shoudl be a buffer or TypedArray, msg should be a buffer or TypedArray received from the client.

Returns the response for the client if their message is correctly formed, otherwise an error will throw.

const keys = server.finalise(msg)

Finalise the protocol. Return the shared secrets if the protocol has been executed correctly, otherwsie an error will throw.

Client

Class implementing client-side logic.

const client = new Client(clientId)

Instantiate a client. clientId should be passed as a buffer or TypedArray.

Calling client.id will return the client's id.

const init = client.generate(publicData, pwd)

Initiate a key agreement protocol using the publicData obtained during registration. pwd should be a buffer or TypedArray representing the password used to register with the server.

const res = client.finalise(sharedKeys, serverId, msg)

Complete the key agreement protocol and store the keys into sharedkeys, which must be an instance of SpakeSharedKeys. serverId should be passed as a buffer or TypedArray and msg should be the exact output of server.respond

An error will be thrown if the server's response is malformed.

Shared Keys

const keys = new SpakeSharedKeys()

A class storing the derived shared secrets.

keys.serverSk

Server's secret

keys.clientSk

Client's secret