UNPKG

@scirexs/srp6a

Version:

SRP-6a (Secure Remote Password) implementation in TypeScript for browser and server.

github.com/scirexs/srp6a

scirexs/srp6a

108 lines 4.75 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
export { createEvidence, createLoginHello, createUserCredentials, extractLoginResult, extractServerHello, verifyServer }; import { CryptoNumber, type SRPConfig } from "../shared/crypto.js"; import type { AuthResult, ClientHello, CryptoKeyPair, KeyPair, LoginEvidence, ServerHello, SignupCredentials } from "../shared/types.js"; /** * Creates user credentials for SRP6a signup process. * Generates salt, computes identity and secret, then calculates verifier. * * @param username - The username for the account * @param password - The password for the account * @param config - SRP configuration object * @returns Promise that resolves to signup credentials containing username, salt, and verifier * * @example * ```ts * const credentials = await createUserCredentials("user123", "password123", config); * console.log(credentials); // { username: "user123", salt: "...", verifier: "..." } * ``` */ declare function createUserCredentials(username: string, password: string, config: SRPConfig): Promise<SignupCredentials>; /** * Creates the initial client hello message for SRP6a login process. * Generates a key pair and returns both the hello message and the key pair. * * @param username - The username attempting to login * @param config - SRP configuration object * @returns Tuple containing [ClientHello message, KeyPair for the session] * * @example * ```ts * const [hello, keyPair] = createLoginHello("user123", config); * // Send hello to server, keep keyPair for evidence creation * ``` */ declare function createLoginHello(username: string, config: SRPConfig): [ClientHello, KeyPair]; /** * Creates login evidence after receiving server hello response. * Computes client evidence and expected server evidence for mutual authentication. * * @param username - The username attempting to login * @param password - The password for authentication * @param salt - Salt value from server (string or CryptoNumber) * @param server - Server's public key (string or CryptoNumber) * @param pair - Client's key pair from login hello * @param config - SRP configuration object * @returns Promise that resolves to tuple containing [LoginEvidence, expected server evidence] * @throws Error if server's public key is invalid * * @example * ```ts * const [evidence, expected] = await createEvidence( * "user123", * "password123", * serverSalt, * serverPublicKey, * clientKeyPair, * config * ); * ``` */ declare function createEvidence(username: string, password: string, salt: string | CryptoNumber, server: string | CryptoNumber, pair: KeyPair | CryptoKeyPair, config: SRPConfig): Promise<[LoginEvidence, string]>; /** * Verifies server evidence against expected value for mutual authentication. * Ensures that the server has knowledge of the shared secret by comparing evidence values. * * @param expected - The expected server evidence computed by client * @param evidence - The actual server evidence received from server * @returns True if server evidence matches expected value, false otherwise * * @example * ```ts * const isServerValid = verifyServer(expectedEvidence, serverEvidence); * if (!isServerValid) { * throw new Error("Server authentication failed"); * } * ``` */ declare function verifyServer(expected: string, evidence: string): boolean; /** * Extracts server hello information from HTTP response, if server used this library. * Parses the response and validates that it contains required salt and server properties. * * @param response - HTTP response from server hello endpoint * @returns Promise that resolves to ServerHello object containing salt and server public key * @throws Error if response is not OK, not JSON, or missing required properties * * @example * ```ts * const response = await fetch("/api/login/hello", { method: "POST", ... }); * const { salt, server } = await extractServerHello(response); * ``` */ declare function extractServerHello(response: Response): Promise<ServerHello>; /** * Extracts login result from HTTP response after evidence submission, if server used this library. * Parses the response and validates that it contains required result and evidence properties. * * @param response - HTTP response from login evidence endpoint * @returns Promise that resolves to AuthResult object containing result status and server evidence * @throws Error if response is not OK, not JSON, or missing required properties * * @example * ```ts * const response = await fetch("/api/login/evidence", { method: "POST", ... }); * const { result, evidence } = await extractLoginResult(response); * ``` */ declare function extractLoginResult(response: Response): Promise<AuthResult>; //# sourceMappingURL=main.d.ts.map