GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → breard-r → Libreauth

breard-r / Libreauth

Licence: other
LibreAuth is a collection of tools for user authentication.

Programming Languages

rust
11053 projects

Labels

securitylibraryauthenticationpasswordtotphotp

Projects that are alternatives of or similar to Libreauth

Multiotp
multiOTP open source strong two factor authentication PHP library, OATH certified, with TOTP, HOTP, Mobile-OTP, YubiKey, SMS, QRcode provisioning, etc.
Stars: ✭ 173 (-13.93%)
Mutual labels:  authentication, totp, hotp
Go Guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.
Stars: ✭ 204 (+1.49%)
Mutual labels:  authentication, totp, hotp
One Time
One Time Password (TOTP and HOTP) library for Clojure. TOTP/HOTP is widely used for Two Factor / Multi Factor Authentication.
Stars: ✭ 129 (-35.82%)
Mutual labels:  totp, hotp
Otpauth
One Time Password (HOTP/TOTP) library for Node.js, Deno and browsers.
Stars: ✭ 135 (-32.84%)
Mutual labels:  totp, hotp
Authenticatorpro
📱 Two-Factor Authentication (2FA) client for Android + Wear OS
Stars: ✭ 155 (-22.89%)
Mutual labels:  totp, hotp
Swiftotp
A Swift library for generating One Time Passwords (OTP)
Stars: ✭ 119 (-40.8%)
Mutual labels:  totp, hotp
Auth
Authenticator via oauth2
Stars: ✭ 118 (-41.29%)
Mutual labels:  library, authentication
Weihanli.common
common tools,methods,extension methods etc... .net 常用工具类,公共方法,常用扩展方法等,基础类库
Stars: ✭ 152 (-24.38%)
Mutual labels:  library, totp
Oathgen
A command line HOTP and TOTP client
Stars: ✭ 48 (-76.12%)
Mutual labels:  totp, hotp
Supertokens Core
Open source alternative to Auth0 / Firebase Auth / AWS Cognito
Stars: ✭ 2,907 (+1346.27%)
Mutual labels:  authentication, password
Huge
Simple user-authentication solution, embedded into a small framework.
Stars: ✭ 2,125 (+957.21%)
Mutual labels:  authentication, password
Ngx Api Utils
ngx-api-utils is a lean library of utilities and helpers to quickly integrate any HTTP API (REST, Ajax, and any other) with Angular.
Stars: ✭ 92 (-54.23%)
Mutual labels:  library, authentication
Totp Cli
A cli-based pass-backed TOTP app
Stars: ✭ 76 (-62.19%)
Mutual labels:  authentication, totp
Fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
Stars: ✭ 1,738 (+764.68%)
Mutual labels:  library, authentication
Jsotp
Javascript One-Time Password module.
Stars: ✭ 71 (-64.68%)
Mutual labels:  totp, hotp
Aegis
A free, secure and open source app for Android to manage your 2-step verification tokens.
Stars: ✭ 2,692 (+1239.3%)
Mutual labels:  totp, hotp
Mysql Unsha1
Authenticate against a MySQL server without knowing the cleartext password
Stars: ✭ 191 (-4.98%)
Mutual labels:  authentication, password
Mintotp
Minimal TOTP generator in 20 lines of Python
Stars: ✭ 678 (+237.31%)
Mutual labels:  totp, hotp
Otphp
🔐 A PHP library for generating one time passwords according to RFC 4226 (HOTP) and the RFC 6238 (TOTP)
Stars: ✭ 857 (+326.37%)
Mutual labels:  totp, hotp
Passw0rd
🔑securely checks a password to see if it has been previously exposed in a data breach
Stars: ✭ 159 (-20.9%)
Mutual labels:  library, password
View All Similar Projects ➔

LibreAuth

Build Status LibreAuth on crates.io LibreAuth on docs.rs License: CeCILL-C License: CeCILL-2.1

LibreAuth is a collection of tools for user authentication.

Features

  • Password / passphrase authentication
    • [x] no character-set limitation
    • [x] reasonable length limit (security vs. DOS)
    • [x] strong, evolutive and retro-compatible password hashing functions
    • [x] NFKC normalization for Unicode passwords
    • [x] optional NIST Special Publication 800-63B compatibility
    • [x] optional additional HMAC with an external salt before or after hashing the password
  • HOTP - HMAC-based One-time Password Algorithm (OATH - RFC 4226)
    • [x] the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • [x] customizable counter
    • [x] customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • [x] customizable output length
    • [x] customizable output alphabet
  • TOTP - Time-based One-time Password Algorithm (OATH - RFC 6238)
    • [x] the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • [x] customizable timestamp
    • [x] customizable period
    • [x] customizable initial time (T0)
    • [x] customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • [x] customizable output length
    • [x] customizable output alphabet
    • [x] customizable positive and negative period tolerance
  • Random key generation
    • [x] uses the platform's secure entropy source
    • [x] customizable size
    • [x] customizable output format (Vec, hexadecimal string, base32 string, base64 string)
  • WebAuthn - Web Authentication: An API for accessing Public Key Credentials Level 1 (W3C) ⚠️ Not started yet
    • [ ] authenticator API
    • [ ] server API

Status

The project itself is still in development and therefore should not be used in production before version 1.0.0. Below is the list of features that will be present in the first stable version and their individual status.

  • OATH HOTP/TOTP: almost ready!
    • ✅ lot of features
    • ✅ stable API
    • ⚠️ lack of peer review
  • Password / passphrase authentication: not ready yet.
    • ✅ sane defaults
    • ‼️ almost stable API
    • ⚠️ lack of peer review
  • Random key generation: almost ready!
    • ⚠️ almost stable API
    • ⚠️ lack of peer review

Using within a Rust project

You can find LibreAuth on crates.io and include it in your Cargo.toml:

libreauth = "*"

Modules can be cherry-picked using default-features = false and then using only the features you want.

[dependencies.libreauth]
version = "*"
default-features = false
features = ["key", "oath", "pass"]

Using outside Rust

In order to build LibreAuth, you will need the Rust compiler and its package manager, Cargo. The minimal required Rust version is 1.41, although it is recommended to use the latest stable one.

$ make
$ make install

Quick examples

Rust

More examples are available in the documentation.

use libreauth::oath::TOTPBuilder;

fn main() {
    let key = "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ".to_string();
    let code = TOTPBuilder::new()
        .base32_key(&key)
        .finalize()
        .unwrap()
        .generate();
    assert_eq!(code.len(), 6);
}

C

#include <stdio.h>
#include <libreauth.h>

int main(void) {
  struct libreauth_totp_cfg cfg;
  char   code[7], key[] = "12345678901234567890";

  if (libreauth_totp_init(&cfg) != LIBREAUTH_OTP_SUCCESS) {
    return 1;
  }
  cfg.key = key;
  cfg.key_len = strlen(key);
  if (libreauth_totp_generate(&cfg, code) != LIBREAUTH_OTP_SUCCESS) {
    return 2;
  }

  printf("%s\n", code);

  return 0;
}

$ cc -o totp totp.c -llibreauth
$ ./totp
848085

License

LibreAuth is a free software available either under the CeCILL-C or the CeCILL 2.1 license. For a quick summary of those licenses, you can read the frequently asked questions on the licenses' website. A full copy of those licenses are available in this repository both in english and french.

While the CeCILL 2.1 is the original LibreAuth license, future versions may be published only under the CeCILL-C license. This change occurs because CeCILL 2.1 isn't really suited for a library since it is a "viral" license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].