LibreAuth is a collection of tools for user authentication.

Overview

LibreAuth

Build Status LibreAuth on crates.io LibreAuth on docs.rs License: CeCILL-C License: CeCILL-2.1

LibreAuth is a collection of tools for user authentication.

Features

  • Password / passphrase authentication
    • no character-set limitation
    • reasonable length limit (security vs. DOS)
    • strong, evolutive and retro-compatible password hashing functions
    • NFKC normalization for Unicode passwords
    • optional NIST Special Publication 800-63B compatibility
    • optional additional HMAC with an external salt before or after hashing the password
  • HOTP - HMAC-based One-time Password Algorithm (OATH - RFC 4226)
    • the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • customizable counter
    • customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • customizable output length
    • customizable output alphabet
  • TOTP - Time-based One-time Password Algorithm (OATH - RFC 6238)
    • the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • customizable timestamp
    • customizable period
    • customizable initial time (T0)
    • customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • customizable output length
    • customizable output alphabet
    • customizable positive and negative period tolerance
  • Random key generation
    • uses the platform's secure entropy source
    • customizable size
    • customizable output format (Vec, hexadecimal string, base32 string, base64 string)
  • WebAuthn - Web Authentication: An API for accessing Public Key Credentials Level 1 (W3C) ⚠️ Not started yet
    • authenticator API
    • server API

Status

The project itself is still in development and therefore should not be used in production before version 1.0.0. Below is the list of features that will be present in the first stable version and their individual status.

  • OATH HOTP/TOTP: almost ready!
    • lot of features
    • stable API
    • ⚠️ lack of peer review
  • Password / passphrase authentication: not ready yet.
    • sane defaults
    • ‼️ almost stable API
    • ⚠️ lack of peer review
  • Random key generation: almost ready!
    • ⚠️ almost stable API
    • ⚠️ lack of peer review

Using within a Rust project

You can find LibreAuth on crates.io and include it in your Cargo.toml:

libreauth = "*"

Modules can be cherry-picked using default-features = false and then using only the features you want.

[dependencies.libreauth]
version = "*"
default-features = false
features = ["key", "oath", "pass"]

Using outside Rust

In order to build LibreAuth, you will need the Rust compiler and its package manager, Cargo. The minimal required Rust version is 1.51, although it is recommended to use the latest stable one.

$ make
$ make install

Quick examples

Rust

More examples are available in the documentation.

use libreauth::oath::TOTPBuilder;

fn main() {
    let key = "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ".to_string();
    let code = TOTPBuilder::new()
        .base32_key(&key)
        .finalize()
        .unwrap()
        .generate();
    assert_eq!(code.len(), 6);
}

C

#include <stdio.h>
#include <libreauth.h>

int main(void) {
  struct libreauth_totp_cfg cfg;
  char   code[7], key[] = "12345678901234567890";

  if (libreauth_totp_init(&cfg) != LIBREAUTH_OTP_SUCCESS) {
    return 1;
  }
  cfg.key = key;
  cfg.key_len = strlen(key);
  if (libreauth_totp_generate(&cfg, code) != LIBREAUTH_OTP_SUCCESS) {
    return 2;
  }

  printf("%s\n", code);

  return 0;
}
$ cc -o totp totp.c -llibreauth
$ ./totp
848085

License

LibreAuth is a free software available either under the CeCILL-C or the CeCILL 2.1 license. For a quick summary of those licenses, you can read the frequently asked questions on the licenses' website. A full copy of those licenses are available in this repository both in english and french.

While the CeCILL 2.1 is the original LibreAuth license, future versions may be published only under the CeCILL-C license. This change occurs because CeCILL 2.1 isn't really suited for a library since it is a "viral" license.

Comments
  • [Feature] Use ring crypto crate, add generic parsing of PHC format hash fingerprints

    [Feature] Use ring crypto crate, add generic parsing of PHC format hash fingerprints

    • The rust-crypto crate has been replaced with ring
    • Dropped support for using SHA1 as a PRF
    • Added generic parsing of PHC format (the successor to modular crypt format)
    • rustfmt the entire codebase

    Why Use Ring

    The ring crate is under active development while development of rust-crypto has stalled. Using a crate that is being actively improved is important especially important for crypto because the validity of any crypto algorithm is eliminated over time by adversaries. In the short term ring provides a constant time pbkdf2 verify function. Additionally ring can be statically linked, which is important for my application.

    Why move to PHC format

    The library is already using PHC format instead of modular crypt format for producing and deriving portable fingerprints. The wikipedia page referenced for modular crypt format is actually about the updated PHC format, and that format is the one that the code on master is parsing and generating. I factored out the code that parses the PHC format fingerprints from the derivation and validity logic. I could not find any crates on crates.io that currently handle this format generically. rust-argon2 uses this format to create and read fingerprints internally, but it only exposes the completed String from the public API. I think parsing the format is a valuable distinct feature because it allows writing programs that work with hashed fingerprints outside of the realm of just accepting a password string and hashing it. For example, you could write short script to migrate a legacy database that did not use PHC format fingerprints to using PHC formated fingerprints without having to worry about serialization.

    I have replaced the PasswordDerivationFunctionBuilder workflow with a single type that represents the PHC formatted string as a Rust struct and a higher order function.

    • string can be converted into a PHCEncoded struct
    • PHCEncoded struct can be converted into a string
    • PHCEncoded can be converted into a Boxed pointer to a function that will hash a password using that same algorithm, salt, and settings as the reference hash fingerprint. This performs the same way as PasswordDerivationFunctionBuilder, except now the state is explicitly passed in.

    Further Work

    This pull request is suggestion, I do not expect to merge this directly in without edits. Right now these changes are internal only, with the exception of dropping support for SHA1 based pbkdf2, the public API has neither been changed or increased. I am not sure why ring does not support SHA1 for pbkdf2. My understanding is that collisions in SHA1 do not affect its security as a PRF, however Brian Smith who is a much better cryptographer than I am has unit tests that explicitly reject using SHA1 for pbkdf2.

    Hopefully you can try out the new version in your internal application and verify that its behavior is identical. I only modified the three tests for the pass module, and that was to remove SHA1.

    opened by YetAnotherMinion 7
  • Key Uri Format for HOTP and TOTP

    Key Uri Format for HOTP and TOTP

    Hello

    This pull request contains the key_uri_format() method for the HOTP and TOTP types. This implementation was written according to the official Google specification. This format is used to generate QR codes.

    Example:

    let key_ascii = "12345678901234567890".to_owned();
    let mut totp = libreauth::oath::TOTPBuilder::new()
        .ascii_key(&key_ascii)
        .finalize()
        .unwrap();
    
    let uri = totp.key_uri_format("Provider1:[email protected]", Some("Provider1"));
    assert_eq!(
        uri,
        "otpauth://totp/Provider1:[email protected]?secret=GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ&issuer=Provider1&algorithm=SHA1&digits=6&period=30"
    );
    

    I've tested this on Android and it works fine. The tests were compared to the results of the following generator.

    Open considerations:

    • This feature is not implemented for the C bindings.
    • Certain apps such as FreeOTP will crash if the label is empty (""). Should this method return an error if that's the case? In the end, it's up to the developer to choose the label and requirements should not be enforced by this library.
    opened by lamafab 5
  • Fail to Compile on Windows 10 (Visual Studio 2017)

    Fail to Compile on Windows 10 (Visual Studio 2017)

    Actually I use this Crate within SSO Crate: (https://github.com/mojzu/sso) When compiling, an error message appears as below.

    ...
    " "opengl32.lib" "pdh.lib" "psapi.lib" "secur32.lib" "synchronization.lib" "user32.lib" "winspool.lib" "ws2_32.lib" "advapi32.lib" "advapi32.lib" "ws2_32.lib" "userenv.lib" "msvcrt.lib" "/DLL" "/IMPLIB:C:\\Users\\Altair\\RustLang\\sso\\sso\\target\\debug\\deps\\libreauth-31d786d1841dfabd.dll.lib"
      = note: lib.def : error LNK2001: unresolved external symbol _ZN101_$LT$core..ops..range..RangeTo$LT$usize$GT$$u20$as$u20$core..slice..SliceIndex$LT$$u5b$T$u5d$$GT$$GT$5index17h7d997d5ad475efa6E
              lib.def : error LNK2001: unresolved external symbol _ZN101_$LT$core..ops..range..RangeTo$LT$usize$GT$$u20$as$u20$core..slice..SliceIndex$LT$$u5b$T$u5d$$GT$$GT$9index_mut17hfcd3004d59b55041E
              lib.def : error LNK2001: unresolved external symbol _ZN4core10intrinsics23is_aligned_and_not_null17h004f31e9d3749227E
              lib.def : error LNK2001: unresolved external symbol _ZN4core3mem8align_of17h76a8694b42f8ab7bE
              lib.def : error LNK2001: unresolved external symbol _ZN4core3ptr20slice_from_raw_parts17h5eb3363f98bacd21E
              lib.def : error LNK2001: unresolved external symbol _ZN4core3ptr24slice_from_raw_parts_mut17h0d81b01af03b334aE          lib.def : error LNK2001: unresolved external symbol _ZN4core3ptr31_$LT$impl$u20$$BP$mut$u20$T$GT$6offset17h2be3b22172cbf407E
              lib.def : error LNK2001: unresolved external symbol _ZN4core3ptr31_$LT$impl$u20$$BP$mut$u20$T$GT$7is_null17h5d256813897e7b1fE
              lib.def : error LNK2001: unresolved external symbol _ZN4core5slice14from_raw_parts17h7eda3e6aa83543c9E
              lib.def : error LNK2001: unresolved external symbol _ZN4core5slice18from_raw_parts_mut17h24ee7f49401cd13bE
              lib.def : error LNK2001: unresolved external symbol _ZN4core5slice29_$LT$impl$u20$$u5b$T$u5d$$GT$10as_mut_ptr17h585545c221974ffdE
              lib.def : error LNK2001: unresolved external symbol _ZN4core5slice74_$LT$impl$u20$core..ops..index..Index$LT$I$GT$$u20$for$u20$$u5b$T$u5d$$GT$5index17h9eb3c88cffc0b562E
              lib.def : error LNK2001: unresolved external symbol _ZN4core5slice77_$LT$impl$u20$core..ops..index..IndexMut$LT$I$GT$$u20$for$u20$$u5b$T$u5d$$GT$9index_mut17h5105de3abfcbdcf6E
              lib.def : error LNK2001: unresolved external symbol _ZN55_$LT$$RF$T$u20$as$u20$core..convert..AsRef$LT$U$GT$$GT$6as_ref17hca492517a62ed7bdE
              lib.def : error LNK2001: unresolved external symbol _ZN63_$LT$I$u20$as$u20$core..iter..traits..collect..IntoIterator$GT$9into_iter17h47b87f9cd88a80edE
              lib.def : error LNK2001: unresolved external symbol _ZN63_$LT$I$u20$as$u20$core..iter..traits..collect..IntoIterator$GT$9into_iter17h67ee80a0073fb05eE
              lib.def : error LNK2001: unresolved external symbol _ZN85_$LT$core..slice..Iter$LT$T$GT$$u20$as$u20$core..iter..traits..iterator..Iterator$GT$4next17h236d91582e3fea51E
              lib.def : error LNK2001: unresolved external symbol _ZN88_$LT$core..slice..IterMut$LT$T$GT$$u20$as$u20$core..iter..traits..iterator..Iterator$GT$4next17h8e0ae1d9ba60fce8E
              lib.def : error LNK2001: unresolved external symbol _ZN99_$LT$core..ops..range..Range$LT$usize$GT$$u20$as$u20$core..slice..SliceIndex$LT$$u5b$T$u5d$$GT$$GT$13get_unchecked17he3dc0bafa3708c12E
              lib.def : error LNK2001: unresolved external symbol _ZN99_$LT$core..ops..range..Range$LT$usize$GT$$u20$as$u20$core..slice..SliceIndex$LT$$u5b$T$u5d$$GT$$GT$17get_unchecked_mut17hc008b1af8b00e9c3E
              lib.def : error LNK2001: unresolved external symbol _ZN99_$LT$core..ops..range..Range$LT$usize$GT$$u20$as$u20$core..slice..SliceIndex$LT$$u5b$T$u5d$$GT$$GT$5index17h20d37ee486013a67E
              lib.def : error LNK2001: unresolved external symbol _ZN99_$LT$core..ops..range..Range$LT$usize$GT$$u20$as$u20$core..slice..SliceIndex$LT$$u5b$T$u5d$$GT$$GT$9index_mut17h46dd287dd867c731E
              C:\Users\Afrizal Yusren\RustLang\sso\sso\target\debug\deps\libreauth-31d786d1841dfabd.dll.lib : fatal error LNK1120: 22 unresolved externals
    
    
    error: aborting due to previous error
    
    error: Could not compile `libreauth`.
    warning: build failed, waiting for other jobs to finish...
    

    Is there a special library for Windows that I need to include? thank you for your attention.

    bug 
    opened by young-altair 3
  • Best practices regarding password authentication for a Web service

    Best practices regarding password authentication for a Web service

    Hi. I'd like to ask some advice regarding the best way to use this library to implement password authentication for a Web service. I understand this might be out of scope of the project so please forgive me if I'm asking too much.

    I'm using HTTPS to connect to server. My client is in Rust compiled to WASM, server is in Rust. There are several questions:

    1. I've read that applying salt to hashed password is a good practice. How do I obtain this salt so that it would make sense from cryptography point of view? Doesn't look like I can pick any string of any length. Also, does it need to change? Should it be per user or per request? Should I apply it before or after hashing (since library has both)?
    2. Do I transmit the password in plain text over HTTPS and hash it on the server? I've read conflicting arguments on this. I believe this is the correct way to hash password and store it in the database because otherwise I'm trusting client's code and the password hash itself becomes visible on the wire for any MITM attacker (hence becoming the password).
    3. Example of doing password authentication has a case for password schema update. It says we should hash it again. Since we're not storing the original password, we should be doing a password reset procedure for the user, so that they can enter their old and new passwords, and we could hash new one and update the schema. Is that correct?
    opened by mkpankov 2
  • Question: Oath module?

    Question: Oath module?

    Is there a reason why oath is named oath? The description is just

    HOTP and TOTP authentication module

    Or is it linked to the https://openauthentication.org/ organization? Is it a typo? Why isn't it otp?

    opened by pickfire 2
  • Password authentication status

    Password authentication status

    Hi!

    The README says that password authentication is not ready yet.

    I've read the code and it seems to me that all the necessary features are implemented and the API is pretty clear.

    Is there anything that should be done before password authentication can be considered ready/complete ?

    opened by alexwl 2
  • [Question] Design goals

    [Question] Design goals

    I been reading the source code and I am hoping you will correct my current understanding of what this crate does.

    My understanding is that this crate only has 3 areas of functionality

    • Generate and verify TOTP codes from a key passed in
    • Generate and verify HOTP codes from a a key passed in
    • Generate PHC format from password and salt and verify password against PHC string?

    Additionally each of these areas have excellent user facing documentation, C library bindings, and thorough tests which are very nice. The API is simple and easy to use.

    The password verification functionality is what I am most interested in because I do not understand what is going on inside pass::is_valid(password: &str, reference: &str) -> bool. I think reference is the PHC format password hash information string. First the PHC string is inspected to choose the right hash function (with same salt and workfactor). Once the hash function "closure" is set up, hash the user provided password. Next is where I get lost. A random 32 byte key is generated and used to sign and HMAC value for both the reference PHC string and the PHC string generated from the user password. The password is verified only if the HMAC values match.

    To me there is real value with parsing and serializing the PHC format. I like that API boundary decision because it lets me use a single DB column value. What I do not understand is why not use the crypto library's pbkdf2::verify implementation instead of this double HMAC result checking scheme?

    opened by YetAnotherMinion 2
  • Update base64 requirement from ^0.13 to ^0.20

    Update base64 requirement from ^0.13 to ^0.20

    Updates the requirements on base64 to permit the latest version.

    Changelog

    Sourced from base64's changelog.

    0.20.0

    Breaking changes

    • Update MSRV to 1.57.0
    • Decoding can now either ignore padding, require correct padding, or require no padding. The default is to require correct padding.
      • The NO_PAD config now requires that padding be absent when decoding.

    0.20.0-alpha.1

    Breaking changes

    • Extended the Config concept into the Engine abstraction, allowing the user to pick different encoding / decoding implementations.
      • What was formerly the only algorithm is now the FastPortable engine, so named because it's portable (works on any CPU) and relatively fast.
      • This opens the door to a portable constant-time implementation (#153, presumably ConstantTimePortable?) for security-sensitive applications that need side-channel resistance, and CPU-specific SIMD implementations for more speed.
      • Standard base64 per the RFC is available via DEFAULT_ENGINE. To use different alphabets or other settings (padding, etc), create your own engine instance.
    • CharacterSet is now Alphabet (per the RFC), and allows creating custom alphabets. The corresponding tables that were previously code-generated are now built dynamically.
    • Since there are already multiple breaking changes, various functions are renamed to be more consistent and discoverable.
    • MSRV is now 1.47.0 to allow various things to use const fn.
    • DecoderReader now owns its inner reader, and can expose it via into_inner(). For symmetry, EncoderWriter can do the same with its writer.
    • encoded_len is now public so you can size encode buffers precisely.

    0.13.1

    • More precise decode buffer sizing, avoiding unnecessary allocation in decode_config.

    0.13.0

    • Config methods are const
    • Added EncoderStringWriter to allow encoding directly to a String
    • EncoderWriter now owns its delegate writer rather than keeping a reference to it (though refs still work)
      • As a consequence, it is now possible to extract the delegate writer from an EncoderWriter via finish(), which returns Result<W> instead of Result<()>. If you were calling finish() explicitly, you will now need to use let _ = foo.finish() instead of just foo.finish() to avoid a warning about the unused value.
    • When decoding input that has both an invalid length and an invalid symbol as the last byte, InvalidByte will be emitted instead of InvalidLength to make the problem more obvious.

    0.12.2

    • Add BinHex alphabet

    0.12.1

    • Add Bcrypt alphabet

    0.12.0

    • A Read implementation (DecoderReader) to let users transparently decoded data from a b64 input source
    • IMAP's modified b64 alphabet
    • Relaxed type restrictions to just AsRef<[ut8]> for main encode*/decode* functions
    • A minor performance improvement in encoding

    0.11.0

    • Minimum rust version 1.34.0

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Update pbkdf2 requirement from ^0.10 to ^0.11

    Update pbkdf2 requirement from ^0.10 to ^0.11

    Updates the requirements on pbkdf2 to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Update rust-argon2 requirement from ^0.8 to ^1.0

    Update rust-argon2 requirement from ^0.8 to ^1.0

    Updates the requirements on rust-argon2 to permit the latest version.

    Changelog

    Sourced from rust-argon2's changelog.

    1.0.0

    • Remove deprecated functions.
    • Update constant_time_eq to 0.1.5.
    • Update serde to 1.0.133.
    • Update blake2b_simd to 1.0.

    0.8.3

    • Replace transmute with to_le_bytes.
    • Update base64 to version 0.13.
    • Update crossbeam-utils to version 0.8.
    • Update hex to version 0.4.
    • Derive Clone for Error struct.
    • Add optional serde support for Error struct.

    0.8.2

    • Change base64 to latest version (0.12).

    0.8.1

    • Fix issue with verifying multi-lane hashes with parallelism disabled (#27)

    0.8.0

    • Make parallelism optional via feature flag.

    0.7.0

    • Update crossbeam-utils dependency to 0.7.

    0.6.1

    • Use constant time equals to compare hashes.

    0.6.0

    • Use 2018 edition or Rust
    • Use &dyn error::Error instead of &error::Error
    • Fix clippy lints
    • Allow callers of encode_string to pass any &[u8]
    • Update base64 dependency.

    ... (truncated)

    Commits
    • 8f6b42f Bump version to 1.0.0.
    • dfb7458 Remove deprecated functions.
    • 9edb0fa Update dependencies.
    • 4afd144 Merge pull request #45 from maxx-timing/update-blake2b
    • ce1ef1f Update blake2b_simd to 1.0.0
    • 79b3176 Bump version to 0.8.3.
    • a075a8e Merge pull request #42 from kazcw/master
    • 7c9dba2 Merge pull request #39 from sdroege/base64-0.13
    • 4da2ac0 replace transmute with to_le_bytes
    • 388d31f Update crossbeam-utils dependency to 0.8
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Update sha-1 requirement from ^0.9 to ^0.10

    Update sha-1 requirement from ^0.9 to ^0.10

    Updates the requirements on sha-1 to permit the latest version.

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
Owner
Rodolphe Bréard
Dev Rust/Python.
Rodolphe Bréard
Use Touch ID / Secure Enclave for SSH Authentication!

SeKey About SeKey is a SSH Agent that allow users to authenticate to UNIX/Linux SSH servers using the Secure Enclave How it Works? The Secure Enclave

SeKey 2.3k Jan 5, 2023
End-to-end encryption and mutual authentication for distributed applications.

✨ Hands-on Introduction: Build end-to-end encrypted, mutually-authenticated, secure messaging in Rust ✨ Rust and Elixir libraries for end-to-end encry

Ockam | Trust for Data-in-Motion 2.8k Jan 2, 2023
CLI tool for managing your 2FA authentication codes written in pure Rust.

(O)TP (VA)ULT - ova. ova is a simple CLI tool which lets you manage your TOTPs, or basically lets you get your two-way authentication code straight to

Giorgi Anakidze 3 Apr 28, 2023
gRPC client/server for zero-knowledge proof authentication Chaum Pederson Zero-Knowledge Proof in Rust

gRPC client/server for zero-knowledge proof authentication Chaum Pederson Zero-Knowledge Proof in Rust. Chaum Pederson is a zero-knowledge proof proto

Advaita Saha 4 Jun 12, 2023
React Native (Expo) + JWT Authentication + Rust ICP canister

React Native (Expo) app with JWT Authentication and IC Rust canister This is a Proof-of-Concept React Native Expo mobile application that uses JSON We

Luca Bertelli 5 May 2, 2024
⋰·⋰ Feeless is a Nano cryptocurrency node, wallet, tools, and Rust crate.

⋰·⋰ Feeless What is Feeless? Feeless is a Nano cryptocurrency node, wallet, tools, and Rust crate. This is not the official project for Nano, only an

null 127 Dec 5, 2022
Daemon and tools to control your ASUS ROG laptop. Supersedes rog-core.

asusctl for ASUS ROG - Asus Linux Website asusd is a utility for Linux to control many aspects of various ASUS laptops but can also be used with non-a

Luke Jones 46 Jan 8, 2023
Zei is a library that provide tools to create and verify public transaction with confidential data.

#Zei: Findora's Cryptographic Library Zei is a library that provide tools to create and verify public transaction with confidential data. Support: Bas

Findora Foundation 0 Oct 23, 2022
Left To My Own Devices - NT hash tools

ntcrack Left To My Own Devices - NT cracker A full writeup of how it works is available at the SensePost blog Invocation ./ntcrack <input hashlist> <w

SensePost 24 Nov 24, 2022
Tools to use Axon Server with rust, by leveraging Synapse.

Axon Rust This contains a Axon Synapse rust client, based on the open api generated code. For now, we didn't publish this crate, to forking this proje

AxonIQ 6 Oct 22, 2023
Collection of cryptographic hash functions written in pure Rust

RustCrypto: hashes Collection of cryptographic hash functions written in pure Rust. All algorithms reside in the separate crates and implemented using

Rust Crypto 1.2k Jan 8, 2023
Dank - The Internet Computer Decentralized Bank - A collection of Open Internet Services - Including the Cycles Token (XTC)

Dank - The Internet Computer Decentralized Bank Dank is a collection of Open Internet Services for users and developers on the Internet Computer. In t

Psychedelic 56 Nov 12, 2022
The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime.

Solana Program Library The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime. These programs a

null 6 Jun 12, 2022
A guide for Mozilla's developers and data scientists to analyze and interpret the data gathered by our data collection systems.

Mozilla Data Documentation This documentation was written to help Mozillians analyze and interpret data collected by our products, such as Firefox and

Mozilla 75 Dec 1, 2022
Collection of stream cipher algorithms

RustCrypto: stream ciphers Collection of stream cipher algorithms written in pure Rust. ⚠️ Security Warning: Hazmat! Crates in this repository do not

Rust Crypto 186 Dec 14, 2022
Collection of block cipher algorithms written in pure Rust

RustCrypto: block ciphers Collection of block ciphers and block modes written in pure Rust. Warnings Currently only the aes crate provides constant-ti

Rust Crypto 506 Jan 3, 2023
A collection of algorithms that can do join between two parties while preserving the privacy of keys on which the join happens

Private-ID Private-ID is a collection of algorithms to match records between two parties, while preserving the privacy of these records. We present tw

Meta Research 169 Dec 5, 2022
Taking the best of Substrate Recipes and applying them to a new framework for structuring a collection of how-to guides.

Attention: This repository has been archived and is no longer being maintained. It has been replaced by the Substrate How-to Guides. Please use the Su

Substrate Developer Hub 35 Oct 17, 2022
Crates - A collection of open source Rust crates from iqlusion

iqlusion crates ?? This repository contains a set of Apache 2.0-licensed packages (a.k.a. "crates") for the Rust programming language, contributed to

iqlusion 335 Dec 26, 2022