- Source:
Multi-factor key derivation factor derivation
Methods
(static) hmacsha1(response) → {function}
- Source:
- Since:
- 0.21.0
Derive a YubiKey-compatible MFKDF HMAC-SHA1 challenge-response factor
Example
// setup key with hmacsha1 factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.hmacsha1()
], {size: 8})
// calculate response; could be done using hardware device
const secret = setup.outputs.hmacsha1.secret
const challenge = Buffer.from(setup.policy.factors[0].params.challenge, 'hex')
const response = crypto.createHmac('sha1', secret).update(challenge).digest()
// derive key with hmacsha1 factor
const derive = await mfkdf.derive.key(setup.policy, {
hmacsha1: mfkdf.derive.factors.hmacsha1(response)
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Description |
---|---|---|
response |
Buffer | HMAC-SHA1 response |
Returns:
Async function to generate MFKDF factor information
- Type
- function
(static) hotp(code) → {function}
- Source:
- Since:
- 0.12.0
Derive an MFKDF HOTP factor
Example
// setup key with hotp factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.hotp({ secret: Buffer.from('hello world') })
], {size: 8})
// derive key with hotp factor
const derive = await mfkdf.derive.key(setup.policy, {
hotp: mfkdf.derive.factors.hotp(365287)
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Description |
---|---|---|
code |
number | The HOTP code from which to derive an MFKDF factor |
Returns:
Async function to generate MFKDF factor information
- Type
- function
(static) password(password) → {function}
- Source:
- Since:
- 0.9.0
Derive an MFKDF password factor
Example
// setup key with password factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.password('password')
], {size: 8})
// derive key with password factor
const derive = await mfkdf.derive.key(setup.policy, {
password: mfkdf.derive.factors.password('password')
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Description |
---|---|---|
password |
string | The password from which to derive an MFKDF factor |
Returns:
Async function to generate MFKDF factor information
- Type
- function
(static) persisted(share) → {function}
- Source:
- Since:
- 0.18.0
Use a persisted MFDKF factor
Example
// setup 3-factor multi-factor derived key
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.password('password1', { id: 'password1' }),
await mfkdf.setup.factors.password('password2', { id: 'password2' }),
await mfkdf.setup.factors.password('password3', { id: 'password3' })
], {size: 8})
// persist one of the factors
const factor2 = setup.persistFactor('password2')
// derive key with 2 factors
const derived = await mfkdf.derive.key(setup.policy, {
password1: mfkdf.derive.factors.password('password1'),
password2: mfkdf.derive.factors.persisted(factor2),
password3: mfkdf.derive.factors.password('password3')
})
setup.key.toString('hex') // -> 64587f2a0e65dc3c
derived.key.toString('hex') // -> 64587f2a0e65dc3c
Parameters:
Name | Type | Description |
---|---|---|
share |
Buffer | The share corresponding to the persisted factor |
Returns:
Async function to generate MFKDF factor information
- Type
- function
(static) stack(factors) → {function}
- Source:
- Since:
- 0.15.0
Derive an MFKDF stacked key factor
Example
// setup key with hmacsha1 factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.hmacsha1()
], {size: 8})
// calculate response; could be done using hardware device
const secret = setup.outputs.hmacsha1.secret
const challenge = Buffer.from(setup.policy.factors[0].params.challenge, 'hex')
const response = crypto.createHmac('sha1', secret).update(challenge).digest()
// derive key with hmacsha1 factor
const derive = await mfkdf.derive.key(setup.policy, {
hmacsha1: mfkdf.derive.factors.hmacsha1(response)
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Description |
---|---|---|
factors |
Object.<string, MFKDFFactor> | Factors used to derive this key |
Returns:
Async function to generate MFKDF factor information
- Type
- function
(static) totp(code, optionsopt) → {function}
- Source:
- Since:
- 0.13.0
Derive an MFKDF TOTP factor
Example
// setup key with totp factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.totp({
secret: Buffer.from('hello world'),
time: 1650430806597
})
], {size: 8})
// derive key with totp factor
const derive = await mfkdf.derive.key(setup.policy, {
totp: mfkdf.derive.factors.totp(528258, { time: 1650430943604 })
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
code |
number | The TOTP code from which to derive an MFKDF factor | |||||||||
options |
Object |
<optional> |
Additional options for deriving the TOTP factor
Properties
|
Returns:
Async function to generate MFKDF factor information
- Type
- function
(static) uuid(uuid) → {function}
- Source:
- Since:
- 0.9.0
Derive an MFKDF UUID factor
Example
// setup key with uuid factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.uuid({ uuid: '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d' })
], {size: 8})
// derive key with uuid factor
const derive = await mfkdf.derive.key(setup.policy, {
uuid: mfkdf.derive.factors.uuid('9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d')
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Description |
---|---|---|
uuid |
string | The uuid from which to derive an MFKDF factor |
Returns:
Async function to generate MFKDF factor information
- Type
- function