- Source:
Multi-factor key derivation factor setup
Methods
(async, static) hmacsha1(optionsopt) → {MFKDFFactor}
- Source:
- Since:
- 0.21.0
Setup a YubiKey-compatible MFKDF HMAC-SHA1 challenge-response factor
Example
// setup key with hmacsha1 factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.hmacsha1()
], {size: 8})
// calculate response; could be done using hardware device
const secret = setup.outputs.hmacsha1.secret
const challenge = Buffer.from(setup.policy.factors[0].params.challenge, 'hex')
const response = crypto.createHmac('sha1', secret).update(challenge).digest()
// derive key with hmacsha1 factor
const derive = await mfkdf.derive.key(setup.policy, {
hmacsha1: mfkdf.derive.factors.hmacsha1(response)
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
options |
Object |
<optional> |
Configuration options
Properties
|
Returns:
MFKDF factor information
- Type
- MFKDFFactor
(async, static) hotp(optionsopt) → {MFKDFFactor}
- Source:
- Since:
- 0.12.0
Setup an MFKDF HOTP factor
Example
// setup key with hotp factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.hotp({ secret: Buffer.from('hello world') })
], {size: 8})
// derive key with hotp factor
const derive = await mfkdf.derive.key(setup.policy, {
hotp: mfkdf.derive.factors.hotp(365287)
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
options |
Object |
<optional> |
Configuration options
Properties
|
Returns:
MFKDF factor information
- Type
- MFKDFFactor
(async, static) password(password, optionsopt) → {MFKDFFactor}
- Source:
- Since:
- 0.8.0
Setup an MFKDF password factor
Example
// setup key with password factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.password('password')
], {size: 8})
// derive key with password factor
const derive = await mfkdf.derive.key(setup.policy, {
password: mfkdf.derive.factors.password('password')
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
password |
string | The password from which to derive an MFKDF factor | |||||||||||
options |
Object |
<optional> |
Configuration options
Properties
|
Returns:
MFKDF factor information
- Type
- MFKDFFactor
(async, static) stack(factors, optionsopt) → {MFKDFFactor}
- Source:
- Since:
- 0.15.0
Setup an MFKDF stacked key factor
Example
// setup key with hmacsha1 factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.hmacsha1()
], {size: 8})
// calculate response; could be done using hardware device
const secret = setup.outputs.hmacsha1.secret
const challenge = Buffer.from(setup.policy.factors[0].params.challenge, 'hex')
const response = crypto.createHmac('sha1', secret).update(challenge).digest()
// derive key with hmacsha1 factor
const derive = await mfkdf.derive.key(setup.policy, {
hmacsha1: mfkdf.derive.factors.hmacsha1(response)
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
factors |
Array.<MFKDFFactor> | Array of factors used to derive this key | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
options |
Object |
<optional> |
Configuration options
Properties
|
Returns:
MFKDF factor information
- Type
- MFKDFFactor
(async, static) totp(optionsopt) → {MFKDFFactor}
- Source:
- Since:
- 0.13.0
Setup an MFKDF TOTP factor
Example
// setup key with totp factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.totp({
secret: Buffer.from('hello world'),
time: 1650430806597
})
], {size: 8})
// derive key with totp factor
const derive = await mfkdf.derive.key(setup.policy, {
totp: mfkdf.derive.factors.totp(528258, { time: 1650430943604 })
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
options |
Object |
<optional> |
Configuration options
Properties
|
Returns:
MFKDF factor information
- Type
- MFKDFFactor
(async, static) uuid(optionsopt) → {MFKDFFactor}
- Source:
- Since:
- 0.9.0
Setup an MFKDF UUID factor
Example
// setup key with uuid factor
const setup = await mfkdf.setup.key([
await mfkdf.setup.factors.uuid({ uuid: '9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d' })
], {size: 8})
// derive key with uuid factor
const derive = await mfkdf.derive.key(setup.policy, {
uuid: mfkdf.derive.factors.uuid('9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d')
})
setup.key.toString('hex') // -> 01d0c7236adf2516
derive.key.toString('hex') // -> 01d0c7236adf2516
Parameters:
Name | Type | Attributes | Description | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
options |
Object |
<optional> |
Configuration options
Properties
|
Returns:
MFKDF factor information
- Type
- MFKDFFactor