Skip to content
LibreAuth is a collection of tools for user authentication.
Rust C Makefile
Branch: master
Clone or download
breard-r Merge pull request #12 from breard-r/dependabot/cargo/rust-argon2-tw-0.6
Update rust-argon2 requirement from ^0.5 to ^0.6
Latest commit 0323cdc Nov 19, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
include Move the HashFunction enumeration to a dedicated module Sep 7, 2019
src Move c-bindings to dedicated files Oct 27, 2019
tests
.gitignore Ignore the vim swap files. Dec 7, 2015
.travis.yml Set the minimal required rust version to 1.36 Nov 12, 2019
CHANGELOG.md Add an optional additional HMAC with an external salt before or after… Oct 27, 2019
CONTRIBUTING.md Remove the "coding style" part of CONTRIBUTING.md Aug 24, 2018
Cargo.toml Update rust-argon2 requirement from ^0.5 to ^0.6 Nov 19, 2019
Licence_CeCILL-C_V1-en.txt Add the CeCILL-C licensing Aug 29, 2018
Licence_CeCILL-C_V1-fr.txt Add the CeCILL-C licensing Aug 29, 2018
Licence_CeCILL_V2.1-en.txt Add the CeCILL-C licensing Aug 29, 2018
Licence_CeCILL_V2.1-fr.txt Add the CeCILL-C licensing Aug 29, 2018
Makefile Set cargo-outdated exit code to 1 Aug 27, 2019
README.md Set the minimal required rust version to 1.36 Nov 12, 2019
release.toml Clean the build directories before pre-release testing Aug 27, 2019
rustfmt.toml Add a rustfmt.toml file Sep 29, 2018

README.md

LibreAuth

Build Status LibreAuth on crates.io LibreAuth on docs.rs License: CeCILL-C License: CeCILL-2.1

LibreAuth is a collection of tools for user authentication.

Features

  • Password / passphrase authentication
    • no character-set limitation
    • reasonable lenth limit (security vs. DOS)
    • strong, evolutive and retro-compatible password hashing functions
    • NFKC normalization for Unicode passwords
    • optional NIST Special Publication 800-63B compatibility
    • optional additional HMAC with an external salt before or after hashing the password
  • HOTP - HMAC-based One-time Password Algorithm (OATH - RFC 4226)
    • the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • customizable counter
    • customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • customizable output length
    • customizable output alphabet
  • TOTP - Time-based One-time Password Algorithm (OATH - RFC 6238)
    • the key can be passed as bytes, an ASCII string, an hexadicimal string, a base32 string or a base64 string
    • customizable timestamp
    • customizable period
    • customizable initial time (T0)
    • customizable hash function (sha1, full sha2 family, sha3/Keccak fixed-size families)
    • customizable output length
    • customizable output alphabet
    • customizable positive and negative period tolerance
  • Random key generation
    • uses the platform's secure entropy source
    • customizable size
    • customizable output format (Vec, hexadecimal string, base32 string, base64 string)
  • WebAuthn - Web Authentication: An API for accessing Public Key Credentials Level 1 (W3C) ⚠️ Not started yet
    • authenticator API
    • server API

Status

The project itself is still in development and therefore should not be used in production before version 1.0.0. Below is the list of features that will be present in the first stable version and their individual status.

  • OATH HOTP/TOTP: almost ready!
    • lot of features
    • ⚠️ almost stable API
    • ⚠️ lack of peer review
  • Password / passphrase authentication: not ready yet.
    • ‼️ incomplete
    • ‼️ unstable API
    • ⚠️ lack of peer review
  • Random key generation: almost ready!
    • ⚠️ almost stable API
    • ⚠️ lack of peer review

Using within a Rust project

You can find LibreAuth on crates.io and include it in your Cargo.toml:

libreauth = "*"

Modules can be cherry-picked using default-features = false and then using only the features you want.

[dependencies.libreauth]
version = "*"
default-features = false
features = ["key", "oath", "pass"]

Using outside Rust

In order to build LibreAuth, you will need the Rust compiler and its package manager, Cargo. The minimal required Rust version is 1.36, although it is recommended to use the latest stable one.

$ make
$ make install

Quick examples

Rust

More examples are available in the documentation.

use libreauth::oath::TOTPBuilder;

fn main() {
    let key = "GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ".to_string();
    let code = TOTPBuilder::new()
        .base32_key(&key)
        .finalize()
        .unwrap()
        .generate();
    assert_eq!(code.len(), 6);
}

C

#include <stdio.h>
#include <libreauth.h>

int main(void) {
  struct libreauth_totp_cfg cfg;
  char   code[7], key[] = "12345678901234567890";

  if (libreauth_totp_init(&cfg) != LIBREAUTH_OTP_SUCCESS) {
    return 1;
  }
  cfg.key = key;
  cfg.key_len = strlen(key);
  if (libreauth_totp_generate(&cfg, code) != LIBREAUTH_OTP_SUCCESS) {
    return 2;
  }

  printf("%s\n", code);

  return 0;
}
$ cc -o totp totp.c -llibreauth
$ ./totp
848085

Python

Python bindings are available. See the Python LibreAuth project.

License

LibreAuth is a free software available either under the CeCILL-C or the CeCILL 2.1 license. For a quick summary of those licenses, you can read the frequently asked questions on the licenses' website. A full copy of those licenses are available in this repository both in english and french.

While the CeCILL 2.1 is the original LibreAuth license, future versions may be published only under the CeCILL-C license. This change occurs because CeCILL 2.1 isn't really suited for a library since it is a "viral" license.

You can’t perform that action at this time.