Skip to content

OAUTH (TOTP, HOTP), U2F & WebAuthN Implementation in Rust

License

Notifications You must be signed in to change notification settings

Devolutions/slauth

Repository files navigation

slauth

doc crate issue downloads license dependency status

Slauth is a Rust only, OpenSource implementation of Multiple authenticator utils / specification

Current Implementation Status

Status is describe by : ✔ as implemented, ❌ as not implemented and ⚠️ as partially implemented.

OATH Authentication (specs)

Authentication Methods

Name Status Ref
HOTP RFC 4226
TOTP RFC 6238
OCRA RFC 6287

Provisioning

Name Status Ref
PSKC RFC 6030
DSKPP RFC 6063

FIDO & W3C Specification (specs)

Universal 2nd Factor (U2F)

Name Status Ref
Server-Side Verification
Raw Message Spec
HID Protocol Spec

WebAuthN

Name Status Ref
Server-Side Verification ⚠️ Spec
Raw Message Spec
COSE ⚠️ Spec

For the server side validation, the following algorithm are implemented:

  • ES256
  • ES384
  • ED25519
  • RS256

Universal Authentication Framework (UAF)

Not Implemented