Implementation of SPAKE2-EE password authenticated key agreement protocol described here
npm install --save spake2-ee
const { Client, SpakeSharedKeys } = require('spake2-ee')
const pwd = Buffer.from('password')
const server = new Server(Buffer.from('serverId'))
const client = new Client(Buffer.from('clientId'))
server.register(pwd, OPS, MEM, Buffer.from('579daa4d7bf3ca0e0b6c48b90c4ec515', 'hex'))
// server initiates protocol
const public = server.init()
// send to server
const step = client.generate(public, pwd)
// server processes response
const response1 = server.respond(client.id, step1)
// send result to server, store sharedKeys safely
const sharedKeys = new SpakeSharedKeys()
const step2 = client.finalise(sharedKeys, server.id, res)
// server verifies result and stores key
const serverSharedKeys = server.finalise(step2)Class implementing server-side logic.
Instantiate a server. serverId should be passed as a buffer or TypedArray.
Calling server.id will return the server's id.
Server registers a user and their password. pwd should be a buffer, opslimit and memlimit are constants passed to argon2id password hashing algorithm, see sodium-native docs for appropriate constants.
Respond to a registered user initiating a key agreement protocol. clientId shoudl be a buffer or TypedArray, msg should be a buffer or TypedArray received from the client.
Returns the response for the client if their message is correctly formed, otherwise an error will throw.
Finalise the protocol. Return the shared secrets if the protocol has been executed correctly, otherwsie an error will throw.
Class implementing client-side logic.
Instantiate a client. clientId should be passed as a buffer or TypedArray.
Calling client.id will return the client's id.
Initiate a key agreement protocol using the publicData obtained during registration. pwd should be a buffer or TypedArray representing the password used to register with the server.
Complete the key agreement protocol and store the keys into sharedkeys, which must be an instance of SpakeSharedKeys. serverId should be passed as a buffer or TypedArray and msg should be the exact output of server.respond
An error will be thrown if the server's response is malformed.
A class storing the derived shared secrets.
Server's secret
Client's secret