Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/1Password/srp

A set of Go functions for Secure Remote Password protocol implementation in 1Password Teams
https://github.com/1Password/srp

Last synced: 2 months ago
JSON representation

A set of Go functions for Secure Remote Password protocol implementation in 1Password Teams

Host: GitHub
URL: https://github.com/1Password/srp
Owner: 1Password
License: apache-2.0
Created: 2016-11-30T15:17:50.000Z (about 8 years ago)
Default Branch: master
Last Pushed: 2023-07-19T12:01:53.000Z (over 1 year ago)
Last Synced: 2024-11-06T08:03:41.525Z (2 months ago)
Language: Go
Homepage:
Size: 284 KB
Stars: 367
Watchers: 19
Forks: 37
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

my-awesome - 1Password/srp - 07 star:0.4k fork:0.0k A set of Go functions for Secure Remote Password protocol implementation in 1Password Teams (Go)

README

        # srp – A Go package for Secure Remote Password

[![GoDoc: Reference](https://godoc.org/github.com/1Password/srp?status.svg)](https://godoc.org/github.com/1Password/srp) [![License: Apache 2.0](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)

srp is a [Go language](https://golang.org) package for Secure Remote Password (SRP). It is an implementation of:

* [RFC 2945: The SRP Authentication and Key Exchange System](https://tools.ietf.org/html/rfc2945)

* [RFC 5054: Using the Secure Remote Password (SRP) Protocol for TLS Authentication](https://tools.ietf.org/html/rfc5054)

However, the hashing and padding scheme in this package is not interoperable with those specs.

It was developed by AgileBits to support part of the [1Password](https://1password.com/) authentication process. Although there are some hooks and interfaces designed specifically for those purposes, this golang package may be of general use to others.

## Get started

To install srp, use `go get`:

```bash

go get github.com/1Password/srp

```

Although the focus of this implementation is safety and ease of use (as opposed to speed), like all cryptographic tools, some understanding of its operation is required to not shoot yourself in the foot.

**Read the [package documentation](https://godoc.org/github.com/1Password/srp) for a discussion of user security responsibilities.**

## Contribute

Issues are appreciated. Forks leading to pull requests are appreciated even more. 😎

## Gosec scans

To run the [securego/gosec](https://github.com/securego/gosec) tool you need to have that installed. Then simply

```

gosec -fmt=json -out=path/to/where/you/want/results.json ./...

```