https://github.com/devolutions/slauth

OAUTH (TOTP, HOTP), U2F & WebAuthN Implementation in Rust
https://github.com/devolutions/slauth

authentication oath-hotp oath-totp u2f webauthn

Last synced: 10 months ago
JSON representation

OAUTH (TOTP, HOTP), U2F & WebAuthN Implementation in Rust

• Host: GitHub
• URL: https://github.com/devolutions/slauth
• Owner: Devolutions
• License: mit
• Created: 2019-02-19T19:05:09.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2024-11-15T16:30:45.000Z (about 1 year ago)
• Last Synced: 2025-01-07T15:01:43.418Z (about 1 year ago)
• Topics: authentication, oath-hotp, oath-totp, u2f, webauthn
• Language: Rust
• Homepage:
• Size: 108 MB
• Stars: 22
• Watchers: 10
• Forks: 5
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

          
# slauth

[![doc](https://docs.rs/slauth/badge.svg)](https://docs.rs/slauth/)

[![crate](https://img.shields.io/crates/v/slauth.svg)](https://crates.io/crates/slauth)

[![issue](https://img.shields.io/github/issues/devolutions/slauth.svg)](https://github.com/devolutions/slauth/issues)

![downloads](https://img.shields.io/crates/d/slauth.svg)

[![license](https://img.shields.io/crates/l/slauth.svg)](https://github.com/devolutions/slauth/blob/master/LICENSE)

[![dependency status](https://deps.rs/repo/github/devolutions/slauth/status.svg)](https://deps.rs/repo/github/devolutions/slauth)

## Slauth is a Rust only, OpenSource implementation of Multiple authenticator utils / specification

### Current Implementation Status

Status is describe by : ✔ as implemented, ❌ as not implemented and ⚠️ as partially implemented.

### OATH Authentication ([specs](https://openauthentication.org/specifications-technical-resources/))

#### Authentication Methods

| Name | Status |                        Ref                       |

|:----:|:------:|:-------------------------------------------------:|

| HOTP |    ✔   |  [RFC 4226](https://tools.ietf.org/html/rfc4226) |

| TOTP |    ✔   |  [RFC 6238](https://tools.ietf.org/html/rfc6238) |

| OCRA |    ❌   |  [RFC 6287](https://tools.ietf.org/html/rfc6287) |

#### Provisioning

| Name | Status |                        Ref                       |

|:----:|:------:|:-------------------------------------------------:|

| PSKC |    ❌   | [RFC 6030](https://tools.ietf.org/html/rfc6030) |

| DSKPP |    ❌   |  [RFC 6063](https://tools.ietf.org/html/rfc6063) |

### FIDO & W3C Specification ([specs](https://fidoalliance.org/specifications/download/))

#### Universal 2nd Factor (U2F)

| Name | Status |                        Ref                       |

|:----:|:------:|:-------------------------------------------------:|

| Server-Side Verification |    ✔   |  |

| Raw Message |    ✔   |  [Spec](https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-raw-message-formats-v1.2-ps-20170411.html) |

| HID Protocol |    ❌   |  [Spec](https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-hid-protocol-v1.2-ps-20170411.html) |

#### WebAuthN

| Name | Status |                        Ref                       |

|:----:|:------:|:-------------------------------------------------:|

| Server-Side Verification |    ⚠️   | [Spec](https://www.w3.org/TR/webauthn/) |

| Raw Message |    ✔   |  [Spec](https://www.w3.org/TR/webauthn/) |

| COSE |    ⚠️   |  [Spec](https://tools.ietf.org/html/rfc8152) |

For the server side validation, the following algorithm are implemented:

- `ES256`

- `ES384`

- `ED25519`

- `RS256`

#### Universal Authentication Framework (UAF)

Not Implemented