This library implements the OPAQUE key exchange protocol using Webassembly.
The implementation is based on Cryptomony
npm install --save @cymony/cryptomonyjs-opaque
import { Client, Server, initializeWasm } from '@cymony/cryptomonyjs-opaque'; (async () => { // Configuration Constants const clientPassword = "SuperSecurePassword"; const clientIdentity = "example@example.com"; const serverID = "example.com"; const suiteName = "Ristretto255Suite"; const credentialID = "UniqueCredIdentifier"; //// Initialization Part console.log("*".repeat(10) + " Initialization Part " + "*".repeat(10)); // run wasm / initialize wasm await initializeWasm().then(() => { console.log("Wasm initialized !!"); }); // create new client const client = new Client(); console.log("New client created !!"); // create new server const server = new Server(); console.log("New server created !!"); // check client initialized await client.isInitialized().then((result) => { console.log("client.isInitialized Result: ", result); }); // initialize client / load configuration await client .initClient({ suiteName: suiteName, serverID: serverID, }) .then(() => { console.log("Client initialized !!"); }); // check client initialized await client.isInitialized().then((result) => { console.log("client.isInitialized Result: ", result); }); // check server initialized await server.isInitialized().then((result) => { console.log("server.isInitialized Result: ", result); }); // initialize server / load configuration await server .initServer({ suiteName: suiteName, serverID: serverID, }) .then(() => { console.log("Server initialized !!"); }); // check server initialized await server.isInitialized().then((result) => { console.log("server.isInitialized Result: ", result); }); //// Registration Part console.log("*".repeat(10) + " Registration Part " + "*".repeat(10)); // client registration init const { registrationState: clRegistrationState, registrationRequest } = await client.registrationInit(clientPassword).then((obj) => { console.log("RegistrationState: ", obj.registrationState); console.log("RegistrationRequest: ", obj.registrationRequest); return obj; }); // server generate oprf key const oprfSeed = await server.generateOprfSeed().then((seed) => { console.log("Generated oprf seed: ", seed); return seed; }); // server registration evulation const registrationResponse = await server .registrationEval(registrationRequest, oprfSeed, credentialID) .then((registrationResponse) => { console.log("Registration Response: ", registrationResponse); return registrationResponse; }); // client registration finalize const { registrationRecord, exportKey: registrationExportKey } = await client .registrationFinalize( clRegistrationState, registrationResponse, clientIdentity ) .then((obj) => { console.log("Registration Record: ", obj.registrationRecord); console.log("Registration ExportKey: ", obj.exportKey); return obj; }); //// Login Part console.log("*".repeat(10) + " Login Part " + "*".repeat(10)); // client login init const { loginState: clLoginState, ke1 } = await client .loginInit(clientPassword) .then((obj) => { console.log("Client Login State: ", obj.loginState); console.log("KE1: ", obj.ke1); return obj; }); // server login init const { loginState: svLoginState, ke2 } = await server .loginInit( registrationRecord, ke1, oprfSeed, credentialID, clientIdentity ) .then((obj) => { console.log("Server Login State: ", obj.loginState); console.log("KE2: ", obj.ke2); return obj; }); // client login finish const { exportKey: loginExportKey, sessionKey: clSessionKey, ke3, } = await client .loginFinish(clLoginState, ke2, clientIdentity) .then((obj) => { console.log("Client Session Key: ", obj.sessionKey); console.log("Login Export Key: ", obj.exportKey); console.log("KE3: ", obj.ke3); return obj; }); // server login finish const svSessionKey = await server .loginFinish(svLoginState, ke3) .then((svSessionKey) => { console.log("Server Session Key:", svSessionKey); return svSessionKey; }); console.log("*".repeat(10) + " Equality Part " + "*".repeat(10)); console.log( "Is Session Keys Equal: ", JSON.stringify(svSessionKey) === JSON.stringify(clSessionKey) ); console.log( "Is Registration and Login Export Keys Equal: ", JSON.stringify(registrationExportKey) === JSON.stringify(loginExportKey) ); })();
This project is licensed under the BSD 3-Clause