File: xbr-auth.rst

package info (click to toggle)
python-autobahn 23.1.2%2Bdfsg1-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 8,424 kB
  • sloc: python: 38,620; javascript: 2,705; makefile: 899; ansic: 373; sh: 63
file content (67 lines) | stat: -rw-r--r-- 2,130 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
 
XBR Authentication
==================

Overview
--------

.. thumbnail:: _static/wamp-xbr-auth.png

Argon2
------

The following helpers allow a user to maintain a set of private key materials
based on a potentially weak (locking) password (or PIN), and is based on
`Argon2id <https://en.wikipedia.org/wiki/Argon2>`__ and
`HKDF <https://en.wikipedia.org/wiki/HKDF>`__:

* :meth:`stretch_argon2_secret <autobahn.xbr.stretch_argon2_secret>`
* :meth:`expand_argon2_secret <autobahn.xbr.expand_argon2_secret>`
* :meth:`pkm_from_argon2_secret <autobahn.xbr.pkm_from_argon2_secret>`

TOTP
----

The following helpers allow to use a `TOTP <https://en.wikipedia.org/wiki/Time-based_One-Time_Password>`__
based 2nd factor for authentication purposes:

* :meth:`generate_totp_secret <autobahn.wamp.auth.generate_totp_secret>`
* :meth:`compute_totp <autobahn.wamp.auth.compute_totp>`
* :meth:`check_totp <autobahn.wamp.auth.check_totp>`
* :meth:`qrcode_from_totp <autobahn.wamp.auth.qrcode_from_totp>`

SPAKE2
------

Write me.

Auxiliary
---------

The following helpers provide auxiliary functions used with WAMP-XBR authentication:

* :meth:`xor <autobahn.util.xor>`
* :meth:`generate_token <autobahn.util.generate_token>`
* :meth:`machine_id <autobahn.util.machine_id>`

WAMP-Cryptosign
---------------

The following helpers allow WAMP clients to authenticate using WAMP-cryptosign
which is based on Ed25519:

* :class:`AuthCryptoSign <autobahn.wamp.auth.AuthCryptoSign>`
* :class:`SigningKey <autobahn.wamp.cryptosign.SigningKey>`

WAMP-XBR
--------

The following helpers allow WAMP clients to use end-to-end encrypted application
payloads and data-encryption-key exchange transactions signed using an Ethereum
private key, and anchored on-chain (indirectly via a off-chain state channel):

* :meth:`generate_seedphrase <autobahn.xbr.generate_seedphrase>`
* :meth:`check_seedphrase <autobahn.xbr.check_seedphrase>`
* :meth:`account_from_seedphrase <autobahn.xbr.account_from_seedphrase>`

See `BIP39 <https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki>`__
and `Python-BIP39 <https://github.com/trezor/python-mnemonic>`__.