package webauthn

  1. Overview
  2. Docs
WebAuthn - authenticating users to services using public key cryptography

Install

Dune Dependency

github.com Readme Changelog BSD-2-Clause License Edit opam file Versions (2)

Authors

  1. R
    Reynir Björnsson <reynir@reynir.dk>
  2. H
    Hannes Mehnert <hannes@mehnert.org>

Maintainers

  1. T
    team@robur.coop

Sources

webauthn-0.2.0.tbz
sha256=74a13e1cb421c3e06b18c09e01097edafebd3b5169d600cf1da5449bf013c622
sha512=71e23aea56e6edc95fa01643cad00c3a3edea2a9cc5c1c921c4afd54bcdeaba4c9768251b8eee9c6a0f5819c9a1780507922d3012b559cf0d5949ca03cac4482

Description

WebAuthn is a web standard published by the W3C. Its goal is to standardize an interfacefor authenticating users to web-based applications and services using public key cryptography. Modern web browsers support WebAuthn functionality.

WebAuthn provides two funcitons: register and authenticate. Usually the public and private keypair is stored on an external token (Yuikey etc.) or part of the platform (TPM). After the public key is registered, it can be used to authenticate to the same service.

This module does not preserve a database of registered public keys, their credential ID, usernames and pending challenges - instead this data must be stored by a client of this API in a database or other persistent storage.

Demo server WebAuthn specification at W3C

Published: 14 Sep 2024

README

WebAuthn - authenticating users to services using public key cryptography

WebAuthn is a web standard published by the W3C. Its goal is to standardize an interface for authenticating users to web-based applications and services using public key cryptography. Modern web browsers support WebAuthn functionality.

WebAuthn provides two functions: register and authenticate. Usually the public-private keypair is stored on an external device, called a security key (Yubikey, Trustkey etc.) or inside a platform(OS) authenticator. Platform authenticators are available on all modern platforms, such as Windows, Mac, Android and iOS. After the public key is registered, it can be used to authenticate to the same service.

This module does not preserve a database of registered public keys, their credential ID, usernames and pending challenges - instead this data must be stored by a client of this API in a database or other persistent storage.

WebAuthn specification at W3C

A basic demonstration server is provided (bin/webauthn_demo), running at webauthn-demo.robur.coop.

Documentation

API documentation is available online.

Installation

opam install webauthn will install this library.

Dependencies (12)

  1. ohex >= "0.2.0"
  2. cbor >= "0.5"
  3. base64 >= "3.1.0"
  4. x509 >= "1.0.2"
  5. ocplib-endian
  6. mirage-crypto-rng >= "1.1.0"
  7. mirage-crypto-ec >= "1.1.0"
  8. digestif
  9. ppx_deriving_yojson
  10. yojson
  11. dune >= "2.7"
  12. ocaml >= "4.08.0"

Dev Dependencies (5)

  1. lwt dev
  2. logs dev
  3. cmdliner dev & >= "1.1.0"
  4. ppx_blob dev
  5. dream dev & >= "1.0.0~alpha7"

Used by

None

Conflicts (1)

  1. result < "1.5"
OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct