it is our pleasure to announce the just released opam package u2f, which is a server side implementation of the FIDO standard for two-factor authentication using a special device (yubikey etc.). The device does challenge-response authentication with the server using public key cryptography.
The implementation is stateless and does not use a specific IO library, but only achieves the logic for constructing a registration request, verifying a response thereof, and authorization requests with responses thereof. Please have a look at GitHub - roburio/u2f: U2F (FIDO Universal 2nd Factor) in OCaml if you’re interested. It is licensed under the permissive 2-clause BSD license.
We use this library in an example server (in the
bin directory) that uses dream. The live server is online at https://u2f-demo.robur.coop – please let us know if you run into any trouble, or open an issue on the GitHub repository.
One question though: we’re unable to generate the documentation from the mli – already asked on discord with no result. Anyone with a better understanding of odoc etc. can take a look why
dune build @doc outputs a nearly empty file? Thanks a lot
The development was sponsored by skolem.tech.