Skip to Content
Compliance

Compliance mapping

Where @exortek/* packages sit against the standards commonly cited by enterprise procurement, security architecture, and audit teams. Each requirement is marked:

  • Covered — the library defaults or an opt-in feature satisfies the control on its own.
  • 🟡 Assist — the library provides the primitive; the caller has to wire it up correctly.
  • Out of scope — the control is above our layer or belongs to a package we haven’t shipped yet.

This page mirrors docs/compliance.md in the repository. When your auditor asks for a written attestation, the markdown version is a stable link that survives site redesigns.

OWASP ASVS 4.0.3

V2 — Authentication

§RequirementStatusHow
V2.1.1Passwords ≥ 8 chars, ≤ 64 not truncatedpolicy({ minLength }) default 12; bcrypt.mode='prehash' handles the 72-byte trap
V2.1.2Password length ≤ 128 acceptedMAX_PASSWORD_BYTES = 1024
V2.1.7Passwords compared against known-breached corpuscreateHibpClient (k-anonymity)
V2.1.8Password strength meter availablepassword.strength()
V2.1.9No composition rules unless justifiedpolicy defaults omit requireClasses
V2.2.1Anti-automation on auth endpoints🟡Wire @exortek/security’s rateLimit on /login
V2.4.1Passwords salted with unique cryptographically random saltEvery hash function generates a fresh crypto.randomBytes salt
V2.4.2Argon2id / scrypt / bcrypt / PBKDF2 with recommended paramsAll four, OWASP 2024 defaults
V2.4.4Additional secret used as part of hash (pepper)createPepper with rotation
V2.7.2OOB out-of-band tokens use CSPRNG, ≥ 6 digitsotp.totp / otp.hotp
V2.7.3OOB tokens use timing-safe compareotp.verifyTotp uses crypto.timingSafeEqual
V2.7.4OOB single-use (replay defence)otp.verifyTotp({ replay: { store } }) — atomic incr / CAS
V2.8.1TOTP compliant with RFC 6238RFC 6238 Appendix B vectors
V2.8.2HOTP compliant with RFC 4226RFC 4226 Appendix D vectors
V2.8.4HOTP counter resynchronisationotp.resynchronize
V2.10.4Backup / recovery codes stored hashedotp.backupCodes + password.scrypt.hash

V3 — Session Management

§RequirementStatusHow
V3.2Session token generation via CSPRNGsession.generateSessionId() — 128-bit crypto.randomBytes
V3.4Cookie flags: Secure, HttpOnly, SameSiteSecure + HttpOnly + SameSite=Lax by default
V3.5Token binding (__Host- prefix)Default cookie name is __Host-sid; prefix rules enforced at boot
V3.7Server-side session invalidation on logoutsessions.revoke(req) — verify short-circuits on the revoked record

V4 — Access Control

Above our layer — authorisation is your app’s concern. We provide the building blocks (constant-time compare, timing-safe verify).

V6 — Stored Cryptography

§RequirementStatusHow
V6.2.1Approved algorithms onlyNIST-approved / IETF-standardised throughout
V6.2.3Keys rotatedunseal([new, old]), createPepper([new, old]), JWKS
V6.2.4Algorithm agility (rehash on log-in)password.needsRehash + cross-algo router
V6.4.1AEAD ciphers, no CBC without HMAC🟡AEAD by default (AES-256-GCM / ChaCha20-Poly1305); aes-256-cbc is a legacy opt-in — wrap with an HMAC
V6.4.2HMAC output ≥ 128 bitsMinimum SHA-256

NIST SP 800-63B — Digital Identity (AAL2)

§RequirementStatusHow
5.1.1.2Memorized secret — min 8 chars, no composition rulesDefault minLength: 12; classes off by default (NIST 2020 update)
5.1.1.2Compare against list of known-breached valuescreateHibpClient
5.1.1.2Approved KDF with memory-hard preferenceArgon2id default recommendation
5.1.1.2Salted with unique per-user saltFresh salt every hash
5.1.1.2Server-side secret (pepper) SHOULD be consideredcreatePepper
5.1.5.2Single-factor OTP RFC 4226 / 6238 compliantFull RFC 4226 + 6238 coverage
5.1.5.2OTP replay defenceotp.verifyTotp({ replay })

PCI-DSS 4.0

§RequirementStatusHow
8.3.1Strong cryptography for stored passwordsargon2id / scrypt / bcrypt / pbkdf2
8.3.6Passwords ≥ 12 chars mixed complexitypolicy({ minLength: 12, requireClasses: […] })
8.3.7Password history (last ≥ 4)createHistory({ keepLast: 4+ })
8.3.9MFA on non-console access@exortek/otp for TOTP
8.3.10MFA replay protectionotp.verifyTotp({ replay })
6.2.4Common attacks prevented — injection, XSS, CSRF@exortek/security — CSRF plugin, proto-pollution defence

FIPS 140-3 — Approved algorithms

AlgorithmApprovedAvailableFIPS mode
PBKDF2-HMAC-SHA-256presets.fips.pbkdf2
Argon2idRejected
scryptRejected
bcryptRejected
AES-256-GCMDefault in seal
SHA-256 / 384 / 512Default
HMAC-SHA-256+Default
ECDSA (P-256/384/521)Available
Ed25519Available
HKDF-HMAC-SHA-256+Default

When Node is started with --enable-fips on a FIPS-enabled OpenSSL, @exortek/crypto inherits the OS restrictions automatically.

SOC 2 CC6 — Logical and Physical Access

Above our layer for the most part. What we contribute:

  • CC6.1 — logical access secured via strong authentication (@exortek/otp + @exortek/password)
  • CC6.6 — auth failures + rate-limit hits emitted via observability hooks (roadmap)
  • CC6.7 — key management via rotation-aware primitives (seal, sign-value, pepper)

HIPAA / HITECH

Above our layer. The library holds up its end (approved crypto, no insecure defaults) — the covered-entity audit surface is your app + infrastructure.

GDPR / Data Protection

Above our layer. Password hashes are considered personal data under some interpretations; our KDFs are one-way and salted, which satisfies the “pseudonymisation” bar in most authorities’ interpretations. We never transmit plaintext passwords over the network.

Summary

  • NIST SP 800-63B AAL2 — memorized secret + OOB OTP paths
  • OWASP ASVS 4.0.3 V2 / V6 — password + storage controls
  • PCI-DSS 4.0 §8.3 — strength, history, MFA
  • FIPS-compatible mode — via presets and Node --enable-fips
  • OWASP ASVS 4.0.3 V3 session management@exortek/session (CSPRNG ids, __Host- cookies, server-side revocation, rotation)
  • 🟡 ASVS V2.9 cryptographic authenticators — coming with @exortek/passkey
  • 🟡 Observability hooks for SOC 2 / SIEM — roadmap

Reading

Last updated on