outline opaque auth

2025-12-12 21:27:28 -06:00
parent 3865508117
commit 3af1128c70
6 changed files with 258 additions and 2 deletions
--- a/src/server.rs
+++ b/src/server.rs
@@ -0,0 +1,117 @@
+use std::marker::PhantomData;
+use opaque_ke::{CredentialFinalization, CredentialRequest, Identifiers, RegistrationRequest};
+use crate::protocol::{KeyLoginPhaseISession, NKodeCipherSuite, PasswordFile};
+use uuid::Uuid;
+
+#[derive(Debug)]
+enum AuthRepoError {
+    UserExists,
+    KeyNotRegistered,
+    CodeNotRegistered
+}
+
+
+trait AuthRepo {
+    fn new_key(email: String, password_file: PasswordFile) -> Result<(), AuthRepoError>;
+    fn new_code(email: String, password_file: PasswordFile) -> Result<(), AuthRepoError>;
+    fn has_code(email: String) -> bool;
+    fn has_key(email: String) -> bool;
+    fn get_key_passcode_file(email: String) -> Result<PasswordFile, AuthRepoError>;
+    fn get_code_passcode_file(email: String) -> Result<PasswordFile, AuthRepoError>;
+}
+
+struct RegSession;
+struct LoginSession;
+
+trait AuthSession {
+    fn new_reg_session(identifier: &[u8], request: &RegistrationRequest<NKodeCipherSuite>) -> Result<RegSession, String>;
+    fn get_reg_session(session_id: Uuid) -> Result<RegSession, String>;
+    fn new_login_session(identifier: &[u8], request: &CredentialRequest<NKodeCipherSuite>) -> Result<LoginSession, String>;
+    fn get_login_session(session_id: Uuid) -> Result<LoginSession, String>;
+}
+
+struct OpaqueAuth<State,R: AuthRepo, S: AuthSession> {
+    user_repo: R,
+    session: S,
+    _state: PhantomData<State>
+}
+
+struct KeyAuthRegistration;
+impl<R: AuthRepo,S: AuthSession> OpaqueAuth<KeyAuthRegistration, R, S>
+{
+    async fn start(
+        &mut self,
+        identifier: &[u8],
+        message: &RegistrationRequest<NKodeCipherSuite>
+    ) -> Result<RegSession, String> {
+        todo!()
+    }
+
+    async fn finish(
+        &mut self,
+        session_id: &Uuid,
+        password_file: PasswordFile,
+    ) -> Result<(), String> {
+        todo!()
+    }
+}
+
+struct KeyAuthLogin;
+impl<R: AuthRepo,S: AuthSession> OpaqueAuth<KeyAuthLogin, R, S>
+{
+    async fn start(
+        &mut self,
+        identifier: &[u8],
+        request_bytes: &CredentialRequest<NKodeCipherSuite>
+    ) -> Result<LoginSession, String> {
+        todo!()
+    }
+
+    async fn finish(
+        &mut self,
+        session_id: &Uuid,
+        message: &CredentialFinalization<NKodeCipherSuite>
+    ) -> Result<(), String> {
+        todo!()
+    }
+}
+
+struct CodeAuthRegistration;
+impl<R: AuthRepo,S: AuthSession> OpaqueAuth<CodeAuthRegistration, R, S>
+{
+    async fn start(
+        &mut self,
+        identifier: &[u8],
+        message: &RegistrationRequest<NKodeCipherSuite>
+    ) -> Result<RegSession, String> {
+        todo!()
+    }
+
+    async fn finish(
+        &mut self,
+        session_id: &Uuid,
+        password_file: PasswordFile,
+    ) -> Result<(), String> {
+        todo!()
+    }
+}
+
+struct CodeAuthLogin;
+impl<R: AuthRepo,S: AuthSession> OpaqueAuth<CodeAuthLogin, R, S>
+{
+    async fn start(
+        &mut self,
+        identifier: &[u8],
+        request_bytes: &CredentialRequest<NKodeCipherSuite>
+    ) -> Result<LoginSession, String> {
+        todo!()
+    }
+
+    async fn finish(
+        &mut self,
+        session_id: &Uuid,
+        message: &CredentialFinalization<NKodeCipherSuite>
+    ) -> Result<(), String> {
+        todo!()
+    }
+}