From e820f8df28aa6ec9928625408cb91ad1340528c2 Mon Sep 17 00:00:00 2001 From: Donovan Date: Sun, 14 Dec 2025 10:47:57 -0600 Subject: [PATCH] add nkode-rs --- Cargo.lock | 162 +++++++++++++++++++-- Cargo.toml | 2 + src/lib.rs | 8 +- src/nkode.rs | 1 + src/{ => opaque}/client.rs | 2 +- src/{ => opaque}/in_memory_auth_repo.rs | 4 +- src/{ => opaque}/in_memory_auth_session.rs | 4 +- src/{ => opaque}/in_memory_transport.rs | 10 +- src/opaque/mod.rs | 6 + src/{ => opaque}/models.rs | 0 src/{ => opaque}/server.rs | 14 +- tests/in_memory_test.rs | 12 +- 12 files changed, 177 insertions(+), 48 deletions(-) create mode 100644 src/nkode.rs rename src/{ => opaque}/client.rs (97%) rename src/{ => opaque}/in_memory_auth_repo.rs (96%) rename src/{ => opaque}/in_memory_auth_session.rs (96%) rename src/{ => opaque}/in_memory_transport.rs (92%) create mode 100644 src/opaque/mod.rs rename src/{ => opaque}/models.rs (100%) rename src/{ => opaque}/server.rs (91%) diff --git a/Cargo.lock b/Cargo.lock index 17897fe..18c253a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2,6 +2,12 @@ # It is not intended for manual editing. version = 4 +[[package]] +name = "anyhow" +version = "1.0.100" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61" + [[package]] name = "argon2" version = "0.5.3" @@ -31,12 +37,31 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" +[[package]] +name = "base64" +version = "0.22.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" + [[package]] name = "base64ct" version = "1.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0e050f626429857a27ddccb31e0aca21356bfa709c04041aefddac081a8f068a" +[[package]] +name = "bcrypt" +version = "0.17.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "abaf6da45c74385272ddf00e1ac074c7d8a6c1a1dda376902bd6a427522a8b2c" +dependencies = [ + "base64", + "blowfish", + "getrandom 0.3.4", + "subtle", + "zeroize", +] + [[package]] name = "blake2" version = "0.10.6" @@ -55,18 +80,44 @@ dependencies = [ "generic-array", ] +[[package]] +name = "blowfish" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7" +dependencies = [ + "byteorder", + "cipher", +] + [[package]] name = "bumpalo" version = "3.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43" +[[package]] +name = "byteorder" +version = "1.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" + [[package]] name = "cfg-if" version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801" +[[package]] +name = "cipher" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad" +dependencies = [ + "crypto-common", + "inout", +] + [[package]] name = "const-oid" version = "0.9.6" @@ -89,7 +140,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0dc92fb57ca44df6db8059111ab3af99a63d5d0f8375d9972e319a379c6bab76" dependencies = [ "generic-array", - "rand_core", + "rand_core 0.6.4", "subtle", "zeroize", ] @@ -115,7 +166,7 @@ dependencies = [ "curve25519-dalek-derive", "digest", "fiat-crypto", - "rand_core", + "rand_core 0.6.4", "rustc_version", "serde", "subtle", @@ -224,7 +275,7 @@ dependencies = [ "generic-array", "group", "pkcs8", - "rand_core", + "rand_core 0.6.4", "sec1", "serdect", "subtle", @@ -237,7 +288,7 @@ version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0b50bfb653653f9ca9095b427bed08ab8d75a137839d9ad64eb11810d5b6393" dependencies = [ - "rand_core", + "rand_core 0.6.4", "subtle", ] @@ -284,6 +335,18 @@ dependencies = [ "wasip2", ] +[[package]] +name = "getset" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9cf0fc11e47561d47397154977bc219f4cf809b2974facc3ccb3b89e2436f912" +dependencies = [ + "proc-macro-error2", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "group" version = "0.13.0" @@ -291,7 +354,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" dependencies = [ "ff", - "rand_core", + "rand_core 0.6.4", "subtle", ] @@ -313,6 +376,15 @@ dependencies = [ "digest", ] +[[package]] +name = "inout" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01" +dependencies = [ + "generic-array", +] + [[package]] name = "js-sys" version = "0.3.82" @@ -334,13 +406,26 @@ name = "nkode-protocol" version = "0.1.0" dependencies = [ "async-trait", + "nkode-rs", "opaque-ke", - "rand", + "rand 0.8.5", "sha2", "tokio", "uuid", ] +[[package]] +name = "nkode-rs" +version = "0.1.0" +dependencies = [ + "anyhow", + "bcrypt", + "getset", + "rand 0.9.2", + "rand_chacha 0.9.0", + "sha2", +] + [[package]] name = "once_cell" version = "1.21.3" @@ -365,7 +450,7 @@ dependencies = [ "getrandom 0.2.16", "hkdf", "hmac", - "rand", + "rand 0.8.5", "serde", "subtle", "voprf", @@ -379,7 +464,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166" dependencies = [ "base64ct", - "rand_core", + "rand_core 0.6.4", "subtle", ] @@ -408,6 +493,28 @@ dependencies = [ "zerocopy", ] +[[package]] +name = "proc-macro-error-attr2" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" +dependencies = [ + "proc-macro2", + "quote", +] + +[[package]] +name = "proc-macro-error2" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" +dependencies = [ + "proc-macro-error-attr2", + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "proc-macro2" version = "1.0.103" @@ -439,8 +546,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", - "rand_chacha", - "rand_core", + "rand_chacha 0.3.1", + "rand_core 0.6.4", +] + +[[package]] +name = "rand" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1" +dependencies = [ + "rand_chacha 0.9.0", + "rand_core 0.9.3", ] [[package]] @@ -450,7 +567,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core", + "rand_core 0.6.4", +] + +[[package]] +name = "rand_chacha" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb" +dependencies = [ + "ppv-lite86", + "rand_core 0.9.3", ] [[package]] @@ -462,6 +589,15 @@ dependencies = [ "getrandom 0.2.16", ] +[[package]] +name = "rand_core" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38" +dependencies = [ + "getrandom 0.3.4", +] + [[package]] name = "rustc_version" version = "0.4.1" @@ -556,7 +692,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "77549399552de45a898a580c1b41d445bf730df867cc44e6c0233bbc4b8329de" dependencies = [ "digest", - "rand_core", + "rand_core 0.6.4", ] [[package]] @@ -648,7 +784,7 @@ dependencies = [ "displaydoc", "elliptic-curve", "generic-array", - "rand_core", + "rand_core 0.6.4", "serde", "sha2", "subtle", diff --git a/Cargo.toml b/Cargo.toml index b9a3560..7c59ecb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -10,4 +10,6 @@ sha2 = "0.10.9" async-trait = "0.1.89" uuid = { version = "1.19.0", features = ["v4"] } tokio = { version = "1.48.0", features = ["macros", "rt-multi-thread", "sync"] } +nkode-rs = { path = "nkode-rs" } + diff --git a/src/lib.rs b/src/lib.rs index efa9c92..0ffc484 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,6 +1,2 @@ -pub mod models; -pub mod client; -pub mod server; -pub mod in_memory_auth_repo; -pub mod in_memory_auth_session; -pub mod in_memory_transport; +pub mod nkode; +pub mod opaque; diff --git a/src/nkode.rs b/src/nkode.rs new file mode 100644 index 0000000..fee59c7 --- /dev/null +++ b/src/nkode.rs @@ -0,0 +1 @@ +use nkode_rs::nkode_core::policy::DEFAULT_POLICY; \ No newline at end of file diff --git a/src/client.rs b/src/opaque/client.rs similarity index 97% rename from src/client.rs rename to src/opaque/client.rs index df89314..a2b9282 100644 --- a/src/client.rs +++ b/src/opaque/client.rs @@ -9,7 +9,7 @@ use opaque_ke::{ RegistrationRequest, }; -use crate::models::{RegisterSession, LoginSession, NKodeCipherSuite, PasswordFile}; +use crate::opaque::models::{RegisterSession, LoginSession, NKodeCipherSuite, PasswordFile}; diff --git a/src/in_memory_auth_repo.rs b/src/opaque/in_memory_auth_repo.rs similarity index 96% rename from src/in_memory_auth_repo.rs rename to src/opaque/in_memory_auth_repo.rs index 5da79c8..acf34f2 100644 --- a/src/in_memory_auth_repo.rs +++ b/src/opaque/in_memory_auth_repo.rs @@ -1,7 +1,7 @@ use std::collections::HashMap; -use crate::models::PasswordFile; -use crate::server::{AuthRepo, AuthRepoError}; +use crate::opaque::models::PasswordFile; +use crate::opaque::server::{AuthRepo, AuthRepoError}; #[derive(Debug, Default)] pub struct InMemoryAuthRepo { diff --git a/src/in_memory_auth_session.rs b/src/opaque/in_memory_auth_session.rs similarity index 96% rename from src/in_memory_auth_session.rs rename to src/opaque/in_memory_auth_session.rs index 56b7b7b..21e86fc 100644 --- a/src/in_memory_auth_session.rs +++ b/src/opaque/in_memory_auth_session.rs @@ -1,7 +1,7 @@ use std::collections::HashMap; -use crate::server::{RegCache, LoginCache, AuthSession}; +use crate::opaque::server::{RegCache, LoginCache, AuthSession}; use opaque_ke::{ServerLogin}; -use crate::models::NKodeCipherSuite; +use crate::opaque::models::NKodeCipherSuite; use uuid::Uuid; #[derive(Default)] diff --git a/src/in_memory_transport.rs b/src/opaque/in_memory_transport.rs similarity index 92% rename from src/in_memory_transport.rs rename to src/opaque/in_memory_transport.rs index 764e538..db39f84 100644 --- a/src/in_memory_transport.rs +++ b/src/opaque/in_memory_transport.rs @@ -4,11 +4,11 @@ use tokio::sync::Mutex; use std::sync::Arc; use uuid::Uuid; use opaque_ke::{CredentialFinalization, CredentialRequest, RegistrationRequest}; -use crate::client::{ClientAuthError, ServerConnectionLogin, ServerConnectionRegister}; -use crate::models::{LoginSession, RegisterSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile}; -use crate::server::{OpaqueAuth, CredKind, Key, Code}; -use crate::in_memory_auth_repo::InMemoryAuthRepo; -use crate::in_memory_auth_session::InMemoryAuthSession; +use crate::opaque::client::{ClientAuthError, ServerConnectionLogin, ServerConnectionRegister}; +use crate::opaque::models::{LoginSession, RegisterSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile}; +use crate::opaque::server::{OpaqueAuth, CredKind, Key, Code}; +use crate::opaque::in_memory_auth_repo::InMemoryAuthRepo; +use crate::opaque::in_memory_auth_session::InMemoryAuthSession; pub struct InMemoryServer { auth: OpaqueAuth, diff --git a/src/opaque/mod.rs b/src/opaque/mod.rs new file mode 100644 index 0000000..8904160 --- /dev/null +++ b/src/opaque/mod.rs @@ -0,0 +1,6 @@ +pub mod server; +pub mod models; +pub mod client; +pub mod in_memory_auth_repo; +pub mod in_memory_auth_session; +pub mod in_memory_transport; \ No newline at end of file diff --git a/src/models.rs b/src/opaque/models.rs similarity index 100% rename from src/models.rs rename to src/opaque/models.rs diff --git a/src/server.rs b/src/opaque/server.rs similarity index 91% rename from src/server.rs rename to src/opaque/server.rs index 8697176..ce4e6ed 100644 --- a/src/server.rs +++ b/src/opaque/server.rs @@ -4,7 +4,7 @@ use opaque_ke::{ ServerRegistration, }; use uuid::Uuid; -use crate::models::{RegisterSession, LoginSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile}; +use crate::opaque::models::{RegisterSession, LoginSession, NKodeCipherSuite, NKodeServerSetup, PasswordFile}; #[derive(Debug)] pub enum AuthRepoError { @@ -49,7 +49,6 @@ pub trait AuthSession { fn clear_login_session(&mut self, session_id: &Uuid) -> Result<(), String>; } - pub trait CredKind { fn has(repo: &R, id: &[u8]) -> bool; fn get_pf(repo: &R, id: &[u8]) -> Result; @@ -189,14 +188,3 @@ impl OpaqueAuth { Ok(finish.session_key.to_vec()) } } - -// ---------------- Usage notes ---------------- -// -// You now have these concrete “types” for your call sites: -// -// KeyAuthRegistration == OpaqueAuth, R, S> -// CodeAuthRegistration == OpaqueAuth, R, S> -// KeyAuthLogin == OpaqueAuth, R, S> -// CodeAuthLogin == OpaqueAuth, R, S> -// -// And you only wrote the reg/login OPAQUE logic once. diff --git a/tests/in_memory_test.rs b/tests/in_memory_test.rs index b47f2e8..bc2f962 100644 --- a/tests/in_memory_test.rs +++ b/tests/in_memory_test.rs @@ -1,12 +1,12 @@ use std::sync::Arc; use opaque_ke::rand::rngs::OsRng; use tokio::sync::Mutex; -use nkode_protocol::client::{AuthenticationData, OpaqueAuthentication, ClientAuthError}; -use nkode_protocol::in_memory_auth_repo::InMemoryAuthRepo; -use nkode_protocol::in_memory_auth_session::InMemoryAuthSession; -use nkode_protocol::in_memory_transport::{InMemoryKeyServer, InMemoryCodeServer, SharedServer}; -use nkode_protocol::models::NKodeServerSetup; -use nkode_protocol::server::{Code, Key, OpaqueAuth}; +use nkode_protocol::opaque::client::{AuthenticationData, OpaqueAuthentication, ClientAuthError}; +use nkode_protocol::opaque::in_memory_auth_repo::InMemoryAuthRepo; +use nkode_protocol::opaque::in_memory_auth_session::InMemoryAuthSession; +use nkode_protocol::opaque::in_memory_transport::{InMemoryKeyServer, InMemoryCodeServer, SharedServer}; +use nkode_protocol::opaque::models::NKodeServerSetup; +use nkode_protocol::opaque::server::{Code, Key, OpaqueAuth}; #[tokio::test] async fn opaque_key_registration_and_login_roundtrip() {