use opaque_ke::{CredentialFinalization, CredentialRequest, RegistrationRequest, RegistrationResponse, Ristretto255, TripleDh, ServerLogin, ServerLoginParameters, ServerLoginStartResult, ServerRegistration, ServerSetup, ClientRegistrationStartResult, ClientLogin, ClientLoginFinishParameters, ClientLoginFinishResult, ClientLoginStartResult, ClientRegistration, ClientRegistrationFinishParameters, CredentialResponse, RegistrationUploadLen, ServerLoginFinishResult}; use opaque_ke::errors::ProtocolError; use opaque_ke::keypair::{OprfSeed, PrivateKey}; use sha2::Sha512; use opaque_ke::CipherSuite; use opaque_ke::argon2::Argon2; use opaque_ke::generic_array::GenericArray; use uuid::Uuid; use opaque_ke::rand::rngs::OsRng; use std::marker::PhantomData; pub const NONCE_SIZE: usize = 12; pub const SECRET_KEY_SIZE: usize = 16; pub const SESSION_KEY_SIZE: usize = 32; pub struct NKodeCipherSuite; impl CipherSuite for NKodeCipherSuite { type OprfCs = Ristretto255; type KeyExchange = TripleDh; type Ksf = Argon2<'static>; } pub type NKodeServerSetup = ServerSetup, OprfSeed>; pub struct RegisterSession { response: RegistrationResponse, session_id: Uuid } type PasswordFile = GenericArray>; pub async fn register_secret_key( email: &String, key: &[u8; SECRET_KEY_SIZE], server: &mut NKodeServer ) -> Result<(),String> where R: Repo, S: Sessions { let mut client_rng = OsRng; let client_reg_start = ClientRegistration::::start(&mut client_rng, key).expect("error starting registration"); let server_response = server.start(email, &client_reg_start.message).await.expect("error getting server response"); let client_finish = client_reg_start.state.finish(&mut client_rng, key, server_response.response, ClientRegistrationFinishParameters::default()).expect(""); server.finish(&server_response.session_id, &client_finish.message.serialize()).await.expect("server to finish secret reg without error"); Ok(()) } pub struct LoginSession { response: CredentialResponse, session_id: Uuid } pub async fn login_secret_key(email: &String, key: &[u8; SECRET_KEY_SIZE], server: &mut NKodeServer) -> Result, String> where R: Repo, S: Sessions { let mut client_rng = OsRng; let client_start = ClientLogin::::start(&mut client_rng, key).expect("client secret key login to start result"); let server_response = server.start(email, client_start.message).await.expect("server secret key login start response"); let client_finish = client_start.state.finish(&mut client_rng, key,server_response.response,ClientLoginFinishParameters::default()).expect(""); server.finish(&server_response.session_id, client_finish.message).await.expect("server secret key login to finish"); Ok(client_finish.session_key.to_vec()) } pub trait Repo {} pub trait Sessions {} pub struct NKodeServer { server_setup: NKodeServerSetup, repo: R, session: S, _state: PhantomData } pub type KeyRegisterSession = RegisterSession; pub struct KeyRegister; pub struct KeyLoginI; pub struct CodeRegister; impl NKodeServer where R: Repo, S: Sessions { pub fn new(server_setup: NKodeServerSetup, repo: R, sessions: S) -> Self { todo!() } pub async fn start( &mut self, email: &String, message: &RegistrationRequest ) -> Result { todo!() } pub async fn finish( &mut self, session_id: &Uuid, password_file: &PasswordFile ) -> Result, ProtocolError> { todo!() } } pub type KeyLoginPhaseISession = LoginSession; impl NKodeServer where R: Repo, S: Sessions { pub async fn start( &mut self, email: &String, request_bytes:CredentialRequest ) -> Result { todo!() } pub async fn finish( &mut self, session_id: &Uuid, message: CredentialFinalization ) -> Result, ProtocolError> { todo!() } } pub type CodeRegisterSession = RegisterSession; pub struct CodeLogin; impl NKodeServer where R: Repo, S: Sessions { pub fn new(server_setup: NKodeServerSetup) -> Self { todo!() } pub async fn start( &mut self, email: &String, message: &RegistrationRequest ) -> Result { todo!() } pub async fn finish( &mut self, session_id: &Uuid, password_file: &PasswordFile) -> Result, ProtocolError> { todo!() } } pub type CodeLoginSession = LoginSession; impl NKodeServer where R: Repo, S: Sessions { pub async fn start( &mut self, email: &String, request_bytes:CredentialRequest ) -> Result { todo!() } pub async fn finish( &mut self, session_id: &Uuid, message:CredentialFinalization ) -> Result { todo!() } } pub struct LoggedIn { session_key: Vec, session_id: Uuid, }