Opaque: use argon2 as slow hash

This commit is contained in:
Valentin Tolmer 2021-06-08 23:24:33 +02:00 committed by nitnelave
parent 973fa40dd1
commit 86bfd37b70
5 changed files with 114 additions and 1 deletions

3
Cargo.lock generated
View File

@ -1287,9 +1287,12 @@ version = "0.1.0"
dependencies = [ dependencies = [
"chrono", "chrono",
"curve25519-dalek", "curve25519-dalek",
"digest",
"generic-array",
"getrandom 0.2.3", "getrandom 0.2.3",
"opaque-ke", "opaque-ke",
"rand 0.8.3", "rand 0.8.3",
"rust-argon2",
"serde", "serde",
"sha2", "sha2",
"sqlx", "sqlx",

38
app/Cargo.lock generated
View File

@ -50,6 +50,12 @@ version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33954243bd79057c2de7338850b85983a44588021f8a5fee574a8888c6de4344" checksum = "33954243bd79057c2de7338850b85983a44588021f8a5fee574a8888c6de4344"
[[package]]
name = "arrayref"
version = "0.3.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544"
[[package]] [[package]]
name = "arrayvec" name = "arrayvec"
version = "0.5.2" version = "0.5.2"
@ -110,6 +116,17 @@ dependencies = [
"wyz", "wyz",
] ]
[[package]]
name = "blake2b_simd"
version = "0.5.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
dependencies = [
"arrayref",
"arrayvec",
"constant_time_eq",
]
[[package]] [[package]]
name = "block-buffer" name = "block-buffer"
version = "0.9.0" version = "0.9.0"
@ -197,6 +214,12 @@ dependencies = [
"wasm-bindgen", "wasm-bindgen",
] ]
[[package]]
name = "constant_time_eq"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
[[package]] [[package]]
name = "core-foundation" name = "core-foundation"
version = "0.9.1" version = "0.9.1"
@ -745,9 +768,12 @@ version = "0.1.0"
dependencies = [ dependencies = [
"chrono", "chrono",
"curve25519-dalek", "curve25519-dalek",
"digest",
"generic-array",
"getrandom 0.2.3", "getrandom 0.2.3",
"opaque-ke", "opaque-ke",
"rand 0.8.4", "rand 0.8.4",
"rust-argon2",
"serde", "serde",
"sha2", "sha2",
"sqlx", "sqlx",
@ -1259,6 +1285,18 @@ dependencies = [
"zeroize", "zeroize",
] ]
[[package]]
name = "rust-argon2"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
dependencies = [
"base64",
"blake2b_simd",
"constant_time_eq",
"crossbeam-utils",
]
[[package]] [[package]]
name = "ryu" name = "ryu"
version = "1.0.5" version = "1.0.5"

38
model/Cargo.lock generated
View File

@ -38,6 +38,12 @@ dependencies = [
"memchr", "memchr",
] ]
[[package]]
name = "arrayref"
version = "0.3.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544"
[[package]] [[package]]
name = "arrayvec" name = "arrayvec"
version = "0.5.2" version = "0.5.2"
@ -89,6 +95,17 @@ dependencies = [
"wyz", "wyz",
] ]
[[package]]
name = "blake2b_simd"
version = "0.5.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
dependencies = [
"arrayref",
"arrayvec",
"constant_time_eq",
]
[[package]] [[package]]
name = "block-buffer" name = "block-buffer"
version = "0.9.0" version = "0.9.0"
@ -148,6 +165,12 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "constant_time_eq"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
[[package]] [[package]]
name = "core-foundation" name = "core-foundation"
version = "0.9.1" version = "0.9.1"
@ -604,9 +627,12 @@ version = "0.1.0"
dependencies = [ dependencies = [
"chrono", "chrono",
"curve25519-dalek", "curve25519-dalek",
"digest",
"generic-array",
"getrandom 0.2.2", "getrandom 0.2.2",
"opaque-ke", "opaque-ke",
"rand", "rand",
"rust-argon2",
"serde", "serde",
"sha2", "sha2",
"sqlx", "sqlx",
@ -1083,6 +1109,18 @@ dependencies = [
"zeroize", "zeroize",
] ]
[[package]]
name = "rust-argon2"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
dependencies = [
"base64",
"blake2b_simd",
"constant_time_eq",
"crossbeam-utils",
]
[[package]] [[package]]
name = "ryu" name = "ryu"
version = "1.0.5" version = "1.0.5"

View File

@ -11,7 +11,10 @@ opaque_client = []
js = [] js = []
[dependencies] [dependencies]
rust-argon2 = "0.8"
curve25519-dalek = "3" curve25519-dalek = "3"
digest = "*"
generic-array = "*"
opaque-ke = "0.5" opaque-ke = "0.5"
rand = "0.8" rand = "0.8"
serde = "*" serde = "*"

View File

@ -9,6 +9,36 @@ pub enum AuthenticationError {
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>; pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
pub struct ArgonHasher;
impl ArgonHasher {
/// Fixed salt, doesn't affect the security. It is only used to make attacks more
/// computationally intensive, it doesn't serve any security purpose.
const SALT: &'static [u8] = b"lldap_opaque_salt";
/// Config for the argon hasher. Security enthusiasts may want to tweak this for their system.
const CONFIG: &'static argon2::Config<'static> = &argon2::Config {
ad: &[],
hash_length: 128,
lanes: 1,
mem_cost: 50 * 1024, // 50 MB, in KB
secret: &[],
thread_mode: argon2::ThreadMode::Sequential,
time_cost: 5,
variant: argon2::Variant::Argon2id,
version: argon2::Version::Version13,
};
}
impl<D: opaque_ke::hash::Hash> opaque_ke::slow_hash::SlowHash<D> for ArgonHasher {
fn hash(
input: generic_array::GenericArray<u8, <D as digest::Digest>::OutputSize>,
) -> Result<Vec<u8>, opaque_ke::errors::InternalPakeError> {
argon2::hash_raw(&input, Self::SALT, Self::CONFIG)
.map_err(|_| opaque_ke::errors::InternalPakeError::HashingFailure)
}
}
/// The ciphersuite trait allows to specify the underlying primitives /// The ciphersuite trait allows to specify the underlying primitives
/// that will be used in the OPAQUE protocol /// that will be used in the OPAQUE protocol
#[allow(dead_code)] #[allow(dead_code)]
@ -17,7 +47,8 @@ impl CipherSuite for DefaultSuite {
type Group = curve25519_dalek::ristretto::RistrettoPoint; type Group = curve25519_dalek::ristretto::RistrettoPoint;
type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH; type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDH;
type Hash = sha2::Sha512; type Hash = sha2::Sha512;
type SlowHash = opaque_ke::slow_hash::NoOpHash; /// Use argon2 as the slow hashing algorithm for our CipherSuite.
type SlowHash = ArgonHasher;
} }
/// Client-side code for OPAQUE protocol handling, to register a new user and login. All methods' /// Client-side code for OPAQUE protocol handling, to register a new user and login. All methods'