mirror of
https://github.com/nitnelave/lldap.git
synced 2023-04-12 14:25:13 +00:00
Simplify KeyPair handling
This commit is contained in:
parent
f918debc2e
commit
c3bbcce6a3
2
Cargo.lock
generated
2
Cargo.lock
generated
@ -1679,7 +1679,7 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
|
|||||||
[[package]]
|
[[package]]
|
||||||
name = "opaque-ke"
|
name = "opaque-ke"
|
||||||
version = "0.5.1-pre.1"
|
version = "0.5.1-pre.1"
|
||||||
source = "git+https://github.com/novifinancial/opaque-ke?rev=cd85efc603f5d98ed794cdd56a6e59236cce3d32#cd85efc603f5d98ed794cdd56a6e59236cce3d32"
|
source = "git+https://github.com/novifinancial/opaque-ke?rev=98f1821897cd2800e5bffb2a70541056145e99cc#98f1821897cd2800e5bffb2a70541056145e99cc"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"base64",
|
||||||
"curve25519-dalek",
|
"curve25519-dalek",
|
||||||
|
@ -42,7 +42,7 @@ rand = { version = "0.8", features = ["small_rng", "getrandom"] }
|
|||||||
# TODO: update to 0.6 when out.
|
# TODO: update to 0.6 when out.
|
||||||
[dependencies.opaque-ke]
|
[dependencies.opaque-ke]
|
||||||
git = "https://github.com/novifinancial/opaque-ke"
|
git = "https://github.com/novifinancial/opaque-ke"
|
||||||
rev = "cd85efc603f5d98ed794cdd56a6e59236cce3d32"
|
rev = "98f1821897cd2800e5bffb2a70541056145e99cc"
|
||||||
|
|
||||||
[dependencies.sqlx]
|
[dependencies.sqlx]
|
||||||
version = "0.5.1"
|
version = "0.5.1"
|
||||||
|
2
app/Cargo.lock
generated
2
app/Cargo.lock
generated
@ -997,7 +997,7 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
|
|||||||
[[package]]
|
[[package]]
|
||||||
name = "opaque-ke"
|
name = "opaque-ke"
|
||||||
version = "0.5.1-pre.1"
|
version = "0.5.1-pre.1"
|
||||||
source = "git+https://github.com/novifinancial/opaque-ke?rev=cd85efc603f5d98ed794cdd56a6e59236cce3d32#cd85efc603f5d98ed794cdd56a6e59236cce3d32"
|
source = "git+https://github.com/novifinancial/opaque-ke?rev=98f1821897cd2800e5bffb2a70541056145e99cc#98f1821897cd2800e5bffb2a70541056145e99cc"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"base64",
|
||||||
"curve25519-dalek",
|
"curve25519-dalek",
|
||||||
|
2
model/Cargo.lock
generated
2
model/Cargo.lock
generated
@ -825,7 +825,7 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
|
|||||||
[[package]]
|
[[package]]
|
||||||
name = "opaque-ke"
|
name = "opaque-ke"
|
||||||
version = "0.5.1-pre.1"
|
version = "0.5.1-pre.1"
|
||||||
source = "git+https://github.com/novifinancial/opaque-ke?rev=cd85efc603f5d98ed794cdd56a6e59236cce3d32#cd85efc603f5d98ed794cdd56a6e59236cce3d32"
|
source = "git+https://github.com/novifinancial/opaque-ke?rev=98f1821897cd2800e5bffb2a70541056145e99cc#98f1821897cd2800e5bffb2a70541056145e99cc"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"base64",
|
||||||
"curve25519-dalek",
|
"curve25519-dalek",
|
||||||
|
@ -23,7 +23,7 @@ thiserror = "*"
|
|||||||
# TODO: update to 0.6 when out.
|
# TODO: update to 0.6 when out.
|
||||||
[dependencies.opaque-ke]
|
[dependencies.opaque-ke]
|
||||||
git = "https://github.com/novifinancial/opaque-ke"
|
git = "https://github.com/novifinancial/opaque-ke"
|
||||||
rev = "cd85efc603f5d98ed794cdd56a6e59236cce3d32"
|
rev = "98f1821897cd2800e5bffb2a70541056145e99cc"
|
||||||
|
|
||||||
[dependencies.chrono]
|
[dependencies.chrono]
|
||||||
version = "*"
|
version = "*"
|
||||||
|
@ -9,40 +9,8 @@ pub enum AuthenticationError {
|
|||||||
|
|
||||||
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
|
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
|
||||||
|
|
||||||
/// Wrapper around an opaque KeyPair to have type-checked public and private keys.
|
pub use opaque_ke::keypair::{PublicKey, PrivateKey};
|
||||||
#[derive(Debug, Clone)]
|
pub type KeyPair = opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::Group>;
|
||||||
pub struct KeyPair(pub opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::Group>);
|
|
||||||
|
|
||||||
pub struct PublicKey<'a>(&'a opaque_ke::keypair::Key);
|
|
||||||
pub struct PrivateKey<'a>(&'a opaque_ke::keypair::Key);
|
|
||||||
|
|
||||||
impl <'a> std::ops::Deref for PublicKey<'a> {
|
|
||||||
type Target = &'a opaque_ke::keypair::Key;
|
|
||||||
fn deref(&self) -> &Self::Target {
|
|
||||||
&self.0
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl <'a> std::ops::Deref for PrivateKey<'a> {
|
|
||||||
type Target = &'a opaque_ke::keypair::Key;
|
|
||||||
fn deref(&self) -> &Self::Target {
|
|
||||||
&self.0
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl KeyPair {
|
|
||||||
pub fn private(&self) -> PrivateKey<'_> {
|
|
||||||
PrivateKey(self.0.private())
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn public(&self) -> PublicKey<'_> {
|
|
||||||
PublicKey(self.0.public())
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn from_private_key_slice(input: &[u8]) -> std::result::Result<Self, opaque_ke::errors::InternalPakeError> {
|
|
||||||
opaque_ke::keypair::KeyPair::<<DefaultSuite as CipherSuite>::Group>::from_private_key_slice(input).map(Self)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
|
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
|
||||||
pub struct ArgonHasher;
|
pub struct ArgonHasher;
|
||||||
@ -177,12 +145,12 @@ pub mod server {
|
|||||||
pub fn start_registration<R: RngCore + CryptoRng>(
|
pub fn start_registration<R: RngCore + CryptoRng>(
|
||||||
rng: &mut R,
|
rng: &mut R,
|
||||||
registration_request: RegistrationRequest,
|
registration_request: RegistrationRequest,
|
||||||
server_public_key: PublicKey<'_>,
|
server_public_key: &PublicKey,
|
||||||
) -> AuthenticationResult<ServerRegistrationStartResult> {
|
) -> AuthenticationResult<ServerRegistrationStartResult> {
|
||||||
Ok(ServerRegistration::start(
|
Ok(ServerRegistration::start(
|
||||||
rng,
|
rng,
|
||||||
registration_request,
|
registration_request,
|
||||||
*server_public_key,
|
server_public_key,
|
||||||
)?)
|
)?)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -211,13 +179,13 @@ pub mod server {
|
|||||||
pub fn start_login<R: RngCore + CryptoRng>(
|
pub fn start_login<R: RngCore + CryptoRng>(
|
||||||
rng: &mut R,
|
rng: &mut R,
|
||||||
password_file: ServerRegistration,
|
password_file: ServerRegistration,
|
||||||
server_private_key: PrivateKey<'_>,
|
server_private_key: &PrivateKey,
|
||||||
credential_request: CredentialRequest,
|
credential_request: CredentialRequest,
|
||||||
) -> AuthenticationResult<ServerLoginStartResult> {
|
) -> AuthenticationResult<ServerLoginStartResult> {
|
||||||
Ok(ServerLogin::start(
|
Ok(ServerLogin::start(
|
||||||
rng,
|
rng,
|
||||||
password_file,
|
password_file,
|
||||||
*server_private_key,
|
server_private_key,
|
||||||
credential_request,
|
credential_request,
|
||||||
ServerLoginStartParameters::default(),
|
ServerLoginStartParameters::default(),
|
||||||
)?)
|
)?)
|
||||||
|
@ -23,7 +23,7 @@ impl SqlBackendHandler {
|
|||||||
|
|
||||||
fn get_password_file(
|
fn get_password_file(
|
||||||
clear_password: &str,
|
clear_password: &str,
|
||||||
server_public_key: opaque::PublicKey<'_>,
|
server_public_key: &opaque::PublicKey,
|
||||||
) -> Result<opaque::server::ServerRegistration> {
|
) -> Result<opaque::server::ServerRegistration> {
|
||||||
use opaque::{client, server};
|
use opaque::{client, server};
|
||||||
let mut rng = rand::rngs::OsRng;
|
let mut rng = rand::rngs::OsRng;
|
||||||
@ -51,7 +51,7 @@ fn get_password_file(
|
|||||||
fn passwords_match(
|
fn passwords_match(
|
||||||
password_file_bytes: &[u8],
|
password_file_bytes: &[u8],
|
||||||
clear_password: &str,
|
clear_password: &str,
|
||||||
server_private_key: opaque::PrivateKey<'_>,
|
server_private_key: &opaque::PrivateKey,
|
||||||
) -> Result<()> {
|
) -> Result<()> {
|
||||||
use opaque::{client, server};
|
use opaque::{client, server};
|
||||||
let mut rng = rand::rngs::OsRng;
|
let mut rng = rand::rngs::OsRng;
|
||||||
|
@ -103,7 +103,7 @@ fn get_server_keys(file_path: &str) -> Result<KeyPair> {
|
|||||||
e
|
e
|
||||||
)
|
)
|
||||||
})?;
|
})?;
|
||||||
Ok(KeyPair(keypair))
|
Ok(keypair)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user