Simplify KeyPair handling

This commit is contained in:
Valentin Tolmer 2021-06-15 23:07:22 +02:00 committed by nitnelave
parent f918debc2e
commit c3bbcce6a3
8 changed files with 14 additions and 46 deletions

2
Cargo.lock generated
View File

@ -1679,7 +1679,7 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]] [[package]]
name = "opaque-ke" name = "opaque-ke"
version = "0.5.1-pre.1" version = "0.5.1-pre.1"
source = "git+https://github.com/novifinancial/opaque-ke?rev=cd85efc603f5d98ed794cdd56a6e59236cce3d32#cd85efc603f5d98ed794cdd56a6e59236cce3d32" source = "git+https://github.com/novifinancial/opaque-ke?rev=98f1821897cd2800e5bffb2a70541056145e99cc#98f1821897cd2800e5bffb2a70541056145e99cc"
dependencies = [ dependencies = [
"base64", "base64",
"curve25519-dalek", "curve25519-dalek",

View File

@ -42,7 +42,7 @@ rand = { version = "0.8", features = ["small_rng", "getrandom"] }
# TODO: update to 0.6 when out. # TODO: update to 0.6 when out.
[dependencies.opaque-ke] [dependencies.opaque-ke]
git = "https://github.com/novifinancial/opaque-ke" git = "https://github.com/novifinancial/opaque-ke"
rev = "cd85efc603f5d98ed794cdd56a6e59236cce3d32" rev = "98f1821897cd2800e5bffb2a70541056145e99cc"
[dependencies.sqlx] [dependencies.sqlx]
version = "0.5.1" version = "0.5.1"

2
app/Cargo.lock generated
View File

@ -997,7 +997,7 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]] [[package]]
name = "opaque-ke" name = "opaque-ke"
version = "0.5.1-pre.1" version = "0.5.1-pre.1"
source = "git+https://github.com/novifinancial/opaque-ke?rev=cd85efc603f5d98ed794cdd56a6e59236cce3d32#cd85efc603f5d98ed794cdd56a6e59236cce3d32" source = "git+https://github.com/novifinancial/opaque-ke?rev=98f1821897cd2800e5bffb2a70541056145e99cc#98f1821897cd2800e5bffb2a70541056145e99cc"
dependencies = [ dependencies = [
"base64", "base64",
"curve25519-dalek", "curve25519-dalek",

2
model/Cargo.lock generated
View File

@ -825,7 +825,7 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]] [[package]]
name = "opaque-ke" name = "opaque-ke"
version = "0.5.1-pre.1" version = "0.5.1-pre.1"
source = "git+https://github.com/novifinancial/opaque-ke?rev=cd85efc603f5d98ed794cdd56a6e59236cce3d32#cd85efc603f5d98ed794cdd56a6e59236cce3d32" source = "git+https://github.com/novifinancial/opaque-ke?rev=98f1821897cd2800e5bffb2a70541056145e99cc#98f1821897cd2800e5bffb2a70541056145e99cc"
dependencies = [ dependencies = [
"base64", "base64",
"curve25519-dalek", "curve25519-dalek",

View File

@ -23,7 +23,7 @@ thiserror = "*"
# TODO: update to 0.6 when out. # TODO: update to 0.6 when out.
[dependencies.opaque-ke] [dependencies.opaque-ke]
git = "https://github.com/novifinancial/opaque-ke" git = "https://github.com/novifinancial/opaque-ke"
rev = "cd85efc603f5d98ed794cdd56a6e59236cce3d32" rev = "98f1821897cd2800e5bffb2a70541056145e99cc"
[dependencies.chrono] [dependencies.chrono]
version = "*" version = "*"

View File

@ -9,40 +9,8 @@ pub enum AuthenticationError {
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>; pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
/// Wrapper around an opaque KeyPair to have type-checked public and private keys. pub use opaque_ke::keypair::{PublicKey, PrivateKey};
#[derive(Debug, Clone)] pub type KeyPair = opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::Group>;
pub struct KeyPair(pub opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::Group>);
pub struct PublicKey<'a>(&'a opaque_ke::keypair::Key);
pub struct PrivateKey<'a>(&'a opaque_ke::keypair::Key);
impl <'a> std::ops::Deref for PublicKey<'a> {
type Target = &'a opaque_ke::keypair::Key;
fn deref(&self) -> &Self::Target {
&self.0
}
}
impl <'a> std::ops::Deref for PrivateKey<'a> {
type Target = &'a opaque_ke::keypair::Key;
fn deref(&self) -> &Self::Target {
&self.0
}
}
impl KeyPair {
pub fn private(&self) -> PrivateKey<'_> {
PrivateKey(self.0.private())
}
pub fn public(&self) -> PublicKey<'_> {
PublicKey(self.0.public())
}
pub fn from_private_key_slice(input: &[u8]) -> std::result::Result<Self, opaque_ke::errors::InternalPakeError> {
opaque_ke::keypair::KeyPair::<<DefaultSuite as CipherSuite>::Group>::from_private_key_slice(input).map(Self)
}
}
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait. /// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
pub struct ArgonHasher; pub struct ArgonHasher;
@ -177,12 +145,12 @@ pub mod server {
pub fn start_registration<R: RngCore + CryptoRng>( pub fn start_registration<R: RngCore + CryptoRng>(
rng: &mut R, rng: &mut R,
registration_request: RegistrationRequest, registration_request: RegistrationRequest,
server_public_key: PublicKey<'_>, server_public_key: &PublicKey,
) -> AuthenticationResult<ServerRegistrationStartResult> { ) -> AuthenticationResult<ServerRegistrationStartResult> {
Ok(ServerRegistration::start( Ok(ServerRegistration::start(
rng, rng,
registration_request, registration_request,
*server_public_key, server_public_key,
)?) )?)
} }
@ -211,13 +179,13 @@ pub mod server {
pub fn start_login<R: RngCore + CryptoRng>( pub fn start_login<R: RngCore + CryptoRng>(
rng: &mut R, rng: &mut R,
password_file: ServerRegistration, password_file: ServerRegistration,
server_private_key: PrivateKey<'_>, server_private_key: &PrivateKey,
credential_request: CredentialRequest, credential_request: CredentialRequest,
) -> AuthenticationResult<ServerLoginStartResult> { ) -> AuthenticationResult<ServerLoginStartResult> {
Ok(ServerLogin::start( Ok(ServerLogin::start(
rng, rng,
password_file, password_file,
*server_private_key, server_private_key,
credential_request, credential_request,
ServerLoginStartParameters::default(), ServerLoginStartParameters::default(),
)?) )?)

View File

@ -23,7 +23,7 @@ impl SqlBackendHandler {
fn get_password_file( fn get_password_file(
clear_password: &str, clear_password: &str,
server_public_key: opaque::PublicKey<'_>, server_public_key: &opaque::PublicKey,
) -> Result<opaque::server::ServerRegistration> { ) -> Result<opaque::server::ServerRegistration> {
use opaque::{client, server}; use opaque::{client, server};
let mut rng = rand::rngs::OsRng; let mut rng = rand::rngs::OsRng;
@ -51,7 +51,7 @@ fn get_password_file(
fn passwords_match( fn passwords_match(
password_file_bytes: &[u8], password_file_bytes: &[u8],
clear_password: &str, clear_password: &str,
server_private_key: opaque::PrivateKey<'_>, server_private_key: &opaque::PrivateKey,
) -> Result<()> { ) -> Result<()> {
use opaque::{client, server}; use opaque::{client, server};
let mut rng = rand::rngs::OsRng; let mut rng = rand::rngs::OsRng;

View File

@ -103,7 +103,7 @@ fn get_server_keys(file_path: &str) -> Result<KeyPair> {
e e
) )
})?; })?;
Ok(KeyPair(keypair)) Ok(keypair)
} }
} }