diff --git a/services/identity/Cargo.lock b/services/identity/Cargo.lock --- a/services/identity/Cargo.lock +++ b/services/identity/Cargo.lock @@ -413,6 +413,12 @@ "tower-service", ] +[[package]] +name = "base16ct" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "349a06037c7bf932dd7e7d1f653678b2038b9ad46a74102f1fc7bd7872678cce" + [[package]] name = "base64" version = "0.13.1" @@ -574,12 +580,31 @@ version = "0.1.0" dependencies = [ "argon2", - "curve25519-dalek", + "curve25519-dalek 3.2.0", "digest 0.9.0", - "opaque-ke", - "sha2", + "opaque-ke 1.2.0", + "sha2 0.9.9", +] + +[[package]] +name = "comm-opaque2" +version = "0.2.0" +dependencies = [ + "argon2", + "getrandom 0.2.8", + "log", + "opaque-ke 2.0.0", + "rand", + "tonic", + "wasm-bindgen", ] +[[package]] +name = "const-oid" +version = "0.9.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "520fbf3c07483f94e3e3ca9d0cfd913d7718ef2483d2cfd91c0d9e91474ab913" + [[package]] name = "constant_time_eq" version = "0.1.5" @@ -625,9 +650,21 @@ [[package]] name = "crypto-bigint" -version = "0.2.11" +version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f83bd3bb4314701c568e340cd8cf78c975aa0ca79e03d3f6d1677d5b0c9c0c03" +checksum = "8658c15c5d921ddf980f7fe25b1e82f4b7a4083b2c4985fea4922edb8e43e07d" +dependencies = [ + "generic-array", + "rand_core 0.6.4", + "subtle", + "zeroize", +] + +[[package]] +name = "crypto-bigint" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ef2b4b23cddf68b89b8f8069890e8c270d54e2d5fe1b143820234805e4cb17ef" dependencies = [ "generic-array", "rand_core 0.6.4", @@ -677,6 +714,19 @@ "zeroize", ] +[[package]] +name = "curve25519-dalek" +version = "4.0.0-pre.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4033478fbf70d6acf2655ac70da91ee65852d69daf7a67bf7a2f518fb47aafcf" +dependencies = [ + "byteorder", + "digest 0.9.0", + "rand_core 0.6.4", + "subtle", + "zeroize", +] + [[package]] name = "cxx" version = "1.0.91" @@ -727,6 +777,26 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "79b71cca7d95d7681a4b3b9cdf63c8dbc3730d0584c2c74e31416d64a90493f4" +[[package]] +name = "der" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" +dependencies = [ + "const-oid", +] + +[[package]] +name = "derive-where" +version = "1.0.0-rc.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d322f2907b2abad3117790c1a54d8f2d64574ba0fbea54cb6c6e66a0e50d99a4" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "derive_more" version = "0.99.17" @@ -777,9 +847,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "43ee23aa5b4f68c7a092b5c3beb25f50c406adc75e2363634f242f28ab255372" dependencies = [ - "der", - "elliptic-curve", - "hmac", + "der 0.4.5", + "elliptic-curve 0.10.4", + "hmac 0.11.0", "signature", ] @@ -791,19 +861,38 @@ [[package]] name = "elliptic-curve" -version = "0.10.6" +version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "beca177dcb8eb540133e7680baff45e7cc4d93bf22002676cec549f82343721b" +checksum = "83e5c176479da93a0983f0a6fdc3c1b8e7d5be0d7fe3fe05a99f15b96582b9a8" dependencies = [ - "crypto-bigint", - "ff", + "crypto-bigint 0.2.5", + "ff 0.10.1", "generic-array", - "group", + "group 0.10.0", "rand_core 0.6.4", "subtle", "zeroize", ] +[[package]] +name = "elliptic-curve" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7bb888ab5300a19b8e5bceef25ac745ad065f3c9f7efc6de1b91958110891d3" +dependencies = [ + "base16ct", + "crypto-bigint 0.4.9", + "der 0.6.1", + "digest 0.10.6", + "ff 0.12.1", + "generic-array", + "group 0.12.1", + "rand_core 0.6.4", + "sec1", + "subtle", + "zeroize", +] + [[package]] name = "fastrand" version = "1.9.0" @@ -823,6 +912,16 @@ "subtle", ] +[[package]] +name = "ff" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d013fc25338cc558c5c2cfbad646908fb23591e2404481826742b651c9af7160" +dependencies = [ + "rand_core 0.6.4", + "subtle", +] + [[package]] name = "fixedbitset" version = "0.4.2" @@ -902,6 +1001,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" dependencies = [ + "serde", "typenum", "version_check", ] @@ -936,7 +1036,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c363a5301b8f153d80747126a04b3c82073b9fe3130571a9d170cacdeaf7912" dependencies = [ - "ff", + "ff 0.10.1", + "rand_core 0.6.4", + "subtle", +] + +[[package]] +name = "group" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5dfbfb3a6cfbd390d5c9564ab283a0349b9b9fcd46a706c1eb10e0db70bfbac7" +dependencies = [ + "ff 0.12.1", "rand_core 0.6.4", "subtle", ] @@ -1003,7 +1114,16 @@ checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b" dependencies = [ "digest 0.9.0", - "hmac", + "hmac 0.11.0", +] + +[[package]] +name = "hkdf" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "791a029f6b9fc27657f6f188ec6e5e43f6911f6f878e0dc5501396e09809d437" +dependencies = [ + "hmac 0.12.1", ] [[package]] @@ -1016,6 +1136,15 @@ "digest 0.9.0", ] +[[package]] +name = "hmac" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" +dependencies = [ + "digest 0.10.6", +] + [[package]] name = "http" version = "0.2.9" @@ -1144,13 +1273,14 @@ "chrono", "clap", "comm-opaque", + "comm-opaque2", "constant_time_eq 0.2.4", - "curve25519-dalek", + "curve25519-dalek 3.2.0", "derive_more", "futures-core", "hex", "once_cell", - "opaque-ke", + "opaque-ke 1.2.0", "prost", "rand", "siwe", @@ -1216,13 +1346,13 @@ [[package]] name = "k256" -version = "0.9.6" +version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "903ae2481bcdfdb7b68e0a9baa4b7c9aff600b9ae2e8e5bb5833b8c91ab851ea" +checksum = "008b0281ca8032567c9711cd48631781c15228301860a39b32deb28d63125e46" dependencies = [ "cfg-if", "ecdsa", - "elliptic-curve", + "elliptic-curve 0.10.4", "sha3", ] @@ -1375,18 +1505,40 @@ checksum = "f25e5f1be61b7a94f388368a24739318fe4edd2b841d20d7077a422a5391e22f" dependencies = [ "constant_time_eq 0.1.5", - "curve25519-dalek", + "curve25519-dalek 3.2.0", "digest 0.9.0", "displaydoc", "generic-array", "getrandom 0.2.8", - "hkdf", - "hmac", + "hkdf 0.11.0", + "hmac 0.11.0", "rand", "subtle", "zeroize", ] +[[package]] +name = "opaque-ke" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "76d410412d23781909d90c3900c5783e830586765f2277bccc78167da8af81a5" +dependencies = [ + "argon2", + "curve25519-dalek 4.0.0-pre.1", + "derive-where", + "digest 0.10.6", + "displaydoc", + "elliptic-curve 0.12.3", + "generic-array", + "hkdf 0.12.3", + "hmac 0.12.1", + "rand", + "serde", + "subtle", + "voprf", + "zeroize", +] + [[package]] name = "openssl-probe" version = "0.1.5" @@ -1737,6 +1889,19 @@ "untrusted", ] +[[package]] +name = "sec1" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3be24c1842290c45df0a7bf069e0c268a747ad05a192f2fd7dcfdbc1cba40928" +dependencies = [ + "base16ct", + "der 0.6.1", + "generic-array", + "subtle", + "zeroize", +] + [[package]] name = "security-framework" version = "2.8.2" @@ -1771,6 +1936,20 @@ version = "1.0.152" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bb7d1f0d3021d347a83e556fc4683dea2ea09d87bccdf88ff5c12545d89d5efb" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_derive" +version = "1.0.152" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "af487d118eecd09402d70a5d72551860e788df87b464af30e5ea6a38c75c541e" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] [[package]] name = "sha2" @@ -1785,6 +1964,17 @@ "opaque-debug", ] +[[package]] +name = "sha2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.6", +] + [[package]] name = "sha3" version = "0.9.1" @@ -2294,6 +2484,25 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +[[package]] +name = "voprf" +version = "0.4.0-pre.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "081acbe8fcf05d5e8e2aad8ef3d40e02eddeaec07c75a9770d862a0fc0874322" +dependencies = [ + "curve25519-dalek 4.0.0-pre.1", + "derive-where", + "digest 0.10.6", + "displaydoc", + "elliptic-curve 0.12.3", + "generic-array", + "rand_core 0.6.4", + "serde", + "sha2 0.10.6", + "subtle", + "zeroize", +] + [[package]] name = "want" version = "0.3.0" @@ -2527,9 +2736,9 @@ [[package]] name = "zeroize" -version = "1.4.3" +version = "1.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d68d9dcec5f9b43a30d38c49f91dfedfaac384cb8f085faca366c26207dd1619" +checksum = "c394b5bd0c6f669e7275d9c20aa90ae064cb22e75a1cad54e1b34088034b149f" dependencies = [ "zeroize_derive", ] diff --git a/services/identity/Cargo.toml b/services/identity/Cargo.toml --- a/services/identity/Cargo.toml +++ b/services/identity/Cargo.toml @@ -25,6 +25,7 @@ constant_time_eq = "0.2.2" siwe = "0.3" comm-opaque = { path = "../../shared/comm-opaque" } +comm-opaque2 = { path = "../../shared/comm-opaque2" } once_cell = "1.17" hex = "0.4" diff --git a/services/identity/Dockerfile b/services/identity/Dockerfile --- a/services/identity/Dockerfile +++ b/services/identity/Dockerfile @@ -16,6 +16,7 @@ COPY services/identity/Cargo.toml services/identity/Cargo.lock ./ COPY shared/comm-opaque ../../shared/comm-opaque +COPY shared/comm-opaque2 ../../shared/comm-opaque2 # Cache build dependencies in a new layer RUN cargo build --release diff --git a/shared/comm-opaque2/Cargo.lock b/shared/comm-opaque2/Cargo.lock --- a/shared/comm-opaque2/Cargo.lock +++ b/shared/comm-opaque2/Cargo.lock @@ -102,8 +102,8 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] -name = "comm-opaque" -version = "0.1.0" +name = "comm-opaque2" +version = "0.2.0" dependencies = [ "argon2", "getrandom", diff --git a/shared/comm-opaque2/Cargo.toml b/shared/comm-opaque2/Cargo.toml --- a/shared/comm-opaque2/Cargo.toml +++ b/shared/comm-opaque2/Cargo.toml @@ -1,6 +1,6 @@ [package] -name = "comm-opaque" -version = "0.1.0" +name = "comm-opaque2" +version = "0.2.0" edition = "2021" [lib]