diff --git a/native/cpp/CommonCpp/grpc/grpc_client/src/lib.rs b/native/cpp/CommonCpp/grpc/grpc_client/src/lib.rs index c0a6a86c7..c16c841a4 100644 --- a/native/cpp/CommonCpp/grpc/grpc_client/src/lib.rs +++ b/native/cpp/CommonCpp/grpc/grpc_client/src/lib.rs @@ -1,75 +1,123 @@ use lazy_static::lazy_static; +use opaque_ke::{ + ClientLogin, ClientLoginFinishParameters, ClientLoginStartParameters, + ClientRegistration, ClientRegistrationFinishParameters, + CredentialFinalization, CredentialResponse, RegistrationResponse, + RegistrationUpload, +}; +use rand::{rngs::OsRng, CryptoRng, Rng}; use std::sync::Arc; use tokio::runtime::{Builder, Runtime}; -use tonic::{transport::Channel, Response, Status}; -use tracing::instrument; +use tokio::sync::mpsc; +use tokio_stream::wrappers::ReceiverStream; +use tonic::{transport::Channel, Request, Response, Status}; +use tracing::{error, instrument}; + +use ::identity::Cipher; use crate::identity::{ get_user_id_request::AuthType, - identity_service_client::IdentityServiceClient, GetUserIdRequest, - GetUserIdResponse, VerifyUserTokenRequest, VerifyUserTokenResponse, + identity_service_client::IdentityServiceClient, + pake_login_response::Data::AccessToken, + pake_login_response::Data::PakeCredentialResponse, + registration_request::Data::PakeCredentialFinalization, + registration_request::Data::PakeRegistrationRequestAndUserId, + registration_request::Data::PakeRegistrationUploadAndCredentialRequest, + registration_response::Data::PakeLoginResponse, + registration_response::Data::PakeRegistrationResponse, GetUserIdRequest, + GetUserIdResponse, PakeLoginResponse as PakeLoginResponseStruct, + PakeRegistrationRequestAndUserId as PakeRegistrationRequestAndUserIdStruct, + PakeRegistrationUploadAndCredentialRequest as PakeRegistrationUploadAndCredentialRequestStruct, + RegistrationRequest, VerifyUserTokenRequest, VerifyUserTokenResponse, }; pub mod identity { tonic::include_proto!("identity"); } const IDENTITY_SERVICE_SOCKET_ADDR: &str = "https://[::1]:50051"; lazy_static! { pub static ref RUNTIME: Arc = Arc::new( Builder::new_multi_thread() .worker_threads(1) .max_blocking_threads(1) .enable_all() .build() .unwrap() ); } pub struct Client { identity_client: IdentityServiceClient, } impl Client { async fn new() -> Self { Self { identity_client: IdentityServiceClient::connect( IDENTITY_SERVICE_SOCKET_ADDR, ) .await .unwrap(), } } #[instrument(skip(self))] async fn get_user_id( &mut self, auth_type: AuthType, user_info: String, ) -> Result, Status> { self .identity_client .get_user_id(GetUserIdRequest { auth_type: auth_type.into(), user_info, }) .await } #[instrument(skip(self))] async fn verify_user_token( &mut self, user_id: String, device_id: String, access_token: String, ) -> Result, Status> { self .identity_client .verify_user_token(VerifyUserTokenRequest { user_id, device_id, access_token, }) .await } } + +fn pake_registration_finish( + rng: &mut (impl Rng + CryptoRng), + registration_response_bytes: &[u8], + client_registration: Option>, +) -> Result, Status> { + client_registration + .ok_or_else(|| { + error!("PAKE client_registration not found"); + Status::aborted("Registration not found") + })? + .finish( + rng, + RegistrationResponse::deserialize(registration_response_bytes).map_err( + |e| { + error!("Could not deserialize registration response bytes: {}", e); + Status::aborted("Invalid response bytes") + }, + )?, + ClientRegistrationFinishParameters::default(), + ) + .map_err(|e| { + error!("Failed to finish PAKE registration: {}", e); + Status::aborted("PAKE failure") + }) + .map(|res| res.message) +}