Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updating v2 with latest voprf (v0.4.1) release #366

Merged
merged 44 commits into from
Oct 10, 2024
Merged

Updating v2 with latest voprf (v0.4.1) release #366

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
44 commits
Select commit Hold shift + click to select a range
d2bdcb3
Fix Clippy (#289)
daxpedda Dec 10, 2022
cdb5222
Add Dependabot (#287)
daxpedda Dec 10, 2022
8691560
Bump actions/checkout from 2 to 3 (#291)
dependabot[bot] Dec 11, 2022
765a15d
Bump actions/cache from 2 to 3 (#292)
dependabot[bot] Dec 11, 2022
a0cab10
Update dependencies (#288)
daxpedda Dec 11, 2022
7da97be
Fix CI (#298)
daxpedda Dec 16, 2022
2dc2b0e
Rename X25519 to Curve25519 (#302)
daxpedda Dec 19, 2022
8901b74
Update `curve25519-dalek` to 4.0.0-pre.5 (#301)
daxpedda Dec 19, 2022
1fbe255
Bump `voprf` to v0.5.0-pre.2 (#304)
daxpedda Feb 4, 2023
09489dd
Only use explicit crate features (#306)
daxpedda Feb 4, 2023
b40092d
Publishing v3.0.0-pre.1 (#309)
kevinlewi Feb 9, 2023
5400128
Update `rustyline` to v0.11 (#313)
daxpedda Mar 4, 2023
c255364
Update VOPRF to draft 19 (#307)
daxpedda Mar 5, 2023
3096c4d
Update `argon2` to v0.5 (#314)
daxpedda Mar 5, 2023
c1c1c40
Test P-384 (#290)
daxpedda Mar 6, 2023
f8f5d22
Update scrypt requirement from 0.10 to 0.11 (#315)
dependabot[bot] Mar 10, 2023
8b755bf
Publishing v3.0.0-pre.2 (#318)
kevinlewi Mar 15, 2023
7b205b7
Bump `voprf` to v0.5.0-pre.4 (#322)
daxpedda May 21, 2023
e6c9870
Correctly clamp Curve25519 secret keys (#323)
daxpedda May 22, 2023
98b42d6
Curve25519 test vectors (#319)
daxpedda May 23, 2023
a883737
Updating dual-license language (#324)
kevinlewi May 23, 2023
c73eb96
Update criterion requirement from 0.4 to 0.5 (#325)
dependabot[bot] May 24, 2023
deb7ca3
Update keypair generation to use derive_auth_keypair (#326)
kevinlewi May 27, 2023
4f69de6
Fixing simple_login test to enable argon2 feature (#328)
kevinlewi Jun 8, 2023
c3498ea
Publishing v3.0.0-pre.3 (#327)
kevinlewi Jun 8, 2023
7f0b6a8
Update rustyline requirement from 11 to 12 (#332)
dependabot[bot] Jun 26, 2023
bca1abf
update parameter from sk to private_key (#329)
nikgraf Jun 29, 2023
4487f11
Bump `curve25519-dalek` to v4.0.0-rc.3 (#330)
daxpedda Jun 29, 2023
d65cc4d
add more resources (WebAssembly and React Native) (#335)
nikgraf Jul 16, 2023
d13d261
Publishing v3.0.0-pre.4 (#337)
kevinlewi Jul 25, 2023
07c3f74
update docs: clarify export_key and session_key length (#338)
nikgraf Aug 14, 2023
83795f3
Increase MSRV to 1.70 and update workflow dependencies (#342)
kevinlewi Sep 25, 2023
ead80ad
Clarifying the persisting of server setup (#344)
kevinlewi Oct 5, 2023
47b3777
Add `clippy::doc_markdown` (#346)
daxpedda Oct 8, 2023
c728c37
Fixing clippy errors (#347)
kevinlewi Oct 29, 2023
56cdf9a
Test P-521 (#349)
daxpedda Nov 16, 2023
31c65f5
Adding copyright header to generated test file (#351)
kevinlewi Dec 20, 2023
1cc30c2
Update rustyline requirement from 12 to 13 (#352)
dependabot[bot] Dec 20, 2023
7eb363f
Bump actions/cache from 3 to 4 (#354)
dependabot[bot] Jan 18, 2024
066f88f
Updating dependencies (#360)
kevinlewi Sep 17, 2024
a21678e
docs: add details for client login final step (#358)
lucab Sep 18, 2024
4e52556
Publishing v3.0.0-pre.5 (#364)
kevinlewi Sep 18, 2024
df29524
Revert "Update keypair generation to use derive_auth_keypair (#326)"
kevinlewi Oct 9, 2024
eb782ec
Fixups to keep in sync with draft-10
kevinlewi Oct 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions .cargo/license.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
// Copyright (c) Facebook, Inc. and its affiliates.
// Copyright (c) Meta Platforms, Inc. and affiliates.
//
// This source code is licensed under both the MIT license found in the
// LICENSE-MIT file in the root directory of this source tree and the Apache
// This source code is dual-licensed under either the MIT license found in the
// LICENSE-MIT file in the root directory of this source tree or the Apache
// License, Version 2.0 found in the LICENSE-APACHE file in the root directory
// of this source tree.
// of this source tree. You may select, at your option, one of the above-listed
// licenses.
12 changes: 12 additions & 0 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
version: 2

updates:
- package-ecosystem: cargo
directory: /
schedule:
interval: daily

- package-ecosystem: github-actions
directory: /
schedule:
interval: daily
74 changes: 31 additions & 43 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,24 +13,21 @@ jobs:
fail-fast: false
matrix:
backend_feature:
- --features ristretto255-u64,ristretto255-voprf
- --features ristretto255-u32,ristretto255-voprf
- --features ristretto255-voprf
-
- --features x25519-u64,ristretto255-u64,ristretto255-voprf
- --features x25519-u32,ristretto255-u32,ristretto255-voprf
- --features x25519-u64
- --features x25519-u32
- --features curve25519,ristretto255-voprf
- --features curve25519
frontend_feature:
-
- --features argon2
- --features serde
toolchain:
- stable
- 1.57.0
- 1.74.0
name: test
steps:
- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main

- name: Install ${{ matrix.toolchain }} toolchain
uses: actions-rs/toolchain@v1
Expand Down Expand Up @@ -61,16 +58,13 @@ jobs:
# 32-bit x86
- i686-unknown-linux-gnu
backend_feature:
- --features ristretto255-u64,ristretto255-voprf
- --features ristretto255-u32,ristretto255-voprf
- --features ristretto255-voprf
-
- x25519-u64,ristretto255-u64,ristretto255-voprf
- x25519-u32,ristretto255-u64,ristretto255-voprf
- x25519-u64
- x25519-u32
- curve25519,ristretto255-voprf
- curve25519
steps:
- uses: actions/checkout@v2
- uses: hecrj/setup-rust-action@v1
- uses: actions/checkout@main
- uses: hecrj/setup-rust-action@v2
- run: cargo install cross
# Note: just use `cross` as you would `cargo`, but always
# pass the `--target=${{ matrix.target }}` arg. (Yes, really).
Expand All @@ -84,13 +78,13 @@ jobs:
matrix:
toolchain:
- stable
- 1.57.0
- 1.74.0
name: test simple_login command-line example
steps:
- name: install expect
run: sudo apt-get install expect
- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main
- name: install rust
uses: actions-rs/toolchain@v1
with:
Expand All @@ -107,13 +101,13 @@ jobs:
matrix:
toolchain:
- stable
- 1.57.0
- 1.74.0
name: test digital_locker command-line example
steps:
- name: install expect
run: sudo apt-get install expect
- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main
- name: install rust
uses: actions-rs/toolchain@v1
with:
Expand All @@ -135,21 +129,18 @@ jobs:
# for any no_std target
- thumbv6m-none-eabi
backend_feature:
- ristretto255-u64,ristretto255-voprf
- ristretto255-u32,ristretto255-voprf
- ristretto255-voprf
-
- x25519-u64,ristretto255-u64,ristretto255-voprf
- x25519-u32,ristretto255-u32,ristretto255-voprf
- x25519-u64
- x25519-u32
- curve25519,ristretto255-voprf
- curve25519
frontend_feature:
- argon2
- serde
steps:
- uses: actions/checkout@v2
- uses: hecrj/setup-rust-action@v1
- uses: actions/checkout@main
- uses: hecrj/setup-rust-action@v2
- run: rustup target add ${{ matrix.target }}
- run: cargo build --verbose --target=${{ matrix.target }} --no-default-features --features ${{ matrix.frontend_feature }} --features ${{ matrix.backend_feature }}
- run: cargo build --verbose --target=${{ matrix.target }} --no-default-features --features ${{ matrix.frontend_feature }},${{ matrix.backend_feature }}

benches:
name: cargo bench compilation
Expand All @@ -158,16 +149,13 @@ jobs:
fail-fast: false
matrix:
backend_feature:
- --features ristretto255-u64,ristretto255-voprf
- --features ristretto255-u32,ristretto255-voprf
- --features ristretto255-voprf
-
- --features x25519-u64,ristretto255-u64,ristretto255-voprf
- --features x25519-u32,ristretto255-u32,ristretto255-voprf
- --features x25519-u32
- --features x25519-u32
- --features curve25519,ristretto255-voprf
- --features curve25519
steps:
- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main

- name: Install stable toolchain
uses: actions-rs/toolchain@v1
Expand All @@ -187,7 +175,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main

- name: Install stable toolchain
uses: actions-rs/toolchain@v1
Expand All @@ -201,22 +189,22 @@ jobs:
uses: actions-rs/cargo@v1
with:
command: clippy
args: --all-targets --features argon2,std,x25519-u64 -- -D warnings
args: --all-targets --features argon2,std,curve25519 -- -D warnings

- name: Run cargo doc
uses: actions-rs/cargo@v1
env:
RUSTDOCFLAGS: -D warnings
with:
command: doc
args: --no-deps --document-private-items --features argon2,std,x25519-u64
args: --no-deps --document-private-items --features argon2,std,curve25519

format:
name: cargo fmt
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main

- name: Install nightly toolchain
uses: actions-rs/toolchain@v1
Expand All @@ -237,7 +225,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Cache
uses: actions/cache@v2
uses: actions/cache@v4
with:
path: |
~/.cargo/.crates.toml
Expand All @@ -251,7 +239,7 @@ jobs:
run: cargo install taplo-cli --locked

- name: Checkout sources
uses: actions/checkout@v2
uses: actions/checkout@main

- name: Run Taplo
run: taplo fmt --check
Expand All @@ -260,5 +248,5 @@ jobs:
name: cargo-deny check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: actions/checkout@main
- uses: EmbarkStudios/cargo-deny-action@v1
5 changes: 3 additions & 2 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,13 @@ jobs:
strategy:
matrix:
os: [ubuntu-latest]
rust: [stable]

steps:
- uses: hecrj/setup-rust-action@v1
- uses: hecrj/setup-rust-action@v2
with:
rust-version: ${{ matrix.rust }}
- uses: actions/checkout@master
- uses: actions/checkout@main
- name: Login to crates.io
run: cargo login $CRATES_IO_TOKEN
env:
Expand Down
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
# Changelog

## 2.1.0-pre.1 (October 10, 2024)
* Updated dependencies: voprf v0.4.1, curve25519-dalek v4

## 2.0.0 (September 21, 2022)
* Synced implementation with draft-irtf-cfrg-opaque-10
* Changed argon2 salt length to recommended value (16 bytes)
Expand Down
3 changes: 2 additions & 1 deletion CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,5 @@ outlined on that page and do not file a public issue.

## License
By contributing to opaque-ke, you agree that your contributions will be
licensed under the LICENSE file in the root directory of this source tree.
licensed under both the LICENSE-MIT and LICENSE-APACHE files in the root
directory of this source tree.
65 changes: 33 additions & 32 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,76 +7,77 @@ keywords = ["cryptography", "crypto", "opaque", "passwords", "authentication"]
license = "Apache-2.0 OR MIT"
name = "opaque-ke"
readme = "README.md"
repository = "https://github.com/novifinancial/opaque-ke"
rust-version = "1.57"
version = "2.0.0"
repository = "https://github.com/facebook/opaque-ke"
rust-version = "1.74"
version = "2.1.0-pre.1"

[features]
default = ["ristretto255-u64", "ristretto255-voprf", "serde"]
ristretto255 = ["curve25519-dalek", "voprf/ristretto255"]
ristretto255-fiat-u32 = ["curve25519-dalek/fiat_u32_backend", "ristretto255"]
ristretto255-fiat-u64 = ["curve25519-dalek/fiat_u64_backend", "ristretto255"]
ristretto255-simd = ["curve25519-dalek/simd_backend", "ristretto255"]
ristretto255-u32 = ["curve25519-dalek/u32_backend", "ristretto255"]
ristretto255-u64 = ["curve25519-dalek/u64_backend", "ristretto255"]
argon2 = ["dep:argon2"]
curve25519 = ["dep:curve25519-dalek"]
default = ["ristretto255-voprf", "serde"]
ristretto255 = ["dep:curve25519-dalek", "voprf/ristretto255"]
ristretto255-voprf = ["ristretto255", "voprf/ristretto255-ciphersuite"]
serde = ["serde_", "generic-array/serde", "voprf/serde"]
std = ["getrandom"]
x25519 = ["curve25519-dalek"]
x25519-fiat-u32 = ["curve25519-dalek/fiat_u32_backend", "x25519"]
x25519-fiat-u64 = ["curve25519-dalek/fiat_u64_backend", "x25519"]
x25519-simd = ["curve25519-dalek/simd_backend", "x25519"]
x25519-u32 = ["curve25519-dalek/u32_backend", "x25519"]
x25519-u64 = ["curve25519-dalek/u64_backend", "x25519"]
serde = ["dep:serde", "generic-array/serde", "voprf/serde"]
std = ["dep:getrandom"]

[dependencies]
argon2 = { version = "0.4", default-features = false, features = [
argon2 = { version = "0.5", default-features = false, features = [
"alloc",
], optional = true }
curve25519-dalek = { version = "=4.0.0-pre.1", default-features = false, optional = true }
derive-where = { version = "=1.0.0-rc.3", features = ["zeroize-on-drop"] }
curve25519-dalek = { version = "4", default-features = false, features = [
"zeroize",
], optional = true }
derive-where = { version = "1", features = ["zeroize-on-drop"] }
digest = "0.10"
displaydoc = { version = "0.2", default-features = false }
elliptic-curve = { version = "0.12", features = ["hash2curve", "sec1"] }
elliptic-curve = { version = "0.13", features = ["hash2curve", "sec1"] }
generic-array = "0.14"
hkdf = "0.12"
hmac = "0.12"
rand = { version = "0.8", default-features = false }
serde_ = { version = "1", package = "serde", default-features = false, features = [
serde = { version = "1", default-features = false, features = [
"derive",
], optional = true }
subtle = { version = "2.3", default-features = false }
voprf = { version = "=0.4.0-pre.3", default-features = false, features = [
"danger",
] }
voprf = { version = "0.4.1", default-features = false, features = ["danger"] }
zeroize = { version = "1.5", features = ["zeroize_derive"] }

[target.'cfg(target_arch = "wasm32")'.dependencies]
getrandom = { version = "0.2", features = ["js"], optional = true }

[dev-dependencies]
bincode = "1"
chacha20poly1305 = "=0.10.0-pre"
criterion = "0.4"
chacha20poly1305 = "0.10"
criterion = "0.5"
hex = "0.4"
json = "0.12"
p256 = { version = "0.11", default-features = false, features = [
p256 = { version = "0.13", default-features = false, features = [
"hash2curve",
"voprf",
] }
p384 = { version = "0.13", default-features = false, features = [
"hash2curve",
"voprf",
] }
p521 = { version = "0.13.3", default-features = false, features = [
"hash2curve",
"voprf",
] }
proptest = "1"
rand = "0.8"
regex = "1"
rustyline = "9"
scrypt = "0.10"
# MSRV
rustyline = "14"
scrypt = "0.11"
serde_json = "1"

[[bench]]
harness = false
name = "opaque"

[package.metadata.docs.rs]
features = ["argon2", "std", "x25519-u64"]
all-features = true
rustdoc-args = ["--cfg", "docsrs"]
targets = []

[[example]]
Expand Down
12 changes: 0 additions & 12 deletions LICENSE
View file
Open in desktop

This file was deleted.

Loading
Loading