Skip to content

Commit

Permalink
fix: further fix package.json, better docs
Browse files Browse the repository at this point in the history
  • Loading branch information
@cyyynthia
cyyynthia committed Apr 18, 2023
1 parent 0c286ca commit 93351d3
Show file tree
Hide file tree
Showing 7 changed files with 188 additions and 93 deletions.
20 changes: 10 additions & 10 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion Justfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,23 @@ _fix-typescript:
# Have I mentioned how much of a [redacted] [redacted] piece of [redacted] wasm-pack [redacted] is?
# https://github.com/rustwasm/wasm-pack/issues/1193 (Nov 13, 2022)
# https://github.com/rustwasm/wasm-pack/pull/1194 (Nov 13, 2022) - PR still not merged :D
# https://github.com/rustwasm/wasm-pack/pull/1061 (Sep 23, 2021)
# https://github.com/rustwasm/wasm-pack/pull/1089 (Dec 5, 2021)
# At this point I'm close to believing wasm-pack is unmaintained. [clown emoji]
_fix-package-json:
#!/usr/bin/env node
const { readFileSync, writeFileSync } = require('fs')
let clientPackage = readFileSync('client/pkg/package.json', 'utf8')
let serverPackage = readFileSync('server/pkg/package.json', 'utf8')
// Add wasm types
clientPackage = clientPackage.replace('.d.ts"', '.d.ts",\n "opaque_wasm_client_bg.wasm.d.ts"')
serverPackage = serverPackage.replace('.d.ts"', '.d.ts",\n "opaque_wasm_server_bg.wasm.d.ts"')

// Fix package.json
clientPackage = clientPackage.replace('"main"', '"type": "module",\n "main"')
serverPackage = serverPackage.replace('"main"', '"type": "module",\n "main"')

writeFileSync('client/pkg/package.json', clientPackage)
writeFileSync('server/pkg/package.json', serverPackage)
console.log('Fixed package.json `files`')
console.log('Fixed package.json `files`')
84 changes: 4 additions & 80 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
# opaque-wasm

[![License](https://img.shields.io/github/license/squirrelchat/opaque-wasm.svg?style=flat-square)](https://github.com/squirrelchat/opaque-wasm/blob/mistress/LICENSE)
[![npm (client)](https://img.shields.io/npm/v/@squirrelchat/opaque-wasm-client?label=npm%20%28client%29&style=flat-square)](https://npm.im/@squirrelchat/opaque-wasm-client)
[![npm (server)](https://img.shields.io/npm/v/@squirrelchat/opaque-wasm-server?label=npm%20%28server%29&style=flat-square)](https://npm.im/@squirrelchat/opaque-wasm-server)
Expand All @@ -21,86 +20,11 @@ This library uses the following OPAQUE configuration, based on the recommendatio

If you use different implementations for the client and server side, make sure to match the configurations accordingly.

## Installation
### Client
The client requires the use of a bundler compatible with WebAssembly ESM at this time.
(e.g: [Vite](https://vitejs.dev/) with [`vite-plugin-wasm`](https://github.com/Menci/vite-plugin-wasm)).

```
npm i @squirrelchat/opaque-wasm-client
yarn add @squirrelchat/opaque-wasm-client
pnpm add @squirrelchat/opaque-wasm-client
```

### Server
The server is only compatible with Node at this time.

```
npm i @squirrelchat/opaque-wasm-server
yarn add @squirrelchat/opaque-wasm-server
pnpm add @squirrelchat/opaque-wasm-server
```

## Usage
A complete example is available in the [`example`](example) folder.

### Client
```js
import { startRegistration, startLogin } from '@squirrelchat/opaque-wasm-client'

// REGISTRATION
const registration = startRegistration('my sup€r sekure passw0rd! uwu')
const response = sendToServerAndGetResponse(registration.request)

const { exportKey, serverPublicKey, record } = registration.finish(response)
sendRegistrationToServer(record)

console.log('export key:', exportKey)
console.log('server public key:', serverPublicKey)

// LOGIN
const login = startLogin('my sup€r sekure passw0rd! uwu')
const response = sendToServerAndGetResponse(login.request)

const { exportKey, sessionKey, serverPublicKey, message } = registration.finish(response)
sendAuthenticationToServer(message)

console.log('export key:', exportKey)
console.log('session key:', sessionKey)
console.log('server public key:', serverPublicKey)
```

### Server
```js
import { Server } from '@squirrelchat/opaque-wasm-server'

// Create a server
// -> First time
const server = new Server()
saveStateSomewhereSave(server.getState())
// -> Future times
const server = new Server(getSavedState())

// The state MUST be stored and restored, otherwise
// logging in will not work after a server restart.

// REGISTRATION
const { username, request } = receiveRequestFromClient()
const response = server.startRegistration(username, request)

const record = sendResponseToClientAndGetRecord(response)
const credentials = server.finishRegistration(record)
saveCredentialsInDatabase(username, credentials)

// LOGIN
const { username, request } = receiveRequestFromClient()
const { response, state } = server.startLogin(username, request, row?.credentials)

const authentication = sendResponseToClientAndGetFinalMessage(response)
const sessionKey = server.finishLogin(state, authentication)
## Installation and usage
See the [`client`](client) and [`server`](server) folders for more information about the bits you need.

console.log('session key:', sessionKey)
```
A complete example (client + server) is available in the [`example`](example) folder, with a lot of comments to guide
you through.

## Credits where due
This wrapper is inspired from prior work at [marucjmar/opaque-wasm](https://github.com/marucjmar/opaque-wasm). The
Expand Down
2 changes: 1 addition & 1 deletion client/Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "opaque-wasm-client"
version = "0.1.0"
version = "0.1.1"
authors = ["Cynthia <[email protected]>"]
repository = "https://github.com/squirrelchat/opaque-wasm"
description = "WebAssembly wrapper for facebook/opaque-ke (client-side)"
Expand Down
70 changes: 70 additions & 0 deletions client/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
# opaque-wasm client
[![License](https://img.shields.io/github/license/squirrelchat/opaque-wasm.svg?style=flat-square)](https://github.com/squirrelchat/opaque-wasm/blob/mistress/LICENSE)
[![npm](https://img.shields.io/npm/v/@squirrelchat/opaque-wasm-client?label=npm%20%28client%29&style=flat-square)](https://npm.im/@squirrelchat/opaque-wasm-client)

Wrapper for [opaque-ke](https://github.com/facebook/opaque-ke) to implement the OPAQUE protocol in JavaScript/WASM.

This library uses the following OPAQUE configuration, based on the recommendations of the OPAQUE draft and the Argon2 RFC:
- OPRF: ristretto255-SHA512
- KDF: HKDF-SHA-512
- MAC: HMAC-SHA-512
- Hash: SHA-512
- KSF: Argon2id(S = zeroes(16), p = 4, T = Nh, m = 2^16, t = 3, v = 0x13, K = nil, X = nil, y = 2)
- Group: ristretto255

## Installation
The client requires an environment compatible with WebAssembly ESM. For example,
- For the web: [Vite](https://vitejs.dev/) with [`vite-plugin-wasm`](https://github.com/Menci/vite-plugin-wasm)
- For Node: use the [`--experimental-wasm-modules` flag](https://nodejs.org/api/esm.html#wasm-modules)

```
npm i @squirrelchat/opaque-wasm-client
yarn add @squirrelchat/opaque-wasm-client
pnpm add @squirrelchat/opaque-wasm-client
```

## Usage
### Registration
```js
import { startRegistration } from '@squirrelchat/opaque-wasm-client'

try {
const registration = startRegistration('mewn supy€w sekyuwe paffw0wdy! UwU')
console.log(registration.request) // <Uint8Array ...>
// ~> send this to the server

const response = ... // <~ response from the server

const { exportKey, serverPublicKey, record } = registration.finish(response)
console.log(record) // <Uint8Array ...>
// ~> send this to the server

console.log('export key:', exportKey) // <Uint8Array ...>
console.log('server public key:', serverPublicKey) // <Uint8Array ...>
} catch (e) {
console.error('Registration failed!', e)
}
```

### Login
```js
import { startLogin } from '@squirrelchat/opaque-wasm-client'

try {
const login = startLogin('mewn supy€w sekyuwe paffw0wdy! UwU')
console.log(login.request) // <Uint8Array ...>
// ~> send this to the server

const response = ... // <~ response from the server

const { exportKey, sessionKey, serverPublicKey, message } = registration.finish(response)
console.log(record) // <Uint8Array ...>
// ~> send this to the server

console.log('export key:', exportKey)
console.log('session key:', sessionKey)
console.log('server public key:', serverPublicKey)
} catch (e) {
console.error('Login failed!', e)
}
```
2 changes: 1 addition & 1 deletion server/Cargo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "opaque-wasm-server"
version = "0.1.0"
version = "0.1.1"
authors = ["Cynthia <[email protected]>"]
repository = "https://github.com/squirrelchat/opaque-wasm"
description = "WebAssembly wrapper for facebook/opaque-ke (server-side)"
Expand Down
93 changes: 93 additions & 0 deletions server/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
# opaque-wasm server
[![License](https://img.shields.io/github/license/squirrelchat/opaque-wasm.svg?style=flat-square)](https://github.com/squirrelchat/opaque-wasm/blob/mistress/LICENSE)
[![npm](https://img.shields.io/npm/v/@squirrelchat/opaque-wasm-server?label=npm%20%28server%29&style=flat-square)](https://npm.im/@squirrelchat/opaque-wasm-server)

## Installation
This package is only compatible with Node at this time.

```
npm i @squirrelchat/opaque-wasm-server
yarn add @squirrelchat/opaque-wasm-server
pnpm add @squirrelchat/opaque-wasm-server
```

## Usage
### Startup
```js
import { Server } from '@squirrelchat/opaque-wasm-server'

// Create a server
// -> First time
const server = new Server()
console.log(server.getState()) // <Uint8Array ...>
// ~> Save this somewhere super safe!

// -> Future times
const state = ... // Get from secure storage
const server = new Server(state)

// The state MUST be stored and restored, otherwise
// logging in will not work after a server restart.
```

### Registration
```js
const username = ... // <~ value sent by the client
const request = ... // <~ value sent by the client

try {
const response = server.startRegistration(username, request)
console.log(response) // <Uint8Array ...>
// ~> send this to the client
} catch (e) {
console.error('Could not start registration!', e)
}

// ---

const username = ... // <~ value sent by the client
const record = ... // <~ value sent by the client

try {
const credentials = server.finishRegistration(record)
console.log(credentials) // <Uint8Array ...>
// Store this on disk, and tada!
} catch (e) {
console.error('Could not finalize registration!', e)
}
```

### Login
```js
const username = ... // <~ value sent by the client
const request = ... // <~ value sent by the client

// A note on account enumeration:
// The OPAQUE protocol protects against account enumeration
// by design during authentication. To achieve this, you must
// engage in the protocol even if the account does not exists.
// opaque-wasm and the underlying lib does this by using a fake
// random record when no record is specified.
try {
const { response, state } = server.startLogin(username, request, row?.credentials)

console.log(state) // <Uint8Array ...>
// Store this somewhere SAFE, you'll need it to finalize the login.
// Do NOT send it to the client!

console.log(response) // <Uint8Array ...>
// ~> send this to the client
} catch (e) {
console.error('Could not start authentication!', e)
}

// ---

const authentication = ... // <~ value sent by the client
try {
const sessionKey = server.finishLogin(state, authentication)
console.log('session key:', sessionKey)
} catch (e) {
console.error('Could not finalize authentication!', e)
}
```

0 comments on commit 93351d3

Please sign in to comment.