Bring opaque_ke back to 2.x, with argon2's parameters fixed to the 0.…

…4.1 defaults Some background: * opaque_ke 2.x depends on voprf 0.4, which broke with a recent version of Rust due to a lifetime annotation issue. * opaque_ke 3.x is not compatible with existing auth data from 2.x since it uses voprf 0.5 * The lifetime fix was backported from voprf 0.5 to voprf 0.4, but it also picked up a bunch of unrelated version bumps including argon2 * argon2's default parameters changed from 0.4.1 to 0.5.3 I plan to stick to opaque_ke 2.x throughout the 0.0.x series of Perovskite, and then upgrade at the next major release (probably 0.1)
drey7925 · Oct 25, 2024 · 2076604 · 2076604
1 parent 4e66c65
commit 2076604
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 38 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/perovskite_client/Cargo.toml b/perovskite_client/Cargo.toml
@@ -24,7 +24,7 @@ image = "0.25.1"
 line_drawing = "1.0.0"
 log = "0.4.17"
 microbench = "0.5.0"
-opaque-ke = { version = "3.0.0-pre.5", features = ["argon2"] }
+opaque-ke = { version = "2.1.0-pre.1", features = ["argon2"] }
 parking_lot = "0.12.1"
 rand = "0.8.5"
 rustc-hash = "2.0.0"

diff --git a/perovskite_core/Cargo.toml b/perovskite_core/Cargo.toml
@@ -14,7 +14,8 @@ argon2 = "0.5.3"
 bitvec = "1.0.1"
 bytemuck = { version = "1.16.1", features = ["derive"] }
 cgmath = "0.18.0"
-opaque-ke = { version = "3.0.0-pre.5", features = ["argon2"] }
+generic-array = "0.14.7"
+opaque-ke = { version = "2.1.0-pre.1", features = ["argon2"] }
 parking_lot = "0.12.1"
 prost = "0.13.1"
 prost-types = "0.13.1"

diff --git a/perovskite_core/src/auth.rs b/perovskite_core/src/auth.rs
@@ -1,8 +1,37 @@
+use generic_array::{ArrayLength, GenericArray};
+use opaque_ke::errors::InternalError;
+use opaque_ke::ksf::Ksf;
 use opaque_ke::CipherSuite;
+
 pub struct PerovskiteOpaqueAuth;
 impl CipherSuite for PerovskiteOpaqueAuth {
     type OprfCs = opaque_ke::Ristretto255;
     type KeGroup = opaque_ke::Ristretto255;
     type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDh;
-    type Ksf = argon2::Argon2<'static>;
+    type Ksf = Argon2_4096_3_1;
+}
+
+#[doc(hidden)]
+pub struct Argon2_4096_3_1 {
+    inner: argon2::Argon2<'static>,
+}
+impl Default for Argon2_4096_3_1 {
+    fn default() -> Self {
+        Self {
+            inner: argon2::Argon2::new(
+                argon2::Algorithm::default(),
+                argon2::Version::default(),
+                argon2::Params::new(4096, 3, 1, None).unwrap(),
+            ),
+        }
+    }
+}
+
+impl opaque_ke::ksf::Ksf for Argon2_4096_3_1 {
+    fn hash<L: ArrayLength<u8>>(
+        &self,
+        input: GenericArray<u8, L>,
+    ) -> Result<GenericArray<u8, L>, InternalError> {
+        dbg!(self.inner.hash(input))
+    }
 }
diff --git a/perovskite_server/Cargo.toml b/perovskite_server/Cargo.toml
@@ -11,7 +11,7 @@ maintenance = { status = "experimental" }
 
 [dependencies]
 anyhow = "1.0.70"
-argon2 = "0.4.1"
+argon2 = "0.5.3"
 bitvec = "1.0.1"
 cbloom = "0.1.3"
 cgmath = "0.18.0"
@@ -25,7 +25,7 @@ itertools = "0.13.0"
 lazy_static = "1.4.0"
 log = "0.4.17"
 microbench = "0.5.0"
-opaque-ke = { version = "3.0.0-pre.5", features = ["argon2"] }
+opaque-ke = { version = "2.1.0-pre.1", features = ["argon2"] }
 parking_lot = { version = "0.12.1" }
 prost = "0.13.1"
 rand = "0.8.5"