Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

server: support private key authentication #381

Merged
merged 3 commits into from
Dec 18, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
136 changes: 122 additions & 14 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions coordinator/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ tokio = { version = "1", features = ["full"] }
message-io = "0.18"
rpassword = "7.3.1"
snow = "0.9.6"
xeddsa = "1.0.2"

[features]
default = []
26 changes: 18 additions & 8 deletions coordinator/src/args.rs
Original file line number Diff line number Diff line change
Expand Up @@ -109,10 +109,10 @@ pub struct ProcessedArgs<C: Ciphersuite> {
/// it will login with `password`
pub authentication_token: Option<String>,

/// The comma-separated usernames of the signers to use in HTTP mode.
/// If HTTP mode is enabled and this is empty, then the session ID
/// will be printed and will have to be shared manually.
pub signers: Vec<String>,
/// The comma-separated keys of the signers to use in
/// HTTP mode. If HTTP mode is enabled and this is empty, then the session
/// ID will be printed and will have to be shared manually.
pub signers: Vec<Vec<u8>>,

/// The number of participants.
pub num_signers: u16,
Expand Down Expand Up @@ -142,13 +142,16 @@ pub struct ProcessedArgs<C: Ciphersuite> {
/// `comm_participant_pubkey_getter` enables encryption.
pub comm_privkey: Option<Vec<u8>>,

/// A function that returns the public key for a given username, or None
/// if not available.
/// The coordinator's communication public key.
pub comm_pubkey: Option<Vec<u8>>,

/// A function that confirms if the public key of a participant is in the
/// user's contact book, returning the same public key, or None if not.
// It is a `Rc<dyn Fn>` to make it easier to use;
// using `fn()` would preclude using closures and using generics would
// require a lot of code change for something simple.
#[allow(clippy::type_complexity)]
pub comm_participant_pubkey_getter: Option<Rc<dyn Fn(&str) -> Option<Vec<u8>>>>,
pub comm_participant_pubkey_getter: Option<Rc<dyn Fn(&Vec<u8>) -> Option<Vec<u8>>>>,
}

impl<C: Ciphersuite + 'static> ProcessedArgs<C> {
Expand Down Expand Up @@ -185,6 +188,12 @@ impl<C: Ciphersuite + 'static> ProcessedArgs<C> {
&args.public_key_package,
)?;

let signers = args
.signers
.iter()
.map(|s| Ok(hex::decode(s)?.to_vec()))
.collect::<Result<_, Box<dyn Error>>>()?;

let public_key_package: PublicKeyPackage<C> = serde_json::from_str(&out)?;

let messages = read_messages(&args.message, output, input)?;
Expand All @@ -197,7 +206,7 @@ impl<C: Ciphersuite + 'static> ProcessedArgs<C> {
http: args.http,
username: args.username.clone(),
password,
signers: args.signers.clone(),
signers,
num_signers,
public_key_package,
messages,
Expand All @@ -207,6 +216,7 @@ impl<C: Ciphersuite + 'static> ProcessedArgs<C> {
port: args.port,
authentication_token: None,
comm_privkey: None,
comm_pubkey: None,
comm_participant_pubkey_getter: None,
})
}
Expand Down
Loading