Closed creemama closed 3 years ago
We should probably rename sec
in opaque.h
to secU
and secS
where appropriate. I want to wait on that since some of the sec*
variables might go away if we match the IETF CFRG more. The following is an example:
From the IETF CFRG draft:
skU, pkS, export_key = RecoverCredentials(pwdU, blind, response)
Our current API:
sk, authU, export_key, ids = opaque.RecoverCredentials(resp, secU, cfg, infos, pkS)
Looking at just the input arguments:
pwdU
is secU.pwdU
.blind
is secU.blind
.response.data
is secU.M
.response.pkS
is pkS
.response.envU
is resp.envU
.We should probably rename
sec
inopaque.h
tosecU
andsecS
where appropriate. I want to wait on that since some of thesec*
variables might go away if we match the IETF CFRG more. The following is an example:
i don't think the sec* are gonna go away. and to be honest i'm not hellbent on following the draft strictly, what matters to me is to be able to to have the interface between the client and the server be interoperable and be strict about that, so that it is possible to run the protocol with different implementations on both ends. naming, serialization (outside of the client/server boundary) and other things i don't care and i think it might even be contra productive.
From the IETF CFRG draft: skU, pkS, export_key = RecoverCredentials(pwdU, blind, response)
well yes, i think because the draft is a kind of "pure" opaque, which does not do the steps interleaved and leaves the concrete instantiation to an extra "chapter"
Our current API: sk, authU, export_key, ids = opaque.RecoverCredentials(resp, secU, cfg, infos, pkS)
Looking at just the input arguments: * `pwdU` is `secU.pwdU`. * `blind` is `secU.blind`. * `response.data` is `secU.M`. * `response.pkS` is `pkS`. * `response.envU` is `resp.envU`.
they're all needed, they won't go away i'm quite sure.
Note that after this pull request, I'll create another one for PHP cleanup: https://github.com/creemama/libopaque/commits/php.