Merge pull request #2 from arkavo-org/feature/rewrap

Rewrap
arkavo-org · Jul 1, 2024 · 0eb1021 · 0eb1021
2 parents ad803b4 + c2d5282
commit 0eb1021
Show file tree

Hide file tree

Showing 6 changed files with 517 additions and 301 deletions.
diff --git a/.github/workflows/rust.yaml b/.github/workflows/rust.yaml
@@ -10,13 +10,43 @@ env:
   CARGO_TERM_COLOR: always
 
 jobs:
-  build:
-
+  test:
     runs-on: ubuntu-latest
-
     steps:
-    - uses: actions/checkout@v4
-    - name: Build
-      run: cargo build --verbose
-    - name: Run tests
-      run: cargo test --verbose
+      - uses: actions/checkout@v4
+      - name: Build
+        run: cargo build --verbose
+      - name: Run tests
+        run: cargo test --verbose
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ ubuntu-latest ]
+        target:
+          [
+            #            aarch64-unknown-linux-gnu,
+            x86_64-unknown-linux-gnu,
+          ]
+        include:
+          #          - os: ubuntu-latest
+          #            target: aarch64-unknown-linux-gnu
+          - os: ubuntu-latest
+            target: x86_64-unknown-linux-gnu
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install dependencies on Linux
+        run: |
+          sudo apt-get update
+          sudo apt-get install gcc-aarch64-linux-gnu
+      - name: Install Rust and Build
+        run: |
+          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
+          source $HOME/.cargo/env
+          rustup target add ${{ matrix.target }}
+          cargo build --release --target ${{ matrix.target }}
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ matrix.target }}-build
+          path: target/${{ matrix.target }}/release/backend-rust
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,22 +1,20 @@
 [package]
 name = "backend-rust"
-version = "0.1.0"
+version = "0.3.0"
 edition = "2021"
 
 [dependencies]
-tokio = { version = "1.37.0", features = ["full"] }
-hyper = "1.3.1"
-tokio-tungstenite = "0.21.0"
+elliptic-curve = "0.13.8"
+tokio = { version = "1.38.0", features = ["full"] }
+tokio-tungstenite = "0.23.1"
 futures-util = "0.3.30"
-openssl = "0.10.64"
-base64 = "0.22.1"
-log = "0.4.21"
 hex = "0.4.3"
-serde = { version = "1.0.202", features = ["derive"] }
-ring = "0.17.8"
-serde_json = "1.0.117"
-digest = "0.10.7"
-data-encoding = "2.6.0"
+serde = { version = "1.0.203", features = ["derive"] }
 pem = "3.0.4"
-lazy_static = "1.4.0"
-rust-crypto = "0.2.36"
+aes-gcm = "=0.9.4"
+p256 = { version = "=0.13.2", features = ["ecdh"] }
+once_cell = "1.19.0"
+rand_core = "0.6.4"
+zeroize = "1.8.1"
+sha2 = "0.10.8"
+hkdf = "0.12.4"
diff --git a/README.md b/README.md
@@ -1,4 +1,5 @@
 # backend-rust
+
 Implementation of KAS from [OpenTDF specification](https://github.com/opentdf/spec)
 
 ## Features
@@ -18,30 +19,32 @@ Implementation of KAS from [OpenTDF specification](https://github.com/opentdf/sp
 
 1. Clone the repository:
 
-    ```sh
-    git clone https://github.com/yourusername/nanotdf-websocket-server.git
-    cd nanotdf-websocket-server
-    ```
+```shell
+git clone https://github.com/arkavo-org/backend-rust.git
+cd backend-rust
+```
 
-2. Add dependencies in `Cargo.toml`:
+2. Build the project to download and compile the dependencies:
 
-    ```toml
-    [dependencies]
-    ring = "0.16.20"
-    pem = "1.0.2"
-    lazy_static = "1.4"
-    tokio = { version = "1", features = ["full"] }
-    data-encoding = "2.3.2"
-    tokio-tungstenite = "0.15"
-    ```
+```shell
+cargo build
+```
 
 ### Running the Server
 
 1. Ensure you have a valid EC private key in PEM format named `recipient_private_key.pem`.
 
+    ```shell
+    openssl ec -in recipient_private_key.pem -text -noout
+    ```
+
+    ```shell
+   openssl ecparam -name prime256v1 -genkey -noout -out kas_private_key.pem
+    ```
+
 2. Start the server:
 
-    ```sh
+    ```shell
     cargo run
     ```
 
@@ -53,20 +56,17 @@ Implementation of KAS from [OpenTDF specification](https://github.com/opentdf/sp
 ## Diagrams
 
 ### Key Agreement
+
 ```mermaid
 sequenceDiagram
     participant Client
     participant Server
-
-    Client->>Client: Generate private key (client_private_key) and public key (client_public_key)
-    Client->>Server: Establish Websocket connection
-    Client->>Server: Send client_public_key
-
-    Server->>Server: Generate private key (server_private_key) and public key (server_public_key)
-    Server->>Client: Send server_public_key
-    Server->>Server: Compute shared_secret = ECDH(server_private_key, client_public_key)
-
-    Client->>Client: Compute shared_secret = ECDH(client_private_key, server_public_key)
-
-    Note over Client,Server: Both have the same shared_secret
+    Client ->> Client: Generate private key (client_private_key) and public key (client_public_key)
+    Client ->> Server: Establish Websocket connection
+    Client ->> Server: Send client_public_key
+    Server ->> Server: Generate private key (server_private_key) and public key (server_public_key)
+    Server ->> Client: Send server_public_key
+    Server ->> Server: Compute shared_secret = ECDH(server_private_key, client_public_key)
+    Client ->> Client: Compute shared_secret = ECDH(client_private_key, server_public_key)
+    Note over Client, Server: Both have the same shared_secret
 ```