Skip to main content

Crate ap_client

Crate ap_client 

Source
Expand description

Noise Protocol Clients for access-protocol

This crate provides both remote and user client implementations for connecting through a proxy using the Noise Protocol.

§Features

  • PSK-based authentication using pairing codes
  • Noise Protocol NNpsk2 pattern for secure 2-message handshake
  • Session caching for reconnection without re-pairing
  • Supports both classical (Curve25519) and post-quantum (Kyber768) cryptography

§Remote Client Usage (untrusted device)

use ap_client::{RemoteClient, DefaultProxyClient, IdentityProvider, SessionStore};
use ap_proxy_client::ProxyClientConfig;
use tokio::sync::mpsc;

// Create proxy client
let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
    proxy_url: "ws://localhost:8080".to_string(),
    identity_keypair: Some(identity_provider.identity().to_owned()),
}));

let (event_tx, mut event_rx) = mpsc::channel(32);
let (response_tx, response_rx) = mpsc::channel(32);

let mut client = RemoteClient::new(
    identity_provider,
    session_store,
    event_tx,
    response_rx,
    proxy_client,
).await?;

// Pair with rendezvous code
client.pair_with_handshake("ABCDEF123").await?;

let query = ap_client::CredentialQuery::Domain("example.com".to_string());
let credential = client.request_credential(&query).await?;

§User Client Usage (trusted device)

use ap_client::{
    DefaultProxyClient, IdentityProvider, UserClient, UserClientEvent, UserClientResponse,
};
use ap_proxy_client::ProxyClientConfig;
use tokio::sync::mpsc;

// Create proxy client
let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
    proxy_url: "ws://localhost:8080".to_string(),
    identity_keypair: Some(identity_provider.identity().to_owned()),
}));

let (event_tx, event_rx) = mpsc::channel(32);
let (response_tx, response_rx) = mpsc::channel(32);

let mut client = UserClient::listen(
    identity_provider,
    session_store,
    proxy_client,
).await?;

// Enable PSK mode or rendezvous mode
client.enable_psk(event_tx, response_rx).await?;

Re-exports§

pub use error::RemoteClientError;
pub use proxy::DefaultProxyClient;
pub use proxy::ProxyClient;
pub use traits::AuditConnectionType;
pub use traits::AuditEvent;
pub use traits::AuditLog;
pub use traits::CredentialFieldSet;
pub use traits::IdentityProvider;
pub use traits::NoOpAuditLog;
pub use traits::SessionStore;
pub use types::ConnectionMode;
pub use types::CredentialData;
pub use types::CredentialQuery;
pub use types::RemoteClientEvent;
pub use types::RemoteClientResponse;

Modules§

error
Error types Error types for the remote client
proxy
Proxy client trait and default implementation Proxy client trait and default implementation
traits
Traits for storage implementations
types
Protocol types and events Types for the remote client protocol

Structs§

IdentityFingerprint
A compact SHA256 fingerprint of an Identity.
Psk
RemoteClient
Remote client for connecting to a user-client through a proxy
RendezvousCode
A temporary rendezvous code for peer discovery.
UserClient
User client for acting as trusted device

Enums§

UserClientEvent
Events emitted by the user client during operation
UserClientResponse
Response actions for events requiring user decision