Expand description
Noise Protocol Clients for access-protocol
This crate provides both remote and user client implementations for connecting through a proxy using the Noise Protocol.
§Features
- PSK-based authentication using pairing codes
- Noise Protocol NNpsk2 pattern for secure 2-message handshake
- Session caching for reconnection without re-pairing
- Supports both classical (Curve25519) and post-quantum (Kyber768) cryptography
§Remote Client Usage (untrusted device)
ⓘ
use ap_client::{RemoteClient, RemoteClientHandle, DefaultProxyClient, IdentityProvider, SessionStore};
use ap_proxy_client::ProxyClientConfig;
// Create proxy client
let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
proxy_url: "ws://localhost:8080".to_string(),
identity_keypair: Some(identity_provider.identity().to_owned()),
}));
// Connect — spawns event loop internally, returns handle with channels
let RemoteClientHandle { client, mut notifications, mut requests } =
RemoteClient::connect(identity_provider, session_store, proxy_client).await?;
// Pair with rendezvous code
client.pair_with_handshake("ABCDEF123".to_string(), false).await?;
let query = ap_client::CredentialQuery::Domain("example.com".to_string());
let credential = client.request_credential(&query).await?;§User Client Usage (trusted device)
ⓘ
use ap_client::{DefaultProxyClient, IdentityProvider, UserClient, UserClientHandle};
use ap_proxy_client::ProxyClientConfig;
// Create proxy client
let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
proxy_url: "ws://localhost:8080".to_string(),
identity_keypair: Some(identity_provider.identity().to_owned()),
}));
// Connect — spawns event loop internally, returns handle with channels
let UserClientHandle { client, mut notifications, mut requests } =
UserClient::connect(identity_provider, session_store, proxy_client, None).await?;
// Already listening. Just use it.
let token = client.get_psk_token(None).await?;
// Or: let code = client.get_rendezvous_token(None).await?;Re-exports§
pub use error::ClientError;pub use proxy::DefaultProxyClient;pub use proxy::ProxyClient;pub use traits::AuditConnectionType;pub use traits::AuditEvent;pub use traits::AuditLog;pub use traits::CredentialFieldSet;pub use traits::IdentityProvider;pub use traits::NoOpAuditLog;pub use traits::SessionStore;pub use types::ConnectionMode;pub use types::CredentialData;pub use types::CredentialQuery;pub use types::PskId;
Modules§
- error
- Error types Error types for the remote client
- proxy
- Proxy client trait and default implementation Proxy client trait and default implementation
- traits
- Traits for storage implementations
- types
- Protocol types and events Types for the remote client protocol
Structs§
- Credential
Request Reply - Reply for credential requests.
- Fingerprint
Verification Reply - Reply for fingerprint verification requests.
- Identity
Fingerprint - A compact SHA256 fingerprint of an
Identity. - Multi
Device Transport - Transport state for multi-device Noise protocol
- Psk
- Remote
Client - Remote
Client Fingerprint Reply - Reply for fingerprint verification requests.
- Remote
Client Handle - A cloneable handle for controlling the remote client.
- Rendezvous
Code - A temporary rendezvous code for peer discovery.
- User
Client - User
Client Handle - A cloneable handle for controlling the user client.
Enums§
- Remote
Client Notification - Fire-and-forget status updates emitted by the remote client.
- Remote
Client Request - Requests that require a caller response, carrying a oneshot reply channel.
- User
Client Notification - Fire-and-forget status updates emitted by the user client.
- User
Client Request - Requests that require a caller response, carrying a oneshot reply channel.