Noise Protocol Clients for access-protocol
This crate provides both remote and user client implementations for connecting through a proxy using the Noise Protocol.
Features
- PSK-based authentication using pairing codes
- Noise Protocol NNpsk2 pattern for secure 2-message handshake
- Session caching for reconnection without re-pairing
- Supports both classical (Curve25519) and post-quantum (Kyber768) cryptography
Remote Client Usage (untrusted device)
use ap_client::{RemoteClient, RemoteClientHandle, DefaultProxyClient, IdentityProvider, SessionStore};
use ap_proxy_client::ProxyClientConfig;
// Create proxy client
let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
proxy_url: "ws://localhost:8080".to_string(),
identity_keypair: Some(identity_provider.identity().to_owned()),
}));
// Connect — spawns event loop internally, returns handle with channels
let RemoteClientHandle { client, mut notifications, mut requests } =
RemoteClient::connect(identity_provider, session_store, proxy_client).await?;
// Pair with rendezvous code
client.pair_with_handshake("ABCDEF123".to_string(), false).await?;
let query = ap_client::CredentialQuery::Domain("example.com".to_string());
let credential = client.request_credential(&query).await?;
User Client Usage (trusted device)
use ap_client::{DefaultProxyClient, IdentityProvider, UserClient, UserClientHandle};
use ap_proxy_client::ProxyClientConfig;
// Create proxy client
let proxy_client = Box::new(DefaultProxyClient::new(ProxyClientConfig {
proxy_url: "ws://localhost:8080".to_string(),
identity_keypair: Some(identity_provider.identity().to_owned()),
}));
// Connect — spawns event loop internally, returns handle with channels
let UserClientHandle { client, mut notifications, mut requests } =
UserClient::connect(identity_provider, session_store, proxy_client, None).await?;
// Already listening. Just use it.
let token = client.get_psk_token(None).await?;
// Or: let code = client.get_rendezvous_token(None).await?;