hofmann-rfc 2.0.0

Rust implementation of RFC 9380 (Hash-to-Curve), RFC 9497 (OPRF), and RFC 9807 (OPAQUE)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

//! Account recovery support for OPAQUE.
//!
//! Because OPAQUE never exposes the password to the server, "password reset" is
//! not possible. Instead, account recovery is **verified re-registration**: the
//! user proves their identity through an out-of-band mechanism (email code, SMS
//! OTP, TOTP, etc.) and then re-registers with a new password using the standard
//! OPAQUE registration protocol.
//!
//! This module provides the building blocks:
//!
//! - [`RecoveryChallenger`] — trait you implement to send/verify challenges
//! - [`RecoveryTokenStore`] — trait for storing single-use recovery tokens
//! - [`InMemoryRecoveryTokenStore`] — default in-memory implementation
//!
//! The OPAQUE protocol layer is completely untouched by recovery. Recovery is
//! purely a server-side authorization mechanism that gates access to the existing
//! registration flow.
//!
//! # Flow
//!
//! 1. Client calls recovery start → server sends challenge via [`RecoveryChallenger::send_challenge`]
//! 2. Client submits challenge response → server verifies via [`RecoveryChallenger::verify_response`]
//! 3. On success, server stores a recovery token in [`RecoveryTokenStore`]
//! 4. Client uses the recovery token to authorize re-registration via standard
//!    OPAQUE registration endpoints
//! 5. On registration finish, the old credential is deleted and the token is consumed
//!
//! See `RECOVERY.md` in the project root for the full implementation guide.

mod challenger;
mod token_store;

pub use challenger::RecoveryChallenger;
pub use token_store::{InMemoryRecoveryTokenStore, RecoveryTokenStore};