srp: rebuild library

[jbis9051]

This PR is a complete rewrite of the SRP library. It includes many improvements over the old library at the expense of backwards compatibility.

Improvements include:

• Improved file and code organization
• Access to individual SRP computations
• Consistent sever and client API
• Simpler API
• Improved documentation with tests in documentation
• New tests for compatibility with the RFC
• Bumps dependencies
• Timing safe verification comparisons
• Modernized error handling
• And much more...

[tarcieri]

Interesting. Let me know when this is ready for review. I can leave some initial notes.

[newpavlov]

@tarcieri
Would it be possible to use crypto-bigint for implementing SRP or is not not sufficiently advanced yet?

[tarcieri]

@newpavlov unfortunately not. The core functionality this needs is modular exponentiation (modpow). We attempted to add that to crypto-bigint but never got it working properly.

I might take a crack at it again soon for the purposes of expanding the functionality of ScalarCore in the elliptic-curve crate. The core algorithm isn't terribly complicated: use the existing mul_wide functionality to produce a wide output, then perform a Montgomery reduction, which requires precomputing -(m^{-1} mod m) mod m, but otherwise provides a relatively simple constant-time formula.

[jbis9051]

crypto-bigint looks really interesting! Good luck with getting modular exponentiation to work.

[jbis9051]

Looks like we will have to change minimum supported rust version

[tarcieri]

That's no problem. I might suggest bumping edition = "2021" and setting rust-version = "1.56" in Cargo.toml.

[jbis9051]

PR is complete. I will add some more features in a future.

[jbis9051]

I'm not sure how to handle the failing GH workflows. It seems they aren't scoped to the proper sub-crate so SRP min rust version is interfering with spake2.

[tarcieri]

Aah, this is the joy of having one 2021 edition crate in a workspace. It either needs to be split into its own workspace, or we should bump all of the crates to MSRV 1.56.

I can take care of that, if you'd like.

Clippy, on the other hand, is global to the whole workspace and needs an MSRV of the highest MSRV of any crate in the repo.

[jbis9051]

@tarcieri

Could we do something like

- run: cd spake2 && cargo test --release

?

It either needs to be split into its own workspace, or we should bump all of the crates to MSRV 1.56.

If not, I'd say bump.

I can take care of that, if you'd like.

Sure. Whatever you think this best.

[tarcieri]

It already does that:

https://github.com/RustCrypto/PAKEs/blob/master/.github/workflows/spake2.yml#L11-L13

...however you're running into things which are inherently global to a workspace, regardless of the CI config

[newpavlov]

Yeah, I think the easiest solution would be to simply bump spake2's MSRV to 1.56.

[tarcieri]

I bumped both spake2 and srp to Rust 2021 edition and did various other minor documentation and clippy fixups in #80.

@jbis9051 if you rebase, you should be good to go now

[jbis9051]

\o/

[tarcieri]

Success!

I’ll try to look through this in the coming weeks, but expect some delays there due to the holidays

[jbis9051]

Sounds good and happy holidays!

[jbis9051]

Hi. Any update on this?

[tarcieri]

Will try to review it this weekend

[tarcieri]

This looks like an improvement to me.

I say this with the caveat that I'm not particularly familiar with SRP, so I can't say my review was particularly careful or detailed, nor do I have any specific feedback beyond what's already been covered earlier.

I'll give @newpavlov a bit of time to review this, or if he's too busy I'll merge it next weekend.

[tarcieri]

@jbis9051 thank you! I can go ahead and cut a release if you'd like

[jbis9051]

@tarcieri Thank you! Sure that would be great.

P.S. This PR (and the last one) closed the following issues: #17, #18