WIP: add OPAQUE password-authenticated key exchange

Add opaque-ke (v4, ristretto255) for password-based registration and
login. Extend NodeService schema with opaqueRegisterStart/Finish and
opaqueLoginStart/Finish RPCs. Add Store trait methods for OPAQUE server
setup and user records. Initial e2e integration test scaffolding.

Note: FileBackedStore does not yet implement the new Store trait
methods — server compilation is temporarily broken.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

crates/quicnprotochat-server/Cargo.toml

@@ -32,6 +32,10 @@ quinn-proto   = { workspace = true }
 rustls        = { workspace = true }
 rcgen         = { workspace = true }
 
+# Crypto — OPAQUE PAKE
+opaque-ke     = { workspace = true }
+rand          = { workspace = true }
+
 # Database
 rusqlite      = { workspace = true }
 

crates/quicnprotochat-server/src/sql_store.rs

@@ -75,7 +75,18 @@ impl SqlStore {
                 ON key_packages(identity_key);
 
             CREATE INDEX IF NOT EXISTS idx_del_recipient_channel
-                ON deliveries(recipient_key, channel_id);",
+                ON deliveries(recipient_key, channel_id);
+
+            CREATE TABLE IF NOT EXISTS server_setup (
+                id         INTEGER PRIMARY KEY CHECK (id = 1),
+                setup_data BLOB NOT NULL
+            );
+
+            CREATE TABLE IF NOT EXISTS users (
+                username      TEXT PRIMARY KEY,
+                opaque_record BLOB NOT NULL,
+                created_at    INTEGER DEFAULT (strftime('%s','now'))
+            );",
         )
         .map_err(|e| StorageError::Db(e.to_string()))?;
         Ok(())
@@ -203,6 +214,48 @@ impl Store for SqlStore {
             .optional()
             .map_err(|e| StorageError::Db(e.to_string()))
     }
+
+    fn store_server_setup(&self, setup: Vec<u8>) -> Result<(), StorageError> {
+        let conn = self.conn.lock().unwrap();
+        conn.execute(
+            "INSERT OR REPLACE INTO server_setup (id, setup_data) VALUES (1, ?1)",
+            params![setup],
+        )
+        .map_err(|e| StorageError::Db(e.to_string()))?;
+        Ok(())
+    }
+
+    fn get_server_setup(&self) -> Result<Option<Vec<u8>>, StorageError> {
+        let conn = self.conn.lock().unwrap();
+        let mut stmt = conn
+            .prepare("SELECT setup_data FROM server_setup WHERE id = 1")
+            .map_err(|e| StorageError::Db(e.to_string()))?;
+
+        stmt.query_row([], |row| row.get(0))
+            .optional()
+            .map_err(|e| StorageError::Db(e.to_string()))
+    }
+
+    fn store_user_record(&self, username: &str, record: Vec<u8>) -> Result<(), StorageError> {
+        let conn = self.conn.lock().unwrap();
+        conn.execute(
+            "INSERT OR REPLACE INTO users (username, opaque_record) VALUES (?1, ?2)",
+            params![username, record],
+        )
+        .map_err(|e| StorageError::Db(e.to_string()))?;
+        Ok(())
+    }
+
+    fn get_user_record(&self, username: &str) -> Result<Option<Vec<u8>>, StorageError> {
+        let conn = self.conn.lock().unwrap();
+        let mut stmt = conn
+            .prepare("SELECT opaque_record FROM users WHERE username = ?1")
+            .map_err(|e| StorageError::Db(e.to_string()))?;
+
+        stmt.query_row(params![username], |row| row.get(0))
+            .optional()
+            .map_err(|e| StorageError::Db(e.to_string()))
+    }
 }
 
 /// Convenience extension for `rusqlite::OptionalExtension`.

crates/quicnprotochat-server/src/storage.rs

@@ -50,6 +50,18 @@ pub trait Store: Send + Sync {
     ) -> Result<(), StorageError>;
 
     fn fetch_hybrid_key(&self, identity_key: &[u8]) -> Result<Option<Vec<u8>>, StorageError>;
+
+    /// Store the OPAQUE `ServerSetup` (generated once, loaded on restart).
+    fn store_server_setup(&self, setup: Vec<u8>) -> Result<(), StorageError>;
+
+    /// Load the persisted `ServerSetup`, if any.
+    fn get_server_setup(&self) -> Result<Option<Vec<u8>>, StorageError>;
+
+    /// Store an OPAQUE user record (serialized `ServerRegistration`).
+    fn store_user_record(&self, username: &str, record: Vec<u8>) -> Result<(), StorageError>;
+
+    /// Retrieve an OPAQUE user record by username.
+    fn get_user_record(&self, username: &str) -> Result<Option<Vec<u8>>, StorageError>;
 }
 
 // ── ChannelKey ───────────────────────────────────────────────────────────────
@@ -86,9 +98,12 @@ pub struct FileBackedStore {
     kp_path: PathBuf,
     ds_path: PathBuf,
     hk_path: PathBuf,
+    setup_path: PathBuf,
+    users_path: PathBuf,
     key_packages: Mutex<HashMap<Vec<u8>, VecDeque<Vec<u8>>>>,
     deliveries: Mutex<HashMap<ChannelKey, VecDeque<Vec<u8>>>>,
     hybrid_keys: Mutex<HashMap<Vec<u8>, Vec<u8>>>,
+    users: Mutex<HashMap<String, Vec<u8>>>,
 }
 
 impl FileBackedStore {
@@ -100,18 +115,24 @@ impl FileBackedStore {
         let kp_path = dir.join("keypackages.bin");
         let ds_path = dir.join("deliveries.bin");
         let hk_path = dir.join("hybridkeys.bin");
+        let setup_path = dir.join("server_setup.bin");
+        let users_path = dir.join("users.bin");
 
         let key_packages = Mutex::new(Self::load_kp_map(&kp_path)?);
         let deliveries = Mutex::new(Self::load_delivery_map(&ds_path)?);
         let hybrid_keys = Mutex::new(Self::load_hybrid_keys(&hk_path)?);
+        let users = Mutex::new(Self::load_users(&users_path)?);
 
         Ok(Self {
             kp_path,
             ds_path,
             hk_path,
+            setup_path,
+            users_path,
             key_packages,
             deliveries,
             hybrid_keys,
+            users,
         })
     }
 
@@ -201,6 +222,29 @@ impl FileBackedStore {
         }
         fs::write(path, bytes).map_err(|e| StorageError::Io(e.to_string()))
     }
+
+    fn load_users(path: &Path) -> Result<HashMap<String, Vec<u8>>, StorageError> {
+        if !path.exists() {
+            return Ok(HashMap::new());
+        }
+        let bytes = fs::read(path).map_err(|e| StorageError::Io(e.to_string()))?;
+        if bytes.is_empty() {
+            return Ok(HashMap::new());
+        }
+        bincode::deserialize(&bytes).map_err(|_| StorageError::Serde)
+    }
+
+    fn flush_users(
+        &self,
+        path: &Path,
+        map: &HashMap<String, Vec<u8>>,
+    ) -> Result<(), StorageError> {
+        let bytes = bincode::serialize(map).map_err(|_| StorageError::Serde)?;
+        if let Some(parent) = path.parent() {
+            fs::create_dir_all(parent).map_err(|e| StorageError::Io(e.to_string()))?;
+        }
+        fs::write(path, bytes).map_err(|e| StorageError::Io(e.to_string()))
+    }
 }
 
 impl Store for FileBackedStore {
@@ -272,4 +316,33 @@ impl Store for FileBackedStore {
         let map = self.hybrid_keys.lock().unwrap();
         Ok(map.get(identity_key).cloned())
     }
+
+    fn store_server_setup(&self, setup: Vec<u8>) -> Result<(), StorageError> {
+        if let Some(parent) = self.setup_path.parent() {
+            fs::create_dir_all(parent).map_err(|e| StorageError::Io(e.to_string()))?;
+        }
+        fs::write(&self.setup_path, setup).map_err(|e| StorageError::Io(e.to_string()))
+    }
+
+    fn get_server_setup(&self) -> Result<Option<Vec<u8>>, StorageError> {
+        if !self.setup_path.exists() {
+            return Ok(None);
+        }
+        let bytes = fs::read(&self.setup_path).map_err(|e| StorageError::Io(e.to_string()))?;
+        if bytes.is_empty() {
+            return Ok(None);
+        }
+        Ok(Some(bytes))
+    }
+
+    fn store_user_record(&self, username: &str, record: Vec<u8>) -> Result<(), StorageError> {
+        let mut map = self.users.lock().unwrap();
+        map.insert(username.to_string(), record);
+        self.flush_users(&self.users_path, &*map)
+    }
+
+    fn get_user_record(&self, username: &str) -> Result<Option<Vec<u8>>, StorageError> {
+        let map = self.users.lock().unwrap();
+        Ok(map.get(username).cloned())
+    }
 }