Improve OPAQUE Password Management

[ecton]

trafficstars

Currently, our OPAQUE-KE only uses a single set of algorithms. We must anticipate that one or more of the algorithms could be considered insecure in the future.

• PasswordConfig should be extended to have a "primary" field. A unique view should be created to ensure only one PasswordConfig has primary set to true.
• When storing a user's ServerFile in the User record, we need to store a record of which PasswordConfig was used for the OPAQUE session.
• When authenticating a user, we need to use the corresponding PasswordConfig.
• Add a mechanism to configure the algorithms used in OPAQUE. At this time I'm leaning towards a simple enum of suggested configurations.
• When first attempting to find the primary PasswordConfig, a check should be performed to ensure the configured algorithms match the primary PasswordConfig's configuration.
  • If not, we should try to find an existing PasswordConfig that matches the configuration.
  • If none are found, create a new one with the new configuration.

[daxpedda]

Does this not already help: Config? You can ask every ServerFile what cipher suite it's using: ServerFile::config().

[ecton]

Yes, that's exactly how it will be powered, but we need to expose that information in a view so that it can be queried. Although I suppose we could just keep all configs in memory. There shouldn't be anything needed in custodian-password to make this work.