mega-security-rs
| Crates.io | mega-security-rs |
| lib.rs | mega-security-rs |
| version | 0.3.0 |
| source | src |
| created_at | 2024-10-16 03:44:34.473299 |
| updated_at | 2024-10-18 17:57:58.361895 |
| description | An implementation of Mega's security whitepaper |
| homepage | |
| repository | https://github.com/hellbound22/mega-security-rs |
| max_upload_size | |
| id | 1411222 |
| size | 28,125 |
Rodrigo de Oliveira Mauricio (hellbound22)
documentation
README
mega-security-rs
An implementation of Mega's security whitepaper
Note: This implementation is for educational and research purposes only. No copyright infrigment was intended.
for usage example check tests/auth.rs
Some notes
-
Mega does check for password security, this crate does not. I leave for whomever implements this crate to define what is a 'good password' or not.
-
Mega uses 'mega.nz' to generate salt. As noted in the whitepaper, ideally this value would be an user identifier, so thats whats being used in this code. You can provide a 'domain' when creating the client though;
-
The server uses a
HashMap<String, Client>to store registered users. Ideally you would code your own Server, or send a PR making the server be a trait of sorts. -
This crate does not YET implement file or data encryption of any kind.
-
The whitepaper does not elaborate on how sessions are stored or managed, The implementation seen on
Serveris just one of mine -
The obfuscation process given by the whitepaper is a bit skecthy, but it should be implemented correctly
TODOs
- Ephemeral Accounts
- More tests