The latest articles on DEV Community by JONATHAN SIMON (@dejetem). https://dev.to/dejetem https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F435246%2F7da3ae95-4e67-46e2-862a-37e5256ab5cf.png https://dev.to/dejetem en JONATHAN SIMON Thu, 07 Aug 2025 18:25:42 +0000 https://dev.to/dejetem/basic-handshake-protocol-2ca8 https://dev.to/dejetem/basic-handshake-protocol-2ca8 <p>I wrote a basic handshake protocol in Rust. Let's break down the entire implementation step-by-step, explaining each component and how it addresses the requirements for a secure handshake protocol.</p> <p>A. Protocol Design Overview<br> The protocol implements mutual authentication using pre-shared keys (PSK) with the following message sequence:</p> <ul> <li><p>ClientHello:<br> Client ID (variable length)<br> Client Nonce (16-byte random value)</p></li> <li><p>ServerHello:<br> Server Nonce (16-byte random value)<br> HMAC(PSK, ClientNonce + ServerNonce + "Server")</p></li> <li><p>ClientAuth:<br> HMAC(PSK, ClientNonce + ServerNonce + "Client")</p></li> <li><p>ServerAck:<br> "AUTH_SUCCESS" confirmation</p></li> </ul> <p>B. Security Features Implemented:</p> <ul> <li>Mutual Authentication: Both client and server prove knowledge of PSK</li> <li>Replay Attack Prevention: Unique nonces for each session</li> <li>Message Integrity: HMAC-SHA256 protects against tampering</li> <li>Context Separation: Different HMAC contexts for client/server roles</li> <li>Freshness Guarantee: Nonces ensure responses are current</li> </ul> <p>C. Key Components Explained:</p> <p>a. KeyStore (protocol.rs)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="nd">#[derive(Clone)]</span> <span class="k">pub</span> <span class="k">struct</span> <span class="nf">KeyStore</span><span class="p">(</span><span class="n">HashMap</span><span class="o">&lt;</span><span class="nb">String</span><span class="p">,</span> <span class="nb">Vec</span><span class="o">&lt;</span><span class="nb">u8</span><span class="o">&gt;&gt;</span><span class="p">);</span> </code></pre> </div> <ul> <li>Purpose: Stores pre-shared keys for clients</li> <li>Implementation: <ul> <li>Uses HashMap for client ID → key mapping</li> <li> <code>#[derive(Clone)]</code> enables safe sharing between threads</li> <li> <code>get_key()</code> retrieves key with error handling</li> </ul> </li> </ul> <p>b. Nonce Generation<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">pub</span> <span class="k">fn</span> <span class="nf">generate_nonce</span><span class="p">()</span> <span class="k">-&gt;</span> <span class="p">[</span><span class="nb">u8</span><span class="p">;</span> <span class="n">NONCE_SIZE</span><span class="p">]</span> <span class="p">{</span> <span class="k">let</span> <span class="k">mut</span> <span class="n">nonce</span> <span class="o">=</span> <span class="p">[</span><span class="mi">0u8</span><span class="p">;</span> <span class="n">NONCE_SIZE</span><span class="p">];</span> <span class="nn">rand</span><span class="p">::</span><span class="nn">rngs</span><span class="p">::</span><span class="n">OsRng</span><span class="nf">.fill_bytes</span><span class="p">(</span><span class="o">&amp;</span><span class="k">mut</span> <span class="n">nonce</span><span class="p">);</span> <span class="n">nonce</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Security Importance: <ul> <li>Prevents replay attacks</li> <li>Ensures session uniqueness</li> </ul> </li> <li>Implementation: <ul> <li>Uses cryptographically secure OsRng</li> <li>Generates 16 random bytes (128 bits)</li> </ul> </li> </ul> <p>c. HMAC Operations<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">pub</span> <span class="k">fn</span> <span class="nf">compute_hmac</span><span class="p">(</span><span class="n">key</span><span class="p">:</span> <span class="o">&amp;</span><span class="p">[</span><span class="nb">u8</span><span class="p">],</span> <span class="n">data</span><span class="p">:</span> <span class="o">&amp;</span><span class="p">[</span><span class="o">&amp;</span><span class="p">[</span><span class="nb">u8</span><span class="p">]])</span> <span class="k">-&gt;</span> <span class="nb">Result</span><span class="o">&lt;</span><span class="p">[</span><span class="nb">u8</span><span class="p">;</span> <span class="mi">32</span><span class="p">]</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">let</span> <span class="k">mut</span> <span class="n">mac</span> <span class="o">=</span> <span class="nn">HmacSha256</span><span class="p">::</span><span class="nf">new_from_slice</span><span class="p">(</span><span class="n">key</span><span class="p">)</span><span class="o">?</span><span class="p">;</span> <span class="k">for</span> <span class="n">d</span> <span class="k">in</span> <span class="n">data</span> <span class="p">{</span> <span class="n">mac</span><span class="nf">.update</span><span class="p">(</span><span class="n">d</span><span class="p">);</span> <span class="p">}</span> <span class="nf">Ok</span><span class="p">(</span><span class="n">mac</span><span class="nf">.finalize</span><span class="p">()</span><span class="nf">.into_bytes</span><span class="p">()</span><span class="nf">.into</span><span class="p">())</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Security Properties: <ul> <li>Keyed-Hash Message Authentication Code</li> <li>SHA-256 provides collision resistance</li> </ul> </li> <li>Implementation Notes: <ul> <li>Concatenates inputs: [c_nonce, s_nonce, role]</li> <li>Role strings ("Client"/"Server") prevent reflection attacks</li> </ul> </li> </ul> <p>D. Server Implementation (server.rs)<br> a. Initialization<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">let</span> <span class="n">listener</span> <span class="o">=</span> <span class="nn">TcpListener</span><span class="p">::</span><span class="nf">bind</span><span class="p">(</span><span class="s">"127.0.0.1:8080"</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> <span class="k">let</span> <span class="n">keystore</span> <span class="o">=</span> <span class="nn">Arc</span><span class="p">::</span><span class="nf">new</span><span class="p">(</span><span class="nn">KeyStore</span><span class="p">::</span><span class="nf">new</span><span class="p">());</span> </code></pre> </div> <ul> <li>Concurrency Handling: <ul> <li>Arc enables thread-safe reference counting</li> <li>Allows sharing keystore across connections</li> </ul> </li> </ul> <p>b. Connection Handling<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="nn">tokio</span><span class="p">::</span><span class="nf">spawn</span><span class="p">(</span><span class="k">async</span> <span class="k">move</span> <span class="p">{</span> <span class="c1">// Handshake logic</span> <span class="p">});</span> </code></pre> </div> <ul> <li>Asynchronous Design: <ul> <li>Uses Tokio runtime for async I/O</li> <li>Spawns new task per connection</li> </ul> </li> </ul> <p>c. Handshake Sequence<br> i. Receive ClientHello:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">let</span> <span class="n">client_id_len</span> <span class="o">=</span> <span class="n">socket</span><span class="nf">.read_u8</span><span class="p">()</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.read_exact</span><span class="p">(</span><span class="o">&amp;</span><span class="k">mut</span> <span class="n">client_id_buf</span><span class="p">[</span><span class="o">..</span><span class="n">client_id_len</span><span class="p">])</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.read_exact</span><span class="p">(</span><span class="o">&amp;</span><span class="k">mut</span> <span class="n">c_nonce</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>Reads client ID (length-prefixed)</li> <li>Reads 16-byte client nonce</li> </ul> <p>ii. Send ServerHello:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">let</span> <span class="n">server_hmac</span> <span class="o">=</span> <span class="nf">compute_hmac</span><span class="p">(</span><span class="n">psk</span><span class="p">,</span> <span class="o">&amp;</span><span class="p">[</span><span class="o">&amp;</span><span class="n">c_nonce</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">s_nonce</span><span class="p">,</span> <span class="s">b"Server"</span><span class="p">])</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.write_all</span><span class="p">(</span><span class="o">&amp;</span><span class="n">s_nonce</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.write_all</span><span class="p">(</span><span class="o">&amp;</span><span class="n">server_hmac</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>Proves server knows PSK</li> <li>Binds response to client's nonce</li> </ul> <p>iii. Verify ClientAuth:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="nf">verify_hmac</span><span class="p">(</span><span class="n">psk</span><span class="p">,</span> <span class="o">&amp;</span><span class="p">[</span><span class="o">&amp;</span><span class="n">c_nonce</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">s_nonce</span><span class="p">,</span> <span class="s">b"Client"</span><span class="p">],</span> <span class="o">&amp;</span><span class="n">client_hmac</span><span class="p">)</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>Validates client knows PSK</li> <li>Ensures client received server's nonce</li> </ul> <p>iv. Send Acknowledgement:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="n">socket</span><span class="nf">.write_all</span><span class="p">(</span><span class="s">b"AUTH_SUCCESS"</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>12-byte fixed message confirms auth</li> </ul> <p>E. Client Implementation (client.rs)<br> a. Handshake Sequence<br> i. Send ClientHello:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="n">socket</span><span class="nf">.write_u8</span><span class="p">(</span><span class="n">client_id</span><span class="nf">.len</span><span class="p">()</span> <span class="k">as</span> <span class="nb">u8</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.write_all</span><span class="p">(</span><span class="n">client_id</span><span class="nf">.as_bytes</span><span class="p">())</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.write_all</span><span class="p">(</span><span class="o">&amp;</span><span class="n">c_nonce</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>Length-prefixed client ID</li> <li>Random client nonce</li> </ul> <p>ii. Verify ServerHello:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="nf">verify_hmac</span><span class="p">(</span><span class="n">psk</span><span class="p">,</span> <span class="o">&amp;</span><span class="p">[</span><span class="o">&amp;</span><span class="n">c_nonce</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">s_nonce</span><span class="p">,</span> <span class="s">b"Server"</span><span class="p">],</span> <span class="o">&amp;</span><span class="n">server_hmac</span><span class="p">)</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>Validates server identity</li> <li>Ensures response is fresh (contains client nonce)</li> </ul> <p>iii. Send ClientAuth:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">let</span> <span class="n">client_hmac</span> <span class="o">=</span> <span class="nf">compute_hmac</span><span class="p">(</span><span class="n">psk</span><span class="p">,</span> <span class="o">&amp;</span><span class="p">[</span><span class="o">&amp;</span><span class="n">c_nonce</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">s_nonce</span><span class="p">,</span> <span class="s">b"Client"</span><span class="p">])</span><span class="o">?</span><span class="p">;</span> <span class="n">socket</span><span class="nf">.write_all</span><span class="p">(</span><span class="o">&amp;</span><span class="n">client_hmac</span><span class="p">)</span><span class="k">.await</span><span class="o">?</span><span class="p">;</span> </code></pre> </div> <ul> <li>Proves client knows PSK</li> <li>Binds response to server's nonce</li> </ul> <p>iv. Verify ServerAck:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight rust"><code><span class="k">if</span> <span class="o">&amp;</span><span class="n">ack</span> <span class="o">==</span> <span class="s">b"AUTH_SUCCESS"</span> <span class="p">{</span> <span class="nd">println!</span><span class="p">(</span><span class="s">"Authenticated with server!"</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <ul> <li>Final confirmation of successful auth</li> </ul> <p>F. Protocol Security Analysis<br> a. Replay Attack Prevention</p> <ul> <li>Client Nonce: Ensures server response is fresh</li> <li>Server Nonce: Ensures client authentication is fresh</li> <li>HMAC Context: Includes both nonces in all authentication tags</li> </ul> <p>b. Authentication Strength</p> <ul> <li>Mutual Authentication: Both parties prove PSK knowledge</li> <li>Context Separation: Different HMAC strings for client/server roles</li> <li>Key Binding: All HMACs incorporate both parties' nonces</li> </ul> <p>c. Message Sequencing</p> <ul> <li>Strict state machine enforced by: <ul> <li>Server waits for ClientHello before responding</li> <li>Client waits for ServerHello before authenticating</li> <li>Server waits for ClientAuth before acking</li> </ul> </li> </ul> <p>d. Minimal Security Concepts</p> <ul> <li>Authentication: HMAC proves PSK knowledge</li> <li>Integrity: HMAC protects against message tampering</li> <li>Freshness: Nonces guarantee message recency</li> <li>Key Confidentiality: PSK never transmitted</li> </ul> <p>This implementation provides a solid foundation for secure protocol design, demonstrating core concepts like mutual authentication, nonce-based freshness, and HMAC-based message integrity. The Rust implementation leverages async I/O for performance and type safety for correctness.</p> programming webdev rust JONATHAN SIMON Fri, 12 Apr 2024 11:53:00 +0000 https://dev.to/dejetem/rendering-or-how-to-render-animation-in-json-format-with-lottiefiles-animation-in-react-application-1ha8 https://dev.to/dejetem/rendering-or-how-to-render-animation-in-json-format-with-lottiefiles-animation-in-react-application-1ha8 <p>A Lottie is a JSON-based animation file format that allows you to ship animations on any platform as easily as shipping static assets. <a href="https://lottiefiles.com/what-is-lottie">lottiefiles.</a></p> <p>Lottie is a library that parses animations exported as JSON and renders them natively on the web, iOS, and Android.</p> <p>Using JSON format animation in a React application is straightforward, you need to install one library called lottie-web.</p> <p>Here's how you can render JSON format animation in a React component using Lottie:</p> <p>The first step, install the <code>lottie-web</code> library using npm or yarn:<br> <code>npm install --save lottie-web</code> for npm <br> <code>yarn add lottie-web</code> for yarn</p> <p>The second step, Import the library and the JSON animation file in your React component:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import React, { useEffect, useRef } from 'react'; import lottie from 'lottie-web'; import yourAnimationData from './your_animation_data.json'; // Replace 'your_animation_data.json' with the path to your own JSON animation file export default function MyLottieAnimation() { const animationContainer = useRef(null); useEffect(() =&gt; { const anim = lottie.loadAnimation({ container: animationContainer.current, renderer: 'svg', // Change the renderer type if needed (canvas, html) loop: true, autoplay: true, animationData: yourAnimationData // Your own JSON animation data }); return () =&gt; { anim.destroy();// Clean up when component unmounts }; }, []); return ( &lt;div className="App"&gt; &lt;h1&gt;Animation in JSON format&lt;/h1&gt; &lt;h2&gt;with LottieFiles animation in React application&lt;/h2&gt; &lt;div ref={animationContainer}&gt;&lt;/div&gt; &lt;/div&gt; ); } </code></pre> </div> <p>For the above block of the code we first import the React and two React hooks, useEffect and useRef. Then we import the lottie-web library we installed and next, we import the JSON format animation into our component.</p> <p><a href="https://www.npmjs.com/package/lottie-web">lottie-web</a>:Lottie is a library that parses animations exported as JSON and renders them natively on the web, iOS, and Android.</p> <p><a href="https://react.dev/reference/react/useEffect">useEffect</a>: useEffect is a React Hook that lets you synchronize a component with an external system.</p> <p><a href="https://react.dev/reference/react/useRef">useRef</a>: useRef is a React Hook that lets you reference a value that's not needed for rendering.</p> <p><strong>Conclusion</strong><br> This post talks about how to render JSON format animation in a React component using Lottie and it's a straightforward process.</p> <p>Now you can render the animationContainer in your part of the MyLottieAnimation component you want to display the animation.<br> Here is a link to a <a href="https://codesandbox.io/p/sandbox/proud-snow-skq7ks?file=%2Fsrc%2Findex.js">sandbox</a></p> <p>You can also create a reusable component for Lottie animation so you don't have to repeat the base configuration, all you have to do is pass your yourAnimationData as a prop to the reusable component and then pass the yourAnimationData to the animationData inside the useEffect hook.</p> webdev javascript react frontend