fix(coap): Update dependencies (ariel-os#568)

chrysn-pull-requests · Nov 28, 2024 · 2769a83 · 2769a83
2 parents 65d486c + 20ee6af
commit 2769a83
Show file tree

Hide file tree

Showing 9 changed files with 56 additions and 58 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/examples/coap-server/README.md b/examples/coap-server/README.md
@@ -35,7 +35,8 @@ making the former configurable and the latter dynamic is work in progress.
   Hello from Ariel OS
   ```
 
-  The argument `--credentials client.diag` tells the client to establish a secure connection.
+  The argument `--credentials client.diag` tells the client to establish a secure connection;
+  that file describes the server's public key, and that the client can use a random key.
   Without the argument, the requests come through just as well,
   but the client has no assurance on the server's identity.
 

diff --git a/examples/coap-server/client.cosekey b/examples/coap-server/client.cosekey
diff --git a/examples/coap-server/client.diag b/examples/coap-server/client.diag
@@ -3,10 +3,7 @@
     "edhoc-oscore": {
       "suite": 2,
       "method": 3,
-      "own_cred_style": "by-value",
-      / From the server's point of view, this is unauthenticated; we could use any key pair, as long as we send it by value. /
-      "own_cred": {14: {2: "", 8: {1: {1: 2, 2: h'2b', -1: 1, -2: h'ac75e9ece3e50bfc8ed60399889522405c47bf16df96660a41298cb4307f7eb6', -3: h'6e5de611388a4b8a8211334ac7d37ecb52a387d257e6db3c2a93df21ff3affc8'}}}},
-      "private_key_file": "client.cosekey",
+      "own_cred": {"unauthenticated": true},
       "peer_cred": {14: {2: "", 8: {1: {1: 2, 2: h'0a', -1: 1, -2: h'bbc34960526ea4d32e940cad2a234148ddc21791a12afbcbac93622046dd44f0', -3: h'4519e257236b2a0ce2023f0931f1f386ca7afda64fcde0108c224c51eabf6072'}}}},
     }
   },

diff --git a/src/ariel-os-coap/Cargo.toml b/src/ariel-os-coap/Cargo.toml
@@ -25,8 +25,8 @@ embassy-net = { workspace = true, features = [
 embassy-sync.workspace = true
 embedded-nal-async = "0.8"
 embedded-nal-coap = { workspace = true }
-lakers-crypto-rustcrypto = "0.6.0"
-lakers = { version = "0.6.0", default-features = false }
+lakers-crypto-rustcrypto = "0.7.2"
+lakers = { version = "0.7.2", default-features = false }
 ariel-os-debug.workspace = true
 ariel-os-embassy = { workspace = true, features = ["net"] }
 ariel-os-random = { workspace = true, features = ["csprng"] }

diff --git a/src/ariel-os-coap/src/lib.rs b/src/ariel-os-coap/src/lib.rs
@@ -35,7 +35,7 @@ static CLIENT: OnceLock<
 /// This can only be run once, as it sets up a system wide CoAP handler.
 pub async fn coap_run(handler: impl coap_handler::Handler + coap_handler::Reporting) -> ! {
     use hexlit::hex;
-    const R: &[u8] = &hex!("72cc4761dbd4c78f758931aa589d348d1ef874a7e303ede2f140dcf3e6aa4aac");
+    const R: [u8; 32] = hex!("72cc4761dbd4c78f758931aa589d348d1ef874a7e303ede2f140dcf3e6aa4aac");
 
     static COAP: StaticCell<embedded_nal_coap::CoAPShared<CONCURRENT_REQUESTS>> = StaticCell::new();
 
@@ -65,8 +65,8 @@ pub async fn coap_run(handler: impl coap_handler::Handler + coap_handler::Report
         .unwrap();
 
     let own_identity = (
-        &lakers::CredentialRPK::new(lakers::EdhocMessageBuffer::new_from_slice(&hex!("A2026008A101A5010202410A2001215820BBC34960526EA4D32E940CAD2A234148DDC21791A12AFBCBAC93622046DD44F02258204519E257236B2A0CE2023F0931F1F386CA7AFDA64FCDE0108C224C51EABF6072")).expect("Credential should be small enough")).expect("Credential should be processable"),
-        R,
+        &lakers::Credential::parse_ccs(&hex!("A2026008A101A5010202410A2001215820BBC34960526EA4D32E940CAD2A234148DDC21791A12AFBCBAC93622046DD44F02258204519E257236B2A0CE2023F0931F1F386CA7AFDA64FCDE0108C224C51EABF6072")).expect("Credential should be processable"),
+        &R,
         );
 
     // FIXME: Should we allow users to override that? After all, this is just convenience and may

diff --git a/src/lib/coapcore/Cargo.toml b/src/lib/coapcore/Cargo.toml
@@ -17,17 +17,18 @@ workspace = true
 # public
 coap-handler = "0.2.0"
 coap-message = "0.3.2"
-lakers = { version = "0.6.0", default-features = false }
+lakers = { version = "0.7.2", default-features = false }
 
 # private
 arrayvec = { version = "0.7.4", default-features = false }
 coap-message-implementations = { version = "0.1.2", features = ["downcast"] }
 coap-message-utils = "0.3.3"
 coap-numbers = "0.2.3"
 hexlit = "0.5.5"
-lakers-crypto-rustcrypto = "0.6.0"
-liboscore = { git = "https://gitlab.com/oscore/liboscore/", rev = "55d0f71075d97a5a66ee4166487c09938d5ee7c5" }
-liboscore-msgbackend = { git = "https://gitlab.com/oscore/liboscore/", rev = "55d0f71075d97a5a66ee4166487c09938d5ee7c5" }
+lakers-crypto-rustcrypto = "0.7.2"
+# This is exactly 0.2.1, but apparently there are files in the git clone that are not in the crate as they should be.
+liboscore = { git = "https://gitlab.com/oscore/liboscore/", rev = "5a39b7dbafa6aa6c6adb8e187b850f382858c401" }
+liboscore-msgbackend = { git = "https://gitlab.com/oscore/liboscore/", rev = "5a39b7dbafa6aa6c6adb8e187b850f382858c401" }
 
 minicbor = "0.23.0"
 heapless = "0.8.0"

diff --git a/src/lib/coapcore/src/seccontext.rs b/src/lib/coapcore/src/seccontext.rs
@@ -20,6 +20,9 @@ pub type SecContextPool<Crypto> =
 ///
 /// This type represents any of the 48 efficient identifiers that use CBOR one-byte integer
 /// encodings (see RFC9528 Section 3.3.2), or equivalently the 1-byte long OSCORE identifiers
+///
+/// Lakers supports a much larger value space for C_x, and coapcore processes larger values
+/// selected by the peer -- but on its own, will select only those that fit in this type.
 // FIXME Could even limit to positive values if MAX_CONTEXTS < 24
 #[cfg_attr(feature = "defmt", derive(defmt::Format))]
 #[derive(Copy, Clone, PartialEq, Debug)]
@@ -73,7 +76,8 @@ impl COwn {
 
 impl From<COwn> for lakers::ConnId {
     fn from(cown: COwn) -> Self {
-        lakers::ConnId::from_int_raw(cown.0)
+        lakers::ConnId::from_slice(&[cown.0])
+            .expect("ConnId is always big enough for at least COwn")
     }
 }
 
@@ -145,15 +149,8 @@ enum SecContextStage<Crypto: lakers::Crypto> {
     // :-)
 
     // actionable in response building
-    //
-    // FIXME: The 'static here means that our identity key needs to be 'static -- if identity
-    // roll-over is a topic, that'd be a no-go. An alternative is to both store the message and the
-    // ResponderWaitM3 state -- but that'll make our SecContextPool slots larger; best evaluate
-    // that once the states are ready and we see which ones are the big ones. Possible outcomes are
-    // to just do it, to store the message in the handler's `RequestData`, or to have one or a few
-    // slots in parallel to this in the [`SecContextPool`].
     EdhocResponderProcessedM1 {
-        responder: lakers::EdhocResponderProcessedM1<'static, Crypto>,
+        responder: lakers::EdhocResponderProcessedM1<Crypto>,
         // May be removed if lakers keeps access to those around if they are set at this point at
         // all
         c_r: COwn,
@@ -266,9 +263,7 @@ pub struct OscoreEdhocHandler<'a, H: coap_handler::Handler, Crypto: lakers::Cryp
     // locks for such sharing could still be acquired in a factory (at which point it may make
     // sense to make this a &mut).
     pool: SecContextPool<Crypto>,
-    // FIXME: That 'static is going to bite us -- but EdhocResponderProcessedM1 holds a reference
-    // to it -- see SecContextStage::EdhocResponderProcessedM1
-    own_identity: (&'a lakers::CredentialRPK, &'static [u8]),
+    own_identity: (&'a lakers::Credential, &'a lakers::BytesP256ElemLen),
 
     // FIXME: This currently bakes in the assumption that there is a single tree both for
     // unencrypted and encrypted resources. We may later generalize this by making this a factory,
@@ -288,7 +283,7 @@ impl<'a, H: coap_handler::Handler, Crypto: lakers::Crypto> OscoreEdhocHandler<'a
     // FIXME: Apart from an own identity, this will also need a function to convert ID_CRED_I into
     // a (CRED_I, AifStaticRest) pair.
     pub fn new(
-        own_identity: (&'a lakers::CredentialRPK, &'static [u8]),
+        own_identity: (&'a lakers::Credential, &'a lakers::BytesP256ElemLen),
         inner: H,
         crypto_factory: fn() -> Crypto,
     ) -> Self {
@@ -496,7 +491,8 @@ impl<'a, H: coap_handler::Handler, Crypto: lakers::Crypto> coap_handler::Handler
 
                     let (responder, c_i, ead_1) = lakers::EdhocResponder::new(
                         (self.crypto_factory)(),
-                        self.own_identity.1,
+                        lakers::EDHOCMethod::StatStat,
+                        *self.own_identity.1,
                         *self.own_identity.0,
                     )
                     .process_message_1(message_1)
@@ -514,7 +510,8 @@ impl<'a, H: coap_handler::Handler, Crypto: lakers::Crypto> coap_handler::Handler
                             .iter()
                             .filter_map(|entry| entry.corresponding_cown())
                             // C_R does not only need to be unique, it also must not be identical
-                            // to C_I
+                            // to C_I. If it is not expressible as a COwn (as_slice gives []),
+                            // that's fine and we don't have to consider it.
                             .chain(COwn::from_kid(c_i.as_slice()).as_slice().iter().cloned()),
                     );
 
@@ -550,7 +547,9 @@ impl<'a, H: coap_handler::Handler, Crypto: lakers::Crypto> coap_handler::Handler
                 let payload = request.payload();
 
                 // This whole loop-and-tree could become a single take_responder_wait3 method?
-                let kid = COwn::from_kid(&[kid]).unwrap();
+                let kid = COwn::from_kid(&[kid])
+                    // same as if it's not found in the pool
+                    .ok_or_else(CoAPError::bad_request)?;
                 // If we don't make progress, we're dropping it altogether. Unless we use the
                 // responder we might legally continue (because we didn't send data to EDHOC), but
                 // once we've received something that (as we now know) looks like a message 3 and
@@ -600,17 +599,15 @@ impl<'a, H: coap_handler::Handler, Crypto: lakers::Crypto> coap_handler::Handler
                         let authorization;
 
                         if id_cred_i.reference_only() {
-                            match id_cred_i.kid {
-                                43 => {
+                            match id_cred_i.as_encoded_value() {
+                                &[43] => {
                                     info!("Peer indicates use of the one preconfigured key");
 
                                     use hexlit::hex;
                                     const CRED_I: &[u8] = &hex!("A2027734322D35302D33312D46462D45462D33372D33322D333908A101A5010202412B2001215820AC75E9ECE3E50BFC8ED60399889522405C47BF16DF96660A41298CB4307F7EB62258206E5DE611388A4B8A8211334AC7D37ECB52A387D257E6DB3C2A93DF21FF3AFFC8");
 
-                                    cred_i = lakers::CredentialRPK::new(
-                                        CRED_I.try_into().expect("Static credential is too large"),
-                                    )
-                                    .expect("Static credential is not processable");
+                                    cred_i = lakers::Credential::parse_ccs(CRED_I)
+                                        .expect("Static credential is not processable");
 
                                     // FIXME: learn from CRED_I
                                     authorization = AifStaticRest {
@@ -623,12 +620,15 @@ impl<'a, H: coap_handler::Handler, Crypto: lakers::Crypto> coap_handler::Handler
                                 }
                             }
                         } else {
+                            let ccs = id_cred_i
+                                .get_ccs()
+                                .expect("Lakers only knows IdCred as reference or as credential");
                             info!(
-                                "Got credential by value: {:?}..",
-                                &id_cred_i.value.get_slice(0, 5)
+                                "Got credential CCS by value: {:?}..",
+                                &ccs.bytes.get_slice(0, 5)
                             );
 
-                            cred_i = lakers::CredentialRPK::new(id_cred_i.value)
+                            cred_i = lakers::Credential::parse_ccs(ccs.bytes.as_slice())
                                 // FIXME What kind of error do we send here?
                                 .map_err(|_| Own(CoAPError::bad_request()))?;
 

diff --git a/tests/coap/fauxhoc.py b/tests/coap/fauxhoc.py
@@ -2,10 +2,10 @@
 # /// script
 # requires-python = ">= 3.10"
 # dependencies = [
-#   "lakers-python == 0.3.1",
-#   "aiocoap[oscore] == 0.4.8",
+#   "lakers-python == 0.4.1",
+#   "aiocoap[oscore] == 0.4.12",
 #   "cbor2",
-#   "coap_console == 0.0.1",
+#   "coap_console == 0.0.3",
 # ]
 # ///
 """
@@ -67,7 +67,7 @@
 eligible_responders = {}  # mapping ID_CRED_R to CRED_R
 # when ID_CRED_R is the KID. 8/1/2 is cnf/COSE_Key/kid, IIUC those should be present in suitable CCSs
 eligible_responders |= {
-    parsed[8][1][2]: ccs
+    cbor2.dumps({4: bytes.fromhex("0a")}): ccs
     for (parsed, ccs) in ((cbor2.loads(ccs), ccs) for ccs in eligible_responders_ccs)
 }
 # when ID_CRED_R is CRED_R