From 66976dafb3244c385d2687357b08bad53b2f3ac9 Mon Sep 17 00:00:00 2001 From: chrysn Date: Wed, 15 Nov 2023 19:39:53 +0100 Subject: [PATCH] refactor!: Pull Crypto trait to the high-level implementation This allows pushing back the edhoc-crypto ("the default implementation that is selected statically, making all implementations possible dependencies") into the dev-dependencies. The crypto-* features are removed from edhoc-rs; testing depends on edhoc-crypto being pulled in in parallel to the test, and a feature selected on that. Follow-up-for: https://github.com/openwsn-berkeley/edhoc-rs/pull/127 --- .github/workflows/build-and-test.yml | 6 +- examples/coap/Cargo.toml | 3 +- examples/coap/src/bin/coapclient.rs | 10 +- .../coap/src/bin/coapserver-coaphandler.rs | 16 +- examples/coap/src/bin/coapserver.rs | 11 +- examples/edhoc-rs-cc2538/Cargo.toml | 3 +- examples/edhoc-rs-no_std/Cargo.toml | 4 +- examples/edhoc-rs-no_std/src/main.rs | 45 ++++- lib/Cargo.toml | 8 +- lib/src/lib.rs | 183 +++++++++++------- 10 files changed, 190 insertions(+), 99 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 1fe37cad..402a4da1 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -28,7 +28,7 @@ jobs: strategy: fail-fast: false matrix: - crypto_backend: [crypto-hacspec, crypto-psa] + crypto_backend: [edhoc-crypto/hacspec, edhoc-crypto/psa] ead: [ead-none, ead-zeroconf] steps: @@ -36,7 +36,7 @@ jobs: uses: actions/checkout@v3 - name: Run unit tests # note that we only add `--package edhoc-hacspec` when testing the hacspec version of the lib - run: RUST_BACKTRACE=1 cargo test -p edhoc-rs -p edhoc-consts -p edhoc-ead-zeroconf --no-default-features --features="${{ matrix.crypto_backend }}, ${{ matrix.ead }}" --no-fail-fast -- --test-threads 1 + run: RUST_BACKTRACE=1 cargo test -p edhoc-rs -p edhoc-crypto -p edhoc-consts -p edhoc-ead-zeroconf --no-default-features --features="${{ matrix.crypto_backend }}, ${{ matrix.ead }}" --no-fail-fast -- --test-threads 1 build-edhoc-package: @@ -46,7 +46,7 @@ jobs: strategy: fail-fast: false matrix: - crypto_backend: [crypto-hacspec, crypto-psa, crypto-psa-baremetal, crypto-cryptocell310] + crypto_backend: [edhoc-crypto/hacspec, edhoc-crypto/psa, edhoc-crypto/psa-baremetal, edhoc-crypto/cryptocell310] ead: [ead-none, ead-zeroconf] steps: diff --git a/examples/coap/Cargo.toml b/examples/coap/Cargo.toml index a7542246..4213be41 100644 --- a/examples/coap/Cargo.toml +++ b/examples/coap/Cargo.toml @@ -4,7 +4,8 @@ version = "0.1.0" edition = "2021" [dependencies] -edhoc-rs = { path = "../../lib", features = [ "crypto-hacspec" ] } +edhoc-rs = { path = "../../lib" } +edhoc-crypto = { path = "../../crypto/", features = [ "hacspec" ] } hexlit = "0.5.3" coap = { version = "0.13" } coap-lite = { version = "0.11.3" } diff --git a/examples/coap/src/bin/coapclient.rs b/examples/coap/src/bin/coapclient.rs index f8fabf1c..f80f5c7d 100644 --- a/examples/coap/src/bin/coapclient.rs +++ b/examples/coap/src/bin/coapclient.rs @@ -21,11 +21,17 @@ fn main() { println!("Client request: {}", url); let state = Default::default(); - let initiator = EdhocInitiator::new(state, &I, &CRED_I, Some(&CRED_R)); + let initiator = EdhocInitiator::new( + state, + edhoc_crypto::default_crypto(), + &I, + &CRED_I, + Some(&CRED_R), + ); // Send Message 1 over CoAP and convert the response to byte let mut msg_1_buf = Vec::from([0xf5u8]); // EDHOC message_1 when transported over CoAP is prepended with CBOR true - let c_i = generate_connection_identifier_cbor(); + let c_i = generate_connection_identifier_cbor(&mut edhoc_crypto::default_crypto()); let (initiator, message_1) = initiator.prepare_message_1(c_i).unwrap(); msg_1_buf.extend_from_slice(&message_1.content[..message_1.len]); println!("message_1 len = {}", msg_1_buf.len()); diff --git a/examples/coap/src/bin/coapserver-coaphandler.rs b/examples/coap/src/bin/coapserver-coaphandler.rs index 80f199a3..b683566c 100644 --- a/examples/coap/src/bin/coapserver-coaphandler.rs +++ b/examples/coap/src/bin/coapserver-coaphandler.rs @@ -1,3 +1,4 @@ +use edhoc_crypto::Crypto; use edhoc_rs::*; use hexlit::hex; @@ -14,11 +15,11 @@ const R: &[u8] = &hex!("72cc4761dbd4c78f758931aa589d348d1ef874a7e303ede2f140dcf3 #[derive(Default, Debug)] struct EdhocHandler { - connections: Vec<(u8, EdhocResponderWaitM3<'static>)>, + connections: Vec<(u8, EdhocResponderWaitM3<'static, Crypto>)>, } impl EdhocHandler { - fn take_connection_by_c_r(&mut self, c_r: u8) -> Option> { + fn take_connection_by_c_r(&mut self, c_r: u8) -> Option> { let index = self .connections .iter() @@ -45,7 +46,7 @@ enum EdhocResponse { // take up a slot there anyway) if we make it an enum. OkSend2 { c_r: u8, - responder: EdhocResponderBuildM2<'static>, + responder: EdhocResponderBuildM2<'static, Crypto>, }, Message3Processed, } @@ -60,7 +61,14 @@ impl coap_handler::Handler for EdhocHandler { if starts_with_true { let state = EdhocState::default(); - let responder = EdhocResponder::new(state, &R, &CRED_R, Some(&CRED_I)); + + let responder = EdhocResponder::new( + state, + edhoc_crypto::default_crypto(), + &R, + &CRED_R, + Some(&CRED_I), + ); let response = responder .process_message_1(&request.payload()[1..].try_into().expect("wrong length")); diff --git a/examples/coap/src/bin/coapserver.rs b/examples/coap/src/bin/coapserver.rs index 378a3e4d..888f1a6e 100644 --- a/examples/coap/src/bin/coapserver.rs +++ b/examples/coap/src/bin/coapserver.rs @@ -32,7 +32,13 @@ fn main() { // This is an EDHOC message if request.message.payload[0] == 0xf5 { let state = EdhocState::default(); - let responder = EdhocResponder::new(state, &R, &CRED_R, Some(&CRED_I)); + let responder = EdhocResponder::new( + state, + edhoc_crypto::default_crypto(), + &R, + &CRED_R, + Some(&CRED_I), + ); let result = responder.process_message_1( &request.message.payload[1..] @@ -41,7 +47,8 @@ fn main() { ); if let Ok(responder) = result { - let c_r = generate_connection_identifier_cbor(); + let c_r = + generate_connection_identifier_cbor(&mut edhoc_crypto::default_crypto()); let (responder, message_2) = responder.prepare_message_2(c_r).unwrap(); response.message.payload = Vec::from(&message_2.content[..message_2.len]); // save edhoc connection diff --git a/examples/edhoc-rs-cc2538/Cargo.toml b/examples/edhoc-rs-cc2538/Cargo.toml index 7a967f41..932f397f 100644 --- a/examples/edhoc-rs-cc2538/Cargo.toml +++ b/examples/edhoc-rs-cc2538/Cargo.toml @@ -8,6 +8,7 @@ description = "edhoc-rs example on CC2538 SoC" [dependencies] edhoc-rs = { path = "../../lib", default-features = false } +edhoc-crypto = { path = "../../crypto", default-features = false } # depend on an allocator embedded-alloc = "0.5.0" hexlit = "0.5.3" @@ -20,5 +21,5 @@ rtt-target = { version = "0.3.1", features = ["cortex-m"] } [features] default = [ "psa" ] -psa = [ "edhoc-rs/crypto-psa-baremetal" ] +psa = [ "edhoc-crypto/psa-baremetal" ] diff --git a/examples/edhoc-rs-no_std/Cargo.toml b/examples/edhoc-rs-no_std/Cargo.toml index eae4f8a5..852cfe50 100644 --- a/examples/edhoc-rs-no_std/Cargo.toml +++ b/examples/edhoc-rs-no_std/Cargo.toml @@ -23,7 +23,7 @@ rtt-target = { version = "0.3.1", features = ["cortex-m"] } [features] default = [ "rtt", "crypto-cryptocell310", "ead-none" ] rtt = [ ] -crypto-psa = [ "edhoc-rs/crypto-psa-baremetal" ] -crypto-cryptocell310 = [ "edhoc-rs/crypto-cryptocell310" ] +crypto-psa = [ "edhoc-crypto/psa-baremetal" ] +crypto-cryptocell310 = [ "edhoc-crypto/cryptocell310" ] ead-none = [ "edhoc-rs/ead-none" ] ead-zeroconf = [ "edhoc-rs/ead-zeroconf" ] diff --git a/examples/edhoc-rs-no_std/src/main.rs b/examples/edhoc-rs-no_std/src/main.rs index f1994a4d..c8cf3817 100644 --- a/examples/edhoc-rs-no_std/src/main.rs +++ b/examples/edhoc-rs-no_std/src/main.rs @@ -74,7 +74,13 @@ fn main() -> ! { fn test_new_initiator() { let state = Default::default(); - let _initiator = EdhocInitiator::new(state, I, CRED_I, Some(CRED_R)); + let _initiator = EdhocInitiator::new( + state, + edhoc_crypto::default_crypto(), + I, + CRED_I, + Some(CRED_R), + ); } test_new_initiator(); @@ -94,9 +100,16 @@ fn main() -> ! { fn test_prepare_message_1() { let state = Default::default(); - let mut initiator = EdhocInitiator::new(state, I, CRED_I, Some(CRED_R)); - - let c_i: u8 = generate_connection_identifier_cbor().into(); + let mut initiator = EdhocInitiator::new( + state, + edhoc_crypto::default_crypto(), + I, + CRED_I, + Some(CRED_R), + ); + + let c_i: u8 = + generate_connection_identifier_cbor(&mut edhoc_crypto::default_crypto()).into(); let message_1 = initiator.prepare_message_1(c_i); assert!(message_1.is_ok()); } @@ -106,16 +119,30 @@ fn main() -> ! { fn test_handshake() { let state_initiator = Default::default(); - let mut initiator = EdhocInitiator::new(state_initiator, I, CRED_I, Some(CRED_R)); + let mut initiator = EdhocInitiator::new( + state_initiator, + edhoc_crypto::default_crypto(), + I, + CRED_I, + Some(CRED_R), + ); let state_responder = Default::default(); - let responder = EdhocResponder::new(state_responder, R, CRED_R, Some(CRED_I)); - - let c_i: u8 = generate_connection_identifier_cbor().into(); + let responder = EdhocResponder::new( + state_responder, + edhoc_crypto::default_crypto(), + R, + CRED_R, + Some(CRED_I), + ); + + let c_i: u8 = + generate_connection_identifier_cbor(&mut edhoc_crypto::default_crypto()).into(); let (initiator, message_1) = initiator.prepare_message_1(c_i).unwrap(); // to update the state let responder = responder.process_message_1(&message_1).unwrap(); - let c_r: u8 = generate_connection_identifier_cbor().into(); + let c_r: u8 = + generate_connection_identifier_cbor(&mut edhoc_crypto::default_crypto()).into(); let (responder, message_2) = responder.prepare_message_2(c_r).unwrap(); assert!(c_r != 0xff); diff --git a/lib/Cargo.toml b/lib/Cargo.toml index 3514bbbc..5b0ca7f6 100644 --- a/lib/Cargo.toml +++ b/lib/Cargo.toml @@ -11,7 +11,6 @@ hexlit = "0.5.3" hex = { version = "0.4.3", default-features = false } hacspec-lib = { version = "0.1.0-beta.1", default-features = false, optional = true } -edhoc-crypto = { path = "../crypto", default-features = false } edhoc-crypto-trait = { path = "../crypto/edhoc-crypto-trait" } edhoc-consts = { path = "../consts" } edhoc-ead = { path = "../ead", default-features = false } @@ -20,12 +19,11 @@ panic-semihosting = { version = "0.6.0", features = ["exit"], optional = true } [build-dependencies] cbindgen = "0.24.5" +[dev-dependencies] +edhoc-crypto = { path = "../crypto", default-features = false } + [features] default = [ "edhoc-ead/ead-none" ] -crypto-hacspec = ["hacspec-lib/std", "edhoc-crypto/hacspec" ] -crypto-psa = [ "edhoc-crypto/psa" ] -crypto-psa-baremetal = [ "edhoc-crypto/psa-baremetal", "panic-semihosting" ] -crypto-cryptocell310 = [ "edhoc-crypto/cryptocell310", "panic-semihosting" ] ead-none = [ "edhoc-ead/ead-none" ] ead-zeroconf = [ "edhoc-ead/ead-zeroconf" ] diff --git a/lib/src/lib.rs b/lib/src/lib.rs index 26c237e7..69ba037b 100644 --- a/lib/src/lib.rs +++ b/lib/src/lib.rs @@ -2,8 +2,7 @@ #![allow(warnings)] pub use { - edhoc_consts::State as EdhocState, edhoc_consts::*, edhoc_crypto::default_crypto, - edhoc_crypto_trait::Crypto as CryptoTrait, + edhoc_consts::State as EdhocState, edhoc_consts::*, edhoc_crypto_trait::Crypto as CryptoTrait, }; #[cfg(any(feature = "ead-none", feature = "ead-zeroconf"))] @@ -15,70 +14,79 @@ use edhoc::*; use edhoc_consts::*; #[derive(Debug)] -pub struct EdhocInitiator<'a> { +pub struct EdhocInitiator<'a, Crypto: CryptoTrait> { state: State, // opaque state i: &'a [u8], // private authentication key of I cred_i: &'a [u8], // I's full credential cred_r: Option<&'a [u8]>, // R's full credential (if provided) + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocInitiatorWaitM2<'a> { +pub struct EdhocInitiatorWaitM2<'a, Crypto: CryptoTrait> { state: State, // opaque state i: &'a [u8], // private authentication key of I cred_i: &'a [u8], // I's full credential cred_r: Option<&'a [u8]>, // R's full credential (if provided) + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocInitiatorBuildM3<'a> { +pub struct EdhocInitiatorBuildM3<'a, Crypto: CryptoTrait> { state: State, // opaque state i: &'a [u8], // private authentication key of I cred_i: &'a [u8], // I's full credential cred_r: Option<&'a [u8]>, // R's full credential (if provided) + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocInitiatorDone { +pub struct EdhocInitiatorDone { state: State, + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocResponder<'a> { +pub struct EdhocResponder<'a, Crypto: CryptoTrait> { state: State, // opaque state r: &'a [u8], // private authentication key of R cred_r: &'a [u8], // R's full credential cred_i: Option<&'a [u8]>, // I's full credential (if provided) + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocResponderBuildM2<'a> { +pub struct EdhocResponderBuildM2<'a, Crypto: CryptoTrait> { state: State, // opaque state r: &'a [u8], // private authentication key of R cred_r: &'a [u8], // R's full credential cred_i: Option<&'a [u8]>, // I's full credential (if provided) + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocResponderWaitM3<'a> { +pub struct EdhocResponderWaitM3<'a, Crypto: CryptoTrait> { state: State, // opaque state r: &'a [u8], // private authentication key of R cred_r: &'a [u8], // R's full credential cred_i: Option<&'a [u8]>, // I's full credential (if provided) + crypto: Crypto, } #[derive(Debug)] -pub struct EdhocResponderDone { +pub struct EdhocResponderDone { state: State, + crypto: Crypto, } -impl<'a> EdhocResponder<'a> { +impl<'a, Crypto: CryptoTrait> EdhocResponder<'a, Crypto> { pub fn new( state: State, + crypto: Crypto, r: &'a [u8], cred_r: &'a [u8], cred_i: Option<&'a [u8]>, - ) -> EdhocResponder<'a> { + ) -> Self { assert!(r.len() == P256_ELEM_LEN); EdhocResponder { @@ -86,34 +94,36 @@ impl<'a> EdhocResponder<'a> { r, cred_r, cred_i, + crypto, } } pub fn process_message_1( - self, + mut self, message_1: &BufferMessage1, - ) -> Result, EDHOCError> { - let state = r_process_message_1(self.state, &mut default_crypto(), message_1)?; + ) -> Result, EDHOCError> { + let state = r_process_message_1(self.state, &mut self.crypto, message_1)?; Ok(EdhocResponderBuildM2 { state, r: self.r, cred_r: self.cred_r, cred_i: self.cred_i, + crypto: self.crypto, }) } } -impl<'a> EdhocResponderBuildM2<'a> { +impl<'a, Crypto: CryptoTrait> EdhocResponderBuildM2<'a, Crypto> { pub fn prepare_message_2( - self, + mut self, c_r: u8, - ) -> Result<(EdhocResponderWaitM3<'a>, BufferMessage2), EDHOCError> { - let (y, g_y) = default_crypto().p256_generate_key_pair(); + ) -> Result<(EdhocResponderWaitM3<'a, Crypto>, BufferMessage2), EDHOCError> { + let (y, g_y) = self.crypto.p256_generate_key_pair(); match r_prepare_message_2( self.state, - &mut default_crypto(), + &mut self.crypto, &self.cred_r, self.r.try_into().expect("Wrong length of private key"), y, @@ -126,6 +136,7 @@ impl<'a> EdhocResponderBuildM2<'a> { r: self.r, cred_r: self.cred_r, cred_i: self.cred_i, + crypto: self.crypto, }, message_2, )), @@ -134,19 +145,25 @@ impl<'a> EdhocResponderBuildM2<'a> { } } -impl<'a> EdhocResponderWaitM3<'a> { +impl<'a, Crypto: CryptoTrait> EdhocResponderWaitM3<'a, Crypto> { pub fn process_message_3( - self, + mut self, message_3: &BufferMessage3, - ) -> Result<(EdhocResponderDone, [u8; SHA256_DIGEST_LEN]), EDHOCError> { - match r_process_message_3(self.state, &mut default_crypto(), message_3, self.cred_i) { - Ok((state, prk_out)) => Ok((EdhocResponderDone { state }, prk_out)), + ) -> Result<(EdhocResponderDone, [u8; SHA256_DIGEST_LEN]), EDHOCError> { + match r_process_message_3(self.state, &mut self.crypto, message_3, self.cred_i) { + Ok((state, prk_out)) => Ok(( + EdhocResponderDone { + state, + crypto: self.crypto, + }, + prk_out, + )), Err(error) => Err(error), } } } -impl EdhocResponderDone { +impl EdhocResponderDone { pub fn edhoc_exporter( &mut self, label: u8, @@ -158,7 +175,7 @@ impl EdhocResponderDone { edhoc_exporter( &self.state, - &mut default_crypto(), + &mut self.crypto, label, &context_buf, context.len(), @@ -172,20 +189,21 @@ impl EdhocResponderDone { edhoc_key_update( &mut self.state, - &mut default_crypto(), + &mut self.crypto, &context_buf, context.len(), ) } } -impl<'a> EdhocInitiator<'a> { +impl<'a, Crypto: CryptoTrait> EdhocInitiator<'a, Crypto> { pub fn new( state: State, + crypto: Crypto, i: &'a [u8], cred_i: &'a [u8], cred_r: Option<&'a [u8]>, - ) -> EdhocInitiator<'a> { + ) -> Self { assert!(i.len() == P256_ELEM_LEN); EdhocInitiator { @@ -193,22 +211,24 @@ impl<'a> EdhocInitiator<'a> { i, cred_i, cred_r, + crypto, } } pub fn prepare_message_1( - self: EdhocInitiator<'a>, + mut self, c_i: u8, - ) -> Result<(EdhocInitiatorWaitM2<'a>, BufferMessage1), EDHOCError> { - let (x, g_x) = default_crypto().p256_generate_key_pair(); + ) -> Result<(EdhocInitiatorWaitM2<'a, Crypto>, BufferMessage1), EDHOCError> { + let (x, g_x) = self.crypto.p256_generate_key_pair(); - match i_prepare_message_1(self.state, &mut default_crypto(), x, g_x, c_i) { + match i_prepare_message_1(self.state, &mut self.crypto, x, g_x, c_i) { Ok((state, message_1)) => Ok(( EdhocInitiatorWaitM2 { state, i: self.i, cred_i: self.cred_i, cred_r: self.cred_r, + crypto: self.crypto, }, message_1, )), @@ -217,14 +237,14 @@ impl<'a> EdhocInitiator<'a> { } } -impl<'a> EdhocInitiatorWaitM2<'a> { +impl<'a, Crypto: CryptoTrait> EdhocInitiatorWaitM2<'a, Crypto> { pub fn process_message_2( - self, + mut self, message_2: &BufferMessage2, - ) -> Result<(EdhocInitiatorBuildM3<'a>, u8), EDHOCError> { + ) -> Result<(EdhocInitiatorBuildM3<'a, Crypto>, u8), EDHOCError> { match i_process_message_2( self.state, - &mut default_crypto(), + &mut self.crypto, message_2, self.cred_r, self.i @@ -237,6 +257,7 @@ impl<'a> EdhocInitiatorWaitM2<'a> { i: self.i, cred_i: self.cred_i, cred_r: self.cred_r, + crypto: self.crypto, }, c_r, )), @@ -245,25 +266,37 @@ impl<'a> EdhocInitiatorWaitM2<'a> { } } -impl<'a> EdhocInitiatorBuildM3<'a> { +impl<'a, Crypto: CryptoTrait> EdhocInitiatorBuildM3<'a, Crypto> { pub fn prepare_message_3( - self, - ) -> Result<(EdhocInitiatorDone, BufferMessage3, [u8; SHA256_DIGEST_LEN]), EDHOCError> { + mut self, + ) -> Result< + ( + EdhocInitiatorDone, + BufferMessage3, + [u8; SHA256_DIGEST_LEN], + ), + EDHOCError, + > { match i_prepare_message_3( self.state, - &mut default_crypto(), + &mut self.crypto, &get_id_cred(self.cred_i), self.cred_i, ) { - Ok((state, message_3, prk_out)) => { - Ok((EdhocInitiatorDone { state }, message_3, prk_out)) - } + Ok((state, message_3, prk_out)) => Ok(( + EdhocInitiatorDone { + state, + crypto: self.crypto, + }, + message_3, + prk_out, + )), Err(error) => Err(error), } } } -impl EdhocInitiatorDone { +impl EdhocInitiatorDone { pub fn edhoc_exporter( &mut self, label: u8, @@ -275,7 +308,7 @@ impl EdhocInitiatorDone { edhoc_exporter( &self.state, - &mut default_crypto(), + &mut self.crypto, label, &context_buf, context.len(), @@ -289,15 +322,15 @@ impl EdhocInitiatorDone { edhoc_key_update( &mut self.state, - &mut default_crypto(), + &mut self.crypto, &context_buf, context.len(), ) } } -pub fn generate_connection_identifier_cbor() -> u8 { - let c_i = generate_connection_identifier(); +pub fn generate_connection_identifier_cbor(crypto: &mut Crypto) -> u8 { + let c_i = generate_connection_identifier(crypto); if c_i >= 0 && c_i <= 23 { return c_i as u8; // verbatim encoding of single byte integer } else if c_i < 0 && c_i >= -24 { @@ -309,10 +342,10 @@ pub fn generate_connection_identifier_cbor() -> u8 { } /// generates an identifier that can be serialized as a single CBOR integer, i.e. -24 <= x <= 23 -pub fn generate_connection_identifier() -> i8 { - let mut conn_id = default_crypto().get_random_byte() as i8; +pub fn generate_connection_identifier(crypto: &mut Crypto) -> i8 { + let mut conn_id = crypto.get_random_byte() as i8; while conn_id < -24 || conn_id > 23 { - conn_id = default_crypto().get_random_byte() as i8; + conn_id = crypto.get_random_byte() as i8; } conn_id } @@ -324,6 +357,8 @@ mod test { use hex::FromHex; use hexlit::hex; + use edhoc_crypto::default_crypto; + const ID_CRED_I: &[u8] = &hex!("a104412b"); const ID_CRED_R: &[u8] = &hex!("a104410a"); const CRED_I: &[u8] = &hex!("A2027734322D35302D33312D46462D45462D33372D33322D333908A101A5010202412B2001215820AC75E9ECE3E50BFC8ED60399889522405C47BF16DF96660A41298CB4307F7EB62258206E5DE611388A4B8A8211334AC7D37ECB52A387D257E6DB3C2A93DF21FF3AFFC8"); @@ -344,25 +379,25 @@ mod test { #[test] fn test_new_initiator() { let state = Default::default(); - let _initiator = EdhocInitiator::new(state, I, CRED_I, Some(CRED_R)); + let _initiator = EdhocInitiator::new(state, default_crypto(), I, CRED_I, Some(CRED_R)); let state = Default::default(); - let _initiator = EdhocInitiator::new(state, I, CRED_I, None); + let _initiator = EdhocInitiator::new(state, default_crypto(), I, CRED_I, None); } #[test] fn test_new_responder() { let state = Default::default(); - let _responder = EdhocResponder::new(state, R, CRED_R, Some(CRED_I)); + let _responder = EdhocResponder::new(state, default_crypto(), R, CRED_R, Some(CRED_I)); let state = Default::default(); - let _responder = EdhocResponder::new(state, R, CRED_R, None); + let _responder = EdhocResponder::new(state, default_crypto(), R, CRED_R, None); } #[test] fn test_prepare_message_1() { let state = Default::default(); - let mut initiator = EdhocInitiator::new(state, I, CRED_I, Some(CRED_R)); + let mut initiator = EdhocInitiator::new(state, default_crypto(), I, CRED_I, Some(CRED_R)); - let c_i = generate_connection_identifier_cbor(); + let c_i = generate_connection_identifier_cbor(&mut default_crypto()); let message_1 = initiator.prepare_message_1(c_i); assert!(message_1.is_ok()); } @@ -372,7 +407,7 @@ mod test { let message_1_tv_first_time = EdhocMessageBuffer::from_hex(MESSAGE_1_TV_FIRST_TIME); let message_1_tv = EdhocMessageBuffer::from_hex(MESSAGE_1_TV); let state = Default::default(); - let responder = EdhocResponder::new(state, R, CRED_R, Some(CRED_I)); + let responder = EdhocResponder::new(state, default_crypto(), R, CRED_R, Some(CRED_I)); // process message_1 first time, when unsupported suite is selected let error = responder.process_message_1(&message_1_tv_first_time); @@ -382,7 +417,7 @@ mod test { // We need to create a new responder -- no message is supposed to be processed twice by a // responder or initiator let state = Default::default(); - let responder = EdhocResponder::new(state, R, CRED_R, Some(CRED_I)); + let responder = EdhocResponder::new(state, default_crypto(), R, CRED_R, Some(CRED_I)); // process message_1 second time let error = responder.process_message_1(&message_1_tv); @@ -391,7 +426,7 @@ mod test { #[test] fn test_generate_connection_identifier() { - let conn_id = generate_connection_identifier(); + let conn_id = generate_connection_identifier(&mut default_crypto()); assert!(conn_id >= -24 && conn_id <= 23); } @@ -399,16 +434,18 @@ mod test { #[test] fn test_handshake() { let state_initiator = Default::default(); - let mut initiator = EdhocInitiator::new(state_initiator, I, CRED_I, Some(CRED_R)); + let mut initiator = + EdhocInitiator::new(state_initiator, default_crypto(), I, CRED_I, Some(CRED_R)); let state_responder = Default::default(); - let responder = EdhocResponder::new(state_responder, R, CRED_R, Some(CRED_I)); + let responder = + EdhocResponder::new(state_responder, default_crypto(), R, CRED_R, Some(CRED_I)); - let c_i: u8 = generate_connection_identifier_cbor(); + let c_i: u8 = generate_connection_identifier_cbor(&mut default_crypto()); let (initiator, result) = initiator.prepare_message_1(c_i).unwrap(); // to update the state let responder = responder.process_message_1(&result).unwrap(); - let c_r = generate_connection_identifier_cbor(); + let c_r = generate_connection_identifier_cbor(&mut default_crypto()); let (responder, message_2) = responder.prepare_message_2(c_r).unwrap(); assert!(c_r != 0xff); @@ -461,9 +498,15 @@ mod test { #[test] fn test_ead_zeroconf() { let state_initiator = Default::default(); - let mut initiator = EdhocInitiator::new(state_initiator, I, CRED_I, None); + let mut initiator = EdhocInitiator::new(state_initiator, default_crypto(), I, CRED_I, None); let state_responder = Default::default(); - let responder = EdhocResponder::new(state_responder, R, CRED_V_TV, Some(CRED_I)); + let responder = EdhocResponder::new( + state_responder, + default_crypto(), + R, + CRED_V_TV, + Some(CRED_I), + ); let u: BytesP256ElemLen = U_TV.try_into().unwrap(); let id_u: EdhocMessageBuffer = ID_U_TV.try_into().unwrap(); @@ -490,7 +533,7 @@ mod test { W_TV.try_into().unwrap(), )); - let c_i = generate_connection_identifier_cbor(); + let c_i = generate_connection_identifier_cbor(&mut default_crypto()); let (initiator, message_1) = initiator.prepare_message_1(c_i).unwrap(); assert_eq!( ead_initiator_state.protocol_state, @@ -503,7 +546,7 @@ mod test { EADResponderProtocolState::ProcessedEAD1 ); - let c_r = generate_connection_identifier_cbor(); + let c_r = generate_connection_identifier_cbor(&mut default_crypto()); let (responder, message_2) = responder.prepare_message_2(c_r).unwrap(); assert_eq!( ead_responder_state.protocol_state,