feat!: Allow applications to pick their c_x

This initially only alters the message 2 API, but follow-ups will do this throughout the library. The change allows applications to pick usable C_x values, which they are in a position to decide, because unlike the EDHOC library, they keep track of all the ongoing exchanges. The c_wrapper API is *not* changed at this point, because the API change would be way too subtle (the "out" parameter would be changed to an "in" parameter). BREAKING CHANGE: APIs for creating messager 2 change
openwsn-berkeley · Sep 30, 2023 · 7d1c1e9 · 7d1c1e9
1 parent 337c47c
commit 7d1c1e9
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 24 deletions.
diff --git a/examples/coap/src/bin/coapserver.rs b/examples/coap/src/bin/coapserver.rs
@@ -40,7 +40,8 @@ fn main() {
                 );
 
                 if error.is_ok() {
-                    let (message_2, c_r) = responder.prepare_message_2().unwrap();
+                    let c_r: u8 = generate_connection_identifier_cbor().into();
+                    let message_2 = responder.prepare_message_2(c_r).unwrap();
                     response.message.payload = Vec::from(&message_2.content[..message_2.len]);
                     // save edhoc connection
                     edhoc_connections.push((c_r, responder));

diff --git a/hacspec/src/lib.rs b/hacspec/src/lib.rs
@@ -196,7 +196,7 @@ pub fn r_prepare_message_2(
     y: BytesP256ElemLen,   // R's ephemeral private DH key
     g_y: BytesP256ElemLen, // R's ephemeral public DH key
     c_r: U8,
-) -> Result<(State, BufferMessage2, U8), EDHOCError> {
+) -> Result<(State, BufferMessage2), EDHOCError> {
     let State(
         mut current_state,
         mut _y,
@@ -265,7 +265,7 @@ pub fn r_prepare_message_2(
     }
 
     match error {
-        EDHOCError::Success => Ok((state, message_2, c_r)),
+        EDHOCError::Success => Ok((state, message_2)),
         _ => Err(error),
     }
 }

diff --git a/lib/src/c_wrapper.rs b/lib/src/c_wrapper.rs
@@ -196,10 +196,11 @@ pub unsafe extern "C" fn responder_prepare_message_2(
 ) -> i8 {
     let mut responder = (*responder_c).to_rust();
 
-    let result = match responder.prepare_message_2() {
-        Ok((msg_2, c_r_res)) => {
+    let c_r_chosen: u8 = generate_connection_identifier_cbor().into();
+    let result = match responder.prepare_message_2(c_r_chosen) {
+        Ok(msg_2) => {
             *message_2 = msg_2;
-            *c_r = c_r_res;
+            *c_r = c_r_chosen;
             0
         }
         Err(err) => err as i8,

diff --git a/lib/src/edhoc.rs b/lib/src/edhoc.rs
@@ -179,7 +179,7 @@ pub fn r_prepare_message_2(
     y: BytesP256ElemLen,
     g_y: BytesP256ElemLen,
     c_r: U8,
-) -> Result<(State, BufferMessage2, U8), EDHOCError> {
+) -> Result<(State, BufferMessage2), EDHOCError> {
     let State(
         mut current_state,
         mut _y,
@@ -247,7 +247,7 @@ pub fn r_prepare_message_2(
     }
 
     match error {
-        EDHOCError::Success => Ok((state, message_2, c_r)),
+        EDHOCError::Success => Ok((state, message_2)),
         _ => Err(error),
     }
 }

diff --git a/lib/src/lib.rs b/lib/src/lib.rs
@@ -8,7 +8,8 @@
 ))]
 pub use {
     edhoc_consts::State as EdhocState, edhoc_consts::*, edhoc_crypto::*,
-    hacspec::generate_connection_identifier, hacspec::HacspecEdhocInitiator as EdhocInitiator,
+    hacspec::generate_connection_identifier, hacspec::generate_connection_identifier_cbor,
+    hacspec::HacspecEdhocInitiator as EdhocInitiator,
     hacspec::HacspecEdhocResponder as EdhocResponder,
 };
 
@@ -19,8 +20,8 @@ pub use {
 ))]
 pub use {
     edhoc_consts::State as EdhocState, edhoc_consts::*, edhoc_crypto::*,
-    rust::generate_connection_identifier, rust::RustEdhocInitiator as EdhocInitiator,
-    rust::RustEdhocResponder as EdhocResponder,
+    rust::generate_connection_identifier, rust::generate_connection_identifier_cbor,
+    rust::RustEdhocInitiator as EdhocInitiator, rust::RustEdhocResponder as EdhocResponder,
 };
 
 #[cfg(any(feature = "ead-none", feature = "ead-zeroconf"))]
@@ -130,7 +131,8 @@ mod hacspec {
 
         pub fn prepare_message_2(
             self: &mut HacspecEdhocResponder<'a>,
-        ) -> Result<(EdhocMessageBuffer, u8), EDHOCError> {
+            c_r: u8,
+        ) -> Result<EdhocMessageBuffer, EDHOCError> {
             // init hacspec structs for id_cred_r and cred_r
             let id_cred_r = BytesIdCred::from_hex(self.id_cred_r);
             let mut cred_r = BytesMaxBuffer::new();
@@ -142,13 +144,20 @@ mod hacspec {
 
             // Generate ephemeral key pair
             let (y, g_y) = edhoc_crypto::p256_generate_key_pair();
-            let c_r = generate_connection_identifier_cbor();
 
-            match r_prepare_message_2(self.state, &id_cred_r, &cred_r, cred_r_len, &r, y, g_y, c_r)
-            {
-                Ok((state, message_2, c_r)) => {
+            match r_prepare_message_2(
+                self.state,
+                &id_cred_r,
+                &cred_r,
+                cred_r_len,
+                &r,
+                y,
+                g_y,
+                U8(c_r),
+            ) {
+                Ok((state, message_2)) => {
                     self.state = state;
-                    Ok((message_2.to_public_buffer(), c_r.declassify()))
+                    Ok(message_2.to_public_buffer())
                 }
                 Err(error) => Err(error),
             }
@@ -475,12 +484,12 @@ mod rust {
 
         pub fn prepare_message_2(
             self: &mut RustEdhocResponder<'a>,
-        ) -> Result<(BufferMessage2, u8), EDHOCError> {
+            c_r: u8,
+        ) -> Result<BufferMessage2, EDHOCError> {
             let mut cred_r: BytesMaxBuffer = [0x00; MAX_BUFFER_LEN];
             hex::decode_to_slice(self.cred_r, &mut cred_r[..self.cred_r.len() / 2])
                 .expect("Decoding failed");
             let (y, g_y) = edhoc_crypto::p256_generate_key_pair();
-            let c_r = generate_connection_identifier_cbor();
 
             match r_prepare_message_2(
                 self.state,
@@ -492,9 +501,9 @@ mod rust {
                 g_y,
                 c_r,
             ) {
-                Ok((state, message_2, c_r)) => {
+                Ok((state, message_2)) => {
                     self.state = state;
-                    Ok((message_2, c_r))
+                    Ok(message_2)
                 }
                 Err(error) => Err(error),
             }
@@ -818,10 +827,11 @@ mod test {
         let error = responder.process_message_1(&result.unwrap());
         assert!(error.is_ok());
 
-        let ret = responder.prepare_message_2();
+        let c_r: u8 = generate_connection_identifier_cbor().into();
+        let ret = responder.prepare_message_2(c_r);
         assert!(ret.is_ok());
 
-        let (message_2, c_r) = ret.unwrap();
+        let message_2 = ret.unwrap();
 
         assert!(c_r != 0xff);
         let _c_r = initiator.process_message_2(&message_2);
@@ -917,7 +927,8 @@ mod test {
             EADResponderProtocolState::ProcessedEAD1
         );
 
-        let (message_2, _c_r) = responder.prepare_message_2().unwrap();
+        let c_r: u8 = generate_connection_identifier_cbor().into();
+        let message_2 = responder.prepare_message_2(c_r).unwrap();
         assert_eq!(
             ead_responder_state.protocol_state,
             EADResponderProtocolState::Completed