Skip to content

Commit

Permalink
feat!: Allow applications to pick their c_x
Browse files Browse the repository at this point in the history
This initially only alters the message 2 API, but follow-ups will do
this throughout the library.

The change allows applications to pick usable C_x values, which they are
in a position to decide, because unlike the EDHOC library, they keep
track of all the ongoing exchanges.

BREAKING CHANGE: APIs for creating messager 2 change
  • Loading branch information
chrysn committed Sep 30, 2023
1 parent 25964b6 commit f259e3c
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 18 deletions.
4 changes: 2 additions & 2 deletions hacspec/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ pub fn r_prepare_message_2(
y: BytesP256ElemLen, // R's ephemeral private DH key
g_y: BytesP256ElemLen, // R's ephemeral public DH key
c_r: U8,
) -> Result<(State, BufferMessage2, U8), EDHOCError> {
) -> Result<(State, BufferMessage2), EDHOCError> {
let State(
mut current_state,
mut _y,
Expand Down Expand Up @@ -265,7 +265,7 @@ pub fn r_prepare_message_2(
}

match error {
EDHOCError::Success => Ok((state, message_2, c_r)),
EDHOCError::Success => Ok((state, message_2)),
_ => Err(error),
}
}
Expand Down
4 changes: 2 additions & 2 deletions lib/src/edhoc.rs
Original file line number Diff line number Diff line change
Expand Up @@ -179,7 +179,7 @@ pub fn r_prepare_message_2(
y: BytesP256ElemLen,
g_y: BytesP256ElemLen,
c_r: U8,
) -> Result<(State, BufferMessage2, U8), EDHOCError> {
) -> Result<(State, BufferMessage2), EDHOCError> {
let State(
mut current_state,
mut _y,
Expand Down Expand Up @@ -247,7 +247,7 @@ pub fn r_prepare_message_2(
}

match error {
EDHOCError::Success => Ok((state, message_2, c_r)),
EDHOCError::Success => Ok((state, message_2)),
_ => Err(error),
}
}
Expand Down
31 changes: 17 additions & 14 deletions lib/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@
))]
pub use {
edhoc_consts::State as EdhocState, edhoc_consts::*, edhoc_crypto::*,
hacspec::generate_connection_identifier, hacspec::HacspecEdhocInitiator as EdhocInitiator,
hacspec::generate_connection_identifier, hacspec::generate_connection_identifier_cbor,
hacspec::HacspecEdhocInitiator as EdhocInitiator,
hacspec::HacspecEdhocResponder as EdhocResponder,
};

Expand All @@ -19,8 +20,8 @@ pub use {
))]
pub use {
edhoc_consts::State as EdhocState, edhoc_consts::*, edhoc_crypto::*,
rust::generate_connection_identifier, rust::RustEdhocInitiator as EdhocInitiator,
rust::RustEdhocResponder as EdhocResponder,
rust::generate_connection_identifier, rust::generate_connection_identifier_cbor,
rust::RustEdhocInitiator as EdhocInitiator, rust::RustEdhocResponder as EdhocResponder,
};

#[cfg(any(feature = "ead-none", feature = "ead-zeroconf"))]
Expand Down Expand Up @@ -130,7 +131,8 @@ mod hacspec {

pub fn prepare_message_2(
self: &mut HacspecEdhocResponder<'a>,
) -> Result<(EdhocMessageBuffer, u8), EDHOCError> {
c_r: U8,
) -> Result<EdhocMessageBuffer, EDHOCError> {
// init hacspec structs for id_cred_r and cred_r
let id_cred_r = BytesIdCred::from_hex(self.id_cred_r);
let mut cred_r = BytesMaxBuffer::new();
Expand All @@ -142,13 +144,12 @@ mod hacspec {

// Generate ephemeral key pair
let (y, g_y) = edhoc_crypto::p256_generate_key_pair();
let c_r = generate_connection_identifier_cbor();

match r_prepare_message_2(self.state, &id_cred_r, &cred_r, cred_r_len, &r, y, g_y, c_r)
{
Ok((state, message_2, c_r)) => {
Ok((state, message_2)) => {
self.state = state;
Ok((message_2.to_public_buffer(), c_r.declassify()))
Ok(message_2.to_public_buffer())
}
Err(error) => Err(error),
}
Expand Down Expand Up @@ -475,12 +476,12 @@ mod rust {

pub fn prepare_message_2(
self: &mut RustEdhocResponder<'a>,
) -> Result<(BufferMessage2, u8), EDHOCError> {
c_r: U8,
) -> Result<BufferMessage2, EDHOCError> {
let mut cred_r: BytesMaxBuffer = [0x00; MAX_BUFFER_LEN];
hex::decode_to_slice(self.cred_r, &mut cred_r[..self.cred_r.len() / 2])
.expect("Decoding failed");
let (y, g_y) = edhoc_crypto::p256_generate_key_pair();
let c_r = generate_connection_identifier_cbor();

match r_prepare_message_2(
self.state,
Expand All @@ -492,9 +493,9 @@ mod rust {
g_y,
c_r,
) {
Ok((state, message_2, c_r)) => {
Ok((state, message_2)) => {
self.state = state;
Ok((message_2, c_r))
Ok(message_2)
}
Err(error) => Err(error),
}
Expand Down Expand Up @@ -818,10 +819,11 @@ mod test {
let error = responder.process_message_1(&result.unwrap());
assert!(error.is_ok());

let ret = responder.prepare_message_2();
let c_r = generate_connection_identifier_cbor();
let ret = responder.prepare_message_2(c_r);
assert!(ret.is_ok());

let (message_2, c_r) = ret.unwrap();
let message_2 = ret.unwrap();

assert!(c_r != 0xff);
let _c_r = initiator.process_message_2(&message_2);
Expand Down Expand Up @@ -917,7 +919,8 @@ mod test {
EADResponderProtocolState::ProcessedEAD1
);

let (message_2, _c_r) = responder.prepare_message_2().unwrap();
let c_r = generate_connection_identifier_cbor();
let message_2 = responder.prepare_message_2(c_r).unwrap();
assert_eq!(
ead_responder_state.protocol_state,
EADResponderProtocolState::Completed
Expand Down

0 comments on commit f259e3c

Please sign in to comment.