Align EDHOC code with latest updates

The EDHOC code is now aligned with the most recent updates from its repo. It is up to date with commit d728368

Signed-off-by: Rikard Höglund <[email protected]>

californium-extended/cf-edhoc/src/main/java/org/eclipse/californium/edhoc/EdhocCoapStackFactory.java

@@ -12,7 +12,7 @@
  * 
  * Contributors:
  *    Marco Tiloca (RISE)
- *    Rikard Höglund (RISE)
+ *    Rikard Höglund (RISE)
  *    
  ******************************************************************************/
 package org.eclipse.californium.edhoc;
@@ -107,5 +107,4 @@ public static void useAsDefault(OSCoreCtxDB defaultCtxDb,
 		EdhocCoapStackFactory.OSCORE_REPLAY_WINDOW = OSCORE_REPLAY_WINDOW;
 		EdhocCoapStackFactory.MAX_UNFRAGMENTED_SIZE = MAX_UNFRAGMENTED_SIZE;
 	}
-
 }

californium-extended/cf-edhoc/src/main/java/org/eclipse/californium/edhoc/MessageProcessor.java

@@ -2008,7 +2008,7 @@ public static CBORObject[] readErrorMessage(byte[] sequence, byte[] connectionId
 		}
 		if (errorCode == Constants.ERR_CODE_SUCCESS) {
 			// This is not admitted
-			System.out.println("Received EDHOC error message with ERR_CODE 0");
+			System.err.println("Received EDHOC error message with ERR_CODE 0");
 			return null;
 		}
 		else if (errorCode == Constants.ERR_CODE_UNSPECIFIED_ERROR) {
@@ -3699,7 +3699,6 @@ else if (session.isInitiator() == true) {
 	            	*/
 
             	}
-
             	dhSecret = SharedSecretCalculation.generateSharedSecret(privateKey, publicKey);
 
                 if (dhSecret == null) {
@@ -4488,11 +4487,10 @@ else if (identifierCbor != null && identifierCbor.getType() == CBORType.Integer)
      * @param msnNum      The integer X = (1, 2, 3, 4), consistent with the specifically received EDHOC message_X.
      * @param supportedEADs   The list of EAD items supported by this peer.
      * @return  In case of success, it returns the subset of the EAD field to be passed to the application for further processing.
-     *          In case of error, it returns an array including two elements: i) a CBOR text string, whose value provides a description
-     *          of the error to be used in the EDHOC error message to return; ii) a CBOR integer, with value the response code to use
-     *          if the EDHOC error message is a response.
+     *          In case of error, it returns an array including one element as a CBOR text string, whose value provides a description
+     *          of the error to be used in the EDHOC error message to return.
      */
-	private static CBORObject[] preParseEAD(CBORObject[] objectList, int baseIndex, int msgNum, Set<Integer> supportedEADs) {
+	static CBORObject[] preParseEAD(CBORObject[] objectList, int baseIndex, int msgNum, Set<Integer> supportedEADs) {
 
 		int length = objectList.length - baseIndex;
 		CBORObject[] aux = new CBORObject[length];
@@ -4545,12 +4543,13 @@ private static CBORObject[] preParseEAD(CBORObject[] objectList, int baseIndex,
             	continue;
             }
 
-            boolean supported = supportedEADs.contains(Integer.valueOf(eadLabel));
+            int eadLabelUnsigned = (eadLabel < 0) ? (-eadLabel) : eadLabel;
+            boolean supported = supportedEADs.contains(Integer.valueOf(eadLabelUnsigned));
 
             if (!supported) {
 	            if (eadLabel < 0) {
 	            	// Since the EAD item is critical and is not supported, the protocol must be discontinued
-	                errMsg = new String("Unsupported EAD_" + msgNum + " critical item with ead_label " + eadLabel);
+	                errMsg = new String("Unsupported EAD_" + msgNum + " critical item with ead_label " + eadLabelUnsigned);
 	                error = true;
 	                break;
 	            }

californium-extended/cf-edhoc/src/main/java/org/eclipse/californium/edhoc/SharedSecretCalculation.java

@@ -23,8 +23,10 @@
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.Provider;
 import java.security.PublicKey;
 import java.security.SecureRandom;
+import java.security.Security;
 import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.ECPublicKey;
 import java.security.spec.EllipticCurve;
@@ -33,7 +35,13 @@
 import javax.crypto.KeyAgreement;
 
 import org.bouncycastle.asn1.x9.X9ECParameters;
+import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
+import org.bouncycastle.crypto.agreement.X25519Agreement;
 import org.bouncycastle.crypto.ec.CustomNamedCurves;
+import org.bouncycastle.crypto.generators.X25519KeyPairGenerator;
+import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import org.bouncycastle.crypto.params.X25519KeyGenerationParameters;
 import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
 import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -48,6 +56,7 @@
 
 import net.i2p.crypto.eddsa.EdDSAPrivateKey;
 import net.i2p.crypto.eddsa.EdDSAPublicKey;
+import net.i2p.crypto.eddsa.EdDSASecurityProvider;
 import net.i2p.crypto.eddsa.math.Field;
 import net.i2p.crypto.eddsa.math.FieldElement;
 import net.i2p.crypto.eddsa.math.bigint.BigIntegerFieldElement;
@@ -159,6 +168,9 @@ static OneKey generateCurve25519KeyTest() {
 
 		// Start by generating a Curve25519 key pair with BouncyCastle
 
+		// MyRandom rand = new MyRandom();
+		SecureRandom rand = new SecureRandom();
+
 		X9ECParameters curveParams = CustomNamedCurves.getByName("Curve25519");
 		// byte[] seed = StringUtil.hex2ByteArray(
 		//  		"1122334455667788112233445566778811223344556677881122334455667788");
@@ -174,7 +186,6 @@ static OneKey generateCurve25519KeyTest() {
 			kpg.initialize(ecSpec);
 		} catch (NoSuchAlgorithmException | InvalidAlgorithmParameterException e) {
 			System.err.println("Failed to generate Curve25519 key: " + e);
-			return null;
 		}
 
 		KeyPair keyPair = kpg.generateKeyPair();
@@ -411,7 +422,7 @@ static OneKey buildEcdsa384OneKey(byte[] privateKey, byte[] publicKeyX, byte[] p
 	 * 
 	 * @return a OneKey representing the input material
 	 */
-	static OneKey buildEcdsa256OneKey(byte[] privateKey, byte[] publicKeyX, boolean signY) {
+	public static OneKey buildEcdsa256OneKey(byte[] privateKey, byte[] publicKeyX, boolean signY) {
 		// Recalculate Y value
 		byte[] publicKeyY = null;
 		try {
@@ -814,19 +825,16 @@ static OneKey convertEd25519ToCurve25519(OneKey initialKey) throws CoseException
 		// The private key
 		if (initialKey.AsPrivateKey() != null) {
 			EdDSAPrivateKey initialPrivKey = (EdDSAPrivateKey) initialKey.AsPrivateKey();
-			initialKey.get(KeyKeys.OKP_D).GetByteString();
 			byte[] privateHash = initialPrivKey.getH();
 			byte[] privateScalar = Arrays.copyOf(privateHash, 32);
 			byte[] rgbD = privateScalar;
-
-			// System.out.println("D bad: " + StringUtil.byteArray2HexString(rgbD_bad));
+
 			// System.out.println("D good: " + StringUtil.byteArray2HexString(rgbD));
 
 			key.add(KeyKeys.OKP_D, CBORObject.FromObject(rgbD));
 		}
 
 		// The X value is the value of the u coordinate
-		// FIXME: Compress
 		byte[] rgbX = u.toByteArray();
 
 		key.add(KeyKeys.KeyType, KeyKeys.KeyType_OKP);
@@ -887,6 +895,25 @@ private static byte[] generateSharedSecretECDSA(OneKey senderPrivateKey, OneKey
 		return sharedSecret;
 	}
 
+	/**
+	 * Generate a shared secret when using EdDSA.
+	 * 
+	 * @param senderPrivateKey the public/private key of the sender
+	 * @param recipientPublicKey the public key of the recipient
+	 * @return the shared secret
+	 */
+	private static byte[] generateSharedSecretEdDSA(OneKey senderPrivateKey, OneKey recipientPublicKey) {
+
+		byte[] sharedSecret = null;
+		try {
+			sharedSecret = SharedSecretCalculation.calculateSharedSecret(recipientPublicKey, senderPrivateKey);
+		} catch (CoseException e) {
+			System.err.println("Could not generate the shared secret: " + e);
+		}
+
+		return sharedSecret;
+	}
+
 	/**
 	 * Calculate the shared secret from a COSE OneKey using EdDSA. It is first
 	 * converted to Montgomery coordinates and after that the X25519 function is

californium-extended/cf-edhoc/src/main/java/org/eclipse/californium/edhoc/Util.java

@@ -1286,13 +1286,13 @@ public static boolean isDeterministicCborInteger (CBORObject obj) {
 
 	}
 
-      /**
-        * Install EdDSA crypto provider
-        */
-       public static void installCryptoProvider() {
-               Provider EdDSA = new EdDSASecurityProvider();
-               // Insert EdDSA security provider
-               Security.insertProviderAt(EdDSA, 1);
-       }	
+	/**
+	* Install EdDSA crypto provider
+	*/
+	public static void installCryptoProvider() {
+		Provider EdDSA = new EdDSASecurityProvider();
+		// Insert EdDSA security provider
+		Security.insertProviderAt(EdDSA, 1);
+	}   
 }
 

californium-extended/cf-edhoc/src/test/java/org/eclipse/californium/edhoc/EdhocClient.java

@@ -1,5 +1,5 @@
 /*******************************************************************************
- * Copyright (c) 2020 RISE and others.
+ * Copyright (c) 2023 RISE and others.
  * 
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License v2.0
@@ -302,7 +302,7 @@ public static void main(String args[]) {
 
 		if (OSCORE_EDHOC_COMBINED) {
 			CoapResponse appResponseToCombinedRequest = edhocExecutor.getAppResponseToCombinedRequest();
-			System.out.println("Application response to the EDHOC+OSCORE combined request:\n" +
+			System.out.println("\nApplication response to the EDHOC+OSCORE combined request:\n\n" +
 							   Utils.prettyPrint(appResponseToCombinedRequest) + "\n");
 		}