edhoc 1.0.4 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (314) hide show
  1. package/README.md +170 -0
  2. package/binding.gyp +13 -11
  3. package/dist/bindings.d.ts +5 -0
  4. package/dist/bindings.d.ts.map +1 -0
  5. package/dist/bindings.js +10 -0
  6. package/dist/crypto.d.ts +29 -0
  7. package/dist/crypto.d.ts.map +1 -0
  8. package/dist/crypto.js +205 -0
  9. package/dist/edhoc.d.ts +368 -0
  10. package/dist/edhoc.d.ts.map +1 -0
  11. package/dist/edhoc.js +76 -0
  12. package/dist/index.d.ts +4 -0
  13. package/dist/index.d.ts.map +1 -0
  14. package/dist/index.js +19 -0
  15. package/dist/x509credentials.d.ts +20 -0
  16. package/dist/x509credentials.d.ts.map +1 -0
  17. package/dist/x509credentials.js +140 -0
  18. package/external/libedhoc/backends/cbor/include/backend_cbor_bstr_type_decode.h +1 -1
  19. package/external/libedhoc/backends/cbor/include/backend_cbor_bstr_type_encode.h +1 -1
  20. package/external/libedhoc/backends/cbor/include/backend_cbor_bstr_type_types.h +1 -1
  21. package/external/libedhoc/backends/cbor/include/backend_cbor_ead_decode.h +2 -2
  22. package/external/libedhoc/backends/cbor/include/backend_cbor_ead_encode.h +2 -2
  23. package/external/libedhoc/backends/cbor/include/backend_cbor_edhoc_types.h +48 -43
  24. package/external/libedhoc/backends/cbor/include/backend_cbor_enc_structure_decode.h +1 -1
  25. package/external/libedhoc/backends/cbor/include/backend_cbor_enc_structure_encode.h +1 -1
  26. package/external/libedhoc/backends/cbor/include/backend_cbor_enc_structure_types.h +3 -3
  27. package/external/libedhoc/backends/cbor/include/backend_cbor_id_cred_x_decode.h +1 -1
  28. package/external/libedhoc/backends/cbor/include/backend_cbor_id_cred_x_encode.h +1 -1
  29. package/external/libedhoc/backends/cbor/include/backend_cbor_info_decode.h +1 -1
  30. package/external/libedhoc/backends/cbor/include/backend_cbor_info_encode.h +1 -1
  31. package/external/libedhoc/backends/cbor/include/backend_cbor_int_type_decode.h +1 -1
  32. package/external/libedhoc/backends/cbor/include/backend_cbor_int_type_encode.h +1 -1
  33. package/external/libedhoc/backends/cbor/include/backend_cbor_int_type_types.h +1 -1
  34. package/external/libedhoc/backends/cbor/include/backend_cbor_message_1_decode.h +1 -1
  35. package/external/libedhoc/backends/cbor/include/backend_cbor_message_1_encode.h +1 -1
  36. package/external/libedhoc/backends/cbor/include/backend_cbor_message_2_decode.h +1 -1
  37. package/external/libedhoc/backends/cbor/include/backend_cbor_message_2_encode.h +1 -1
  38. package/external/libedhoc/backends/cbor/include/backend_cbor_message_3_decode.h +1 -1
  39. package/external/libedhoc/backends/cbor/include/backend_cbor_message_3_encode.h +1 -1
  40. package/external/libedhoc/backends/cbor/include/backend_cbor_message_4_decode.h +1 -1
  41. package/external/libedhoc/backends/cbor/include/backend_cbor_message_4_encode.h +1 -1
  42. package/external/libedhoc/backends/cbor/include/backend_cbor_message_error_decode.h +1 -1
  43. package/external/libedhoc/backends/cbor/include/backend_cbor_message_error_encode.h +1 -1
  44. package/external/libedhoc/backends/cbor/include/backend_cbor_plaintext_2_decode.h +1 -1
  45. package/external/libedhoc/backends/cbor/include/backend_cbor_plaintext_2_encode.h +1 -1
  46. package/external/libedhoc/backends/cbor/include/backend_cbor_plaintext_3_decode.h +1 -1
  47. package/external/libedhoc/backends/cbor/include/backend_cbor_plaintext_3_encode.h +1 -1
  48. package/external/libedhoc/backends/cbor/include/backend_cbor_plaintext_4_decode.h +3 -3
  49. package/external/libedhoc/backends/cbor/include/backend_cbor_plaintext_4_encode.h +3 -3
  50. package/external/libedhoc/backends/cbor/include/backend_cbor_sig_structure_decode.h +1 -1
  51. package/external/libedhoc/backends/cbor/include/backend_cbor_sig_structure_encode.h +1 -1
  52. package/external/libedhoc/backends/cbor/include/backend_cbor_sig_structure_types.h +4 -4
  53. package/external/libedhoc/backends/cbor/include/backend_cbor_x509_types.h +93 -83
  54. package/external/libedhoc/backends/cbor/src/backend_cbor_bstr_type_decode.c +11 -20
  55. package/external/libedhoc/backends/cbor/src/backend_cbor_bstr_type_encode.c +11 -20
  56. package/external/libedhoc/backends/cbor/src/backend_cbor_ead_decode.c +27 -32
  57. package/external/libedhoc/backends/cbor/src/backend_cbor_ead_encode.c +27 -32
  58. package/external/libedhoc/backends/cbor/src/backend_cbor_enc_structure_decode.c +14 -23
  59. package/external/libedhoc/backends/cbor/src/backend_cbor_enc_structure_encode.c +14 -23
  60. package/external/libedhoc/backends/cbor/src/backend_cbor_id_cred_x_decode.c +63 -52
  61. package/external/libedhoc/backends/cbor/src/backend_cbor_id_cred_x_encode.c +62 -51
  62. package/external/libedhoc/backends/cbor/src/backend_cbor_info_decode.c +14 -23
  63. package/external/libedhoc/backends/cbor/src/backend_cbor_info_encode.c +14 -23
  64. package/external/libedhoc/backends/cbor/src/backend_cbor_int_type_decode.c +11 -20
  65. package/external/libedhoc/backends/cbor/src/backend_cbor_int_type_encode.c +11 -20
  66. package/external/libedhoc/backends/cbor/src/backend_cbor_message_1_decode.c +54 -51
  67. package/external/libedhoc/backends/cbor/src/backend_cbor_message_1_encode.c +54 -51
  68. package/external/libedhoc/backends/cbor/src/backend_cbor_message_2_decode.c +11 -20
  69. package/external/libedhoc/backends/cbor/src/backend_cbor_message_2_encode.c +11 -20
  70. package/external/libedhoc/backends/cbor/src/backend_cbor_message_3_decode.c +11 -20
  71. package/external/libedhoc/backends/cbor/src/backend_cbor_message_3_encode.c +11 -20
  72. package/external/libedhoc/backends/cbor/src/backend_cbor_message_4_decode.c +11 -20
  73. package/external/libedhoc/backends/cbor/src/backend_cbor_message_4_encode.c +11 -20
  74. package/external/libedhoc/backends/cbor/src/backend_cbor_message_error_decode.c +36 -37
  75. package/external/libedhoc/backends/cbor/src/backend_cbor_message_error_encode.c +36 -37
  76. package/external/libedhoc/backends/cbor/src/backend_cbor_plaintext_2_decode.c +103 -80
  77. package/external/libedhoc/backends/cbor/src/backend_cbor_plaintext_2_encode.c +102 -79
  78. package/external/libedhoc/backends/cbor/src/backend_cbor_plaintext_3_decode.c +99 -76
  79. package/external/libedhoc/backends/cbor/src/backend_cbor_plaintext_3_encode.c +98 -75
  80. package/external/libedhoc/backends/cbor/src/backend_cbor_plaintext_4_decode.c +40 -41
  81. package/external/libedhoc/backends/cbor/src/backend_cbor_plaintext_4_encode.c +40 -41
  82. package/external/libedhoc/backends/cbor/src/backend_cbor_sig_structure_decode.c +15 -24
  83. package/external/libedhoc/backends/cbor/src/backend_cbor_sig_structure_encode.c +15 -24
  84. package/external/libedhoc/externals/Unity/examples/example_1/src/ProductionCode.c +31 -0
  85. package/external/libedhoc/externals/Unity/examples/example_1/src/ProductionCode.h +10 -0
  86. package/external/libedhoc/externals/Unity/examples/example_1/src/ProductionCode2.c +18 -0
  87. package/external/libedhoc/externals/Unity/examples/example_1/src/ProductionCode2.h +9 -0
  88. package/external/libedhoc/externals/Unity/examples/example_1/test/TestProductionCode.c +69 -0
  89. package/external/libedhoc/externals/Unity/examples/example_1/test/TestProductionCode2.c +38 -0
  90. package/external/libedhoc/externals/Unity/examples/example_1/test/test_runners/TestProductionCode2_Runner.c +53 -0
  91. package/external/libedhoc/externals/Unity/examples/example_1/test/test_runners/TestProductionCode_Runner.c +57 -0
  92. package/external/libedhoc/externals/Unity/examples/example_2/src/ProductionCode.c +31 -0
  93. package/external/libedhoc/externals/Unity/examples/example_2/src/ProductionCode.h +10 -0
  94. package/external/libedhoc/externals/Unity/examples/example_2/src/ProductionCode2.c +18 -0
  95. package/external/libedhoc/externals/Unity/examples/example_2/src/ProductionCode2.h +9 -0
  96. package/external/libedhoc/externals/Unity/examples/example_2/test/TestProductionCode.c +71 -0
  97. package/external/libedhoc/externals/Unity/examples/example_2/test/TestProductionCode2.c +40 -0
  98. package/external/libedhoc/externals/Unity/examples/example_2/test/test_runners/TestProductionCode2_Runner.c +16 -0
  99. package/external/libedhoc/externals/Unity/examples/example_2/test/test_runners/TestProductionCode_Runner.c +18 -0
  100. package/external/libedhoc/externals/Unity/examples/example_2/test/test_runners/all_tests.c +19 -0
  101. package/external/libedhoc/externals/Unity/examples/example_3/helper/UnityHelper.c +17 -0
  102. package/external/libedhoc/externals/Unity/examples/example_3/helper/UnityHelper.h +19 -0
  103. package/external/libedhoc/externals/Unity/examples/example_3/src/ProductionCode.c +31 -0
  104. package/external/libedhoc/externals/Unity/examples/example_3/src/ProductionCode.h +10 -0
  105. package/external/libedhoc/externals/Unity/examples/example_3/src/ProductionCode2.c +18 -0
  106. package/external/libedhoc/externals/Unity/examples/example_3/src/ProductionCode2.h +9 -0
  107. package/external/libedhoc/externals/Unity/examples/example_3/test/TestProductionCode.c +69 -0
  108. package/external/libedhoc/externals/Unity/examples/example_3/test/TestProductionCode2.c +38 -0
  109. package/external/libedhoc/externals/Unity/examples/example_4/src/ProductionCode.c +31 -0
  110. package/external/libedhoc/externals/Unity/examples/example_4/src/ProductionCode.h +10 -0
  111. package/external/libedhoc/externals/Unity/examples/example_4/src/ProductionCode2.c +18 -0
  112. package/external/libedhoc/externals/Unity/examples/example_4/src/ProductionCode2.h +9 -0
  113. package/external/libedhoc/externals/Unity/examples/example_4/test/TestProductionCode.c +70 -0
  114. package/external/libedhoc/externals/Unity/examples/example_4/test/TestProductionCode2.c +42 -0
  115. package/external/libedhoc/externals/Unity/examples/example_4/test/test_runners/TestProductionCode2_Runner.c +53 -0
  116. package/external/libedhoc/externals/Unity/examples/example_4/test/test_runners/TestProductionCode_Runner.c +57 -0
  117. package/external/libedhoc/externals/Unity/examples/unity_config.h +251 -0
  118. package/external/libedhoc/externals/Unity/extras/bdd/src/unity_bdd.h +44 -0
  119. package/external/libedhoc/externals/Unity/extras/bdd/test/test_bdd.c +129 -0
  120. package/external/libedhoc/externals/Unity/extras/fixture/src/unity_fixture.c +310 -0
  121. package/external/libedhoc/externals/Unity/extras/fixture/src/unity_fixture.h +95 -0
  122. package/external/libedhoc/externals/Unity/extras/fixture/src/unity_fixture_internals.h +51 -0
  123. package/external/libedhoc/externals/Unity/extras/fixture/test/main/AllTests.c +20 -0
  124. package/external/libedhoc/externals/Unity/extras/fixture/test/template_fixture_tests.c +40 -0
  125. package/external/libedhoc/externals/Unity/extras/fixture/test/unity_fixture_Test.c +246 -0
  126. package/external/libedhoc/externals/Unity/extras/fixture/test/unity_fixture_TestRunner.c +33 -0
  127. package/external/libedhoc/externals/Unity/extras/memory/src/unity_memory.c +203 -0
  128. package/external/libedhoc/externals/Unity/extras/memory/src/unity_memory.h +61 -0
  129. package/external/libedhoc/externals/Unity/extras/memory/test/unity_memory_Test.c +326 -0
  130. package/external/libedhoc/externals/Unity/extras/memory/test/unity_memory_TestRunner.c +50 -0
  131. package/external/libedhoc/externals/Unity/extras/memory/test/unity_output_Spy.c +57 -0
  132. package/external/libedhoc/externals/Unity/extras/memory/test/unity_output_Spy.h +17 -0
  133. package/external/libedhoc/externals/Unity/src/unity.c +2501 -0
  134. package/external/libedhoc/externals/Unity/src/unity.h +698 -0
  135. package/external/libedhoc/externals/Unity/src/unity_internals.h +1183 -0
  136. package/external/libedhoc/externals/Unity/test/expectdata/testsample_cmd.c +61 -0
  137. package/external/libedhoc/externals/Unity/test/expectdata/testsample_def.c +57 -0
  138. package/external/libedhoc/externals/Unity/test/expectdata/testsample_head1.c +55 -0
  139. package/external/libedhoc/externals/Unity/test/expectdata/testsample_head1.h +15 -0
  140. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_cmd.c +80 -0
  141. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_def.c +76 -0
  142. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_head1.c +75 -0
  143. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_head1.h +13 -0
  144. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_new1.c +89 -0
  145. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_new2.c +89 -0
  146. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_param.c +77 -0
  147. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_run1.c +89 -0
  148. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_run2.c +89 -0
  149. package/external/libedhoc/externals/Unity/test/expectdata/testsample_mock_yaml.c +90 -0
  150. package/external/libedhoc/externals/Unity/test/expectdata/testsample_new1.c +67 -0
  151. package/external/libedhoc/externals/Unity/test/expectdata/testsample_new2.c +70 -0
  152. package/external/libedhoc/externals/Unity/test/expectdata/testsample_param.c +58 -0
  153. package/external/libedhoc/externals/Unity/test/expectdata/testsample_run1.c +67 -0
  154. package/external/libedhoc/externals/Unity/test/expectdata/testsample_run2.c +70 -0
  155. package/external/libedhoc/externals/Unity/test/expectdata/testsample_yaml.c +71 -0
  156. package/external/libedhoc/externals/Unity/test/testdata/CException.h +18 -0
  157. package/external/libedhoc/externals/Unity/test/testdata/Defs.h +16 -0
  158. package/external/libedhoc/externals/Unity/test/testdata/cmock.h +21 -0
  159. package/external/libedhoc/externals/Unity/test/testdata/mockMock.h +20 -0
  160. package/external/libedhoc/externals/Unity/test/testdata/testRunnerGenerator.c +204 -0
  161. package/external/libedhoc/externals/Unity/test/testdata/testRunnerGeneratorSmall.c +73 -0
  162. package/external/libedhoc/externals/Unity/test/testdata/testRunnerGeneratorWithMocks.c +200 -0
  163. package/external/libedhoc/externals/Unity/test/tests/self_assessment_utils.h +151 -0
  164. package/external/libedhoc/externals/Unity/test/tests/test_unity_arrays.c +2941 -0
  165. package/external/libedhoc/externals/Unity/test/tests/test_unity_core.c +375 -0
  166. package/external/libedhoc/externals/Unity/test/tests/test_unity_doubles.c +1285 -0
  167. package/external/libedhoc/externals/Unity/test/tests/test_unity_floats.c +1395 -0
  168. package/external/libedhoc/externals/Unity/test/tests/test_unity_integers.c +2863 -0
  169. package/external/libedhoc/externals/Unity/test/tests/test_unity_integers_64.c +783 -0
  170. package/external/libedhoc/externals/Unity/test/tests/test_unity_memory.c +82 -0
  171. package/external/libedhoc/externals/Unity/test/tests/test_unity_parameterized.c +309 -0
  172. package/external/libedhoc/externals/Unity/test/tests/test_unity_parameterizedDemo.c +28 -0
  173. package/external/libedhoc/externals/Unity/test/tests/test_unity_strings.c +330 -0
  174. package/external/libedhoc/externals/Unity/test/tests/types_for_test.h +21 -0
  175. package/external/libedhoc/externals/zcbor/include/zcbor_common.h +147 -60
  176. package/external/libedhoc/externals/zcbor/include/zcbor_decode.h +291 -202
  177. package/external/libedhoc/externals/zcbor/include/zcbor_encode.h +100 -156
  178. package/external/libedhoc/externals/zcbor/include/zcbor_print.h +165 -0
  179. package/external/libedhoc/externals/zcbor/samples/hello_world/src/main.c +1 -1
  180. package/external/libedhoc/externals/zcbor/samples/pet/include/pet_decode.h +1 -1
  181. package/external/libedhoc/externals/zcbor/samples/pet/include/pet_encode.h +1 -1
  182. package/external/libedhoc/externals/zcbor/samples/pet/include/pet_types.h +4 -4
  183. package/external/libedhoc/externals/zcbor/samples/pet/src/main.c +4 -4
  184. package/external/libedhoc/externals/zcbor/samples/pet/src/pet_decode.c +15 -24
  185. package/external/libedhoc/externals/zcbor/samples/pet/src/pet_encode.c +14 -23
  186. package/external/libedhoc/externals/zcbor/src/zcbor_common.c +202 -29
  187. package/external/libedhoc/externals/zcbor/src/zcbor_decode.c +633 -173
  188. package/external/libedhoc/externals/zcbor/src/zcbor_encode.c +71 -184
  189. package/external/libedhoc/externals/zcbor/tests/decode/test1_suit_old_formats/src/main.c +152 -153
  190. package/external/libedhoc/externals/zcbor/tests/decode/test2_suit/src/main.c +64 -64
  191. package/external/libedhoc/externals/zcbor/tests/decode/test3_simple/src/main.c +15 -16
  192. package/external/libedhoc/externals/zcbor/tests/decode/test5_corner_cases/src/main.c +228 -84
  193. package/external/libedhoc/externals/zcbor/tests/decode/test7_suit9_simple/src/main.c +9 -9
  194. package/external/libedhoc/externals/zcbor/tests/decode/test8_suit12/src/main.c +0 -1
  195. package/external/libedhoc/externals/zcbor/tests/decode/test9_manifest14/src/main.c +172 -173
  196. package/external/libedhoc/externals/zcbor/tests/encode/test1_suit/src/main.c +73 -73
  197. package/external/libedhoc/externals/zcbor/tests/encode/test2_simple/src/main.c +1 -2
  198. package/external/libedhoc/externals/zcbor/tests/encode/test3_corner_cases/src/main.c +83 -56
  199. package/external/libedhoc/externals/zcbor/tests/encode/test4_senml/src/main.c +15 -16
  200. package/external/libedhoc/externals/zcbor/tests/fuzz/fuzz_everything.c +12 -0
  201. package/external/libedhoc/externals/zcbor/tests/fuzz/fuzz_manifest12.c +69 -69
  202. package/external/libedhoc/externals/zcbor/tests/unit/test1_unit_tests/src/main.c +448 -55
  203. package/external/libedhoc/externals/zcbor/tests/unit/test3_float16/src/main.c +49 -48
  204. package/external/libedhoc/include/edhoc.h +348 -54
  205. package/external/libedhoc/include/edhoc_common.h +289 -0
  206. package/external/libedhoc/include/edhoc_context.h +60 -35
  207. package/external/libedhoc/include/edhoc_credentials.h +55 -7
  208. package/external/libedhoc/include/edhoc_crypto.h +10 -10
  209. package/external/libedhoc/include/edhoc_ead.h +13 -10
  210. package/external/libedhoc/include/edhoc_macros.h +20 -11
  211. package/external/libedhoc/include/edhoc_values.h +2 -2
  212. package/external/libedhoc/library/edhoc.c +70 -36
  213. package/external/libedhoc/library/edhoc_common.c +1314 -0
  214. package/external/libedhoc/library/edhoc_exporter.c +45 -46
  215. package/external/libedhoc/library/edhoc_message_1.c +107 -72
  216. package/external/libedhoc/library/edhoc_message_2.c +396 -1693
  217. package/external/libedhoc/library/edhoc_message_3.c +465 -1656
  218. package/external/libedhoc/library/edhoc_message_4.c +93 -91
  219. package/external/libedhoc/library/edhoc_message_error.c +41 -41
  220. package/external/libedhoc/tests/include/{cipher_suites/cipher_suite_0.h → cipher_suite_0.h} +131 -134
  221. package/external/libedhoc/tests/include/{cipher_suites/cipher_suite_2.h → cipher_suite_2.h} +139 -140
  222. package/external/libedhoc/tests/include/{edhoc_trace_1/test_vector_1.h → test_vector_rfc9529_chapter_2.h} +786 -738
  223. package/external/libedhoc/tests/include/{edhoc_trace_2/test_vector_2.h → test_vector_rfc9529_chapter_3.h} +14 -10
  224. package/external/libedhoc/tests/include/{x509_chain_cs_0/test_vector_x5chain_cs_0.h → test_vector_x5chain_sign_keys_suite_0.h} +137 -140
  225. package/external/libedhoc/tests/include/{x509_chain_cs_2/test_vector_x5chain_cs_2.h → test_vector_x5chain_sign_keys_suite_2.h} +7 -8
  226. package/external/libedhoc/tests/include/{x509_chain_cs_2_static_dh/test_vector_x5chain_cs_2_static_dh.h → test_vector_x5chain_static_dh_keys_suite_2.h} +7 -8
  227. package/external/libedhoc/tests/include/{x509_hash_cs_2/test_vector_x5t_cs_2.h → test_vector_x5t_sign_keys_suite_2.h} +6 -7
  228. package/external/libedhoc/tests/src/{cipher_suites/cipher_suite_0.c → cipher_suite_0.c} +445 -447
  229. package/external/libedhoc/tests/src/{cipher_suites/cipher_suite_2.c → cipher_suite_2.c} +600 -600
  230. package/external/libedhoc/tests/src/module_test_api.c +430 -0
  231. package/external/libedhoc/tests/src/module_test_cipher_suite_0.c +395 -0
  232. package/external/libedhoc/tests/src/module_test_cipher_suite_2.c +392 -0
  233. package/external/libedhoc/tests/src/{error_message/test_edhoc_error_message.c → module_test_error_message.c} +94 -69
  234. package/external/libedhoc/tests/src/module_test_main.c +49 -0
  235. package/external/libedhoc/tests/src/{cipher_suite_negotiation/test_edhoc_cipher_suite_negotiation.c → module_test_rfc9528_suites_negotiation.c} +224 -227
  236. package/external/libedhoc/tests/src/module_test_rfc9529_chapter_2.c +2681 -0
  237. package/external/libedhoc/tests/src/module_test_rfc9529_chapter_3.c +1635 -0
  238. package/external/libedhoc/tests/src/module_test_x5chain_sign_keys_suite_0.c +1135 -0
  239. package/external/libedhoc/tests/src/module_test_x5chain_sign_keys_suite_2.c +1249 -0
  240. package/external/libedhoc/tests/src/module_test_x5chain_static_dh_keys_suite_2.c +798 -0
  241. package/external/libedhoc/tests/src/module_test_x5t_sign_keys_suite_2.c +956 -0
  242. package/include/EdhocComposeAsyncWorker.h +8 -6
  243. package/include/EdhocCredentialManager.h +16 -11
  244. package/include/EdhocCryptoManager.h +28 -21
  245. package/include/EdhocEadManager.h +3 -6
  246. package/include/{EdhocExportAsyncWorker.h → EdhocExportOscoreAsyncWorker.h} +20 -17
  247. package/include/EdhocKeyExporterAsyncWorker.h +76 -0
  248. package/include/EdhocKeyUpdateAsyncWorker.h +72 -0
  249. package/include/EdhocProcessAsyncWorker.h +14 -10
  250. package/include/LibEDHOC.h +44 -20
  251. package/include/UserContext.h +7 -9
  252. package/include/Utils.h +31 -27
  253. package/package.json +14 -3
  254. package/prebuilds/android-arm/edhoc.armv7.node +0 -0
  255. package/prebuilds/android-arm64/edhoc.armv8.node +0 -0
  256. package/prebuilds/darwin-arm64/edhoc.node +0 -0
  257. package/prebuilds/darwin-x64/edhoc.node +0 -0
  258. package/prebuilds/linux-arm/edhoc.armv6.node +0 -0
  259. package/prebuilds/linux-arm/edhoc.armv7.node +0 -0
  260. package/prebuilds/linux-arm64/edhoc.armv8.node +0 -0
  261. package/prebuilds/linux-x64/edhoc.glibc.node +0 -0
  262. package/prebuilds/linux-x64/edhoc.musl.node +0 -0
  263. package/prebuilds/win32-ia32/edhoc.node +0 -0
  264. package/prebuilds/win32-x64/edhoc.node +0 -0
  265. package/src/EdhocComposeAsyncWorker.cpp +18 -35
  266. package/src/EdhocCredentialManager.cpp +160 -187
  267. package/src/EdhocCryptoManager.cpp +386 -586
  268. package/src/EdhocEadManager.cpp +10 -18
  269. package/src/EdhocExportOscoreAsyncWorker.cpp +77 -0
  270. package/src/EdhocKeyExporterAsyncWorker.cpp +49 -0
  271. package/src/EdhocKeyUpdateAsyncWorker.cpp +41 -0
  272. package/src/EdhocProcessAsyncWorker.cpp +72 -19
  273. package/src/LibEDHOC.cpp +213 -174
  274. package/src/Suites.cpp +39 -72
  275. package/src/Utils.cpp +32 -56
  276. package/test/basic.test.ts +64 -0
  277. package/test/vectors.test.ts +111 -0
  278. package/external/libedhoc/externals/zcbor/include/zcbor_debug.h +0 -69
  279. package/external/libedhoc/tests/include/cipher_suite_negotiation/test_edhoc_cipher_suite_negotiation.h +0 -37
  280. package/external/libedhoc/tests/include/cipher_suites/test_cipher_suite_0.h +0 -48
  281. package/external/libedhoc/tests/include/cipher_suites/test_cipher_suite_2.h +0 -48
  282. package/external/libedhoc/tests/include/edhoc_trace_1/authentication_credentials_1.h +0 -60
  283. package/external/libedhoc/tests/include/edhoc_trace_1/test_edhoc_handshake_1.h +0 -208
  284. package/external/libedhoc/tests/include/edhoc_trace_1/test_edhoc_handshake_ead_1.h +0 -59
  285. package/external/libedhoc/tests/include/edhoc_trace_2/authentication_credentials_2.h +0 -60
  286. package/external/libedhoc/tests/include/edhoc_trace_2/test_edhoc_handshake_2.h +0 -199
  287. package/external/libedhoc/tests/include/error_message/test_edhoc_error_message.h +0 -48
  288. package/external/libedhoc/tests/include/x509_chain_cs_0/authentication_credentials_x5chain_cs_0.h +0 -92
  289. package/external/libedhoc/tests/include/x509_chain_cs_0/test_edhoc_handshake_x5chain_cs_0.h +0 -96
  290. package/external/libedhoc/tests/include/x509_chain_cs_2/authentication_credentials_x5chain_cs_2.h +0 -58
  291. package/external/libedhoc/tests/include/x509_chain_cs_2/test_edhoc_handshake_x5chain_cs_2.h +0 -56
  292. package/external/libedhoc/tests/include/x509_chain_cs_2/test_edhoc_handshake_x5chain_cs_2_ead.h +0 -57
  293. package/external/libedhoc/tests/include/x509_chain_cs_2_static_dh/authentication_credentials_x5chain_cs_2_static_dh.h +0 -59
  294. package/external/libedhoc/tests/include/x509_chain_cs_2_static_dh/test_edhoc_handshake_x5chain_cs_2_static_dh_ead.h +0 -57
  295. package/external/libedhoc/tests/include/x509_hash_cs_2/authentication_credentials_x5t_cs_2.h +0 -60
  296. package/external/libedhoc/tests/include/x509_hash_cs_2/test_edhoc_handshake_x5t_cs_2_ead.h +0 -57
  297. package/external/libedhoc/tests/src/cipher_suites/test_cipher_suite_0.c +0 -475
  298. package/external/libedhoc/tests/src/cipher_suites/test_cipher_suite_2.c +0 -473
  299. package/external/libedhoc/tests/src/edhoc_trace_1/authentication_credentials_1.c +0 -252
  300. package/external/libedhoc/tests/src/edhoc_trace_1/test_edhoc_handshake_1.c +0 -1829
  301. package/external/libedhoc/tests/src/edhoc_trace_1/test_edhoc_handshake_ead_1.c +0 -1247
  302. package/external/libedhoc/tests/src/edhoc_trace_2/authentication_credentials_2.c +0 -170
  303. package/external/libedhoc/tests/src/edhoc_trace_2/test_edhoc_handshake_2.c +0 -1783
  304. package/external/libedhoc/tests/src/tests.c +0 -228
  305. package/external/libedhoc/tests/src/x509_chain_cs_0/authentication_credentials_x5chain_cs_0.c +0 -332
  306. package/external/libedhoc/tests/src/x509_chain_cs_0/test_edhoc_handshake_x5chain_cs_0.c +0 -936
  307. package/external/libedhoc/tests/src/x509_chain_cs_2/authentication_credentials_x5chain_cs_2.c +0 -166
  308. package/external/libedhoc/tests/src/x509_chain_cs_2/test_edhoc_handshake_x5chain_cs_2.c +0 -587
  309. package/external/libedhoc/tests/src/x509_chain_cs_2/test_edhoc_handshake_x5chain_cs_2_ead.c +0 -917
  310. package/external/libedhoc/tests/src/x509_chain_cs_2_static_dh/authentication_credentials_x5chain_cs_2_static_dh.c +0 -186
  311. package/external/libedhoc/tests/src/x509_chain_cs_2_static_dh/test_edhoc_handshake_x5chain_cs_2_static_dh_ead.c +0 -743
  312. package/external/libedhoc/tests/src/x509_hash_cs_2/authentication_credentials_x5t_cs_2.c +0 -261
  313. package/external/libedhoc/tests/src/x509_hash_cs_2/test_edhoc_handshake_x5t_cs_2_ead.c +0 -854
  314. package/src/EdhocExportAsyncWorker.cpp +0 -82
package/external/libedhoc/library/edhoc_message_2.c CHANGED
@@ -2,8 +2,8 @@
2
2
  * \file edhoc_message_2.c
3
3
  * \author Kamil Kielbasa
4
4
  * \brief EDHOC message 2.
5
- * \version 0.4
6
- * \date 2024-01-01
5
+ * \version 0.6
6
+ * \date 2024-08-05
7
7
  *
8
8
  * \copyright Copyright (c) 2024
9
9
  *
@@ -14,6 +14,7 @@
14
14
  /* EDHOC header: */
15
15
  #define EDHOC_ALLOW_PRIVATE_ACCESS
16
16
  #include "edhoc.h"
17
+ #include "edhoc_common.h"
17
18
 
18
19
  /* Standard library headers: */
19
20
  #include <stdint.h>
@@ -50,117 +51,10 @@
50
51
 
51
52
  /* Module defines ---------------------------------------------------------- */
52
53
  /* Module types and type definitiones -------------------------------------- */
53
-
54
- /**
55
- * \brief Helper structure for CBOR encoding.
56
- */
57
- struct cbor_items {
58
- uint8_t *conn_id;
59
- size_t conn_id_len;
60
-
61
- uint8_t *id_cred_r;
62
- size_t id_cred_r_len;
63
-
64
- bool id_cred_r_is_comp_enc; // cob = cbor one byte
65
- enum edhoc_encode_type id_cred_r_enc_type;
66
- int32_t id_cred_r_int;
67
- uint8_t id_cred_r_bstr[EDHOC_CRED_KEY_ID_LEN + 1];
68
- size_t id_cred_r_bstr_len;
69
-
70
- uint8_t *th_2;
71
- size_t th_2_len;
72
-
73
- uint8_t *cred_r;
74
- size_t cred_r_len;
75
-
76
- bool is_ead_2;
77
- uint8_t *ead_2;
78
- size_t ead_2_len;
79
-
80
- size_t buf_len;
81
- uint8_t buf[];
82
- };
83
-
84
- /**
85
- * \brief Helper structure for parsed PLAINTEXT_2.
86
- */
87
- struct plaintext {
88
- struct edhoc_auth_creds auth_cred;
89
-
90
- const uint8_t *sign_or_mac;
91
- size_t sign_or_mac_len;
92
-
93
- const uint8_t *ead;
94
- size_t ead_len;
95
- };
96
-
97
- /**
98
- * \brief Processing side.
99
- */
100
- enum edhoc_role {
101
- initiator,
102
- responder,
103
- };
104
-
105
54
  /* Module interface variables and constants -------------------------------- */
106
55
  /* Static variables and constants ------------------------------------------ */
107
56
  /* Static function declarations -------------------------------------------- */
108
57
 
109
- /**
110
- * \brief CBOR integer memory requirements.
111
- *
112
- * \param val Raw integer value.
113
- *
114
- * \return Number of bytes.
115
- */
116
- static inline size_t cbor_int_mem_req(int32_t val);
117
-
118
- /**
119
- * \brief CBOR text stream overhead.
120
- *
121
- * \param len Length of buffer to CBOR as tstr.
122
- *
123
- * \return Number of bytes.
124
- */
125
- static inline size_t cbor_tstr_overhead(size_t len);
126
-
127
- /**
128
- * \brief CBOR byte stream overhead.
129
- *
130
- * \param len Length of buffer to CBOR as bstr.
131
- *
132
- * \return Number of bytes.
133
- */
134
- static inline size_t cbor_bstr_overhead(size_t len);
135
-
136
- /**
137
- * \brief CBOR map overhead.
138
- *
139
- * \param items Number of items for map.
140
- *
141
- * \return Number of bytes.
142
- */
143
- static inline size_t cbor_map_overhead(size_t items);
144
-
145
- /**
146
- * \brief CBOR array overhead.
147
- *
148
- * \param items Number of items for array.
149
- *
150
- * \return Number of bytes.
151
- */
152
- static inline size_t cbor_array_overhead(size_t items);
153
-
154
- /**
155
- * \brief Check if integer might be encoded as CBOR one byte.
156
- *
157
- * \param val Value for cbor encoding.
158
- *
159
- * \retval True if might be encoded as one byte cbor integer,
160
- * otherwise false.
161
- */
162
- static inline bool is_cbor_one_byte_int(int32_t val);
163
-
164
58
  /**
165
59
  * \brief Generate ECDH key pair (G_X, X).
166
60
  *
@@ -183,11 +77,10 @@ static int comp_dh_secret(struct edhoc_context *ctx);
183
77
  * \brief Compute transcript hash 2 (TH_2).
184
78
  *
185
79
  * \param[in,out] ctx EDHOC context.
186
- * \param role EDHOC role.
187
80
  *
188
81
  * \return EDHOC_SUCCESS on success, otherwise failure.
189
82
  */
190
- static int comp_th_2(struct edhoc_context *ctx, enum edhoc_role role);
83
+ static int comp_th_2(struct edhoc_context *ctx);
191
84
 
192
85
  /**
193
86
  * \brief Compute psuedo random key (PRK_2e).
@@ -201,7 +94,6 @@ static int comp_prk_2e(struct edhoc_context *ctx);
201
94
  /**
202
95
  * \brief Compute psuedo random key (PRK_3e2m).
203
96
  *
204
- * \param[in] role EDHOC role.
205
97
  * \param[in,out] ctx EDHOC context.
206
98
  * \param[in] auth_cred Authentication credentials.
207
99
  * \param[in] pub_key Peer public static DH key.
@@ -209,116 +101,29 @@ static int comp_prk_2e(struct edhoc_context *ctx);
209
101
  *
210
102
  * \return EDHOC_SUCCESS on success, otherwise failure.
211
103
  */
212
- static int comp_prk_3e2m(enum edhoc_role role, struct edhoc_context *ctx,
104
+ static int comp_prk_3e2m(struct edhoc_context *ctx,
213
105
  const struct edhoc_auth_creds *auth_cred,
214
106
  const uint8_t *pub_key, size_t pub_key_len);
215
107
 
216
- /**
217
- * \brief Compute memory required for input (context_2) for for MAC_2.
218
- *
219
- * \param[in] ctx EDHOC context.
220
- * \param[in] auth_cred Authentication credentials.
221
- * \param role EDHOC role.
222
- * \param[out] context_2_len On success, length of context_2 for MAC_2.
223
- *
224
- * \return EDHOC_SUCCESS on success, otherwise failure.
225
- */
226
- static int comp_mac_2_input_len(const struct edhoc_context *ctx,
227
- const struct edhoc_auth_creds *auth_cred,
228
- enum edhoc_role role, size_t *context_2_len);
229
-
230
- /**
231
- * \brief Generate context_2.
232
- *
233
- * \param[in] ctx EDHOC context.
234
- * \param[in] auth_cred Authentication credentials.
235
- * \param role EDHOC role.
236
- * \param[out] cbor_items Buffer where the generated context_2 is to be written.
237
- *
238
- * \return EDHOC_SUCCESS on success, otherwise failure.
239
- */
240
- static int gen_mac_2_context(const struct edhoc_context *ctx,
241
- const struct edhoc_auth_creds *auth_cred,
242
- enum edhoc_role role,
243
- struct cbor_items *cbor_items);
244
-
245
- /**
246
- * \brief Get required MAC_2 length.
247
- *
248
- * \param role EDHOC role.
249
- * \param[in] ctx EDHOC context.
250
- * \param[out] mac_2_len On success, length of MAC_2.
251
- *
252
- * \return EDHOC_SUCCESS on success, otherwise failure.
253
- */
254
- static int get_mac_2_len(enum edhoc_role role, const struct edhoc_context *ctx,
255
- size_t *mac_2_len);
256
-
257
- /**
258
- * \brief Compute MAC_2.
259
- *
260
- * \param[in] ctx EDHOC context.
261
- * \param[in] cbor_items Buffer containing the context_2.
262
- * \param[out] mac_2 Buffer where the generated MAC_2 is to be written.
263
- * \param mac_2_len Size of the \p mac_2 buffer in bytes.
264
- *
265
- * \return EDHOC_SUCCESS on success, otherwise failure.
266
- */
267
- static int comp_mac_2(const struct edhoc_context *ctx,
268
- const struct cbor_items *cbor_items, uint8_t *mac_2,
269
- size_t mac_2_len);
270
-
271
- /**
272
- * \brief Compute required length for Signature_or_MAC_2.
273
- *
274
- * \param role EDHOC role.
275
- * \param[in] ctx EDHOC context.
276
- * \param[out] sign_or_mac_2_len On success, length of Signature_or_MAC_2.
277
- *
278
- * \return EDHOC_SUCCESS on success, otherwise failure.
279
- */
280
- static int comp_sign_or_mac_2_len(enum edhoc_role role,
281
- const struct edhoc_context *ctx,
282
- size_t *sign_or_mac_2_len);
283
-
284
- /**
285
- * \brief Compute Signature_or_MAC_2.
286
- *
287
- * \param[in] ctx EDHOC context.
288
- * \param[in] auth_cred Authentication credentials.
289
- * \param[in] cbor_items Buffer containing the context_2.
290
- * \param[in] mac_2 Buffer containing the MAC_2.
291
- * \param mac_2_len Size of the \p mac_2 buffer in bytes.
292
- * \param[out] sign Buffer where the generated signature is to be written.
293
- * \param sign_len Size of the \p sign buffer in bytes.
294
- *
295
- * \return EDHOC_SUCCESS on success, otherwise failure.
296
- */
297
- static int comp_sign_or_mac_2(const struct edhoc_context *ctx,
298
- const struct edhoc_auth_creds *auth_cred,
299
- const struct cbor_items *cbor_items,
300
- const uint8_t *mac_2, size_t mac_2_len,
301
- uint8_t *sign, size_t sign_len);
302
-
303
108
  /**
304
109
  * \brief Compute required PLAINTEXT_2 length.
305
110
  *
306
111
  * \param[in] ctx EDHOC context.
307
- * \param[in] cbor_items Buffer containing the context_2.
112
+ * \param[in] mac_ctx MAC_2 context.
308
113
  * \param sign_len Size of the signature buffer in bytes.
309
114
  * \param[out] plaintext_2_len On success, length of PLAINTEXT_2.
310
115
  *
311
116
  * \return EDHOC_SUCCESS on success, otherwise failure.
312
117
  */
313
118
  static int comp_plaintext_2_len(const struct edhoc_context *ctx,
314
- const struct cbor_items *cbor_items,
119
+ const struct mac_context *mac_ctx,
315
120
  size_t sign_len, size_t *plaintext_2_len);
316
121
 
317
122
  /**
318
123
  * \brief Prepare PLAINTEXT_2.
319
124
  *
320
125
  * \param[in] ctx EDHOC context.
321
- * \param[in] cbor_items Buffer containing the context_2.
126
+ * \param[in] mac_ctx Buffer containing the context_2.
322
127
  * \param[in] sign Buffer containing the signature.
323
128
  * \param sign_len Size of the \p sign buffer in bytes.
324
129
  * \param[out] ptxt Buffer where the generated plaintext is to be written.
@@ -328,7 +133,7 @@ static int comp_plaintext_2_len(const struct edhoc_context *ctx,
328
133
  * \return EDHOC_SUCCESS on success, otherwise failure.
329
134
  */
330
135
  static int prepare_plaintext_2(const struct edhoc_context *ctx,
331
- const struct cbor_items *cbor_items,
136
+ const struct mac_context *mac_ctx,
332
137
  const uint8_t *sign, size_t sign_len,
333
138
  uint8_t *ptxt, size_t ptxt_size,
334
139
  size_t *ptxt_len);
@@ -416,51 +221,20 @@ static int parse_msg_2(struct edhoc_context *ctx, const uint8_t *msg_2,
416
221
  static int parse_plaintext(struct edhoc_context *ctx, const uint8_t *ptxt,
417
222
  size_t ptxt_len, struct plaintext *parsed_ptxt);
418
223
 
419
- /**
420
- * \brief Verify Signature_or_MAC_2.
421
- *
422
- * \param[in] ctx EDHOC context.
423
- * \param[in] cbor_items Structure containing the context_2.
424
- * \param[in] parsed_ptxt Structure containing the parsed PLAINTEXT_2.
425
- * \param[in] pub_key Buffer containing the public key from peer credentials.
426
- * \param pub_key_len Size of the \p pub_key buffer in bytes.
427
- * \param[in] mac_2 Buffer containing the MAC_2.
428
- * \param mac_2_len Size of the \p mac_2 buffer in bytes.
429
- *
430
- * \return EDHOC_SUCCESS on success, otherwise failure.
431
- */
432
- static int verify_sign_or_mac_2(const struct edhoc_context *ctx,
433
- const struct cbor_items *cbor_items,
434
- const struct plaintext *parsed_ptxt,
435
- const uint8_t *pub_key, size_t pub_key_len,
436
- const uint8_t *mac_2, size_t mac_2_len);
437
-
438
224
  /**
439
225
  * \brief Compute transcript hash 3.
440
226
  *
441
227
  * \param[in,out] ctx EDHOC context.
442
- * \param[in] cbor_items Structure containing the context_2.
228
+ * \param[in] mac_ctx MAC context.
443
229
  * \param[in] ptxt Buffer containing the PLAINTEXT_2.
444
230
  * \param ptxt_len Size of the \p ptxt buffer in bytes.
445
231
  *
446
232
  * \return EDHOC_SUCCESS on success, otherwise failure.
447
233
  */
448
234
  static int comp_th_3(struct edhoc_context *ctx,
449
- const struct cbor_items *cbor_items, const uint8_t *ptxt,
235
+ const struct mac_context *mac_ctx, const uint8_t *ptxt,
450
236
  size_t ptxt_len);
451
237
 
452
- /**
453
- * \brief Perform compact encoding described in:
454
- * - RFC 9528: 3.5.3.2. Compact Encoding of ID_CRED Fields for 'kid'.
455
- *
456
- * \param[in] auth_cred Authentication credentials.
457
- * \param[in,out] cbor_items Structure containing the context_2.
458
- *
459
- * \return EDHOC_SUCCESS on success, otherwise failure.
460
- */
461
- static int kid_compact_encoding(const struct edhoc_auth_creds *auth_cred,
462
- struct cbor_items *cbor_items);
463
-
464
238
  /**
465
239
  * \brief Compute SALT_3e2m.
466
240
  *
@@ -476,7 +250,6 @@ static int comp_salt_3e2m(const struct edhoc_context *ctx, uint8_t *salt,
476
250
  /**
477
251
  * \brief Compute G_RX for PRK_3e2m.
478
252
  *
479
- * \param role EDHOC role.
480
253
  * \param[in,out] ctx EDHOC context.
481
254
  * \param[in] auth_cred Authentication credentials.
482
255
  * \param[in] pub_key Peer public key.
@@ -486,81 +259,13 @@ static int comp_salt_3e2m(const struct edhoc_context *ctx, uint8_t *salt,
486
259
  *
487
260
  * \return EDHOC_SUCCESS on success, otherwise failure.
488
261
  */
489
- static int comp_grx(enum edhoc_role role, struct edhoc_context *ctx,
262
+ static int comp_grx(struct edhoc_context *ctx,
490
263
  const struct edhoc_auth_creds *auth_cred,
491
264
  const uint8_t *pub_key, size_t pub_key_len, uint8_t *grx,
492
265
  size_t grx_len);
493
266
 
494
267
  /* Static function definitions --------------------------------------------- */
495
268
 
496
- static inline size_t cbor_int_mem_req(int32_t val)
497
- {
498
- if (val >= ONE_BYTE_CBOR_INT_MIN_VALUE &&
499
- val <= ONE_BYTE_CBOR_INT_MAX_VALUE) {
500
- return 1;
501
- } else if (val >= -(UINT8_MAX + 1) && val <= UINT8_MAX) {
502
- return 2;
503
- } else if (val >= -(UINT16_MAX + 1) && val <= UINT16_MAX) {
504
- return 3;
505
- } else {
506
- return 4;
507
- }
508
- }
509
-
510
- static inline size_t cbor_tstr_overhead(size_t len)
511
- {
512
- if (len <= 23) {
513
- return 1;
514
- } else if (len <= UINT8_MAX) {
515
- return 2;
516
- } else if (len <= UINT16_MAX) {
517
- return 3;
518
- } else if (len <= UINT32_MAX) {
519
- return 4;
520
- } else {
521
- return 5;
522
- }
523
- }
524
-
525
- static inline size_t cbor_bstr_overhead(size_t len)
526
- {
527
- if (len <= 23) {
528
- return 1;
529
- } else if (len <= UINT8_MAX) {
530
- return 2;
531
- } else if (len <= UINT16_MAX) {
532
- return 3;
533
- } else if (len <= UINT32_MAX) {
534
- return 4;
535
- } else {
536
- return 5;
537
- }
538
- }
539
-
540
- static inline size_t cbor_map_overhead(size_t items)
541
- {
542
- (void)items;
543
-
544
- return 3;
545
- }
546
-
547
- static inline size_t cbor_array_overhead(size_t items)
548
- {
549
- if (items < 24)
550
- return 1;
551
- if (items < 256)
552
- return 2;
553
- if (items < 65535)
554
- return 3;
555
-
556
- return 4;
557
- }
558
-
559
- static inline bool is_cbor_one_byte_int(int32_t val)
560
- {
561
- return 1 == cbor_int_mem_req(val);
562
- }
563
-
564
269
  static int gen_dh_keys(struct edhoc_context *ctx)
565
270
  {
566
271
  if (NULL == ctx)
@@ -569,9 +274,9 @@ static int gen_dh_keys(struct edhoc_context *ctx)
569
274
  int ret = EDHOC_ERROR_GENERIC_ERROR;
570
275
 
571
276
  /* Generate ephemeral key pair. */
572
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
573
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_MAKE_KEY_PAIR,
574
- NULL, 0, key_id);
277
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
278
+ ret = ctx->keys.import_key(ctx->user_ctx, EDHOC_KT_MAKE_KEY_PAIR, NULL,
279
+ 0, key_id);
575
280
 
576
281
  if (EDHOC_SUCCESS != ret)
577
282
  return EDHOC_ERROR_CRYPTO_FAILURE;
@@ -605,10 +310,10 @@ static int comp_dh_secret(struct edhoc_context *ctx)
605
310
 
606
311
  int ret = EDHOC_ERROR_GENERIC_ERROR;
607
312
 
608
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
609
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_KEY_AGREEMENT,
610
- ctx->dh_priv_key, ctx->dh_priv_key_len,
611
- key_id);
313
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
314
+ ret = ctx->keys.import_key(ctx->user_ctx, EDHOC_KT_KEY_AGREEMENT,
315
+ ctx->dh_priv_key, ctx->dh_priv_key_len,
316
+ key_id);
612
317
  if (EDHOC_SUCCESS != ret)
613
318
  return EDHOC_ERROR_CRYPTO_FAILURE;
614
319
 
@@ -620,1039 +325,213 @@ static int comp_dh_secret(struct edhoc_context *ctx)
620
325
  ret = ctx->crypto.key_agreement(ctx->user_ctx, key_id,
621
326
  ctx->dh_peer_pub_key,
622
327
  ctx->dh_peer_pub_key_len,
623
- ctx->dh_secret, ctx->dh_secret_len,
624
- &secret_len);
625
- ctx->keys.destroy_key(ctx->user_ctx, key_id);
626
-
627
- if (EDHOC_SUCCESS != ret || secret_len != csuite.ecc_key_length)
628
- return EDHOC_ERROR_CRYPTO_FAILURE;
629
-
630
- return EDHOC_SUCCESS;
631
- }
632
-
633
- static int comp_th_2(struct edhoc_context *ctx, enum edhoc_role role)
634
- {
635
- if (NULL == ctx)
636
- return EDHOC_ERROR_INVALID_ARGUMENT;
637
-
638
- if (EDHOC_TH_STATE_1 != ctx->th_state)
639
- return EDHOC_ERROR_BAD_STATE;
640
-
641
- int ret = EDHOC_ERROR_GENERIC_ERROR;
642
-
643
- const struct edhoc_cipher_suite csuite =
644
- ctx->csuite[ctx->chosen_csuite_idx];
645
-
646
- /* Calculate required sizes for CBOR TH_2 = H(G_Y, H(message_1)). */
647
- size_t g_y_len = 0;
648
- g_y_len += csuite.ecc_key_length;
649
- g_y_len += cbor_bstr_overhead(csuite.ecc_key_length);
650
-
651
- size_t hash_len = 0;
652
- hash_len += csuite.hash_length;
653
- hash_len += cbor_bstr_overhead(csuite.hash_length);
654
-
655
- ALLOCATE_ARRAY(uint8_t, th_2, g_y_len + hash_len);
656
- memset(th_2, 0, ALLOCATE_ARRAY_SIZEOF(th_2));
657
-
658
- size_t offset = 0;
659
- size_t len_out = 0;
660
- struct zcbor_string cbor_bstr = { 0 };
661
-
662
- /* Cborise G_Y. */
663
- switch (role) {
664
- case initiator:
665
- cbor_bstr.value = ctx->dh_peer_pub_key;
666
- cbor_bstr.len = ctx->dh_peer_pub_key_len;
667
- break;
668
- case responder:
669
- cbor_bstr.value = ctx->dh_pub_key;
670
- cbor_bstr.len = ctx->dh_pub_key_len;
671
- break;
672
- }
673
-
674
- len_out = 0;
675
- ret = cbor_encode_byte_string_type_bstr_type(th_2, g_y_len, &cbor_bstr,
676
- &len_out);
677
-
678
- if (ZCBOR_SUCCESS != ret || g_y_len != len_out)
679
- return EDHOC_ERROR_CBOR_FAILURE;
680
-
681
- offset += len_out;
682
-
683
- /* Cborise H(message_1). */
684
- cbor_bstr.value = ctx->th;
685
- cbor_bstr.len = ctx->th_len;
686
-
687
- len_out = 0;
688
- ret = cbor_encode_byte_string_type_bstr_type(&th_2[offset], hash_len,
689
- &cbor_bstr, &len_out);
690
-
691
- if (ZCBOR_SUCCESS != ret || hash_len != len_out)
692
- return EDHOC_ERROR_CBOR_FAILURE;
693
-
694
- offset += len_out;
695
-
696
- if (ARRAY_SIZE_VLA(th_2) < offset)
697
- return EDHOC_ERROR_BUFFER_TOO_SMALL;
698
-
699
- /* Calculate TH_2. */
700
- ctx->th_len = csuite.hash_length;
701
-
702
- size_t hash_length = 0;
703
- ret = ctx->crypto.hash(ctx->user_ctx, th_2, ARRAY_SIZE_VLA(th_2), ctx->th,
704
- ctx->th_len, &hash_length);
705
-
706
- if (EDHOC_SUCCESS != ret || csuite.hash_length != hash_length)
707
- return EDHOC_ERROR_CRYPTO_FAILURE;
708
-
709
- ctx->th_state = EDHOC_TH_STATE_2;
710
- return EDHOC_SUCCESS;
711
- }
712
-
713
- static int comp_prk_2e(struct edhoc_context *ctx)
714
- {
715
- if (NULL == ctx)
716
- return EDHOC_ERROR_INVALID_ARGUMENT;
717
-
718
- if (EDHOC_TH_STATE_2 != ctx->th_state ||
719
- EDHOC_PRK_STATE_INVALID != ctx->prk_state)
720
- return EDHOC_ERROR_BAD_STATE;
721
-
722
- int ret = EDHOC_ERROR_GENERIC_ERROR;
723
-
724
- ctx->prk_len = ctx->csuite[ctx->chosen_csuite_idx].hash_length;
725
-
726
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
727
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_EXTRACT,
728
- ctx->dh_secret, ctx->dh_secret_len,
729
- key_id);
730
-
731
- if (EDHOC_SUCCESS != ret)
732
- return EDHOC_ERROR_CRYPTO_FAILURE;
733
-
734
- size_t out_len = 0;
735
- ret = ctx->crypto.extract(ctx->user_ctx, key_id, ctx->th, ctx->th_len,
736
- ctx->prk, ctx->prk_len, &out_len);
737
- ctx->keys.destroy_key(ctx->user_ctx, key_id);
738
-
739
- if (EDHOC_SUCCESS != ret || ctx->prk_len != out_len)
740
- return EDHOC_ERROR_CRYPTO_FAILURE;
741
-
742
- ctx->prk_state = EDHOC_PRK_STATE_2E;
743
- return EDHOC_SUCCESS;
744
- }
745
-
746
- static int comp_prk_3e2m(enum edhoc_role role, struct edhoc_context *ctx,
747
- const struct edhoc_auth_creds *auth_cred,
748
- const uint8_t *pub_key, size_t pub_key_len)
749
- {
750
- if (NULL == ctx)
751
- return EDHOC_ERROR_INVALID_ARGUMENT;
752
-
753
- if (EDHOC_PRK_STATE_2E != ctx->prk_state)
754
- return EDHOC_ERROR_BAD_STATE;
755
-
756
- if (initiator == role) {
757
- switch (ctx->method) {
758
- case EDHOC_METHOD_0:
759
- case EDHOC_METHOD_2:
760
- ctx->prk_state = EDHOC_PRK_STATE_3E2M;
761
- return EDHOC_SUCCESS;
762
-
763
- case EDHOC_METHOD_1:
764
- case EDHOC_METHOD_3: {
765
- const size_t hash_len =
766
- ctx->csuite[ctx->chosen_csuite_idx].hash_length;
767
-
768
- ALLOCATE_ARRAY(uint8_t, salt_3e2m, hash_len);
769
- memset(salt_3e2m, 0, ALLOCATE_ARRAY_SIZEOF(salt_3e2m));
770
-
771
- int ret = comp_salt_3e2m(ctx, salt_3e2m,
772
- ARRAY_SIZE_VLA(salt_3e2m));
773
-
774
- if (EDHOC_SUCCESS != ret)
775
- return EDHOC_ERROR_CRYPTO_FAILURE;
776
-
777
- if (NULL != ctx->logger)
778
- ctx->logger(ctx->user_ctx, "SALT_3e2m",
779
- salt_3e2m, ARRAY_SIZE_VLA(salt_3e2m));
780
-
781
- const size_t ecc_key_len =
782
- ctx->csuite[ctx->chosen_csuite_idx]
783
- .ecc_key_length;
784
-
785
- ALLOCATE_ARRAY(uint8_t, grx, ecc_key_len);
786
- memset(grx, 0, ALLOCATE_ARRAY_SIZEOF(grx));
787
-
788
- ret = comp_grx(role, ctx, auth_cred, pub_key,
789
- pub_key_len, grx, ARRAY_SIZE_VLA(grx));
790
-
791
- if (EDHOC_SUCCESS != ret)
792
- return EDHOC_ERROR_CRYPTO_FAILURE;
793
-
794
- if (NULL != ctx->logger)
795
- ctx->logger(ctx->user_ctx, "G_RX", grx,
796
- ARRAY_SIZE_VLA(grx));
797
-
798
- ctx->prk_len =
799
- ctx->csuite[ctx->chosen_csuite_idx].hash_length;
800
-
801
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
802
- ret = ctx->keys.generate_key(ctx->user_ctx,
803
- EDHOC_KT_EXTRACT, grx,
804
- ARRAY_SIZE_VLA(grx), key_id);
805
- memset(grx, 0, sizeof(grx));
806
-
807
- if (EDHOC_SUCCESS != ret)
808
- return EDHOC_ERROR_CRYPTO_FAILURE;
809
-
810
- size_t out_len = 0;
811
- ret = ctx->crypto.extract(ctx->user_ctx, key_id,
812
- salt_3e2m,
813
- ARRAY_SIZE_VLA(salt_3e2m),
814
- ctx->prk, ctx->prk_len,
815
- &out_len);
816
- ctx->keys.destroy_key(ctx->user_ctx, key_id);
817
-
818
- if (EDHOC_SUCCESS != ret || ctx->prk_len != out_len)
819
- return EDHOC_ERROR_CRYPTO_FAILURE;
820
-
821
- ctx->prk_state = EDHOC_PRK_STATE_3E2M;
822
- return EDHOC_SUCCESS;
823
- }
824
-
825
- default:
826
- return EDHOC_ERROR_NOT_PERMITTED;
827
- }
828
- }
829
-
830
- if (responder == role) {
831
- switch (ctx->method) {
832
- case EDHOC_METHOD_0:
833
- case EDHOC_METHOD_2:
834
- ctx->prk_state = EDHOC_PRK_STATE_3E2M;
835
- return EDHOC_SUCCESS;
836
-
837
- case EDHOC_METHOD_1:
838
- case EDHOC_METHOD_3: {
839
- const size_t hash_len =
840
- ctx->csuite[ctx->chosen_csuite_idx].hash_length;
841
-
842
- ALLOCATE_ARRAY(uint8_t, salt_3e2m, hash_len);
843
- memset(salt_3e2m, 0, ALLOCATE_ARRAY_SIZEOF(salt_3e2m));
844
-
845
- int ret = comp_salt_3e2m(ctx, salt_3e2m,
846
- ARRAY_SIZE_VLA(salt_3e2m));
847
-
848
- if (EDHOC_SUCCESS != ret)
849
- return EDHOC_ERROR_CRYPTO_FAILURE;
850
-
851
- if (NULL != ctx->logger)
852
- ctx->logger(ctx->user_ctx, "SALT_3e2m",
853
- salt_3e2m, ARRAY_SIZE_VLA(salt_3e2m));
854
-
855
- const size_t ecc_key_len =
856
- ctx->csuite[ctx->chosen_csuite_idx]
857
- .ecc_key_length;
858
-
859
- ALLOCATE_ARRAY(uint8_t, grx, ecc_key_len);
860
- memset(grx, 0, ALLOCATE_ARRAY_SIZEOF(grx));
861
-
862
- ret = comp_grx(role, ctx, auth_cred, pub_key,
863
- pub_key_len, grx, ARRAY_SIZE_VLA(grx));
864
-
865
- if (EDHOC_SUCCESS != ret)
866
- return EDHOC_ERROR_CRYPTO_FAILURE;
867
-
868
- if (NULL != ctx->logger)
869
- ctx->logger(ctx->user_ctx, "G_RX", grx,
870
- ARRAY_SIZE_VLA(grx));
871
-
872
- ctx->prk_len =
873
- ctx->csuite[ctx->chosen_csuite_idx].hash_length;
874
-
875
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
876
- ret = ctx->keys.generate_key(ctx->user_ctx,
877
- EDHOC_KT_EXTRACT, grx,
878
- ARRAY_SIZE_VLA(grx), key_id);
879
- memset(grx, 0, ALLOCATE_ARRAY_SIZEOF(grx));
880
-
881
- if (EDHOC_SUCCESS != ret)
882
- return EDHOC_ERROR_CRYPTO_FAILURE;
883
-
884
- size_t out_len = 0;
885
- ret = ctx->crypto.extract(ctx->user_ctx, key_id,
886
- salt_3e2m,
887
- ARRAY_SIZE_VLA(salt_3e2m),
888
- ctx->prk, ctx->prk_len,
889
- &out_len);
890
- ctx->keys.destroy_key(ctx->user_ctx, key_id);
891
-
892
- if (EDHOC_SUCCESS != ret || ctx->prk_len != out_len)
893
- return EDHOC_ERROR_CRYPTO_FAILURE;
894
-
895
- ctx->prk_state = EDHOC_PRK_STATE_3E2M;
896
- return EDHOC_SUCCESS;
897
- }
898
-
899
- default:
900
- return EDHOC_ERROR_NOT_PERMITTED;
901
- }
902
- }
903
-
904
- return EDHOC_ERROR_NOT_PERMITTED;
905
- }
906
-
907
- static int comp_mac_2_input_len(const struct edhoc_context *ctx,
908
- const struct edhoc_auth_creds *auth_cred,
909
- enum edhoc_role role, size_t *context_2_len)
910
- {
911
- if (NULL == ctx || NULL == auth_cred || NULL == context_2_len)
912
- return EDHOC_ERROR_INVALID_ARGUMENT;
913
-
914
- const size_t nr_of_items = 1;
915
- size_t len = 0;
916
-
917
- /* C_R. */
918
- const struct edhoc_connection_id *cid = NULL;
919
-
920
- switch (role) {
921
- case initiator:
922
- cid = &ctx->peer_cid;
923
- break;
924
- case responder:
925
- cid = &ctx->cid;
926
- break;
927
- default:
928
- return EDHOC_ERROR_NOT_PERMITTED;
929
- }
930
-
931
- switch (cid->encode_type) {
932
- case EDHOC_CID_TYPE_ONE_BYTE_INTEGER:
933
- len = sizeof(cid->int_value);
934
- break;
935
- case EDHOC_CID_TYPE_BYTE_STRING:
936
- len += cid->bstr_length;
937
- len += cbor_bstr_overhead(cid->bstr_length);
938
- break;
939
- default:
940
- return EDHOC_ERROR_NOT_PERMITTED;
941
- }
942
-
943
- /* ID_CRED_R. */
944
- switch (auth_cred->label) {
945
- case EDHOC_COSE_HEADER_KID:
946
- len += cbor_map_overhead(nr_of_items);
947
-
948
- switch (auth_cred->key_id.encode_type) {
949
- case EDHOC_ENCODE_TYPE_INTEGER:
950
- len += cbor_int_mem_req(auth_cred->key_id.key_id_int);
951
- break;
952
- case EDHOC_ENCODE_TYPE_BYTE_STRING:
953
- len += auth_cred->key_id.key_id_bstr_length;
954
- len += cbor_bstr_overhead(
955
- auth_cred->key_id.key_id_bstr_length);
956
- break;
957
- default:
958
- return EDHOC_ERROR_NOT_PERMITTED;
959
- }
960
- break;
961
-
962
- case EDHOC_COSE_HEADER_X509_CHAIN:
963
- len += cbor_map_overhead(nr_of_items);
964
- for (size_t i = 0; i < auth_cred->x509_chain.nr_of_certs; ++i) {
965
- len += auth_cred->x509_chain.cert_len[i];
966
- len += cbor_bstr_overhead(
967
- auth_cred->x509_chain.cert_len[i]);
968
- }
969
-
970
- if (auth_cred->x509_chain.nr_of_certs > 1)
971
- len += cbor_array_overhead(
972
- auth_cred->x509_chain.nr_of_certs);
973
-
974
- break;
975
-
976
- case EDHOC_COSE_HEADER_X509_HASH:
977
- len += cbor_map_overhead(nr_of_items);
978
- len += cbor_array_overhead(nr_of_items);
979
-
980
- switch (auth_cred->x509_hash.encode_type) {
981
- case EDHOC_ENCODE_TYPE_INTEGER:
982
- len += cbor_int_mem_req(auth_cred->x509_hash.alg_int);
983
- break;
984
- case EDHOC_ENCODE_TYPE_BYTE_STRING:
985
- len += auth_cred->x509_hash.alg_bstr_length;
986
- len += cbor_bstr_overhead(
987
- auth_cred->x509_hash.alg_bstr_length);
988
- break;
989
- default:
990
- return EDHOC_ERROR_NOT_PERMITTED;
991
- }
992
-
993
- len += auth_cred->x509_hash.cert_fp_len;
994
- len += cbor_bstr_overhead(auth_cred->x509_hash.cert_fp_len);
995
- break;
996
-
997
- default:
998
- return EDHOC_ERROR_NOT_SUPPORTED;
999
- }
1000
-
1001
- /* TH_2. */
1002
- len += ctx->th_len;
1003
- len += cbor_bstr_overhead(ctx->th_len);
1004
-
1005
- /* CRED_R. */
1006
- switch (auth_cred->label) {
1007
- case EDHOC_COSE_HEADER_KID:
1008
- len += auth_cred->key_id.cred_len;
1009
- len += cbor_bstr_overhead(auth_cred->key_id.cred_len);
1010
- break;
1011
-
1012
- case EDHOC_COSE_HEADER_X509_CHAIN: {
1013
- const size_t end_entity_idx =
1014
- auth_cred->x509_chain.nr_of_certs - 1;
1015
- len += auth_cred->x509_chain.cert_len[end_entity_idx];
1016
- len += cbor_bstr_overhead(
1017
- auth_cred->x509_chain.cert_len[end_entity_idx]);
1018
- break;
1019
- }
1020
-
1021
- case EDHOC_COSE_HEADER_X509_HASH:
1022
- len += auth_cred->x509_hash.cert_len;
1023
- len += cbor_bstr_overhead(auth_cred->x509_hash.cert_len);
1024
- break;
1025
-
1026
- default:
1027
- return EDHOC_ERROR_NOT_SUPPORTED;
1028
- }
1029
-
1030
- /* EAD_2. */
1031
- for (size_t i = 0; i < ctx->nr_of_ead_tokens; ++i) {
1032
- len += cbor_int_mem_req(ctx->ead_token[i].label);
1033
- len += ctx->ead_token[i].value_len;
1034
- len += cbor_bstr_overhead(ctx->ead_token[i].value_len);
1035
- }
1036
-
1037
- *context_2_len = len;
1038
-
1039
- return EDHOC_SUCCESS;
1040
- }
1041
-
1042
- static int gen_mac_2_context(const struct edhoc_context *ctx,
1043
- const struct edhoc_auth_creds *auth_cred,
1044
- enum edhoc_role role,
1045
- struct cbor_items *cbor_items)
1046
- {
1047
- if (NULL == ctx || NULL == auth_cred || NULL == cbor_items)
1048
- return EDHOC_ERROR_INVALID_ARGUMENT;
1049
-
1050
- if (EDHOC_TH_STATE_2 != ctx->th_state)
1051
- return EDHOC_ERROR_BAD_STATE;
1052
-
1053
- const size_t nr_of_items = 1;
1054
-
1055
- int ret = EDHOC_ERROR_GENERIC_ERROR;
1056
- size_t len = 0;
1057
-
1058
- cbor_items->conn_id = &cbor_items->buf[0];
1059
-
1060
- /* C_R length. */
1061
- const struct edhoc_connection_id *cid = NULL;
1062
-
1063
- switch (role) {
1064
- case initiator:
1065
- cid = &ctx->peer_cid;
1066
- break;
1067
- case responder:
1068
- cid = &ctx->cid;
1069
- break;
1070
- default:
1071
- return EDHOC_ERROR_NOT_PERMITTED;
1072
- }
1073
-
1074
- switch (cid->encode_type) {
1075
- case EDHOC_CID_TYPE_ONE_BYTE_INTEGER:
1076
- len = sizeof(cid->int_value);
1077
- break;
1078
- case EDHOC_CID_TYPE_BYTE_STRING:
1079
- len += cid->bstr_length + 1;
1080
- len += cbor_bstr_overhead(cid->bstr_length);
1081
- break;
1082
- default:
1083
- return EDHOC_ERROR_NOT_PERMITTED;
1084
- }
1085
-
1086
- cbor_items->conn_id_len = len;
1087
-
1088
- /* Cborise C_R. */
1089
- switch (cid->encode_type) {
1090
- case EDHOC_CID_TYPE_ONE_BYTE_INTEGER: {
1091
- const int32_t value = cid->int_value;
1092
- len = 0;
1093
- ret = cbor_encode_integer_type_int_type(cbor_items->conn_id,
1094
- cbor_items->conn_id_len,
1095
- &value, &len);
1096
- break;
1097
- }
1098
- case EDHOC_CID_TYPE_BYTE_STRING: {
1099
- const struct zcbor_string cbor_bstr = {
1100
- .value = cid->bstr_value,
1101
- .len = cid->bstr_length,
1102
- };
1103
- len = 0;
1104
- ret = cbor_encode_byte_string_type_bstr_type(
1105
- cbor_items->conn_id, cbor_items->conn_id_len,
1106
- &cbor_bstr, &len);
1107
- break;
1108
- }
1109
- default:
1110
- return EDHOC_ERROR_NOT_PERMITTED;
1111
- }
1112
-
1113
- if (ZCBOR_SUCCESS != ret)
1114
- return EDHOC_ERROR_CBOR_FAILURE;
1115
-
1116
- cbor_items->conn_id_len = len;
1117
-
1118
- /* ID_CRED_R length. */
1119
- len = cbor_items->conn_id_len;
1120
- cbor_items->id_cred_r = &cbor_items->buf[cbor_items->conn_id_len];
1121
-
1122
- switch (auth_cred->label) {
1123
- case EDHOC_COSE_HEADER_KID:
1124
- len += cbor_map_overhead(nr_of_items);
1125
-
1126
- switch (auth_cred->key_id.encode_type) {
1127
- case EDHOC_ENCODE_TYPE_INTEGER:
1128
- len += cbor_int_mem_req(auth_cred->key_id.key_id_int);
1129
- break;
1130
- case EDHOC_ENCODE_TYPE_BYTE_STRING:
1131
- len += auth_cred->key_id.key_id_bstr_length;
1132
- len += cbor_bstr_overhead(
1133
- auth_cred->key_id.key_id_bstr_length);
1134
- break;
1135
- default:
1136
- return EDHOC_ERROR_NOT_PERMITTED;
1137
- }
1138
- break;
1139
-
1140
- case EDHOC_COSE_HEADER_X509_CHAIN:
1141
- len += cbor_map_overhead(nr_of_items);
1142
-
1143
- for (size_t i = 0; i < auth_cred->x509_chain.nr_of_certs; ++i) {
1144
- len += auth_cred->x509_chain.cert_len[i];
1145
- len += cbor_bstr_overhead(
1146
- auth_cred->x509_chain.cert_len[i]);
1147
- }
1148
-
1149
- if (1 < auth_cred->x509_chain.nr_of_certs)
1150
- len += cbor_array_overhead(
1151
- auth_cred->x509_chain.nr_of_certs);
1152
-
1153
- break;
1154
-
1155
- case EDHOC_COSE_HEADER_X509_HASH:
1156
- len += cbor_map_overhead(nr_of_items);
1157
- len += cbor_array_overhead(nr_of_items);
1158
-
1159
- switch (auth_cred->x509_hash.encode_type) {
1160
- case EDHOC_ENCODE_TYPE_INTEGER:
1161
- len += cbor_int_mem_req(auth_cred->x509_hash.alg_int);
1162
- break;
1163
- case EDHOC_ENCODE_TYPE_BYTE_STRING:
1164
- len += auth_cred->x509_hash.alg_bstr_length;
1165
- len += cbor_bstr_overhead(
1166
- auth_cred->x509_hash.alg_bstr_length);
1167
- break;
1168
- default:
1169
- return EDHOC_ERROR_NOT_PERMITTED;
1170
- }
1171
-
1172
- len += auth_cred->x509_hash.cert_fp_len;
1173
- len += cbor_bstr_overhead(auth_cred->x509_hash.cert_fp_len);
1174
- break;
1175
-
1176
- default:
1177
- return EDHOC_ERROR_CREDENTIALS_FAILURE;
1178
- }
1179
-
1180
- cbor_items->id_cred_r_len = len;
1181
-
1182
- /* Cborise ID_CRED_R. */
1183
- struct id_cred_x cbor_id_cred_r = { 0 };
1184
-
1185
- switch (auth_cred->label) {
1186
- case EDHOC_COSE_HEADER_KID:
1187
- cbor_id_cred_r._id_cred_x_kid_present = true;
1188
-
1189
- switch (auth_cred->key_id.encode_type) {
1190
- case EDHOC_ENCODE_TYPE_INTEGER:
1191
- cbor_id_cred_r._id_cred_x_kid._id_cred_x_kid_choice =
1192
- _id_cred_x_kid_int;
1193
- cbor_id_cred_r._id_cred_x_kid._id_cred_x_kid_int =
1194
- auth_cred->key_id.key_id_int;
1195
- break;
1196
- case EDHOC_ENCODE_TYPE_BYTE_STRING:
1197
- cbor_id_cred_r._id_cred_x_kid._id_cred_x_kid_choice =
1198
- _id_cred_x_kid_bstr;
1199
- cbor_id_cred_r._id_cred_x_kid._id_cred_x_kid_bstr.value =
1200
- auth_cred->key_id.key_id_bstr;
1201
- cbor_id_cred_r._id_cred_x_kid._id_cred_x_kid_bstr.len =
1202
- auth_cred->key_id.key_id_bstr_length;
1203
- break;
1204
- default:
1205
- return EDHOC_ERROR_NOT_PERMITTED;
1206
- }
1207
-
1208
- break;
1209
-
1210
- case EDHOC_COSE_HEADER_X509_CHAIN: {
1211
- if (0 == auth_cred->x509_chain.nr_of_certs)
1212
- return EDHOC_ERROR_BAD_STATE;
1213
-
1214
- cbor_id_cred_r._id_cred_x_x5chain_present = true;
1215
-
1216
- struct COSE_X509_ *cose_x509 =
1217
- &cbor_id_cred_r._id_cred_x_x5chain._id_cred_x_x5chain;
1218
-
1219
- if (1 == auth_cred->x509_chain.nr_of_certs) {
1220
- cose_x509->_COSE_X509_choice = _COSE_X509_bstr;
1221
- cose_x509->_COSE_X509_bstr.value =
1222
- auth_cred->x509_chain.cert[0];
1223
- cose_x509->_COSE_X509_bstr.len =
1224
- auth_cred->x509_chain.cert_len[0];
1225
- } else {
1226
- if (ARRAY_SIZE(cose_x509->_COSE_X509__certs_certs) <
1227
- auth_cred->x509_chain.nr_of_certs)
1228
- return EDHOC_ERROR_BUFFER_TOO_SMALL;
1229
-
1230
- cose_x509->_COSE_X509_choice = _COSE_X509__certs;
1231
- cose_x509->_COSE_X509__certs_certs_count =
1232
- auth_cred->x509_chain.nr_of_certs;
1233
-
1234
- for (size_t i = 0;
1235
- i < auth_cred->x509_chain.nr_of_certs; ++i) {
1236
- cose_x509->_COSE_X509__certs_certs[i].value =
1237
- auth_cred->x509_chain.cert[i];
1238
- cose_x509->_COSE_X509__certs_certs[i].len =
1239
- auth_cred->x509_chain.cert_len[i];
1240
- }
1241
- }
1242
- break;
1243
- }
1244
-
1245
- case EDHOC_COSE_HEADER_X509_HASH: {
1246
- cbor_id_cred_r._id_cred_x_x5t_present = true;
1247
-
1248
- struct COSE_CertHash *cose_x509 =
1249
- &cbor_id_cred_r._id_cred_x_x5t._id_cred_x_x5t;
1250
-
1251
- cose_x509->_COSE_CertHash_hashValue.value =
1252
- auth_cred->x509_hash.cert_fp;
1253
- cose_x509->_COSE_CertHash_hashValue.len =
1254
- auth_cred->x509_hash.cert_fp_len;
1255
-
1256
- switch (auth_cred->x509_hash.encode_type) {
1257
- case EDHOC_ENCODE_TYPE_INTEGER:
1258
- cose_x509->_COSE_CertHash_hashAlg_choice =
1259
- _COSE_CertHash_hashAlg_int;
1260
- cose_x509->_COSE_CertHash_hashAlg_int =
1261
- auth_cred->x509_hash.alg_int;
1262
- break;
1263
- case EDHOC_ENCODE_TYPE_BYTE_STRING:
1264
- cose_x509->_COSE_CertHash_hashAlg_choice =
1265
- _COSE_CertHash_hashAlg_tstr;
1266
- cose_x509->_COSE_CertHash_hashAlg_tstr.value =
1267
- auth_cred->x509_hash.alg_bstr;
1268
- cose_x509->_COSE_CertHash_hashAlg_tstr.len =
1269
- auth_cred->x509_hash.alg_bstr_length;
1270
- break;
1271
- default:
1272
- return EDHOC_ERROR_NOT_PERMITTED;
1273
- }
1274
- break;
1275
- }
1276
- default:
1277
- return EDHOC_ERROR_CREDENTIALS_FAILURE;
1278
- }
1279
-
1280
- len = 0;
1281
- ret = cbor_encode_id_cred_x(cbor_items->id_cred_r,
1282
- cbor_items->id_cred_r_len, &cbor_id_cred_r,
1283
- &len);
1284
- if (ZCBOR_SUCCESS != ret)
1285
- return EDHOC_ERROR_CBOR_FAILURE;
1286
-
1287
- cbor_items->id_cred_r_len = len;
1288
-
1289
- /* Check compact encoding of ID_CRED_R. */
1290
- if (EDHOC_COSE_HEADER_KID == auth_cred->label) {
1291
- ret = kid_compact_encoding(auth_cred, cbor_items);
1292
-
1293
- if (EDHOC_SUCCESS != ret)
1294
- return EDHOC_ERROR_CBOR_FAILURE;
1295
- }
1296
-
1297
- /* TH_2 length. */
1298
- len = ctx->th_len;
1299
- cbor_items->th_2 = &cbor_items->id_cred_r[cbor_items->id_cred_r_len];
1300
- cbor_items->th_2_len = cbor_bstr_overhead(len) + len;
1301
-
1302
- /* Cborise TH_2. */
1303
- const struct zcbor_string cbor_th_2 = {
1304
- .value = ctx->th,
1305
- .len = ctx->th_len,
1306
- };
328
+ ctx->dh_secret, ctx->dh_secret_len,
329
+ &secret_len);
330
+ ctx->keys.destroy_key(ctx->user_ctx, key_id);
1307
331
 
1308
- len = 0;
1309
- ret = cbor_encode_byte_string_type_bstr_type(
1310
- cbor_items->th_2, cbor_items->th_2_len, &cbor_th_2, &len);
332
+ if (EDHOC_SUCCESS != ret || secret_len != csuite.ecc_key_length)
333
+ return EDHOC_ERROR_CRYPTO_FAILURE;
1311
334
 
1312
- if (ZCBOR_SUCCESS != ret || cbor_items->th_2_len != len)
1313
- return EDHOC_ERROR_CBOR_FAILURE;
335
+ return EDHOC_SUCCESS;
336
+ }
1314
337
 
1315
- /* CRED_R length. */
1316
- cbor_items->cred_r = &cbor_items->th_2[cbor_items->th_2_len];
1317
- len = 0;
338
+ static int comp_th_2(struct edhoc_context *ctx)
339
+ {
340
+ if (NULL == ctx)
341
+ return EDHOC_ERROR_INVALID_ARGUMENT;
1318
342
 
1319
- switch (auth_cred->label) {
1320
- case EDHOC_COSE_HEADER_KID:
1321
- len += auth_cred->key_id.cred_len;
1322
- len += cbor_bstr_overhead(auth_cred->key_id.cred_len);
1323
- break;
343
+ if (EDHOC_TH_STATE_1 != ctx->th_state)
344
+ return EDHOC_ERROR_BAD_STATE;
1324
345
 
1325
- case EDHOC_COSE_HEADER_X509_CHAIN: {
1326
- const size_t end_entity_idx =
1327
- auth_cred->x509_chain.nr_of_certs - 1;
1328
- len += auth_cred->x509_chain.cert_len[end_entity_idx];
1329
- len += cbor_bstr_overhead(
1330
- auth_cred->x509_chain.cert_len[end_entity_idx]);
1331
- break;
1332
- }
346
+ int ret = EDHOC_ERROR_GENERIC_ERROR;
1333
347
 
1334
- case EDHOC_COSE_HEADER_X509_HASH:
1335
- len += auth_cred->x509_hash.cert_len;
1336
- len += cbor_bstr_overhead(auth_cred->x509_hash.cert_len);
1337
- break;
348
+ const struct edhoc_cipher_suite csuite =
349
+ ctx->csuite[ctx->chosen_csuite_idx];
1338
350
 
1339
- default:
1340
- return EDHOC_ERROR_CREDENTIALS_FAILURE;
1341
- }
351
+ /* Calculate required sizes for CBOR TH_2 = H(G_Y, H(message_1)). */
352
+ size_t g_y_len = 0;
353
+ g_y_len += csuite.ecc_key_length;
354
+ g_y_len += edhoc_cbor_bstr_oh(csuite.ecc_key_length);
1342
355
 
1343
- cbor_items->cred_r_len = len;
356
+ size_t hash_len = 0;
357
+ hash_len += csuite.hash_length;
358
+ hash_len += edhoc_cbor_bstr_oh(csuite.hash_length);
1344
359
 
1345
- /* Cborise CRED_R. */
1346
- struct zcbor_string cbor_cred_r = { 0 };
360
+ VLA_ALLOC(uint8_t, th_2, g_y_len + hash_len);
361
+ memset(th_2, 0, VLA_SIZEOF(th_2));
1347
362
 
1348
- switch (auth_cred->label) {
1349
- case EDHOC_COSE_HEADER_KID:
1350
- cbor_cred_r.value = auth_cred->key_id.cred;
1351
- cbor_cred_r.len = auth_cred->key_id.cred_len;
1352
- break;
363
+ size_t offset = 0;
364
+ size_t len_out = 0;
365
+ struct zcbor_string cbor_bstr = { 0 };
1353
366
 
1354
- case EDHOC_COSE_HEADER_X509_CHAIN: {
1355
- const size_t end_entity_idx =
1356
- auth_cred->x509_chain.nr_of_certs - 1;
1357
- cbor_cred_r.value = auth_cred->x509_chain.cert[end_entity_idx];
1358
- cbor_cred_r.len =
1359
- auth_cred->x509_chain.cert_len[end_entity_idx];
367
+ /* Cborise G_Y. */
368
+ switch (ctx->role) {
369
+ case EDHOC_INITIATOR:
370
+ cbor_bstr.value = ctx->dh_peer_pub_key;
371
+ cbor_bstr.len = ctx->dh_peer_pub_key_len;
1360
372
  break;
1361
- }
1362
-
1363
- case EDHOC_COSE_HEADER_X509_HASH:
1364
- cbor_cred_r.value = auth_cred->x509_hash.cert;
1365
- cbor_cred_r.len = auth_cred->x509_hash.cert_len;
373
+ case EDHOC_RESPONDER:
374
+ cbor_bstr.value = ctx->dh_pub_key;
375
+ cbor_bstr.len = ctx->dh_pub_key_len;
1366
376
  break;
1367
-
1368
377
  default:
1369
- return EDHOC_ERROR_CREDENTIALS_FAILURE;
1370
- }
1371
-
1372
- if (EDHOC_COSE_HEADER_KID == auth_cred->label &&
1373
- true == auth_cred->key_id.cred_is_cbor) {
1374
- memcpy(cbor_items->cred_r, auth_cred->key_id.cred,
1375
- auth_cred->key_id.cred_len);
1376
- cbor_items->cred_r_len = auth_cred->key_id.cred_len;
1377
- } else {
1378
- len = 0;
1379
- ret = cbor_encode_byte_string_type_bstr_type(
1380
- cbor_items->cred_r, cbor_items->cred_r_len,
1381
- &cbor_cred_r, &len);
1382
-
1383
- if (ZCBOR_SUCCESS != ret || cbor_items->cred_r_len != len)
1384
- return EDHOC_ERROR_CBOR_FAILURE;
378
+ return EDHOC_ERROR_NOT_PERMITTED;
1385
379
  }
1386
380
 
1387
- /* EAD_2 length. */
1388
- if (0 != ctx->nr_of_ead_tokens) {
1389
- len = 0;
1390
- for (size_t i = 0; i < ctx->nr_of_ead_tokens; ++i) {
1391
- len += cbor_int_mem_req(ctx->ead_token[i].label);
1392
- len += 1; // cbor boolean
1393
- len += ctx->ead_token[i].value_len;
1394
- len += cbor_bstr_overhead(ctx->ead_token[i].value_len);
1395
- }
1396
-
1397
- cbor_items->is_ead_2 = true;
1398
- cbor_items->ead_2 = &cbor_items->cred_r[cbor_items->cred_r_len];
1399
- cbor_items->ead_2_len = len;
1400
- } else {
1401
- cbor_items->is_ead_2 = false;
1402
- cbor_items->ead_2 = NULL;
1403
- cbor_items->ead_2_len = 0;
1404
- }
381
+ len_out = 0;
382
+ ret = cbor_encode_byte_string_type_bstr_type(th_2, g_y_len, &cbor_bstr,
383
+ &len_out);
1405
384
 
1406
- /* Cborise EAD_2 if present. */
1407
- if (cbor_items->is_ead_2) {
1408
- struct ead_ ead_tokens = { ._ead_count =
1409
- ctx->nr_of_ead_tokens };
385
+ if (ZCBOR_SUCCESS != ret || g_y_len != len_out)
386
+ return EDHOC_ERROR_CBOR_FAILURE;
1410
387
 
1411
- for (size_t i = 0; i < ctx->nr_of_ead_tokens; ++i) {
1412
- ead_tokens._ead[i]._ead_label = ctx->ead_token[i].label;
1413
- ead_tokens._ead[i]._ead_value_present =
1414
- (NULL != ctx->ead_token[i].value);
1415
- ead_tokens._ead[i]._ead_value.value =
1416
- ctx->ead_token[i].value;
1417
- ead_tokens._ead[i]._ead_value.len =
1418
- ctx->ead_token[i].value_len;
1419
- }
388
+ offset += len_out;
1420
389
 
1421
- len = 0;
1422
- ret = cbor_encode_ead(cbor_items->ead_2, cbor_items->ead_2_len,
1423
- &ead_tokens, &len);
390
+ /* Cborise H(message_1). */
391
+ cbor_bstr.value = ctx->th;
392
+ cbor_bstr.len = ctx->th_len;
1424
393
 
1425
- if (ZCBOR_SUCCESS != ret)
1426
- return EDHOC_ERROR_CBOR_FAILURE;
394
+ len_out = 0;
395
+ ret = cbor_encode_byte_string_type_bstr_type(&th_2[offset], hash_len,
396
+ &cbor_bstr, &len_out);
1427
397
 
1428
- cbor_items->ead_2_len = len;
1429
- }
398
+ if (ZCBOR_SUCCESS != ret || hash_len != len_out)
399
+ return EDHOC_ERROR_CBOR_FAILURE;
1430
400
 
1431
- const size_t encoded_bytes =
1432
- cbor_items->conn_id_len + cbor_items->id_cred_r_len +
1433
- cbor_items->th_2_len + cbor_items->cred_r_len +
1434
- cbor_items->ead_2_len;
401
+ offset += len_out;
1435
402
 
1436
- if (encoded_bytes > cbor_items->buf_len)
403
+ if (VLA_SIZE(th_2) < offset)
1437
404
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
1438
405
 
1439
- cbor_items->buf_len = encoded_bytes;
1440
- return EDHOC_SUCCESS;
1441
- }
1442
-
1443
- static int get_mac_2_len(enum edhoc_role role, const struct edhoc_context *ctx,
1444
- size_t *mac_2_len)
1445
- {
1446
- if (NULL == ctx || NULL == mac_2_len)
1447
- return EDHOC_ERROR_INVALID_ARGUMENT;
1448
-
1449
- const struct edhoc_cipher_suite csuite =
1450
- ctx->csuite[ctx->chosen_csuite_idx];
406
+ /* Calculate TH_2. */
407
+ ctx->th_len = csuite.hash_length;
1451
408
 
1452
- if (role == initiator) {
1453
- switch (ctx->method) {
1454
- case EDHOC_METHOD_0:
1455
- case EDHOC_METHOD_2:
1456
- *mac_2_len = csuite.hash_length;
1457
- return EDHOC_SUCCESS;
1458
-
1459
- case EDHOC_METHOD_1:
1460
- case EDHOC_METHOD_3:
1461
- *mac_2_len = csuite.mac_length;
1462
- return EDHOC_SUCCESS;
1463
- }
1464
- }
409
+ size_t hash_length = 0;
410
+ ret = ctx->crypto.hash(ctx->user_ctx, th_2, VLA_SIZE(th_2), ctx->th,
411
+ ctx->th_len, &hash_length);
1465
412
 
1466
- if (role == responder) {
1467
- switch (ctx->method) {
1468
- case EDHOC_METHOD_0:
1469
- case EDHOC_METHOD_2:
1470
- *mac_2_len = csuite.hash_length;
1471
- return EDHOC_SUCCESS;
1472
-
1473
- case EDHOC_METHOD_1:
1474
- case EDHOC_METHOD_3:
1475
- *mac_2_len = csuite.mac_length;
1476
- return EDHOC_SUCCESS;
1477
- }
1478
- }
413
+ if (EDHOC_SUCCESS != ret || csuite.hash_length != hash_length)
414
+ return EDHOC_ERROR_CRYPTO_FAILURE;
1479
415
 
1480
- return EDHOC_ERROR_NOT_PERMITTED;
416
+ ctx->th_state = EDHOC_TH_STATE_2;
417
+ return EDHOC_SUCCESS;
1481
418
  }
1482
419
 
1483
- static int comp_mac_2(const struct edhoc_context *ctx,
1484
- const struct cbor_items *cbor_items, uint8_t *mac_2,
1485
- size_t mac_2_len)
420
+ static int comp_prk_2e(struct edhoc_context *ctx)
1486
421
  {
1487
- if (NULL == ctx || NULL == cbor_items || NULL == mac_2 ||
1488
- 0 == mac_2_len)
422
+ if (NULL == ctx)
1489
423
  return EDHOC_ERROR_INVALID_ARGUMENT;
1490
424
 
1491
- if (EDHOC_PRK_STATE_3E2M != ctx->prk_state)
425
+ if (EDHOC_TH_STATE_2 != ctx->th_state ||
426
+ EDHOC_PRK_STATE_INVALID != ctx->prk_state)
1492
427
  return EDHOC_ERROR_BAD_STATE;
1493
428
 
1494
429
  int ret = EDHOC_ERROR_GENERIC_ERROR;
1495
430
 
1496
- struct info input_info = {
1497
- ._info_label = EDHOC_EXTRACT_PRK_INFO_LABEL_MAC_2,
1498
- ._info_context.value = cbor_items->buf,
1499
- ._info_context.len = cbor_items->buf_len,
1500
- ._info_length = (uint32_t)mac_2_len,
1501
- };
1502
-
1503
- /* Calculate struct info cbor overhead. */
1504
- size_t len = 0;
1505
- len += cbor_int_mem_req(EDHOC_EXTRACT_PRK_INFO_LABEL_MAC_2);
1506
- len += cbor_items->buf_len + cbor_bstr_overhead(cbor_items->buf_len);
1507
- len += cbor_int_mem_req((int32_t)mac_2_len);
1508
-
1509
- ALLOCATE_ARRAY(uint8_t, info, len);
1510
- memset(info, 0, ALLOCATE_ARRAY_SIZEOF(info));
1511
-
1512
- len = 0;
1513
- ret = cbor_encode_info(info, ARRAY_SIZE_VLA(info), &input_info, &len);
1514
-
1515
- if (ZCBOR_SUCCESS != ret)
1516
- return EDHOC_ERROR_CBOR_FAILURE;
1517
-
1518
- if (NULL != ctx->logger)
1519
- ctx->logger(ctx->user_ctx, "MAC_2 info", info, len);
431
+ ctx->prk_len = ctx->csuite[ctx->chosen_csuite_idx].hash_length;
1520
432
 
1521
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
1522
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_EXPAND, ctx->prk,
1523
- ctx->prk_len, key_id);
433
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
434
+ ret = ctx->keys.import_key(ctx->user_ctx, EDHOC_KT_EXTRACT,
435
+ ctx->dh_secret, ctx->dh_secret_len, key_id);
1524
436
 
1525
437
  if (EDHOC_SUCCESS != ret)
1526
438
  return EDHOC_ERROR_CRYPTO_FAILURE;
1527
439
 
1528
- ret = ctx->crypto.expand(ctx->user_ctx, key_id, info, len, mac_2,
1529
- mac_2_len);
440
+ size_t out_len = 0;
441
+ ret = ctx->crypto.extract(ctx->user_ctx, key_id, ctx->th, ctx->th_len,
442
+ ctx->prk, ctx->prk_len, &out_len);
1530
443
  ctx->keys.destroy_key(ctx->user_ctx, key_id);
1531
- memset(key_id, 0, sizeof(key_id));
1532
444
 
1533
- if (EDHOC_SUCCESS != ret)
445
+ if (EDHOC_SUCCESS != ret || ctx->prk_len != out_len)
1534
446
  return EDHOC_ERROR_CRYPTO_FAILURE;
1535
447
 
448
+ ctx->prk_state = EDHOC_PRK_STATE_2E;
1536
449
  return EDHOC_SUCCESS;
1537
450
  }
1538
451
 
1539
- static int comp_sign_or_mac_2_len(enum edhoc_role role,
1540
- const struct edhoc_context *ctx,
1541
- size_t *sign_or_mac_2_len)
452
+ static int comp_prk_3e2m(struct edhoc_context *ctx,
453
+ const struct edhoc_auth_creds *auth_cred,
454
+ const uint8_t *pub_key, size_t pub_key_len)
1542
455
  {
1543
- if (NULL == ctx || NULL == sign_or_mac_2_len)
456
+ if (NULL == ctx)
1544
457
  return EDHOC_ERROR_INVALID_ARGUMENT;
1545
458
 
1546
- const struct edhoc_cipher_suite csuite =
1547
- ctx->csuite[ctx->chosen_csuite_idx];
459
+ if (EDHOC_PRK_STATE_2E != ctx->prk_state)
460
+ return EDHOC_ERROR_BAD_STATE;
1548
461
 
1549
- if (role == initiator) {
1550
- switch (ctx->method) {
1551
- case EDHOC_METHOD_0:
1552
- case EDHOC_METHOD_2:
1553
- *sign_or_mac_2_len = csuite.ecc_sign_length;
1554
- return EDHOC_SUCCESS;
1555
-
1556
- case EDHOC_METHOD_1:
1557
- case EDHOC_METHOD_3:
1558
- *sign_or_mac_2_len = csuite.mac_length;
1559
- return EDHOC_SUCCESS;
1560
- }
1561
- }
462
+ switch (ctx->chosen_method) {
463
+ case EDHOC_METHOD_0:
464
+ case EDHOC_METHOD_2:
465
+ ctx->prk_state = EDHOC_PRK_STATE_3E2M;
466
+ return EDHOC_SUCCESS;
1562
467
 
1563
- if (role == responder) {
1564
- switch (ctx->method) {
1565
- case EDHOC_METHOD_0:
1566
- case EDHOC_METHOD_2:
1567
- *sign_or_mac_2_len = csuite.ecc_sign_length;
1568
- return EDHOC_SUCCESS;
1569
-
1570
- case EDHOC_METHOD_1:
1571
- case EDHOC_METHOD_3:
1572
- *sign_or_mac_2_len = csuite.mac_length;
1573
- return EDHOC_SUCCESS;
1574
- }
1575
- }
468
+ case EDHOC_METHOD_1:
469
+ case EDHOC_METHOD_3: {
470
+ const size_t hash_len =
471
+ ctx->csuite[ctx->chosen_csuite_idx].hash_length;
1576
472
 
1577
- return EDHOC_ERROR_NOT_PERMITTED;
1578
- }
473
+ VLA_ALLOC(uint8_t, salt_3e2m, hash_len);
474
+ memset(salt_3e2m, 0, VLA_SIZEOF(salt_3e2m));
1579
475
 
1580
- static int comp_sign_or_mac_2(const struct edhoc_context *ctx,
1581
- const struct edhoc_auth_creds *auth_cred,
1582
- const struct cbor_items *cbor_items,
1583
- const uint8_t *mac_2, size_t mac_2_len,
1584
- uint8_t *sign, size_t sign_len)
1585
- {
1586
- if (NULL == ctx || NULL == auth_cred || NULL == cbor_items ||
1587
- NULL == mac_2 || 0 == mac_2_len || NULL == sign || 0 == sign_len)
1588
- return EDHOC_ERROR_INVALID_ARGUMENT;
476
+ int ret = comp_salt_3e2m(ctx, salt_3e2m, VLA_SIZE(salt_3e2m));
1589
477
 
1590
- int ret = EDHOC_ERROR_GENERIC_ERROR;
478
+ if (EDHOC_SUCCESS != ret)
479
+ return EDHOC_ERROR_CRYPTO_FAILURE;
1591
480
 
1592
- switch (ctx->method) {
1593
- case EDHOC_METHOD_0:
1594
- case EDHOC_METHOD_2: {
1595
- const struct sig_structure cose_sign_1 = {
1596
- ._sig_structure_protected.value = cbor_items->id_cred_r,
1597
- ._sig_structure_protected.len =
1598
- cbor_items->id_cred_r_len,
1599
- ._sig_structure_external_aad.value = cbor_items->th_2,
1600
- ._sig_structure_external_aad.len =
1601
- cbor_items->th_2_len + cbor_items->cred_r_len +
1602
- cbor_items->ead_2_len,
1603
- ._sig_structure_payload.value = mac_2,
1604
- ._sig_structure_payload.len = mac_2_len,
1605
- };
481
+ if (NULL != ctx->logger)
482
+ ctx->logger(ctx->user_ctx, "SALT_3e2m", salt_3e2m,
483
+ VLA_SIZE(salt_3e2m));
1606
484
 
1607
- size_t len = 0;
1608
- len += sizeof("Signature1") +
1609
- cbor_tstr_overhead(sizeof("Signature1"));
1610
- len += cbor_items->id_cred_r_len +
1611
- cbor_bstr_overhead(cbor_items->id_cred_r_len);
1612
- len += cbor_items->th_2_len + cbor_items->cred_r_len +
1613
- cbor_items->ead_2_len +
1614
- cbor_bstr_overhead(cbor_items->th_2_len +
1615
- cbor_items->cred_r_len +
1616
- cbor_items->ead_2_len);
1617
- len += mac_2_len + cbor_int_mem_req((int32_t)mac_2_len);
1618
-
1619
- ALLOCATE_ARRAY(uint8_t, cose_sign_1_buf, len);
1620
- memset(cose_sign_1_buf, 0, ALLOCATE_ARRAY_SIZEOF(cose_sign_1_buf));
1621
-
1622
- len = 0;
1623
- ret = cbor_encode_sig_structure(cose_sign_1_buf,
1624
- ARRAY_SIZE_VLA(cose_sign_1_buf),
1625
- &cose_sign_1, &len);
1626
- const size_t cose_sign_1_buf_len = len;
485
+ const size_t ecc_key_len =
486
+ ctx->csuite[ctx->chosen_csuite_idx].ecc_key_length;
1627
487
 
1628
- if (ZCBOR_SUCCESS != ret)
1629
- return EDHOC_ERROR_CBOR_FAILURE;
488
+ VLA_ALLOC(uint8_t, grx, ecc_key_len);
489
+ memset(grx, 0, VLA_SIZEOF(grx));
490
+
491
+ ret = comp_grx(ctx, auth_cred, pub_key, pub_key_len, grx,
492
+ VLA_SIZE(grx));
493
+
494
+ if (EDHOC_SUCCESS != ret)
495
+ return EDHOC_ERROR_CRYPTO_FAILURE;
496
+
497
+ if (NULL != ctx->logger)
498
+ ctx->logger(ctx->user_ctx, "G_RX", grx, VLA_SIZE(grx));
499
+
500
+ ctx->prk_len = ctx->csuite[ctx->chosen_csuite_idx].hash_length;
1630
501
 
1631
- len = 0;
1632
- ret = ctx->crypto.signature(
1633
- ctx->user_ctx, auth_cred->priv_key_id, cose_sign_1_buf,
1634
- cose_sign_1_buf_len, sign, sign_len, &len);
502
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
503
+ ret = ctx->keys.import_key(ctx->user_ctx, EDHOC_KT_EXTRACT, grx,
504
+ VLA_SIZE(grx), key_id);
505
+ memset(grx, 0, VLA_SIZEOF(grx));
1635
506
 
1636
- if (EDHOC_SUCCESS != ret || sign_len != len)
507
+ if (EDHOC_SUCCESS != ret)
508
+ return EDHOC_ERROR_CRYPTO_FAILURE;
509
+
510
+ size_t out_len = 0;
511
+ ret = ctx->crypto.extract(ctx->user_ctx, key_id, salt_3e2m,
512
+ VLA_SIZE(salt_3e2m), ctx->prk,
513
+ ctx->prk_len, &out_len);
514
+ ctx->keys.destroy_key(ctx->user_ctx, key_id);
515
+
516
+ if (EDHOC_SUCCESS != ret || ctx->prk_len != out_len)
1637
517
  return EDHOC_ERROR_CRYPTO_FAILURE;
1638
518
 
519
+ ctx->prk_state = EDHOC_PRK_STATE_3E2M;
1639
520
  return EDHOC_SUCCESS;
1640
521
  }
1641
522
 
1642
- case EDHOC_METHOD_1:
1643
- case EDHOC_METHOD_3:
1644
- memcpy(sign, mac_2, mac_2_len);
1645
- return EDHOC_SUCCESS;
523
+ case EDHOC_METHOD_MAX:
524
+ return EDHOC_ERROR_NOT_PERMITTED;
1646
525
  }
1647
526
 
1648
- return EDHOC_ERROR_INVALID_SIGN_OR_MAC_2;
527
+ return EDHOC_ERROR_NOT_PERMITTED;
1649
528
  }
1650
529
 
1651
530
  static int comp_plaintext_2_len(const struct edhoc_context *ctx,
1652
- const struct cbor_items *cbor_items,
531
+ const struct mac_context *mac_ctx,
1653
532
  size_t sign_len, size_t *plaintext_2_len)
1654
533
  {
1655
- if (NULL == ctx || NULL == cbor_items || 0 == sign_len ||
534
+ if (NULL == ctx || NULL == mac_ctx || 0 == sign_len ||
1656
535
  NULL == plaintext_2_len)
1657
536
  return EDHOC_ERROR_INVALID_ARGUMENT;
1658
537
 
@@ -1660,39 +539,38 @@ static int comp_plaintext_2_len(const struct edhoc_context *ctx,
1660
539
 
1661
540
  switch (ctx->cid.encode_type) {
1662
541
  case EDHOC_CID_TYPE_ONE_BYTE_INTEGER:
1663
- len += cbor_int_mem_req(ctx->cid.int_value);
542
+ len += edhoc_cbor_int_mem_req(ctx->cid.int_value);
1664
543
  break;
1665
544
  case EDHOC_CID_TYPE_BYTE_STRING:
1666
545
  len += ctx->cid.bstr_length;
1667
- len += cbor_bstr_overhead(ctx->cid.bstr_length);
546
+ len += edhoc_cbor_bstr_oh(ctx->cid.bstr_length);
1668
547
  break;
1669
548
  }
1670
549
 
1671
- if (true == cbor_items->id_cred_r_is_comp_enc) {
1672
- switch (cbor_items->id_cred_r_enc_type) {
550
+ if (true == mac_ctx->id_cred_is_comp_enc) {
551
+ switch (mac_ctx->id_cred_enc_type) {
1673
552
  case EDHOC_ENCODE_TYPE_INTEGER:
1674
- len += cbor_int_mem_req(cbor_items->id_cred_r_int);
553
+ len += edhoc_cbor_int_mem_req(mac_ctx->id_cred_int);
1675
554
  break;
1676
555
  case EDHOC_ENCODE_TYPE_BYTE_STRING:
1677
- len += cbor_items->id_cred_r_bstr_len;
1678
- len += cbor_bstr_overhead(
1679
- cbor_items->id_cred_r_bstr_len);
556
+ len += mac_ctx->id_cred_bstr_len;
557
+ len += edhoc_cbor_bstr_oh(mac_ctx->id_cred_bstr_len);
1680
558
  break;
1681
559
  }
1682
560
  } else {
1683
- len += cbor_items->id_cred_r_len;
561
+ len += mac_ctx->id_cred_len;
1684
562
  }
1685
563
 
1686
564
  len += sign_len;
1687
- len += cbor_bstr_overhead(sign_len);
1688
- len += cbor_items->ead_2_len;
565
+ len += edhoc_cbor_bstr_oh(sign_len);
566
+ len += mac_ctx->ead_len;
1689
567
 
1690
568
  *plaintext_2_len = len;
1691
569
  return EDHOC_SUCCESS;
1692
570
  }
1693
571
 
1694
572
  static int prepare_plaintext_2(const struct edhoc_context *ctx,
1695
- const struct cbor_items *cbor_items,
573
+ const struct mac_context *mac_ctx,
1696
574
  const uint8_t *sign, size_t sign_len,
1697
575
  uint8_t *ptxt, size_t ptxt_size,
1698
576
  size_t *ptxt_len)
@@ -1733,24 +611,23 @@ static int prepare_plaintext_2(const struct edhoc_context *ctx,
1733
611
  return EDHOC_ERROR_NOT_PERMITTED;
1734
612
  }
1735
613
 
1736
- if (cbor_items->id_cred_r_is_comp_enc) {
1737
- switch (cbor_items->id_cred_r_enc_type) {
614
+ if (mac_ctx->id_cred_is_comp_enc) {
615
+ switch (mac_ctx->id_cred_enc_type) {
1738
616
  case EDHOC_ENCODE_TYPE_INTEGER:
1739
- memcpy(&ptxt[offset], &cbor_items->id_cred_r_int, 1);
617
+ memcpy(&ptxt[offset], &mac_ctx->id_cred_int, 1);
1740
618
  offset += 1;
1741
619
  break;
1742
620
  case EDHOC_ENCODE_TYPE_BYTE_STRING:
1743
- memcpy(&ptxt[offset], &cbor_items->id_cred_r_bstr,
1744
- cbor_items->id_cred_r_bstr_len);
1745
- offset += cbor_items->id_cred_r_bstr_len;
621
+ memcpy(&ptxt[offset], &mac_ctx->id_cred_bstr,
622
+ mac_ctx->id_cred_bstr_len);
623
+ offset += mac_ctx->id_cred_bstr_len;
1746
624
  break;
1747
625
  default:
1748
626
  return EDHOC_ERROR_NOT_PERMITTED;
1749
627
  }
1750
628
  } else {
1751
- memcpy(&ptxt[offset], cbor_items->id_cred_r,
1752
- cbor_items->id_cred_r_len);
1753
- offset += cbor_items->id_cred_r_len;
629
+ memcpy(&ptxt[offset], mac_ctx->id_cred, mac_ctx->id_cred_len);
630
+ offset += mac_ctx->id_cred_len;
1754
631
  }
1755
632
 
1756
633
  const struct zcbor_string cbor_sign_or_mac_2 = {
@@ -1760,18 +637,17 @@ static int prepare_plaintext_2(const struct edhoc_context *ctx,
1760
637
 
1761
638
  size_t len = 0;
1762
639
  ret = cbor_encode_byte_string_type_bstr_type(
1763
- &ptxt[offset], sign_len + cbor_bstr_overhead(sign_len) + 1,
640
+ &ptxt[offset], sign_len + edhoc_cbor_bstr_oh(sign_len) + 1,
1764
641
  &cbor_sign_or_mac_2, &len);
1765
642
 
1766
- if (ZCBOR_SUCCESS != ret ||
1767
- (sign_len + cbor_bstr_overhead(sign_len)) != len)
643
+ if (ZCBOR_SUCCESS != ret)
1768
644
  return EDHOC_ERROR_CBOR_FAILURE;
1769
645
 
1770
646
  offset += len;
1771
647
 
1772
- if (cbor_items->is_ead_2) {
1773
- memcpy(&ptxt[offset], cbor_items->ead_2, cbor_items->ead_2_len);
1774
- offset += cbor_items->ead_2_len;
648
+ if (mac_ctx->is_ead) {
649
+ memcpy(&ptxt[offset], mac_ctx->ead, mac_ctx->ead_len);
650
+ offset += mac_ctx->ead_len;
1775
651
  }
1776
652
 
1777
653
  if (offset > ptxt_size)
@@ -1796,34 +672,34 @@ static int comp_keystream(const struct edhoc_context *ctx,
1796
672
  int ret = EDHOC_ERROR_GENERIC_ERROR;
1797
673
 
1798
674
  const struct info input_info = {
1799
- ._info_label = EDHOC_EXTRACT_PRK_INFO_LABEL_KEYSTERAM_2,
1800
- ._info_context.value = ctx->th,
1801
- ._info_context.len = ctx->th_len,
1802
- ._info_length = (uint32_t)keystream_len,
675
+ .info_label = EDHOC_EXTRACT_PRK_INFO_LABEL_KEYSTERAM_2,
676
+ .info_context.value = ctx->th,
677
+ .info_context.len = ctx->th_len,
678
+ .info_length = (uint32_t)keystream_len,
1803
679
  };
1804
680
 
1805
681
  size_t len = 0;
1806
- len += cbor_int_mem_req(EDHOC_EXTRACT_PRK_INFO_LABEL_KEYSTERAM_2);
1807
- len += ctx->th_len + cbor_bstr_overhead(ctx->th_len);
1808
- len += cbor_int_mem_req((int32_t)keystream_len);
682
+ len += edhoc_cbor_int_mem_req(EDHOC_EXTRACT_PRK_INFO_LABEL_KEYSTERAM_2);
683
+ len += ctx->th_len + edhoc_cbor_bstr_oh(ctx->th_len);
684
+ len += edhoc_cbor_int_mem_req((int32_t)keystream_len);
1809
685
 
1810
- ALLOCATE_ARRAY(uint8_t, info, len);
1811
- memset(info, 0, ALLOCATE_ARRAY_SIZEOF(info));
686
+ VLA_ALLOC(uint8_t, info, len);
687
+ memset(info, 0, VLA_SIZEOF(info));
1812
688
 
1813
689
  len = 0;
1814
- ret = cbor_encode_info(info, ARRAY_SIZE_VLA(info), &input_info, &len);
690
+ ret = cbor_encode_info(info, VLA_SIZE(info), &input_info, &len);
1815
691
 
1816
- if (ZCBOR_SUCCESS != ret || ARRAY_SIZE_VLA(info) != len)
692
+ if (ZCBOR_SUCCESS != ret || VLA_SIZE(info) != len)
1817
693
  return EDHOC_ERROR_CBOR_FAILURE;
1818
694
 
1819
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
1820
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_EXPAND, prk_2e,
1821
- prk_2e_len, key_id);
695
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
696
+ ret = ctx->keys.import_key(ctx->user_ctx, EDHOC_KT_EXPAND, prk_2e,
697
+ prk_2e_len, key_id);
1822
698
 
1823
699
  if (EDHOC_SUCCESS != ret)
1824
700
  return EDHOC_ERROR_CRYPTO_FAILURE;
1825
701
 
1826
- ret = ctx->crypto.expand(ctx->user_ctx, key_id, info, ARRAY_SIZE_VLA(info),
702
+ ret = ctx->crypto.expand(ctx->user_ctx, key_id, info, VLA_SIZE(info),
1827
703
  keystream, keystream_len);
1828
704
  ctx->keys.destroy_key(ctx->user_ctx, key_id);
1829
705
 
@@ -1855,8 +731,8 @@ static int prepare_message_2(const struct edhoc_context *ctx,
1855
731
  len += ctx->dh_pub_key_len;
1856
732
  len += ctxt_len;
1857
733
 
1858
- ALLOCATE_ARRAY(uint8_t, buffer, len);
1859
- memset(buffer, 0, ALLOCATE_ARRAY_SIZEOF(buffer));
734
+ VLA_ALLOC(uint8_t, buffer, len);
735
+ memset(buffer, 0, VLA_SIZEOF(buffer));
1860
736
 
1861
737
  memcpy(&buffer[offset], ctx->dh_pub_key, ctx->dh_pub_key_len);
1862
738
  offset += ctx->dh_pub_key_len;
@@ -1864,12 +740,12 @@ static int prepare_message_2(const struct edhoc_context *ctx,
1864
740
  memcpy(&buffer[offset], ctxt, ctxt_len);
1865
741
  offset += ctxt_len;
1866
742
 
1867
- if (ARRAY_SIZE_VLA(buffer) < offset)
743
+ if (VLA_SIZE(buffer) < offset)
1868
744
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
1869
745
 
1870
746
  const struct zcbor_string cbor_msg_2 = {
1871
747
  .value = buffer,
1872
- .len = ARRAY_SIZE_VLA(buffer),
748
+ .len = VLA_SIZE(buffer),
1873
749
  };
1874
750
 
1875
751
  ret = cbor_encode_message_2_G_Y_CIPHERTEXT_2(msg_2, msg_2_size,
@@ -1950,30 +826,30 @@ static int parse_plaintext(struct edhoc_context *ctx, const uint8_t *ptxt,
1950
826
  return EDHOC_ERROR_CBOR_FAILURE;
1951
827
 
1952
828
  /* C_R */
1953
- switch (cbor_ptxt_2._plaintext_2_C_R_choice) {
1954
- case _plaintext_2_C_R_int:
829
+ switch (cbor_ptxt_2.plaintext_2_C_R_choice) {
830
+ case plaintext_2_C_R_int_c:
1955
831
  if (ONE_BYTE_CBOR_INT_MIN_VALUE >
1956
- (int8_t)cbor_ptxt_2._plaintext_2_C_R_int ||
832
+ (int8_t)cbor_ptxt_2.plaintext_2_C_R_int ||
1957
833
  ONE_BYTE_CBOR_INT_MAX_VALUE <
1958
- (int8_t)cbor_ptxt_2._plaintext_2_C_R_int)
834
+ (int8_t)cbor_ptxt_2.plaintext_2_C_R_int)
1959
835
  return EDHOC_ERROR_NOT_PERMITTED;
1960
836
 
1961
837
  ctx->peer_cid.encode_type = EDHOC_CID_TYPE_ONE_BYTE_INTEGER;
1962
838
  ctx->peer_cid.int_value =
1963
- (int8_t)cbor_ptxt_2._plaintext_2_C_R_int;
839
+ (int8_t)cbor_ptxt_2.plaintext_2_C_R_int;
1964
840
  break;
1965
841
 
1966
- case _plaintext_2_C_R_bstr:
842
+ case plaintext_2_C_R_bstr_c:
1967
843
  if (ARRAY_SIZE(ctx->peer_cid.bstr_value) <
1968
- cbor_ptxt_2._plaintext_2_C_R_bstr.len)
844
+ cbor_ptxt_2.plaintext_2_C_R_bstr.len)
1969
845
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
1970
846
 
1971
847
  ctx->peer_cid.encode_type = EDHOC_CID_TYPE_BYTE_STRING;
1972
848
  ctx->peer_cid.bstr_length =
1973
- cbor_ptxt_2._plaintext_2_C_R_bstr.len;
849
+ cbor_ptxt_2.plaintext_2_C_R_bstr.len;
1974
850
  memcpy(ctx->peer_cid.bstr_value,
1975
- cbor_ptxt_2._plaintext_2_C_R_bstr.value,
1976
- cbor_ptxt_2._plaintext_2_C_R_bstr.len);
851
+ cbor_ptxt_2.plaintext_2_C_R_bstr.value,
852
+ cbor_ptxt_2.plaintext_2_C_R_bstr.len);
1977
853
  break;
1978
854
 
1979
855
  default:
@@ -1981,69 +857,69 @@ static int parse_plaintext(struct edhoc_context *ctx, const uint8_t *ptxt,
1981
857
  }
1982
858
 
1983
859
  /* ID_CRED_R */
1984
- switch (cbor_ptxt_2._plaintext_2_ID_CRED_R_choice) {
1985
- case _plaintext_2_ID_CRED_R_int:
860
+ switch (cbor_ptxt_2.plaintext_2_ID_CRED_R_choice) {
861
+ case plaintext_2_ID_CRED_R_int_c:
1986
862
  parsed_ptxt->auth_cred.label = EDHOC_COSE_HEADER_KID;
1987
863
  parsed_ptxt->auth_cred.key_id.encode_type =
1988
864
  EDHOC_ENCODE_TYPE_INTEGER;
1989
865
  parsed_ptxt->auth_cred.key_id.key_id_int =
1990
- cbor_ptxt_2._plaintext_2_ID_CRED_R_int;
866
+ cbor_ptxt_2.plaintext_2_ID_CRED_R_int;
1991
867
  break;
1992
868
 
1993
- case _plaintext_2_ID_CRED_R_bstr:
869
+ case plaintext_2_ID_CRED_R_bstr_c:
1994
870
  parsed_ptxt->auth_cred.label = EDHOC_COSE_HEADER_KID;
1995
871
  parsed_ptxt->auth_cred.key_id.encode_type =
1996
872
  EDHOC_ENCODE_TYPE_BYTE_STRING;
1997
873
  parsed_ptxt->auth_cred.key_id.key_id_bstr_length =
1998
- cbor_ptxt_2._plaintext_2_ID_CRED_R_bstr.len;
874
+ cbor_ptxt_2.plaintext_2_ID_CRED_R_bstr.len;
1999
875
  memcpy(parsed_ptxt->auth_cred.key_id.key_id_bstr,
2000
- cbor_ptxt_2._plaintext_2_ID_CRED_R_bstr.value,
2001
- cbor_ptxt_2._plaintext_2_ID_CRED_R_bstr.len);
876
+ cbor_ptxt_2.plaintext_2_ID_CRED_R_bstr.value,
877
+ cbor_ptxt_2.plaintext_2_ID_CRED_R_bstr.len);
2002
878
  break;
2003
879
 
2004
- case _plaintext_2_ID_CRED_R__map: {
880
+ case plaintext_2_ID_CRED_R_map_m_c: {
2005
881
  const struct map *cbor_map =
2006
- &cbor_ptxt_2._plaintext_2_ID_CRED_R__map;
882
+ &cbor_ptxt_2.plaintext_2_ID_CRED_R_map_m;
2007
883
 
2008
- if (cbor_map->_map_x5chain_present) {
884
+ if (cbor_map->map_x5chain_present) {
2009
885
  parsed_ptxt->auth_cred.label =
2010
886
  EDHOC_COSE_HEADER_X509_CHAIN;
2011
887
 
2012
- const struct COSE_X509_ *cose_x509 =
2013
- &cbor_map->_map_x5chain._map_x5chain;
888
+ const struct COSE_X509_r *cose_x509 =
889
+ &cbor_map->map_x5chain.map_x5chain;
2014
890
 
2015
- switch (cose_x509->_COSE_X509_choice) {
2016
- case _COSE_X509_bstr:
891
+ switch (cose_x509->COSE_X509_choice) {
892
+ case COSE_X509_bstr_c:
2017
893
  parsed_ptxt->auth_cred.x509_chain.nr_of_certs =
2018
894
  1;
2019
895
  parsed_ptxt->auth_cred.x509_chain.cert[0] =
2020
- cose_x509->_COSE_X509_bstr.value;
896
+ cose_x509->COSE_X509_bstr.value;
2021
897
  parsed_ptxt->auth_cred.x509_chain.cert_len[0] =
2022
- cose_x509->_COSE_X509_bstr.len;
898
+ cose_x509->COSE_X509_bstr.len;
2023
899
  break;
2024
- case _COSE_X509__certs: {
900
+ case COSE_X509_certs_l_c: {
2025
901
  if (ARRAY_SIZE(parsed_ptxt->auth_cred.x509_chain
2026
902
  .cert) <
2027
- cose_x509->_COSE_X509__certs_certs_count)
903
+ cose_x509->COSE_X509_certs_l_certs_count)
2028
904
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
2029
905
 
2030
906
  parsed_ptxt->auth_cred.x509_chain.nr_of_certs =
2031
- cose_x509->_COSE_X509__certs_certs_count;
907
+ cose_x509->COSE_X509_certs_l_certs_count;
2032
908
 
2033
909
  for (size_t i = 0;
2034
910
  i <
2035
- cose_x509->_COSE_X509__certs_certs_count;
911
+ cose_x509->COSE_X509_certs_l_certs_count;
2036
912
  ++i) {
2037
913
  parsed_ptxt->auth_cred.x509_chain
2038
914
  .cert[i] =
2039
915
  cose_x509
2040
- ->_COSE_X509__certs_certs
916
+ ->COSE_X509_certs_l_certs
2041
917
  [i]
2042
918
  .value;
2043
919
  parsed_ptxt->auth_cred.x509_chain
2044
920
  .cert_len[i] =
2045
921
  cose_x509
2046
- ->_COSE_X509__certs_certs
922
+ ->COSE_X509_certs_l_certs
2047
923
  [i]
2048
924
  .len;
2049
925
  }
@@ -2055,41 +931,41 @@ static int parse_plaintext(struct edhoc_context *ctx, const uint8_t *ptxt,
2055
931
  }
2056
932
  }
2057
933
 
2058
- if (cbor_map->_map_x5t_present) {
934
+ if (cbor_map->map_x5t_present) {
2059
935
  parsed_ptxt->auth_cred.label =
2060
936
  EDHOC_COSE_HEADER_X509_HASH;
2061
937
 
2062
938
  const struct COSE_CertHash *cose_x509 =
2063
- &cbor_map->_map_x5t._map_x5t;
939
+ &cbor_map->map_x5t.map_x5t;
2064
940
 
2065
941
  parsed_ptxt->auth_cred.x509_hash.cert_fp =
2066
- cose_x509->_COSE_CertHash_hashValue.value;
942
+ cose_x509->COSE_CertHash_hashValue.value;
2067
943
  parsed_ptxt->auth_cred.x509_hash.cert_fp_len =
2068
- cose_x509->_COSE_CertHash_hashValue.len;
944
+ cose_x509->COSE_CertHash_hashValue.len;
2069
945
 
2070
- switch (cose_x509->_COSE_CertHash_hashAlg_choice) {
2071
- case _COSE_CertHash_hashAlg_int:
946
+ switch (cose_x509->COSE_CertHash_hashAlg_choice) {
947
+ case COSE_CertHash_hashAlg_int_c:
2072
948
  parsed_ptxt->auth_cred.x509_hash.encode_type =
2073
949
  EDHOC_ENCODE_TYPE_INTEGER;
2074
950
  parsed_ptxt->auth_cred.x509_hash.alg_int =
2075
- cose_x509->_COSE_CertHash_hashAlg_int;
951
+ cose_x509->COSE_CertHash_hashAlg_int;
2076
952
  break;
2077
- case _COSE_CertHash_hashAlg_tstr:
953
+ case COSE_CertHash_hashAlg_tstr_c:
2078
954
  if (ARRAY_SIZE(parsed_ptxt->auth_cred.x509_hash
2079
955
  .alg_bstr) <
2080
- cose_x509->_COSE_CertHash_hashAlg_tstr.len)
956
+ cose_x509->COSE_CertHash_hashAlg_tstr.len)
2081
957
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
2082
958
 
2083
959
  parsed_ptxt->auth_cred.x509_hash.encode_type =
2084
960
  EDHOC_ENCODE_TYPE_BYTE_STRING;
2085
961
  parsed_ptxt->auth_cred.x509_hash
2086
962
  .alg_bstr_length =
2087
- cose_x509->_COSE_CertHash_hashAlg_tstr
963
+ cose_x509->COSE_CertHash_hashAlg_tstr
2088
964
  .len;
2089
965
  memcpy(parsed_ptxt->auth_cred.x509_hash.alg_bstr,
2090
- cose_x509->_COSE_CertHash_hashAlg_tstr
966
+ cose_x509->COSE_CertHash_hashAlg_tstr
2091
967
  .value,
2092
- cose_x509->_COSE_CertHash_hashAlg_tstr
968
+ cose_x509->COSE_CertHash_hashAlg_tstr
2093
969
  .len);
2094
970
  break;
2095
971
  default:
@@ -2103,121 +979,36 @@ static int parse_plaintext(struct edhoc_context *ctx, const uint8_t *ptxt,
2103
979
 
2104
980
  /* Sign_or_MAC_2 */
2105
981
  parsed_ptxt->sign_or_mac =
2106
- cbor_ptxt_2._plaintext_2_Signature_or_MAC_2.value;
982
+ cbor_ptxt_2.plaintext_2_Signature_or_MAC_2.value;
2107
983
  parsed_ptxt->sign_or_mac_len =
2108
- cbor_ptxt_2._plaintext_2_Signature_or_MAC_2.len;
984
+ cbor_ptxt_2.plaintext_2_Signature_or_MAC_2.len;
2109
985
 
2110
986
  /* EAD_2 if present */
2111
- if (cbor_ptxt_2._plaintext_2_EAD_2_present) {
987
+ if (cbor_ptxt_2.plaintext_2_EAD_2_m_present) {
2112
988
  ctx->nr_of_ead_tokens =
2113
- cbor_ptxt_2._plaintext_2_EAD_2._ead_x_count;
989
+ cbor_ptxt_2.plaintext_2_EAD_2_m.EAD_2_count;
2114
990
 
2115
991
  for (size_t i = 0; i < ctx->nr_of_ead_tokens; ++i) {
2116
992
  ctx->ead_token[i].label =
2117
- cbor_ptxt_2._plaintext_2_EAD_2._ead_x[i]
2118
- ._ead_x_ead_label;
993
+ cbor_ptxt_2.plaintext_2_EAD_2_m.EAD_2[i]
994
+ .ead_y_ead_label;
2119
995
  ctx->ead_token[i].value =
2120
- cbor_ptxt_2._plaintext_2_EAD_2._ead_x[i]
2121
- ._ead_x_ead_value.value;
996
+ cbor_ptxt_2.plaintext_2_EAD_2_m.EAD_2[i]
997
+ .ead_y_ead_value.value;
2122
998
  ctx->ead_token[i].value_len =
2123
- cbor_ptxt_2._plaintext_2_EAD_2._ead_x[i]
2124
- ._ead_x_ead_value.len;
999
+ cbor_ptxt_2.plaintext_2_EAD_2_m.EAD_2[i]
1000
+ .ead_y_ead_value.len;
2125
1001
  }
2126
1002
  }
2127
1003
 
2128
1004
  return EDHOC_SUCCESS;
2129
1005
  }
2130
1006
 
2131
- static int verify_sign_or_mac_2(const struct edhoc_context *ctx,
2132
- const struct cbor_items *cbor_items,
2133
- const struct plaintext *parsed_ptxt,
2134
- const uint8_t *pub_key, size_t pub_key_len,
2135
- const uint8_t *mac_2, size_t mac_2_len)
2136
- {
2137
- if (NULL == ctx || NULL == cbor_items || NULL == parsed_ptxt ||
2138
- NULL == pub_key || 0 == pub_key_len || NULL == mac_2 ||
2139
- 0 == mac_2_len)
2140
- return EDHOC_ERROR_INVALID_ARGUMENT;
2141
-
2142
- int ret = EDHOC_ERROR_GENERIC_ERROR;
2143
-
2144
- switch (ctx->method) {
2145
- case EDHOC_METHOD_0:
2146
- case EDHOC_METHOD_2: {
2147
- size_t len = 0;
2148
-
2149
- const struct sig_structure cose_sign_1 = {
2150
- ._sig_structure_protected.value = cbor_items->id_cred_r,
2151
- ._sig_structure_protected.len =
2152
- cbor_items->id_cred_r_len,
2153
- ._sig_structure_external_aad.value = cbor_items->th_2,
2154
- ._sig_structure_external_aad.len =
2155
- cbor_items->th_2_len + cbor_items->cred_r_len +
2156
- cbor_items->ead_2_len,
2157
- ._sig_structure_payload.value = mac_2,
2158
- ._sig_structure_payload.len = mac_2_len,
2159
- };
2160
-
2161
- len = 0;
2162
- len += sizeof("Signature1") +
2163
- cbor_tstr_overhead(sizeof("Signature1"));
2164
- len += cbor_items->id_cred_r_len +
2165
- cbor_bstr_overhead(cbor_items->id_cred_r_len);
2166
- len += cbor_items->th_2_len + cbor_items->cred_r_len +
2167
- cbor_items->ead_2_len +
2168
- cbor_bstr_overhead(cbor_items->th_2_len +
2169
- cbor_items->cred_r_len +
2170
- cbor_items->ead_2_len);
2171
- len += mac_2_len + cbor_bstr_overhead(mac_2_len);
2172
-
2173
- ALLOCATE_ARRAY(uint8_t, cose_sign_1_buf, len);
2174
- memset(cose_sign_1_buf, 0, ALLOCATE_ARRAY_SIZEOF(cose_sign_1_buf));
2175
-
2176
- len = 0;
2177
- ret = cbor_encode_sig_structure(cose_sign_1_buf,
2178
- ARRAY_SIZE_VLA(cose_sign_1_buf),
2179
- &cose_sign_1, &len);
2180
-
2181
- if (ZCBOR_SUCCESS != ret)
2182
- return EDHOC_ERROR_CBOR_FAILURE;
2183
-
2184
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
2185
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_VERIFY,
2186
- pub_key, pub_key_len, key_id);
2187
-
2188
- if (EDHOC_SUCCESS != ret)
2189
- return EDHOC_ERROR_CRYPTO_FAILURE;
2190
-
2191
- ret = ctx->crypto.verify(ctx->user_ctx, key_id, cose_sign_1_buf,
2192
- len, parsed_ptxt->sign_or_mac,
2193
- parsed_ptxt->sign_or_mac_len);
2194
- ctx->keys.destroy_key(ctx->user_ctx, key_id);
2195
-
2196
- if (EDHOC_SUCCESS != ret)
2197
- return EDHOC_ERROR_CRYPTO_FAILURE;
2198
-
2199
- return EDHOC_SUCCESS;
2200
- }
2201
-
2202
- case EDHOC_METHOD_1:
2203
- case EDHOC_METHOD_3: {
2204
- if (mac_2_len != parsed_ptxt->sign_or_mac_len ||
2205
- 0 != memcmp(parsed_ptxt->sign_or_mac, mac_2, mac_2_len))
2206
- return EDHOC_ERROR_INVALID_SIGN_OR_MAC_2;
2207
-
2208
- return EDHOC_SUCCESS;
2209
- }
2210
-
2211
- default:
2212
- return EDHOC_ERROR_NOT_PERMITTED;
2213
- }
2214
- }
2215
-
2216
1007
  static int comp_th_3(struct edhoc_context *ctx,
2217
- const struct cbor_items *cbor_items, const uint8_t *ptxt,
1008
+ const struct mac_context *mac_ctx, const uint8_t *ptxt,
2218
1009
  size_t ptxt_len)
2219
1010
  {
2220
- if (NULL == ctx || NULL == cbor_items || NULL == ptxt || 0 == ptxt_len)
1011
+ if (NULL == ctx || NULL == mac_ctx || NULL == ptxt || 0 == ptxt_len)
2221
1012
  return EDHOC_ERROR_INVALID_ARGUMENT;
2222
1013
 
2223
1014
  if (EDHOC_TH_STATE_2 != ctx->th_state)
@@ -2226,12 +1017,12 @@ static int comp_th_3(struct edhoc_context *ctx,
2226
1017
  int ret = EDHOC_ERROR_GENERIC_ERROR;
2227
1018
 
2228
1019
  size_t len = 0;
2229
- len += ctx->th_len + cbor_bstr_overhead(ctx->th_len);
1020
+ len += ctx->th_len + edhoc_cbor_bstr_oh(ctx->th_len);
2230
1021
  len += ptxt_len;
2231
- len += cbor_items->cred_r_len;
1022
+ len += mac_ctx->cred_len;
2232
1023
 
2233
- ALLOCATE_ARRAY(uint8_t, th_3, len);
2234
- memset(th_3, 0, ALLOCATE_ARRAY_SIZEOF(th_3));
1024
+ VLA_ALLOC(uint8_t, th_3, len);
1025
+ memset(th_3, 0, VLA_SIZEOF(th_3));
2235
1026
 
2236
1027
  size_t offset = 0;
2237
1028
  struct zcbor_string bstr = (struct zcbor_string){
@@ -2241,7 +1032,7 @@ static int comp_th_3(struct edhoc_context *ctx,
2241
1032
 
2242
1033
  len = 0;
2243
1034
  ret = cbor_encode_byte_string_type_bstr_type(
2244
- &th_3[offset], ARRAY_SIZE_VLA(th_3), &bstr, &len);
1035
+ &th_3[offset], VLA_SIZE(th_3), &bstr, &len);
2245
1036
  offset += len;
2246
1037
 
2247
1038
  if (EDHOC_SUCCESS != ret)
@@ -2250,17 +1041,17 @@ static int comp_th_3(struct edhoc_context *ctx,
2250
1041
  memcpy(&th_3[offset], ptxt, ptxt_len);
2251
1042
  offset += ptxt_len;
2252
1043
 
2253
- memcpy(&th_3[offset], cbor_items->cred_r, cbor_items->cred_r_len);
2254
- offset += cbor_items->cred_r_len;
1044
+ memcpy(&th_3[offset], mac_ctx->cred, mac_ctx->cred_len);
1045
+ offset += mac_ctx->cred_len;
2255
1046
 
2256
- if (ARRAY_SIZE_VLA(th_3) < offset)
1047
+ if (VLA_SIZE(th_3) < offset)
2257
1048
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
2258
1049
 
2259
1050
  /* Calculate TH_3. */
2260
1051
  ctx->th_len = ctx->csuite[ctx->chosen_csuite_idx].hash_length;
2261
1052
 
2262
1053
  size_t hash_len = 0;
2263
- ret = ctx->crypto.hash(ctx->user_ctx, th_3, ARRAY_SIZE_VLA(th_3), ctx->th,
1054
+ ret = ctx->crypto.hash(ctx->user_ctx, th_3, VLA_SIZE(th_3), ctx->th,
2264
1055
  ctx->th_len, &hash_len);
2265
1056
 
2266
1057
  if (EDHOC_SUCCESS != ret)
@@ -2270,85 +1061,6 @@ static int comp_th_3(struct edhoc_context *ctx,
2270
1061
  return EDHOC_SUCCESS;
2271
1062
  }
2272
1063
 
2273
- static int kid_compact_encoding(const struct edhoc_auth_creds *auth_cred,
2274
- struct cbor_items *cbor_items)
2275
- {
2276
- int ret = EDHOC_ERROR_GENERIC_ERROR;
2277
- size_t len = 0;
2278
-
2279
- cbor_items->id_cred_r_is_comp_enc = true;
2280
-
2281
- switch (auth_cred->key_id.encode_type) {
2282
- case EDHOC_ENCODE_TYPE_INTEGER: {
2283
- cbor_items->id_cred_r_enc_type = EDHOC_ENCODE_TYPE_INTEGER;
2284
- if (true == auth_cred->key_id.cred_is_cbor) {
2285
- cbor_items->id_cred_r_int =
2286
- auth_cred->key_id.key_id_int;
2287
- } else {
2288
- len = 0;
2289
- ret = cbor_encode_integer_type_int_type(
2290
- (uint8_t *)&cbor_items->id_cred_r_int,
2291
- sizeof(cbor_items->id_cred_r_int),
2292
- &auth_cred->key_id.key_id_int, &len);
2293
-
2294
- if (ZCBOR_SUCCESS != ret)
2295
- return EDHOC_ERROR_CBOR_FAILURE;
2296
- }
2297
- break;
2298
- }
2299
-
2300
- case EDHOC_ENCODE_TYPE_BYTE_STRING: {
2301
- cbor_items->id_cred_r_enc_type = EDHOC_ENCODE_TYPE_BYTE_STRING;
2302
-
2303
- if (true == auth_cred->key_id.cred_is_cbor) {
2304
- if (1 == auth_cred->key_id.key_id_bstr_length) {
2305
- int32_t val = auth_cred->key_id.key_id_bstr[0];
2306
- int32_t result = 0;
2307
-
2308
- len = 0;
2309
- ret = cbor_decode_integer_type_int_type(
2310
- (uint8_t *)&val, sizeof(val), &result,
2311
- &len);
2312
-
2313
- if (ZCBOR_SUCCESS != ret)
2314
- return EDHOC_ERROR_CBOR_FAILURE;
2315
-
2316
- if (true == is_cbor_one_byte_int(result)) {
2317
- cbor_items->id_cred_r_int = val;
2318
- cbor_items->id_cred_r_enc_type =
2319
- EDHOC_ENCODE_TYPE_INTEGER;
2320
- break;
2321
- }
2322
- }
2323
-
2324
- cbor_items->id_cred_r_bstr_len =
2325
- auth_cred->key_id.key_id_bstr_length;
2326
- memcpy(cbor_items->id_cred_r_bstr,
2327
- auth_cred->key_id.key_id_bstr,
2328
- auth_cred->key_id.key_id_bstr_length);
2329
- } else {
2330
- const struct zcbor_string input = {
2331
- .value = auth_cred->key_id.key_id_bstr,
2332
- .len = auth_cred->key_id.key_id_bstr_length,
2333
- };
2334
-
2335
- ret = cbor_encode_byte_string_type_bstr_type(
2336
- cbor_items->id_cred_r_bstr,
2337
- ARRAY_SIZE(cbor_items->id_cred_r_bstr) - 1,
2338
- &input, &cbor_items->id_cred_r_bstr_len);
2339
-
2340
- if (ZCBOR_SUCCESS != ret)
2341
- return EDHOC_ERROR_CBOR_FAILURE;
2342
- }
2343
- break;
2344
- }
2345
- default:
2346
- return EDHOC_ERROR_NOT_PERMITTED;
2347
- }
2348
-
2349
- return EDHOC_SUCCESS;
2350
- }
2351
-
2352
1064
  static int comp_salt_3e2m(const struct edhoc_context *ctx, uint8_t *salt,
2353
1065
  size_t salt_len)
2354
1066
  {
@@ -2363,34 +1075,34 @@ static int comp_salt_3e2m(const struct edhoc_context *ctx, uint8_t *salt,
2363
1075
  const size_t hash_len = ctx->csuite[ctx->chosen_csuite_idx].hash_length;
2364
1076
 
2365
1077
  const struct info input_info = {
2366
- ._info_label = EDHOC_EXTRACT_PRK_INFO_LABEL_SALT_3E2M,
2367
- ._info_context.value = ctx->th,
2368
- ._info_context.len = ctx->th_len,
2369
- ._info_length = (uint32_t)hash_len,
1078
+ .info_label = EDHOC_EXTRACT_PRK_INFO_LABEL_SALT_3E2M,
1079
+ .info_context.value = ctx->th,
1080
+ .info_context.len = ctx->th_len,
1081
+ .info_length = (uint32_t)hash_len,
2370
1082
  };
2371
1083
 
2372
1084
  size_t len = 0;
2373
- len += cbor_int_mem_req(EDHOC_EXTRACT_PRK_INFO_LABEL_SALT_3E2M);
2374
- len += ctx->th_len + cbor_bstr_overhead(ctx->th_len);
2375
- len += cbor_int_mem_req((int32_t)hash_len);
1085
+ len += edhoc_cbor_int_mem_req(EDHOC_EXTRACT_PRK_INFO_LABEL_SALT_3E2M);
1086
+ len += ctx->th_len + edhoc_cbor_bstr_oh(ctx->th_len);
1087
+ len += edhoc_cbor_int_mem_req((int32_t)hash_len);
2376
1088
 
2377
- ALLOCATE_ARRAY(uint8_t, info, len);
2378
- memset(info, 0, ALLOCATE_ARRAY_SIZEOF(info));
1089
+ VLA_ALLOC(uint8_t, info, len);
1090
+ memset(info, 0, VLA_SIZEOF(info));
2379
1091
 
2380
1092
  len = 0;
2381
- ret = cbor_encode_info(info, ARRAY_SIZE_VLA(info), &input_info, &len);
1093
+ ret = cbor_encode_info(info, VLA_SIZE(info), &input_info, &len);
2382
1094
 
2383
- if (ZCBOR_SUCCESS != ret || ARRAY_SIZE_VLA(info) != len)
1095
+ if (ZCBOR_SUCCESS != ret || VLA_SIZE(info) != len)
2384
1096
  return EDHOC_ERROR_CBOR_FAILURE;
2385
1097
 
2386
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
2387
- ret = ctx->keys.generate_key(ctx->user_ctx, EDHOC_KT_EXPAND, ctx->prk,
2388
- ctx->prk_len, key_id);
1098
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
1099
+ ret = ctx->keys.import_key(ctx->user_ctx, EDHOC_KT_EXPAND, ctx->prk,
1100
+ ctx->prk_len, key_id);
2389
1101
 
2390
1102
  if (EDHOC_SUCCESS != ret)
2391
1103
  return EDHOC_ERROR_CRYPTO_FAILURE;
2392
1104
 
2393
- ret = ctx->crypto.expand(ctx->user_ctx, key_id, info, ARRAY_SIZE_VLA(info),
1105
+ ret = ctx->crypto.expand(ctx->user_ctx, key_id, info, VLA_SIZE(info),
2394
1106
  salt, salt_len);
2395
1107
  ctx->keys.destroy_key(ctx->user_ctx, key_id);
2396
1108
 
@@ -2400,7 +1112,7 @@ static int comp_salt_3e2m(const struct edhoc_context *ctx, uint8_t *salt,
2400
1112
  return EDHOC_SUCCESS;
2401
1113
  }
2402
1114
 
2403
- static int comp_grx(enum edhoc_role role, struct edhoc_context *ctx,
1115
+ static int comp_grx(struct edhoc_context *ctx,
2404
1116
  const struct edhoc_auth_creds *auth_cred,
2405
1117
  const uint8_t *pub_key, size_t pub_key_len, uint8_t *grx,
2406
1118
  size_t grx_len)
@@ -2410,13 +1122,13 @@ static int comp_grx(enum edhoc_role role, struct edhoc_context *ctx,
2410
1122
 
2411
1123
  int ret = EDHOC_ERROR_GENERIC_ERROR;
2412
1124
 
2413
- switch (role) {
2414
- case initiator: {
2415
- uint8_t key_id[EDHOC_KID_LEN] = { 0 };
2416
- ret = ctx->keys.generate_key(ctx->user_ctx,
2417
- EDHOC_KT_KEY_AGREEMENT,
2418
- ctx->dh_priv_key,
2419
- ctx->dh_priv_key_len, key_id);
1125
+ switch (ctx->role) {
1126
+ case EDHOC_INITIATOR: {
1127
+ uint8_t key_id[CONFIG_LIBEDHOC_KEY_ID_LEN] = { 0 };
1128
+ ret = ctx->keys.import_key(ctx->user_ctx,
1129
+ EDHOC_KT_KEY_AGREEMENT,
1130
+ ctx->dh_priv_key,
1131
+ ctx->dh_priv_key_len, key_id);
2420
1132
  ctx->dh_priv_key_len = 0;
2421
1133
  memset(ctx->dh_priv_key, 0, ARRAY_SIZE(ctx->dh_priv_key));
2422
1134
 
@@ -2437,7 +1149,7 @@ static int comp_grx(enum edhoc_role role, struct edhoc_context *ctx,
2437
1149
  return EDHOC_SUCCESS;
2438
1150
  }
2439
1151
 
2440
- case responder: {
1152
+ case EDHOC_RESPONDER: {
2441
1153
  size_t secret_len = 0;
2442
1154
  ret = ctx->crypto.key_agreement(ctx->user_ctx,
2443
1155
  auth_cred->priv_key_id,
@@ -2491,10 +1203,12 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2491
1203
  if (EDHOC_SM_RECEIVED_M1 != ctx->status ||
2492
1204
  EDHOC_TH_STATE_1 != ctx->th_state ||
2493
1205
  EDHOC_PRK_STATE_INVALID != ctx->prk_state)
2494
- return EDHOC_ERROR_MSG_2_PROCESS_FAILURE;
1206
+ return EDHOC_ERROR_BAD_STATE;
2495
1207
 
2496
1208
  ctx->status = EDHOC_SM_ABORTED;
2497
1209
  ctx->error_code = EDHOC_ERROR_CODE_UNSPECIFIED_ERROR;
1210
+ ctx->message = EDHOC_MSG_2;
1211
+ ctx->role = EDHOC_RESPONDER;
2498
1212
 
2499
1213
  int ret = EDHOC_ERROR_GENERIC_ERROR;
2500
1214
 
@@ -2522,7 +1236,7 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2522
1236
  ctx->dh_secret_len);
2523
1237
 
2524
1238
  /* 3. Compute Transcript Hash 2 (TH_2). */
2525
- ret = comp_th_2(ctx, responder);
1239
+ ret = comp_th_2(ctx);
2526
1240
 
2527
1241
  if (EDHOC_SUCCESS != ret)
2528
1242
  return EDHOC_ERROR_TRANSCRIPT_HASH_FAILURE;
@@ -2539,9 +1253,9 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2539
1253
  if (NULL != ctx->logger)
2540
1254
  ctx->logger(ctx->user_ctx, "PRK_2e", ctx->prk, ctx->prk_len);
2541
1255
 
2542
- /* 4b. Copy of Pseudo Random Key 2 for keystream (step 12). */
2543
- ALLOCATE_ARRAY(uint8_t, prk_2e, ctx->prk_len);
2544
- memcpy(prk_2e, ctx->prk, ALLOCATE_ARRAY_SIZEOF(prk_2e));
1256
+ /* 4b. Copy of Pseudo Random Key 2 for keystream (step 11). */
1257
+ VLA_ALLOC(uint8_t, prk_2e, ctx->prk_len);
1258
+ memcpy(prk_2e, ctx->prk, VLA_SIZEOF(prk_2e));
2545
1259
 
2546
1260
  /* 5. Fetch authentication credentials. */
2547
1261
  struct edhoc_auth_creds auth_cred = { 0 };
@@ -2552,7 +1266,7 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2552
1266
 
2553
1267
  /* 6. Compose EAD_2 if present. */
2554
1268
  if (NULL != ctx->ead.compose && 0 != ARRAY_SIZE(ctx->ead_token) - 1) {
2555
- ret = ctx->ead.compose(ctx->user_ctx, EDHOC_MSG_2,
1269
+ ret = ctx->ead.compose(ctx->user_ctx, ctx->message,
2556
1270
  ctx->ead_token,
2557
1271
  ARRAY_SIZE(ctx->ead_token) - 1,
2558
1272
  &ctx->nr_of_ead_tokens);
@@ -2580,7 +1294,7 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2580
1294
  }
2581
1295
 
2582
1296
  /* 7. Compute psuedo random key (PRK_3e2m). */
2583
- ret = comp_prk_3e2m(responder, ctx, &auth_cred, NULL, 0);
1297
+ ret = comp_prk_3e2m(ctx, &auth_cred, NULL, 0);
2584
1298
 
2585
1299
  if (EDHOC_SUCCESS != ret)
2586
1300
  return EDHOC_ERROR_PSEUDORANDOM_KEY_FAILURE;
@@ -2589,90 +1303,83 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2589
1303
  ctx->logger(ctx->user_ctx, "PRK_3e2m", ctx->prk, ctx->prk_len);
2590
1304
 
2591
1305
  /* 8a. Compute required buffer length for context_2. */
2592
- size_t context_2_len = 0;
2593
- ret = comp_mac_2_input_len(ctx, &auth_cred, responder, &context_2_len);
1306
+ size_t mac_ctx_len = 0;
1307
+ ret = edhoc_comp_mac_context_length(ctx, &auth_cred, &mac_ctx_len);
2594
1308
 
2595
1309
  if (EDHOC_SUCCESS != ret)
2596
- return EDHOC_ERROR_INVALID_MAC_2;
2597
-
2598
- ALLOCATE_ARRAY(uint8_t, mac_2_content, sizeof(struct cbor_items) + context_2_len);
2599
- memset(mac_2_content, 0, ALLOCATE_ARRAY_SIZEOF(mac_2_content));
2600
-
2601
- struct cbor_items *cbor_items = (struct cbor_items *)mac_2_content;
2602
- cbor_items->buf_len = context_2_len;
1310
+ return ret;
2603
1311
 
2604
1312
  /* 8b. Cborise items required by context_2. */
2605
- ret = gen_mac_2_context(ctx, &auth_cred, responder, cbor_items);
1313
+ VLA_ALLOC(uint8_t, mac_ctx_buf,
1314
+ sizeof(struct mac_context) + mac_ctx_len);
1315
+ memset(mac_ctx_buf, 0, VLA_SIZEOF(mac_ctx_buf));
1316
+
1317
+ struct mac_context *mac_ctx = (void *)mac_ctx_buf;
1318
+ mac_ctx->buf_len = mac_ctx_len;
2606
1319
 
1320
+ ret = edhoc_comp_mac_context(ctx, &auth_cred, mac_ctx);
2607
1321
  if (EDHOC_SUCCESS != ret)
2608
- return EDHOC_ERROR_INVALID_MAC_2;
1322
+ return ret;
2609
1323
 
2610
1324
  if (NULL != ctx->logger) {
2611
- ctx->logger(ctx->user_ctx, "C_R", cbor_items->conn_id,
2612
- cbor_items->conn_id_len);
2613
- ctx->logger(ctx->user_ctx, "ID_CRED_R", cbor_items->id_cred_r,
2614
- cbor_items->id_cred_r_len);
2615
- ctx->logger(ctx->user_ctx, "TH_2", cbor_items->th_2,
2616
- cbor_items->th_2_len);
2617
- ctx->logger(ctx->user_ctx, "CRED_R", cbor_items->cred_r,
2618
- cbor_items->cred_r_len);
2619
- ctx->logger(ctx->user_ctx, "context_2", cbor_items->buf,
2620
- cbor_items->buf_len);
1325
+ ctx->logger(ctx->user_ctx, "C_R", mac_ctx->conn_id,
1326
+ mac_ctx->conn_id_len);
1327
+ ctx->logger(ctx->user_ctx, "ID_CRED_R", mac_ctx->id_cred,
1328
+ mac_ctx->id_cred_len);
1329
+ ctx->logger(ctx->user_ctx, "TH_2", mac_ctx->th,
1330
+ mac_ctx->th_len);
1331
+ ctx->logger(ctx->user_ctx, "CRED_R", mac_ctx->cred,
1332
+ mac_ctx->cred_len);
1333
+ ctx->logger(ctx->user_ctx, "context_2", mac_ctx->buf,
1334
+ mac_ctx->buf_len);
2621
1335
  }
2622
1336
 
2623
1337
  /* 8c. Compute Message Authentication Code (MAC_2). */
2624
- size_t mac_2_len = 0;
2625
- ret = get_mac_2_len(responder, ctx, &mac_2_len);
2626
-
1338
+ size_t mac_length = 0;
1339
+ ret = edhoc_comp_mac_length(ctx, &mac_length);
2627
1340
  if (EDHOC_SUCCESS != ret)
2628
- return EDHOC_ERROR_INVALID_MAC_2;
2629
-
2630
- ALLOCATE_ARRAY(uint8_t, mac_2, mac_2_len);
2631
- memset(mac_2, 0, ALLOCATE_ARRAY_SIZEOF(mac_2));
2632
-
2633
- ret = comp_mac_2(ctx, cbor_items, mac_2, ARRAY_SIZE_VLA(mac_2));
1341
+ return ret;
2634
1342
 
1343
+ VLA_ALLOC(uint8_t, mac_buf, mac_length);
1344
+ memset(mac_buf, 0, VLA_SIZEOF(mac_buf));
1345
+ ret = edhoc_comp_mac(ctx, mac_ctx, mac_buf, mac_length);
2635
1346
  if (EDHOC_SUCCESS != ret)
2636
- return EDHOC_ERROR_INVALID_MAC_2;
2637
-
2638
- if (NULL != ctx->logger)
2639
- ctx->logger(ctx->user_ctx, "MAC_2", mac_2, ARRAY_SIZE_VLA(mac_2));
1347
+ return ret;
2640
1348
 
2641
1349
  /* 9. Compute signature if needed (Signature_or_MAC_2). */
2642
- size_t sign_or_mac_len = 0;
2643
- ret = comp_sign_or_mac_2_len(responder, ctx, &sign_or_mac_len);
2644
-
1350
+ size_t sign_or_mac_length = 0;
1351
+ ret = edhoc_comp_sign_or_mac_length(ctx, &sign_or_mac_length);
2645
1352
  if (EDHOC_SUCCESS != ret)
2646
- return EDHOC_ERROR_INVALID_SIGN_OR_MAC_2;
2647
-
2648
- ALLOCATE_ARRAY(uint8_t, sign_or_mac, sign_or_mac_len);
2649
- memset(sign_or_mac, 0, sizeof(sign_or_mac));
2650
-
2651
- ret = comp_sign_or_mac_2(ctx, &auth_cred, cbor_items, mac_2,
2652
- ARRAY_SIZE_VLA(mac_2), sign_or_mac,
2653
- ARRAY_SIZE_VLA(sign_or_mac));
1353
+ return ret;
1354
+
1355
+ size_t signature_length = 0;
1356
+ VLA_ALLOC(uint8_t, signature, sign_or_mac_length);
1357
+ memset(signature, 0, VLA_SIZEOF(signature));
1358
+ ret = edhoc_comp_sign_or_mac(ctx, &auth_cred, mac_ctx, mac_buf,
1359
+ mac_length, signature, VLA_SIZE(signature),
1360
+ &signature_length);
2654
1361
  if (EDHOC_SUCCESS != ret)
2655
- return EDHOC_ERROR_INVALID_SIGN_OR_MAC_2;
1362
+ return ret;
2656
1363
 
2657
1364
  if (NULL != ctx->logger)
2658
- ctx->logger(ctx->user_ctx, "Signature_or_MAC_2", sign_or_mac,
2659
- ARRAY_SIZE_VLA(sign_or_mac));
1365
+ ctx->logger(ctx->user_ctx, "Signature_or_MAC_2", signature,
1366
+ signature_length);
2660
1367
 
2661
1368
  /* 10. Prepare plaintext (PLAINTEXT_2). */
2662
1369
  size_t plaintext_len = 0;
2663
- ret = comp_plaintext_2_len(ctx, cbor_items, ARRAY_SIZE_VLA(sign_or_mac),
1370
+ ret = comp_plaintext_2_len(ctx, mac_ctx, signature_length,
2664
1371
  &plaintext_len);
2665
1372
 
2666
1373
  if (EDHOC_SUCCESS != ret)
2667
1374
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
2668
1375
 
2669
- ALLOCATE_ARRAY(uint8_t, plaintext, plaintext_len);
2670
- memset(plaintext, 0, ALLOCATE_ARRAY_SIZEOF(plaintext));
1376
+ VLA_ALLOC(uint8_t, plaintext, plaintext_len);
1377
+ memset(plaintext, 0, VLA_SIZEOF(plaintext));
2671
1378
 
2672
1379
  plaintext_len = 0;
2673
- ret = prepare_plaintext_2(ctx, cbor_items, sign_or_mac,
2674
- ARRAY_SIZE_VLA(sign_or_mac), plaintext,
2675
- ARRAY_SIZE_VLA(plaintext), &plaintext_len);
1380
+ ret = prepare_plaintext_2(ctx, mac_ctx, signature, signature_length,
1381
+ plaintext, VLA_SIZE(plaintext),
1382
+ &plaintext_len);
2676
1383
 
2677
1384
  if (EDHOC_SUCCESS != ret)
2678
1385
  return EDHOC_ERROR_CBOR_FAILURE;
@@ -2682,22 +1389,22 @@ int edhoc_message_2_compose(struct edhoc_context *ctx, uint8_t *msg_2,
2682
1389
  plaintext_len);
2683
1390
 
2684
1391
  /* 11. Compute key stream (KEYSTREAM_2). */
2685
- ALLOCATE_ARRAY(uint8_t, keystream, plaintext_len);
2686
- memset(keystream, 0, ALLOCATE_ARRAY_SIZEOF(keystream));
1392
+ VLA_ALLOC(uint8_t, keystream, plaintext_len);
1393
+ memset(keystream, 0, VLA_SIZEOF(keystream));
2687
1394
 
2688
- ret = comp_keystream(ctx, prk_2e, ARRAY_SIZE_VLA(prk_2e), keystream,
2689
- ARRAY_SIZE_VLA(keystream));
2690
- memset(prk_2e, 0, ALLOCATE_ARRAY_SIZEOF(prk_2e));
1395
+ ret = comp_keystream(ctx, prk_2e, VLA_SIZE(prk_2e), keystream,
1396
+ VLA_SIZE(keystream));
1397
+ memset(prk_2e, 0, VLA_SIZEOF(prk_2e));
2691
1398
 
2692
1399
  if (EDHOC_SUCCESS != ret)
2693
1400
  return EDHOC_ERROR_CRYPTO_FAILURE;
2694
1401
 
2695
1402
  if (NULL != ctx->logger)
2696
1403
  ctx->logger(ctx->user_ctx, "KEYSTREAM_2", keystream,
2697
- ARRAY_SIZE_VLA(keystream));
1404
+ VLA_SIZE(keystream));
2698
1405
 
2699
1406
  /* 12. Compute Transcript Hash 3 (TH_3). */
2700
- ret = comp_th_3(ctx, cbor_items, plaintext, plaintext_len);
1407
+ ret = comp_th_3(ctx, mac_ctx, plaintext, plaintext_len);
2701
1408
 
2702
1409
  if (EDHOC_SUCCESS != ret)
2703
1410
  return EDHOC_ERROR_TRANSCRIPT_HASH_FAILURE;
@@ -2762,10 +1469,12 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2762
1469
  if (EDHOC_SM_WAIT_M2 != ctx->status ||
2763
1470
  EDHOC_TH_STATE_1 != ctx->th_state ||
2764
1471
  EDHOC_PRK_STATE_INVALID != ctx->prk_state)
2765
- return EDHOC_ERROR_MSG_2_PROCESS_FAILURE;
1472
+ return EDHOC_ERROR_BAD_STATE;
2766
1473
 
2767
1474
  ctx->status = EDHOC_SM_ABORTED;
2768
1475
  ctx->error_code = EDHOC_ERROR_CODE_UNSPECIFIED_ERROR;
1476
+ ctx->message = EDHOC_MSG_2;
1477
+ ctx->role = EDHOC_INITIATOR;
2769
1478
 
2770
1479
  int ret = EDHOC_ERROR_GENERIC_ERROR;
2771
1480
  size_t len = 0;
@@ -2776,19 +1485,19 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2776
1485
  if (EDHOC_SUCCESS != ret)
2777
1486
  return EDHOC_ERROR_BUFFER_TOO_SMALL;
2778
1487
 
2779
- ALLOCATE_ARRAY(uint8_t, ciphertext_2, len);
2780
- memset(ciphertext_2, 0, ALLOCATE_ARRAY_SIZEOF(ciphertext_2));
1488
+ VLA_ALLOC(uint8_t, ciphertext_2, len);
1489
+ memset(ciphertext_2, 0, VLA_SIZEOF(ciphertext_2));
2781
1490
 
2782
1491
  /* 2. Decode cborised message 2. */
2783
1492
  ret = parse_msg_2(ctx, msg_2, msg_2_len, ciphertext_2,
2784
- ARRAY_SIZE_VLA(ciphertext_2));
1493
+ VLA_SIZE(ciphertext_2));
2785
1494
 
2786
1495
  if (EDHOC_SUCCESS != ret)
2787
1496
  return EDHOC_ERROR_CBOR_FAILURE;
2788
1497
 
2789
1498
  if (NULL != ctx->logger)
2790
1499
  ctx->logger(ctx->user_ctx, "CIPHERTEXT_2", ciphertext_2,
2791
- ARRAY_SIZE_VLA(ciphertext_2));
1500
+ VLA_SIZE(ciphertext_2));
2792
1501
 
2793
1502
  /* 3. Compute Diffie-Hellmann shared secret (G_XY). */
2794
1503
  ret = comp_dh_secret(ctx);
@@ -2801,7 +1510,7 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2801
1510
  ctx->dh_secret_len);
2802
1511
 
2803
1512
  /* 4. Compute Transcript Hash 2 (TH_2). */
2804
- ret = comp_th_2(ctx, initiator);
1513
+ ret = comp_th_2(ctx);
2805
1514
 
2806
1515
  if (EDHOC_SUCCESS != ret)
2807
1516
  return EDHOC_ERROR_TRANSCRIPT_HASH_FAILURE;
@@ -2819,23 +1528,23 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2819
1528
  ctx->logger(ctx->user_ctx, "PRK_2e", ctx->prk, ctx->prk_len);
2820
1529
 
2821
1530
  /* 6. Compute key stream (KEYSTREAM_2). */
2822
- ALLOCATE_ARRAY(uint8_t, keystream, ARRAY_SIZE_VLA(ciphertext_2));
2823
- memset(keystream, 0, ALLOCATE_ARRAY_SIZEOF(keystream));
1531
+ VLA_ALLOC(uint8_t, keystream, VLA_SIZE(ciphertext_2));
1532
+ memset(keystream, 0, VLA_SIZEOF(keystream));
2824
1533
 
2825
1534
  ret = comp_keystream(ctx, ctx->prk, ctx->prk_len, keystream,
2826
- ARRAY_SIZE_VLA(keystream));
1535
+ VLA_SIZE(keystream));
2827
1536
 
2828
1537
  if (EDHOC_SUCCESS != ret)
2829
1538
  return EDHOC_ERROR_CRYPTO_FAILURE;
2830
1539
 
2831
1540
  if (NULL != ctx->logger)
2832
1541
  ctx->logger(ctx->user_ctx, "KEYSTREAM", keystream,
2833
- ARRAY_SIZE_VLA(keystream));
1542
+ VLA_SIZE(keystream));
2834
1543
 
2835
1544
  /* 7. Compute plaintext (PLAINTEXT_2). */
2836
- xor_arrays(ciphertext_2, keystream, ARRAY_SIZE_VLA(ciphertext_2));
1545
+ xor_arrays(ciphertext_2, keystream, VLA_SIZE(ciphertext_2));
2837
1546
  const uint8_t *plaintext = ciphertext_2;
2838
- const size_t plaintext_len = ARRAY_SIZE_VLA(ciphertext_2);
1547
+ const size_t plaintext_len = VLA_SIZE(ciphertext_2);
2839
1548
 
2840
1549
  if (NULL != ctx->logger)
2841
1550
  ctx->logger(ctx->user_ctx, "PLAINTEXT_2", plaintext,
@@ -2869,7 +1578,7 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2869
1578
  /* 9. Process EAD if present. */
2870
1579
  if (NULL != ctx->ead.process && 0 != ARRAY_SIZE(ctx->ead_token) - 1 &&
2871
1580
  0 != ctx->nr_of_ead_tokens) {
2872
- ret = ctx->ead.process(ctx->user_ctx, EDHOC_MSG_2,
1581
+ ret = ctx->ead.process(ctx->user_ctx, ctx->message,
2873
1582
  ctx->ead_token, ctx->nr_of_ead_tokens);
2874
1583
 
2875
1584
  if (EDHOC_SUCCESS != ret)
@@ -2907,8 +1616,7 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2907
1616
  }
2908
1617
 
2909
1618
  /* 11. Compute psuedo random key (PRK_3e2m). */
2910
- ret = comp_prk_3e2m(initiator, ctx, &parsed_ptxt.auth_cred, pub_key,
2911
- pub_key_len);
1619
+ ret = comp_prk_3e2m(ctx, &parsed_ptxt.auth_cred, pub_key, pub_key_len);
2912
1620
 
2913
1621
  if (EDHOC_SUCCESS != ret)
2914
1622
  return EDHOC_ERROR_PSEUDORANDOM_KEY_FAILURE;
@@ -2917,66 +1625,61 @@ int edhoc_message_2_process(struct edhoc_context *ctx, const uint8_t *msg_2,
2917
1625
  ctx->logger(ctx->user_ctx, "PRK_3e2m", ctx->prk, ctx->prk_len);
2918
1626
 
2919
1627
  /* 12. Compute required buffer length for context_2. */
2920
- size_t context_2_len = 0;
2921
- ret = comp_mac_2_input_len(ctx, &parsed_ptxt.auth_cred, initiator,
2922
- &context_2_len);
1628
+ size_t mac_context_len = 0;
1629
+ ret = edhoc_comp_mac_context_length(ctx, &parsed_ptxt.auth_cred,
1630
+ &mac_context_len);
2923
1631
 
2924
1632
  if (EDHOC_SUCCESS != ret)
2925
1633
  return EDHOC_ERROR_INVALID_MAC_2;
2926
1634
 
2927
- ALLOCATE_ARRAY(uint8_t, mac_2_content, sizeof(struct cbor_items) + context_2_len);
2928
- memset(mac_2_content, 0, ALLOCATE_ARRAY_SIZEOF(mac_2_content));
2929
-
2930
- struct cbor_items *cbor_items = (struct cbor_items *)mac_2_content;
2931
- cbor_items->buf_len = context_2_len;
2932
-
2933
1635
  /* 13. Cborise items required by context_2. */
2934
- ret = gen_mac_2_context(ctx, &parsed_ptxt.auth_cred, initiator,
2935
- cbor_items);
1636
+ VLA_ALLOC(uint8_t, mac_ctx_buf,
1637
+ sizeof(struct mac_context) + mac_context_len);
1638
+ memset(mac_ctx_buf, 0, VLA_SIZEOF(mac_ctx_buf));
1639
+
1640
+ struct mac_context *mac_ctx = (void *)mac_ctx_buf;
1641
+ mac_ctx->buf_len = mac_context_len;
2936
1642
 
1643
+ ret = edhoc_comp_mac_context(ctx, &parsed_ptxt.auth_cred, mac_ctx);
2937
1644
  if (EDHOC_SUCCESS != ret)
2938
- return EDHOC_ERROR_INVALID_MAC_2;
1645
+ return ret;
2939
1646
 
2940
1647
  if (NULL != ctx->logger) {
2941
- ctx->logger(ctx->user_ctx, "C_R", cbor_items->conn_id,
2942
- cbor_items->conn_id_len);
2943
- ctx->logger(ctx->user_ctx, "ID_CRED_R", cbor_items->id_cred_r,
2944
- cbor_items->id_cred_r_len);
2945
- ctx->logger(ctx->user_ctx, "TH_2", cbor_items->th_2,
2946
- cbor_items->th_2_len);
2947
- ctx->logger(ctx->user_ctx, "CRED_R", cbor_items->cred_r,
2948
- cbor_items->cred_r_len);
2949
- ctx->logger(ctx->user_ctx, "context_2", cbor_items->buf,
2950
- cbor_items->buf_len);
1648
+ ctx->logger(ctx->user_ctx, "C_R", mac_ctx->conn_id,
1649
+ mac_ctx->conn_id_len);
1650
+ ctx->logger(ctx->user_ctx, "ID_CRED_R", mac_ctx->id_cred,
1651
+ mac_ctx->id_cred_len);
1652
+ ctx->logger(ctx->user_ctx, "TH_2", mac_ctx->th,
1653
+ mac_ctx->th_len);
1654
+ ctx->logger(ctx->user_ctx, "CRED_R", mac_ctx->cred,
1655
+ mac_ctx->cred_len);
1656
+ ctx->logger(ctx->user_ctx, "context_2", mac_ctx->buf,
1657
+ mac_ctx->buf_len);
2951
1658
  }
2952
1659
 
2953
1660
  /* 14. Compute Message Authentication Code (MAC_2). */
2954
- size_t mac_2_len = 0;
2955
- ret = get_mac_2_len(initiator, ctx, &mac_2_len);
2956
-
1661
+ size_t mac_length = 0;
1662
+ ret = edhoc_comp_mac_length(ctx, &mac_length);
2957
1663
  if (EDHOC_SUCCESS != ret)
2958
- return EDHOC_ERROR_INVALID_MAC_2;
2959
-
2960
- ALLOCATE_ARRAY(uint8_t, mac_2, mac_2_len);
2961
- memset(mac_2, 0, ALLOCATE_ARRAY_SIZEOF(mac_2));
2962
-
2963
- ret = comp_mac_2(ctx, cbor_items, mac_2, ARRAY_SIZE_VLA(mac_2));
1664
+ return ret;
2964
1665
 
1666
+ VLA_ALLOC(uint8_t, mac_buf, mac_length);
1667
+ memset(mac_buf, 0, VLA_SIZEOF(mac_buf));
1668
+ ret = edhoc_comp_mac(ctx, mac_ctx, mac_buf, mac_length);
2965
1669
  if (EDHOC_SUCCESS != ret)
2966
- return EDHOC_ERROR_INVALID_MAC_2;
2967
-
2968
- if (NULL != ctx->logger)
2969
- ctx->logger(ctx->user_ctx, "MAC_2", mac_2, ARRAY_SIZE_VLA(mac_2));
1670
+ return ret;
2970
1671
 
2971
1672
  /* 15. Verify Signature_or_MAC_2. */
2972
- ret = verify_sign_or_mac_2(ctx, cbor_items, &parsed_ptxt, pub_key,
2973
- pub_key_len, mac_2, ARRAY_SIZE_VLA(mac_2));
1673
+ ret = edhoc_verify_sign_or_mac(ctx, mac_ctx, pub_key, pub_key_len,
1674
+ parsed_ptxt.sign_or_mac,
1675
+ parsed_ptxt.sign_or_mac_len, mac_buf,
1676
+ mac_length);
2974
1677
 
2975
1678
  if (EDHOC_SUCCESS != ret)
2976
1679
  return EDHOC_ERROR_INVALID_SIGN_OR_MAC_2;
2977
1680
 
2978
1681
  /* 16. Compute Transcript Hash 3 (TH_3). */
2979
- ret = comp_th_3(ctx, cbor_items, plaintext, plaintext_len);
1682
+ ret = comp_th_3(ctx, mac_ctx, plaintext, plaintext_len);
2980
1683
 
2981
1684
  if (EDHOC_SUCCESS != ret)
2982
1685
  return EDHOC_ERROR_TRANSCRIPT_HASH_FAILURE;