diff --git a/examples/coap/src/bin/coapclient.rs b/examples/coap/src/bin/coapclient.rs index bbc3510b..55ccbad9 100644 --- a/examples/coap/src/bin/coapclient.rs +++ b/examples/coap/src/bin/coapclient.rs @@ -46,10 +46,10 @@ fn client_handshake() -> Result<(), EDHOCError> { println!("message_2 len = {}", response.message.payload.len()); let message_2 = EdhocMessageBuffer::new_from_slice(&response.message.payload[..]).unwrap(); - let (initiator, c_r, id_cred_r, _ead_2) = initiator.process_message_2a(&message_2)?; + let (initiator, c_r, id_cred_r, _ead_2) = initiator.parse_message_2(&message_2)?; let (valid_cred_r, _g_r) = credential_check_or_fetch(Some(CRED_R.try_into().unwrap()), id_cred_r).unwrap(); - let initiator = initiator.process_message_2b(valid_cred_r.as_slice())?; + let initiator = initiator.verify_message_2(valid_cred_r.as_slice())?; let mut msg_3 = Vec::from([c_r]); let initiator = initiator.prepare_message_3a()?; diff --git a/examples/coap/src/bin/coapserver-coaphandler.rs b/examples/coap/src/bin/coapserver-coaphandler.rs index 2c388252..31291ee6 100644 --- a/examples/coap/src/bin/coapserver-coaphandler.rs +++ b/examples/coap/src/bin/coapserver-coaphandler.rs @@ -82,7 +82,7 @@ impl coap_handler::Handler for EdhocHandler { println!("Found state with connection identifier {:?}", c_r_rcvd); let message_3 = EdhocMessageBuffer::new_from_slice(&request.payload()[1..]).unwrap(); - let result = responder.process_message_3a(&message_3); + let result = responder.parse_message_3(&message_3); let Ok((responder, id_cred_i, _ead_3)) = result else { println!("EDHOC processing error: {:?}", result); // FIXME remove state from edhoc_connections @@ -90,7 +90,7 @@ impl coap_handler::Handler for EdhocHandler { }; let (valid_cred_i, _g_i) = credential_check_or_fetch(Some(CRED_I.try_into().unwrap()), id_cred_i).unwrap(); - let result = responder.process_message_3b(valid_cred_i.as_slice()); + let result = responder.verify_message_3(valid_cred_i.as_slice()); let Ok((mut responder, prk_out)) = result else { println!("EDHOC processing error: {:?}", result); // FIXME remove state from edhoc_connections diff --git a/examples/coap/src/bin/coapserver.rs b/examples/coap/src/bin/coapserver.rs index 03e569aa..efd7591a 100644 --- a/examples/coap/src/bin/coapserver.rs +++ b/examples/coap/src/bin/coapserver.rs @@ -64,7 +64,7 @@ fn main() { println!("Found state with connection identifier {:?}", c_r_rcvd); let message_3 = EdhocMessageBuffer::new_from_slice(&request.message.payload[1..]).unwrap(); - let Ok((responder, id_cred_i, _ead_3)) = responder.process_message_3a(&message_3) + let Ok((responder, id_cred_i, _ead_3)) = responder.parse_message_3(&message_3) else { println!("EDHOC processing error: {:?}", message_3); // We don't get another chance, it's popped and can't be used any further @@ -74,7 +74,7 @@ fn main() { let (valid_cred_i, _g_i) = credential_check_or_fetch(Some(CRED_I.try_into().unwrap()), id_cred_i).unwrap(); let Ok((mut responder, prk_out)) = - responder.process_message_3b(valid_cred_i.as_slice()) + responder.verify_message_3(valid_cred_i.as_slice()) else { println!("EDHOC processing error: {:?}", valid_cred_i); continue; diff --git a/examples/edhoc-rs-no_std/src/main.rs b/examples/edhoc-rs-no_std/src/main.rs index 7015fdc2..912d52b6 100644 --- a/examples/edhoc-rs-no_std/src/main.rs +++ b/examples/edhoc-rs-no_std/src/main.rs @@ -118,22 +118,19 @@ fn main() -> ! { let kid = IdCred::CompactKid(ID_CRED_R[3]); let (responder, message_2) = responder.prepare_message_2(&kid, None, &None).unwrap(); - let (initiator, c_r, id_cred_r, ead_2) = initiator.process_message_2a(&message_2).unwrap(); + let (initiator, c_r, id_cred_r, ead_2) = initiator.parse_message_2(&message_2).unwrap(); let (valid_cred_r, g_r) = credential_check_or_fetch(Some(CRED_R.try_into().unwrap()), id_cred_r).unwrap(); - let initiator = initiator - .process_message_2b(valid_cred_r.as_slice()) - .unwrap(); + let initiator = initiator.verify_message_2(valid_cred_r.as_slice()).unwrap(); let initiator = initiator.prepare_message_3a().unwrap(); let (mut initiator, message_3, i_prk_out) = initiator.prepare_message_3b(&None).unwrap(); - let (responder, id_cred_i, _ead_3) = responder.process_message_3a(&message_3).unwrap(); + let (responder, id_cred_i, _ead_3) = responder.parse_message_3(&message_3).unwrap(); let (valid_cred_i, g_i) = credential_check_or_fetch(Some(CRED_I.try_into().unwrap()), id_cred_i).unwrap(); - let (mut responder, r_prk_out) = responder - .process_message_3b(valid_cred_i.as_slice()) - .unwrap(); + let (mut responder, r_prk_out) = + responder.verify_message_3(valid_cred_i.as_slice()).unwrap(); // check that prk_out is equal at initiator and responder side assert_eq!(i_prk_out, r_prk_out); diff --git a/lib/src/edhoc.rs b/lib/src/edhoc.rs index 3208d3c8..3e6fe60e 100644 --- a/lib/src/edhoc.rs +++ b/lib/src/edhoc.rs @@ -138,7 +138,7 @@ pub fn r_prepare_message_2( } // FIXME fetch ID_CRED_I and CRED_I based on kid -pub fn r_process_message_3a( +pub fn r_parse_message_3( state: &mut WaitM3, crypto: &mut impl CryptoTrait, message_3: &BufferMessage3, @@ -179,7 +179,7 @@ pub fn r_process_message_3a( } } -pub fn r_process_message_3b( +pub fn r_verify_message_3( state: &mut ProcessingM3, crypto: &mut impl CryptoTrait, valid_cred_i: &[u8], @@ -276,7 +276,7 @@ pub fn i_prepare_message_1( } // returns c_r -pub fn i_process_message_2a<'a>( +pub fn i_parse_message_2<'a>( state: WaitM2, crypto: &mut impl CryptoTrait, message_2: &BufferMessage2, @@ -322,7 +322,7 @@ pub fn i_process_message_2a<'a>( } } -pub fn i_process_message_2b( +pub fn i_verify_message_2( state: ProcessingM2, crypto: &mut impl CryptoTrait, valid_cred_r: &[u8], // TODO: have a struct to hold credentials to avoid re-computing diff --git a/lib/src/lib.rs b/lib/src/lib.rs index b744135f..4be6c62a 100644 --- a/lib/src/lib.rs +++ b/lib/src/lib.rs @@ -177,7 +177,7 @@ impl<'a, Crypto: CryptoTrait> EdhocResponderProcessedM1<'a, Crypto> { } impl<'a, Crypto: CryptoTrait> EdhocResponderWaitM3<'a, Crypto> { - pub fn process_message_3a( + pub fn parse_message_3( mut self, message_3: &'a BufferMessage3, ) -> Result< @@ -188,7 +188,7 @@ impl<'a, Crypto: CryptoTrait> EdhocResponderWaitM3<'a, Crypto> { ), EDHOCError, > { - match r_process_message_3a(&mut self.state, &mut self.crypto, message_3) { + match r_parse_message_3(&mut self.state, &mut self.crypto, message_3) { Ok((state, id_cred_i, ead_3)) => Ok(( EdhocResponderProcessingM3 { state, @@ -204,11 +204,11 @@ impl<'a, Crypto: CryptoTrait> EdhocResponderWaitM3<'a, Crypto> { } impl<'a, Crypto: CryptoTrait> EdhocResponderProcessingM3<'a, Crypto> { - pub fn process_message_3b( + pub fn verify_message_3( mut self, cred_i: &[u8], ) -> Result<(EdhocResponderDone, [u8; SHA256_DIGEST_LEN]), EDHOCError> { - match r_process_message_3b(&mut self.state, &mut self.crypto, cred_i) { + match r_verify_message_3(&mut self.state, &mut self.crypto, cred_i) { Ok((state, prk_out)) => Ok(( EdhocResponderDone { state, @@ -309,7 +309,7 @@ impl<'a, Crypto: CryptoTrait> EdhocInitiator<'a, Crypto> { } impl<'a, Crypto: CryptoTrait> EdhocInitiatorWaitM2<'a, Crypto> { - pub fn process_message_2a( + pub fn parse_message_2( mut self, message_2: &'a BufferMessage2, ) -> Result< @@ -321,7 +321,7 @@ impl<'a, Crypto: CryptoTrait> EdhocInitiatorWaitM2<'a, Crypto> { ), EDHOCError, > { - match i_process_message_2a(self.state, &mut self.crypto, message_2) { + match i_parse_message_2(self.state, &mut self.crypto, message_2) { Ok((state, c_r, id_cred_r, ead_2)) => Ok(( EdhocInitiatorProcessingM2 { state, @@ -340,11 +340,11 @@ impl<'a, Crypto: CryptoTrait> EdhocInitiatorWaitM2<'a, Crypto> { } impl<'a, Crypto: CryptoTrait> EdhocInitiatorProcessingM2<'a, Crypto> { - pub fn process_message_2b( + pub fn verify_message_2( mut self, valid_cred_r: &[u8], ) -> Result, EDHOCError> { - match i_process_message_2b( + match i_verify_message_2( self.state, &mut self.crypto, valid_cred_r, @@ -595,26 +595,22 @@ mod test { // ---- end responder handling // ---- being initiator handling - let (initiator, _c_r, id_cred_r, _ead_2) = - initiator.process_message_2a(&message_2).unwrap(); + let (initiator, _c_r, id_cred_r, _ead_2) = initiator.parse_message_2(&message_2).unwrap(); let (valid_cred_r, _g_r) = credential_check_or_fetch(Some(CRED_R.try_into().unwrap()), id_cred_r).unwrap(); - let initiator = initiator - .process_message_2b(valid_cred_r.as_slice()) - .unwrap(); + let initiator = initiator.verify_message_2(valid_cred_r.as_slice()).unwrap(); // if needed: prepare ead_3 let (mut initiator, message_3, i_prk_out) = initiator.prepare_message_3(&None).unwrap(); // ---- end initiator handling // ---- begin responder handling - let (responder, id_cred_i, _ead_3) = responder.process_message_3a(&message_3).unwrap(); + let (responder, id_cred_i, _ead_3) = responder.parse_message_3(&message_3).unwrap(); let (valid_cred_i, _g_i) = credential_check_or_fetch(Some(CRED_I.try_into().unwrap()), id_cred_i).unwrap(); // if ead_3: process ead_3 - let (mut responder, r_prk_out) = responder - .process_message_3b(valid_cred_i.as_slice()) - .unwrap(); + let (mut responder, r_prk_out) = + responder.verify_message_3(valid_cred_i.as_slice()).unwrap(); // ---- end responder handling // check that prk_out is equal at initiator and responder side @@ -681,7 +677,7 @@ mod test { let (ead_1, mut device) = device.prepare_ead_1( &mut default_crypto(), - &initiator.state.x, + &initiator.state.x, // FIXME: avoid accessing private ephemeral key from application code initiator.state.suites_i[initiator.state.suites_i_len - 1], ); let (initiator, message_1) = initiator.prepare_message_1(None, &Some(ead_1)).unwrap(); @@ -706,25 +702,22 @@ mod test { let kid = IdCred::CompactKid(ID_CRED_R[3]); let (responder, message_2) = responder.prepare_message_2(&kid, None, &ead_2).unwrap(); - let (initiator, _c_r, id_cred_r, ead_2) = initiator.process_message_2a(&message_2).unwrap(); + let (initiator, _c_r, id_cred_r, ead_2) = initiator.parse_message_2(&message_2).unwrap(); let (valid_cred_r, _g_r) = credential_check_or_fetch(Some(CRED_R.try_into().unwrap()), id_cred_r).unwrap(); if let Some(ead_2) = ead_2 { let result = device.process_ead_2(&mut default_crypto(), ead_2, CRED_R); assert!(result.is_ok()); } - let initiator = initiator - .process_message_2b(valid_cred_r.as_slice()) - .unwrap(); + let initiator = initiator.verify_message_2(valid_cred_r.as_slice()).unwrap(); let (mut _initiator, message_3, i_prk_out) = initiator.prepare_message_3(&None).unwrap(); - let (responder, id_cred_i, _ead_3) = responder.process_message_3a(&message_3).unwrap(); + let (responder, id_cred_i, _ead_3) = responder.parse_message_3(&message_3).unwrap(); let (valid_cred_i, _g_i) = credential_check_or_fetch(Some(CRED_I.try_into().unwrap()), id_cred_i).unwrap(); - let (mut _responder, r_prk_out) = responder - .process_message_3b(valid_cred_i.as_slice()) - .unwrap(); + let (mut _responder, r_prk_out) = + responder.verify_message_3(valid_cred_i.as_slice()).unwrap(); // check that prk_out is equal at initiator and responder side assert_eq!(i_prk_out, r_prk_out);