feat!: Allow applications to pick their C_x

The change allows applications to pick usable C_x (i.e., C_I and C_R)
values, which they are in a position to decide, because unlike the EDHOC
library, they keep track of all the ongoing exchanges.

The c_wrapper API is *not* changed at this point, because the API change
would be way too subtle (the "out" parameter would be changed to an "in"
parameter).

BREAKING CHANGE: This alters the message 1 and 2 API.

examples/coap/src/bin/coapclient.rs

@@ -23,7 +23,8 @@ fn main() {
 
     // Send Message 1 over CoAP and convert the response to byte
     let mut msg_1_buf = Vec::from([0xf5u8]); // EDHOC message_1 when transported over CoAP is prepended with CBOR true
-    let message_1 = initiator.prepare_message_1().unwrap();
+    let c_i = generate_connection_identifier_cbor();
+    let message_1 = initiator.prepare_message_1(c_i).unwrap();
     msg_1_buf.extend_from_slice(&message_1.content[..message_1.len]);
     println!("message_1 len = {}", msg_1_buf.len());
 

examples/coap/src/bin/coapserver.rs

@@ -40,7 +40,8 @@ fn main() {
                 );
 
                 if error.is_ok() {
-                    let (message_2, c_r) = responder.prepare_message_2().unwrap();
+                    let c_r = generate_connection_identifier_cbor();
+                    let message_2 = responder.prepare_message_2(c_r).unwrap();
                     response.message.payload = Vec::from(&message_2.content[..message_2.len]);
                     // save edhoc connection
                     edhoc_connections.push((c_r, responder));

examples/edhoc-rs-no_std/src/main.rs

@@ -99,7 +99,8 @@ fn main() -> ! {
         let mut initiator =
             EdhocInitiator::new(state, I, G_R, ID_CRED_I, CRED_I, ID_CRED_R, CRED_R);
 
-        let message_1 = initiator.prepare_message_1();
+        let c_i: u8 = generate_connection_identifier_cbor().into();
+        let message_1 = initiator.prepare_message_1(c_i);
         assert!(message_1.is_ok());
     }
 
@@ -128,16 +129,18 @@ fn main() -> ! {
             CRED_R,
         );
 
-        let ret = initiator.prepare_message_1(); // to update the state
+        let c_i: u8 = generate_connection_identifier_cbor().into();
+        let ret = initiator.prepare_message_1(c_i); // to update the state
         assert!(ret.is_ok());
         let message_1 = ret.unwrap();
 
         let ret = responder.process_message_1(&message_1);
         assert!(ret.is_ok());
 
-        let ret = responder.prepare_message_2();
+        let c_r: u8 = generate_connection_identifier_cbor().into();
+        let ret = responder.prepare_message_2(c_r);
         assert!(ret.is_ok());
-        let (message_2, c_r) = ret.unwrap();
+        let message_2 = ret.unwrap();
         assert!(c_r != 0xff);
 
         let _c_r = initiator.process_message_2(&message_2);

lib/src/c_wrapper.rs

@@ -158,7 +158,8 @@ pub unsafe extern "C" fn initiator_prepare_message_1(
 ) -> i8 {
     let mut initiator = (*initiator_c).to_rust();
 
-    let result = match initiator.prepare_message_1() {
+    let c_i: u8 = generate_connection_identifier_cbor().into();
+    let result = match initiator.prepare_message_1(c_i) {
         Ok(msg_1) => {
             *message_1 = msg_1;
             0
@@ -196,10 +197,11 @@ pub unsafe extern "C" fn responder_prepare_message_2(
 ) -> i8 {
     let mut responder = (*responder_c).to_rust();
 
-    let result = match responder.prepare_message_2() {
-        Ok((msg_2, c_r_res)) => {
+    let c_r_chosen: u8 = generate_connection_identifier_cbor().into();
+    let result = match responder.prepare_message_2(c_r_chosen) {
+        Ok(msg_2) => {
             *message_2 = msg_2;
-            *c_r = c_r_res;
+            *c_r = c_r_chosen;
             0
         }
         Err(err) => err as i8,

lib/src/edhoc.rs

@@ -179,7 +179,7 @@ pub fn r_prepare_message_2(
     y: BytesP256ElemLen,
     g_y: BytesP256ElemLen,
     c_r: u8,
-) -> Result<(State, BufferMessage2, u8), EDHOCError> {
+) -> Result<(State, BufferMessage2), EDHOCError> {
     let State(
         mut current_state,
         mut _y,
@@ -247,7 +247,7 @@ pub fn r_prepare_message_2(
     }
 
     match error {
-        EDHOCError::Success => Ok((state, message_2, c_r)),
+        EDHOCError::Success => Ok((state, message_2)),
         _ => Err(error),
     }
 }

lib/src/lib.rs

@@ -95,12 +95,12 @@ impl<'a> EdhocResponderState<'a> {
 
     pub fn prepare_message_2(
         self: &mut EdhocResponderState<'a>,
-    ) -> Result<(BufferMessage2, u8), EDHOCError> {
+        c_r: u8,
+    ) -> Result<BufferMessage2, EDHOCError> {
         let mut cred_r: BytesMaxBuffer = [0x00; MAX_BUFFER_LEN];
         hex::decode_to_slice(self.cred_r, &mut cred_r[..self.cred_r.len() / 2])
             .expect("Decoding failed");
         let (y, g_y) = edhoc_crypto::p256_generate_key_pair();
-        let c_r = generate_connection_identifier_cbor();
 
         match r_prepare_message_2(
             self.state,
@@ -112,9 +112,9 @@ impl<'a> EdhocResponderState<'a> {
             g_y,
             c_r,
         ) {
-            Ok((state, message_2, c_r)) => {
+            Ok((state, message_2)) => {
                 self.state = state;
-                Ok((message_2, c_r))
+                Ok(message_2)
             }
             Err(error) => Err(error),
         }
@@ -225,9 +225,9 @@ impl<'a> EdhocInitiatorState<'a> {
 
     pub fn prepare_message_1(
         self: &mut EdhocInitiatorState<'a>,
+        c_i: u8,
     ) -> Result<BufferMessage1, EDHOCError> {
         let (x, g_x) = edhoc_crypto::p256_generate_key_pair();
-        let c_i = generate_connection_identifier_cbor();
 
         match i_prepare_message_1(self.state, x, g_x, c_i) {
             Ok((state, message_1)) => {
@@ -380,7 +380,8 @@ mod test {
         let mut initiator =
             EdhocInitiator::new(state, I, G_R, ID_CRED_I, CRED_I, ID_CRED_R, CRED_R);
 
-        let message_1 = initiator.prepare_message_1();
+        let c_i = generate_connection_identifier_cbor();
+        let message_1 = initiator.prepare_message_1(c_i);
         assert!(message_1.is_ok());
     }
 
@@ -431,16 +432,18 @@ mod test {
             CRED_R,
         );
 
-        let result = initiator.prepare_message_1(); // to update the state
+        let c_i: u8 = generate_connection_identifier_cbor();
+        let result = initiator.prepare_message_1(c_i); // to update the state
         assert!(result.is_ok());
 
         let error = responder.process_message_1(&result.unwrap());
         assert!(error.is_ok());
 
-        let ret = responder.prepare_message_2();
+        let c_r = generate_connection_identifier_cbor();
+        let ret = responder.prepare_message_2(c_r);
         assert!(ret.is_ok());
 
-        let (message_2, c_r) = ret.unwrap();
+        let message_2 = ret.unwrap();
 
         assert!(c_r != 0xff);
         let _c_r = initiator.process_message_2(&message_2);
@@ -524,7 +527,8 @@ mod test {
             EADResponderProtocolState::Start
         );
 
-        let message_1 = initiator.prepare_message_1().unwrap();
+        let c_i = generate_connection_identifier_cbor();
+        let message_1 = initiator.prepare_message_1(c_i).unwrap();
         assert_eq!(
             ead_initiator_state.protocol_state,
             EADInitiatorProtocolState::WaitEAD2
@@ -536,7 +540,8 @@ mod test {
             EADResponderProtocolState::ProcessedEAD1
         );
 
-        let (message_2, _c_r) = responder.prepare_message_2().unwrap();
+        let c_r = generate_connection_identifier_cbor();
+        let message_2 = responder.prepare_message_2(c_r).unwrap();
         assert_eq!(
             ead_responder_state.protocol_state,
             EADResponderProtocolState::Completed