Refactor method-specific identity/state

- Made static keys I and R method dependednt (not needed ofr PSK)
- Added high level identity enums
- Made i_verify_message_2 take optional I
- Added ProcessedM2MethodSpecifics and ParsedMessage2Detials
- Updated i_parse_message_2 and high level initiaotr API
- Adapted lakers-python and lakers-c

Author: ElsaLopez133

examples/coap/src/bin/coapclient.rs

@@ -54,7 +54,8 @@ fn client_handshake() -> Result<(), EDHOCError> {
     println!("message_2 len = {}", response.message.payload.len());
 
     let message_2 = EdhocBuffer::new_from_slice(&response.message.payload[..]).unwrap();
-    let (mut initiator, c_r, id_cred_r, ead_2) = initiator.parse_message_2(&message_2)?;
+    let (mut initiator, c_r, details) = initiator.parse_message_2(&message_2)?;
+    let ParsedMessage2Details::StatStat { id_cred_r, ead_2 } = details;
     ead_2.processed_critical_items().unwrap();
     let valid_cred_r = credential_check_or_fetch(Some(cred_r), id_cred_r).unwrap();
     initiator.set_identity(I.try_into().unwrap(), cred_i)?;

examples/coap/src/bin/coapserver-coaphandler.rs

@@ -116,7 +116,9 @@ impl coap_handler::Handler for EdhocHandler {
 
             let (responder, _c_i, mut ead_1) = EdhocResponder::new(
                 lakers_crypto::default_crypto(),
-                R.try_into().expect("Wrong length of responder private key"),
+                ResponderIdentity::StatStat {
+                    r: R.try_into().expect("Wrong length of responder private key"),
+                },
                 cred_r,
             )
             .process_message_1(message_1)

examples/coap/src/bin/coapserver.rs

@@ -47,7 +47,9 @@ fn main() {
                 let cred_r: Credential = Credential::parse_ccs(CRED_R.try_into().unwrap()).unwrap();
                 let responder = EdhocResponder::new(
                     lakers_crypto::default_crypto(),
-                    R.try_into().unwrap(),
+                    ResponderIdentity::StatStat {
+                        r: R.try_into().unwrap(),
+                    },
                     cred_r,
                 );
 

examples/lakers-no_std/src/main.rs

@@ -108,7 +108,9 @@ fn main() -> ! {
         );
         let responder = EdhocResponder::new(
             lakers_crypto::default_crypto(),
-            R.try_into().expect("Wrong length of responder private key"),
+            ResponderIdentity::StatStat {
+                r: R.try_into().expect("Wrong length of responder private key"),
+            },
             cred_r.clone(),
         );
 
@@ -119,8 +121,14 @@ fn main() -> ! {
             .prepare_message_2(CredentialTransfer::ByReference, None, &EadItems::new())
             .unwrap();
 
-        let (mut initiator, _c_r, id_cred_r, _ead_2) =
-            initiator.parse_message_2(&message_2).unwrap();
+        let (mut initiator, _c_r, details) = initiator.parse_message_2(&message_2).unwrap();
+        let ParsedMessage2Details::StatStat {
+            id_cred_r,
+            ead_2: _ead_2,
+        } = details
+        else {
+            panic!("Expected stat-stat details");
+        };
         let valid_cred_r = credential_check_or_fetch(Some(cred_r), id_cred_r).unwrap();
         initiator
             .set_identity(

lakers-c/src/initiator.rs

@@ -14,7 +14,7 @@ pub struct EdhocInitiator {
     pub start: InitiatorStart,
     pub wait_m2: WaitM2,
     pub processing_m2: ProcessingM2C,
-    pub processed_m2: ProcessedM2,
+    pub processed_m2: ProcessedM2C,
     pub wait_m4: WaitM4,
     pub cred_i: *mut CredentialC,
     pub completed: Completed,
@@ -106,11 +106,14 @@ pub unsafe extern "C" fn initiator_parse_message_2(
     let state = core::ptr::read(&(*initiator_c).wait_m2);
 
     let result = match i_parse_message_2(&state, crypto, &(*message_2)) {
-        Ok((state, c_r, id_cred_r, ead_2)) => {
+        Ok((state, c_r, details)) => {
             ProcessingM2C::copy_into_c(state, &mut (*initiator_c).processing_m2);
             let c_r = c_r.as_slice();
             assert_eq!(c_r.len(), 1, "C API only supports short C_R");
             *c_r_out = c_r[0];
+            let (id_cred_r, ead_2) = match details {
+                ParsedMessage2Details::StatStat { id_cred_r, ead_2 } => (id_cred_r, ead_2),
+            };
             *id_cred_r_out = id_cred_r;
 
             EadItemsC::copy_into_c(ead_2, ead_2_c_out);
@@ -140,9 +143,9 @@ pub unsafe extern "C" fn initiator_verify_message_2(
 
     let state = core::ptr::read(&(*initiator_c).processing_m2).to_rust();
 
-    match i_verify_message_2(&state, crypto, (*valid_cred_r).to_rust(), &(*i)) {
+    match i_verify_message_2(&state, crypto, (*valid_cred_r).to_rust(), Some(&(*i))) {
         Ok(state) => {
-            (*initiator_c).processed_m2 = state;
+            ProcessedM2C::copy_into_c(state, &mut (*initiator_c).processed_m2);
             (*initiator_c).cred_i = cred_i;
             0
         }
@@ -165,7 +168,7 @@ pub unsafe extern "C" fn initiator_prepare_message_3(
     }
     let crypto = &mut default_crypto();
 
-    let state = core::ptr::read(&(*initiator_c).processed_m2);
+    let state = core::ptr::read(&(*initiator_c).processed_m2).to_rust();
 
     let ead_3 = if ead_3_c.is_null() {
         EadItems::new()

lakers-c/src/lib.rs

@@ -111,7 +111,6 @@ pub struct ProcessingM2MethodSpecificsC {
 #[repr(C)]
 pub struct ProcessingM2C {
     pub method_specifics: ProcessingM2MethodSpecificsC,
-    pub method: EDHOCMethod,
     pub prk_2e: BytesHashLen,
     pub th_2: BytesHashLen,
     pub x: BytesP256ElemLen,
@@ -129,7 +128,6 @@ impl Default for ProcessingM2C {
                 mac_2: Default::default(),
                 id_cred_r: Default::default(),
             },
-            method: EDHOCMethod::StatStat,
             prk_2e: Default::default(),
             th_2: Default::default(),
             x: Default::default(),
@@ -154,7 +152,6 @@ impl ProcessingM2C {
 
         ProcessingM2 {
             method_specifics,
-            method: self.method,
             prk_2e: self.prk_2e,
             th_2: self.th_2,
             x: self.x,
@@ -177,7 +174,6 @@ impl ProcessingM2C {
         (*processing_m2_c).x = processing_m2.x;
         (*processing_m2_c).g_y = processing_m2.g_y;
         (*processing_m2_c).plaintext_2 = processing_m2.plaintext_2;
-        (*processing_m2_c).method = processing_m2.method;
         let c_r = processing_m2.c_r.as_slice();
         assert_eq!(c_r.len(), 1, "C API only supports short C_R");
         (*processing_m2_c).c_r = c_r[0];
@@ -224,6 +220,79 @@ impl CredentialC {
     }
 }
 
+#[derive(Debug)]
+#[repr(C)]
+pub enum ProcessedM2MethodSpecificsKindC {
+    Prm2StatStat,
+}
+
+#[derive(Debug)]
+#[repr(C)]
+pub struct ProcessedM2MethodSpecificsC {
+    pub kind: ProcessedM2MethodSpecificsKindC,
+}
+
+#[derive(Debug)]
+#[repr(C)]
+pub struct ProcessedM2C {
+    pub method: EDHOCMethod,
+    pub method_specifics: ProcessedM2MethodSpecificsC,
+    pub prk_3e2m: BytesHashLen,
+    pub prk_4e3m: BytesHashLen,
+    pub th_3: BytesHashLen,
+}
+
+impl Default for ProcessedM2C {
+    fn default() -> Self {
+        Self {
+            method: EDHOCMethod::StatStat,
+            method_specifics: ProcessedM2MethodSpecificsC {
+                kind: ProcessedM2MethodSpecificsKindC::Prm2StatStat,
+            },
+            prk_3e2m: Default::default(),
+            prk_4e3m: Default::default(),
+            th_3: Default::default(),
+        }
+    }
+}
+
+impl ProcessedM2C {
+    pub fn to_rust(&self) -> ProcessedM2 {
+        let method_specifics = match self.method_specifics.kind {
+            ProcessedM2MethodSpecificsKindC::Prm2StatStat => {
+                ProcessedM2MethodSpecifics::StatStat {}
+            }
+        };
+
+        ProcessedM2 {
+            method: self.method,
+            method_specifics,
+            prk_3e2m: self.prk_3e2m,
+            prk_4e3m: self.prk_4e3m,
+            th_3: self.th_3,
+        }
+    }
+
+    pub unsafe fn copy_into_c(processed_m2: ProcessedM2, processed_m2_c: *mut ProcessedM2C) {
+        if processed_m2_c.is_null() {
+            panic!("processed_m2_c is null");
+        }
+
+        (*processed_m2_c).method = processed_m2.method;
+        (*processed_m2_c).prk_3e2m = processed_m2.prk_3e2m;
+        (*processed_m2_c).prk_4e3m = processed_m2.prk_4e3m;
+        (*processed_m2_c).th_3 = processed_m2.th_3;
+
+        match processed_m2.method_specifics {
+            ProcessedM2MethodSpecifics::StatStat {} => {
+                (*processed_m2_c).method_specifics = ProcessedM2MethodSpecificsC {
+                    kind: ProcessedM2MethodSpecificsKindC::Prm2StatStat,
+                };
+            }
+        }
+    }
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn credential_new(
     cred: *mut CredentialC,

lakers-python/src/initiator.rs

@@ -110,8 +110,12 @@ impl PyEdhocInitiator {
         let message_2 = EdhocMessageBuffer::new_from_slice(message_2.as_slice())
             .with_cause(py, "Message 2 too long")?;
 
-        let (state, c_r, id_cred_r, ead_2) =
+        let (state, c_r, details) =
             i_parse_message_2(&self.take_wait_m2()?, &mut default_crypto(), &message_2)?;
+        let (id_cred_r, ead_2) = match details {
+            ParsedMessage2Details::StatStat { id_cred_r, ead_2 } => (id_cred_r, ead_2),
+            // ParsedMessage2Details::Psk { ead_2 } => (IdCred::new(), ead_2),
+        };
         self.processing_m2 = Some(state);
         Ok((
             PyBytes::new(py, c_r.as_slice()),
@@ -143,9 +147,11 @@ impl PyEdhocInitiator {
             &self.take_processing_m2()?,
             &mut default_crypto(),
             valid_cred_r,
-            i.as_slice()
-                .try_into()
-                .expect("Wrong length of initiator private key"),
+            Some(
+                i.as_slice()
+                    .try_into()
+                    .expect("Wrong length of initiator private key"),
+            ),
         )?;
         self.processed_m2 = Some(state);
         self.cred_i = Some(cred_i);

lib/src/edhoc.rs

@@ -160,10 +160,10 @@ pub fn i_parse_message_2<'a>(
     state: &WaitM2,
     crypto: &mut impl CryptoTrait,
     message_2: &BufferMessage2,
-) -> Result<(ProcessingM2, ConnId, IdCred, EadItems), EDHOCError> {
+) -> Result<(ProcessingM2, ConnId, ParsedMessage2Details), EDHOCError> {
     match state.method {
         EDHOCMethod::StatStat => i_parse_message_2_statstat(state, crypto, message_2),
-        // EDHOCMethod::PSK => r_parse_message_3_psk()
+        // EDHOCMethod::PSK => i_parse_message_2_psk()
         _ => Err(EDHOCError::UnsupportedMethod),
     }
 }
@@ -173,10 +173,11 @@ pub fn i_verify_message_2(
     state: &ProcessingM2,
     crypto: &mut impl CryptoTrait,
     valid_cred_r: Credential,
-    i: &BytesP256ElemLen, // I's static private DH key
+    i: Option<&BytesP256ElemLen>, // I's static private DH key when required by method
 ) -> Result<ProcessedM2, EDHOCError> {
     match state.method_specifics {
         ProcessingM2MethodSpecifics::StatStat { .. } => {
+            let i = i.ok_or(EDHOCError::MissingIdentity)?;
             i_verify_message_2_statstat(state, crypto, valid_cred_r, i)
         } // ProcessingM2MethodSpecifics::Psk { .. } =>
     }

lib/src/edhoc/statstat.rs

@@ -124,8 +124,8 @@ pub fn r_verify_message_3_statstat(
         &state.ead_3,
     );
 
-    let mac_3 = match state.method_specifics {
-        ProcessingM3MethodSpecifics::StatStat { mac_3, .. } => mac_3,
+    let mac_3 = match &state.method_specifics {
+        ProcessingM3MethodSpecifics::StatStat { mac_3, .. } => *mac_3,
     };
 
     // verify mac_3
@@ -165,7 +165,7 @@ pub fn i_parse_message_2_statstat<'a>(
     state: &WaitM2,
     crypto: &mut impl CryptoTrait,
     message_2: &BufferMessage2,
-) -> Result<(ProcessingM2, ConnId, IdCred, EadItems), EDHOCError> {
+) -> Result<(ProcessingM2, ConnId, ParsedMessage2Details), EDHOCError> {
     let res = parse_message_2(message_2);
     if let Ok((g_y, ciphertext_2)) = res {
         let th_2 = compute_th_2(crypto, &g_y, &state.h_message_1);
@@ -193,7 +193,11 @@ pub fn i_parse_message_2_statstat<'a>(
                 ead_2: ead_2.clone(), // needed for compute_mac_2
             };
 
-            Ok((state, c_r_2, id_cred_r, ead_2))
+            Ok((
+                state,
+                c_r_2,
+                ParsedMessage2Details::StatStat { id_cred_r, ead_2 },
+            ))
         } else {
             Err(EDHOCError::ParsingError)
         }
@@ -255,6 +259,7 @@ pub fn i_verify_message_2_statstat(
             // We need the method for next step. Since we are in the branch of StatStat,
             // we can add EDHOCMethod::StatStat
             method: EDHOCMethod::StatStat,
+            method_specifics: ProcessedM2MethodSpecifics::StatStat {},
             prk_3e2m: prk_3e2m,
             prk_4e3m: prk_4e3m,
             th_3: th_3,