Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor EADs to not use global state #170

Merged
merged 8 commits into from
Dec 26, 2023
Merged

Refactor EADs to not use global state #170

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
79ae08b
wip(ead): refactor ead authz to not use global state
geonnave Dec 8, 2023
991aea3
refactor(ead): rename entities
geonnave Dec 11, 2023
6552ebc
feat(ead): test complete authz flow
geonnave Dec 11, 2023
52320da
refactor(ead): use cred_v as slice and group private functions
geonnave Dec 11, 2023
f05528c
refactor(ead): typestatify the zero-touch device
geonnave Dec 11, 2023
943aeca
refactor(ead): typestatify the zero-touch authenticator
geonnave Dec 11, 2023
5f05064
chore(ead): adjust visibility, remove unused enum
geonnave Dec 11, 2023
8b12f33
refactor(ead): export structs directly
geonnave Dec 12, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
refactor(ead): typestatify the zero-touch authenticator
  • Loading branch information
@geonnave
geonnave committed Dec 12, 2023
commit 943aeca778e0d75458d5f1c6b81d62e56a85aa6e
87 changes: 33 additions & 54 deletions ead/lakers-ead-authz/src/authenticator.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,22 +11,24 @@ pub enum ZeroTouchAuthenticatorState {
Error,
}

pub struct ZeroTouchAuthenticator {
pub current_state: ZeroTouchAuthenticatorState,
}
#[derive(Debug, Default)]
pub struct ZeroTouchAuthenticator;
#[derive(Debug, Default)]
pub struct ZeroTouchAuthenticatorWaitVoucherResp;

impl ZeroTouchAuthenticator {
pub fn new() -> Self {
ZeroTouchAuthenticator {
current_state: ZeroTouchAuthenticatorState::Start,
}
}

pub fn process_ead_1(
&mut self,
&self,
ead_1: &EADItem,
message_1: &EdhocMessageBuffer,
) -> Result<(EdhocMessageBuffer, EdhocMessageBuffer), EDHOCError> {
) -> Result<
(
EdhocMessageBuffer,
EdhocMessageBuffer,
ZeroTouchAuthenticatorWaitVoucherResp,
),
EDHOCError,
> {
let opaque_state: Option<EdhocMessageBuffer> = None; // TODO: receive as parameter

if ead_1.label != EAD_ZEROCONF_LABEL || ead_1.value.is_none() {
Expand All @@ -35,32 +37,28 @@ impl ZeroTouchAuthenticator {

let (loc_w, _enc_id) = parse_ead_1_value(&ead_1.value.unwrap())?;
let voucher_request = encode_voucher_request(message_1, &opaque_state);
self.current_state = ZeroTouchAuthenticatorState::ProcessedEAD1;

Ok((loc_w, voucher_request))
Ok((
loc_w,
voucher_request,
ZeroTouchAuthenticatorWaitVoucherResp::default(),
))
}
}

// FIXME: this and the other *_prepare_* functions should return a `Result<>`
pub fn prepare_ead_2(&mut self, voucher_response: &EdhocMessageBuffer) -> Option<EADItem> {
let (_message_1, voucher, _opaque_state) =
parse_voucher_response(&voucher_response).unwrap();

self.current_state = ZeroTouchAuthenticatorState::Completed;
impl ZeroTouchAuthenticatorWaitVoucherResp {
pub fn prepare_ead_2(
&self,
voucher_response: &EdhocMessageBuffer,
) -> Result<EADItem, EDHOCError> {
let (_message_1, voucher, _opaque_state) = parse_voucher_response(&voucher_response)?;

Some(EADItem {
Ok(EADItem {
label: EAD_ZEROCONF_LABEL,
is_critical: true,
value: Some(voucher[..].try_into().unwrap()),
})
}

pub fn process_ead_3(_ead_3: EADItem) -> Result<(), ()> {
// TODO: maybe retrive CRED_U from a Credential Database

// self.current_state = ZeroTouchAuthenticatorState::Completed;

Ok(())
}
}

pub fn encode_voucher_request(
Expand Down Expand Up @@ -129,11 +127,10 @@ mod test_authenticator {

#[test]
fn test_parse_ead_1_value() {
let ead_1_value_tv: EdhocMessageBuffer = EAD1_VALUE_TV.try_into().unwrap();
let loc_w_tv: EdhocMessageBuffer = LOC_W_TV.try_into().unwrap();
let enc_id_tv: EdhocMessageBuffer = ENC_ID_TV.try_into().unwrap();

let res = parse_ead_1_value(&ead_1_value_tv);
let res = parse_ead_1_value(&EAD1_VALUE_TV.try_into().unwrap());
assert!(res.is_ok());
let (loc_w, enc_id) = res.unwrap();
assert_eq!(loc_w.content, loc_w_tv.content);
Expand All @@ -142,38 +139,24 @@ mod test_authenticator {

#[test]
fn test_encode_voucher_request() {
let message_1_tv: EdhocMessageBuffer = MESSAGE_1_WITH_EAD_TV.try_into().unwrap();
let voucher_request_tv: EdhocMessageBuffer = VOUCHER_REQUEST_TV.try_into().unwrap();

let voucher_request = encode_voucher_request(&message_1_tv, &None);
let voucher_request =
encode_voucher_request(&MESSAGE_1_WITH_EAD_TV.try_into().unwrap(), &None);
assert_eq!(voucher_request.content, voucher_request_tv.content);
}

#[test]
fn test_process_ead_1() {
let ead_1_value_tv: EdhocMessageBuffer = EAD1_VALUE_TV.try_into().unwrap();
let message_1_tv: EdhocMessageBuffer = MESSAGE_1_WITH_EAD_TV.try_into().unwrap();

let ead_1 = EADItem {
label: EAD_ZEROCONF_LABEL,
is_critical: true,
value: Some(ead_1_value_tv),
value: Some(EAD1_VALUE_TV.try_into().unwrap()),
};

let mut ead_authz = ZeroTouchAuthenticator::new();

// mock_ead_server_set_global_state(ZeroTouchServer::new(
// CRED_V_TV,
// W_TV.try_into().unwrap(),
// None,
// ));

let res = ead_authz.process_ead_1(&ead_1, &message_1_tv);
let ead_authz = ZeroTouchAuthenticator::default();
let res = ead_authz.process_ead_1(&ead_1, &MESSAGE_1_WITH_EAD_TV.try_into().unwrap());
assert!(res.is_ok());
assert_eq!(
ead_authz.current_state,
ZeroTouchAuthenticatorState::ProcessedEAD1
);
}

#[test]
Expand All @@ -195,13 +178,9 @@ mod test_authenticator {
let voucher_response_tv: EdhocMessageBuffer = VOUCHER_RESPONSE_TV.try_into().unwrap();
let ead_2_value_tv: EdhocMessageBuffer = EAD2_VALUE_TV.try_into().unwrap();

let mut ead_authz = ZeroTouchAuthenticator::new();
let ead_authz = ZeroTouchAuthenticatorWaitVoucherResp::default();

let ead_2 = ead_authz.prepare_ead_2(&voucher_response_tv).unwrap();
assert_eq!(
ead_authz.current_state,
ZeroTouchAuthenticatorState::Completed
);
assert_eq!(ead_2.label, EAD_ZEROCONF_LABEL);
assert_eq!(ead_2.is_critical, true);
assert_eq!(ead_2.value.unwrap().content, ead_2_value_tv.content);
Expand Down
2 changes: 1 addition & 1 deletion ead/lakers-ead-authz/src/device.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ mod test_device {
LOC_W_TV.try_into().unwrap(),
);

let (ead_1, ead_authz) =
let (ead_1, _ead_authz) =
ead_authz.prepare_ead_1(&mut default_crypto(), &X_TV.try_into().unwrap(), SS_TV);
assert_eq!(ead_1.label, EAD_ZEROCONF_LABEL);
assert_eq!(ead_1.is_critical, true);
Expand Down
6 changes: 3 additions & 3 deletions ead/lakers-ead-authz/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,12 +19,12 @@ mod test_authz {

#[test]
fn test_complete_flow() {
let mut device = ZeroTouchDevice::new(
let device = ZeroTouchDevice::new(
ID_U_TV.try_into().unwrap(),
G_W_TV.try_into().unwrap(),
LOC_W_TV.try_into().unwrap(),
);
let mut authenticator = ZeroTouchAuthenticator::new();
let authenticator = ZeroTouchAuthenticator::default();
let server = ZeroTouchServer::new(
CRED_V_TV.try_into().unwrap(),
W_TV.try_into().unwrap(),
Expand All @@ -38,7 +38,7 @@ mod test_authz {

// ead_1 will be transported within message_1

let (_loc_w, voucher_request) = authenticator
let (_loc_w, voucher_request, authenticator) = authenticator
.process_ead_1(&ead_1, &MESSAGE_1_WITH_EAD_TV.try_into().unwrap())
.unwrap();

Expand Down