[riot-notifications] [RIOT-OS/RIOT] pkg/edhoc-c: initial commit (#16295)

Kaspar Schleiser notifications at github.com
Tue Jun 8 11:04:53 CEST 2021


@kaspar030 requested changes on this pull request.

last round, there are some typos. please squash right in

> @@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2021 Inria
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     examples

tests?

> @@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2021 Inria
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     examples
+ * @{
+ *
+ * @file
+ * @brief       EDHOC handhsake over COAP using EDHOC-C

handshake

> +    }
+
+    /* use fixed values only for testing purposes */
+    puts("[responder]: load ephemeral key: ONLY FOR TESTING");
+    if (edhoc_load_ephkey(&_ctx, resp_cbor_eph_key, sizeof(resp_cbor_eph_key)) != 0) {
+        return -1;
+    }
+    puts("[responder]: preset cid: ONLY FOR TESTING");
+    if (edhoc_session_preset_cidr(&_ctx, resp_cid, sizeof(resp_cid)) != 0) {
+        return -1;
+    }
+
+    return 0;
+}
+
+#endif /* CONFIG_RESEPONDER */

CONFIG_RESPONDER

> @@ -0,0 +1,108 @@
+#!/usr/bin/env python3
+
+# Copyright (C) 2021 Inria
+#
+# This file is subject to the terms and conditions of the GNU Lesser
+# General Public License v2.1. See the file LICENSE in the top level
+# directory for more details.
+
+import os
+import sys
+
+from testrunner import run
+
+# Default COAP port on which the response server is running

response server?

> +LAKE_WG_EDHOC_TV_34900_OSCORE_SECRET = \
+    """
+    0x5b 0xb2 0xae 0xe2 0x5b 0x16 0x0e 0x7c\n
+    0x6d 0x26 0x12 0xb0 0xa6 0x01 0x09 0x16
+    """
+
+LAKE_WG_EDHOC_TV_34900_OSCORE_SALT = \
+    "0x8e 0x44 0x92 0x10 0xe0 0x3b 0xc2 0x9d"
+
+
+def get_ipv6_addr(child):
+    child.expect_exact('>')
+    child.sendline('ifconfig')
+    # Get device local address
+    child.expect(
+        r"inet6\s+addr:\s+(?P<lladdr>[0-9a-fA-F:]+:[A-Fa-f:0-9]+)"

`\r\n`

> +
+And on the `edhoc-responder`:
+
+```
+INFO:root:CHANGED (EdhocState.MSG_2_SENT)  b'X q\xa3\xd5\x99\xc2\x1d\xa1\x89\x02\xa1\xae\xa8\x10\xb2\xb68,\xcd\x8d_\x9b\xf0\x19R\x81uL^\xbc\xaf0\x1e\x13XP\x99\xe1;\xa4eDD\xe8\xb6\xd4\x04\x01\x1e\x01\xa3)\xa3&\x05E\x993\x95\xf94+C\xa7T\xf9\xe1\x8b\x0f\xdcF\xc2\xccN%$w\xe0\x83R\x0b\xf46tS\xb6+\xbf>\x14\xb7\xb0\xea\x0e\xee\x84\xc5[\x9ed\xfc\x03\x97\xc0E\x18m\x14\xdb\x88\x8cs/\x95R\xf5'
+INFO:root:POST (EdhocState.MSG_2_SENT)  b'\x13XXIz>F\xac\xa16\xbf\xff\xb9\\\x00F\x89ihJ\xe8-\x83\xf0\xe5\xc5\xe3?\x8f\x17\xdf|r\xe1\xf2\x9ez*\xe8\x88u\x16\xd2j\xe3\xa7sv\xe8\xe5"\x14Cm\xb07\xb8H1\xf3\xa9\xb3\xfc\x82\x9cJ\x92\x19,>J\xfeBl\x119lHH\x06k\xf0\xed.\xff\x16\x91\x08\xf4\xeen'
+INFO:root:EDHOC key exchange successfully completed:
+INFO:root: - connection IDr: b'+'
+INFO:root: - connection IDi: b'+'
+INFO:root: - aead algorithm: AES_CCM_16_64_128
+INFO:root: - hash algorithm: SHA_256
+INFO:root: - OSCORE secret : b'\xd8\x1e\xa3@\xec\xe3?3\xe1\xfe\x8a\x1d\x0c|\xd0\xbe'
+INFO:root: - OSCORE salt   : b'\x87\xf9J\xf7\x82Tq\xa3'
+```
+
+Congratulations you have performed an EDHOC handshake form your HOST to

from

> +0x74 0xc4 0x96 0x46 0x58 0x65 0x03 0xfa
+0x9b 0xbf 0x3e 0x00 0x01 0x2c 0x03 0x7e
+0xaf 0x56 0xe4 0x5e 0x30 0x19 0x20 0x83
+0x9b 0x81 0x3a 0x53 0xf6 0xd4 0xc5 0x57
+0x48 0x0f 0x6c 0x79 0x7d 0x5b 0x76 0xf0
+0xe4 0x62 0xf5 0xf5 0x7a 0x3d 0xb6 0xd2
+0xb5 0x0c 0x32 0x31 0x9f 0x34 0x0f 0x4a
+0xc5 0xaf 0x9a
+
+[responder]: finalize exchange
+[responder]: handshake successfully completed
+```
+
+### Initiator
+
+First find out what is the local ipv6 address of the tap interface:

```suggestion
First find out the local ipv6 address of the tap interface:
```

> +- If using any other (non-emulated) `BOARD` then in one terminal:
+
+```
+ $ sudo dist/tools/ethos/setup_network.sh riot0 2001:db8::/64
+```
+
+This will create a tap interface called `riot0`, owned by the user. It will
+also run an instance of uhcpcd, which starts serving the prefix
+`2001:db8::/64`. Keep the shell open as long as you need the network.
+Make sure to exit the "make term" instance from the next section *before*
+exiting this, as otherwise the "riot0" interface doesn't get cleaned up
+properly.
+
+### Responder
+
+Find out what the IPv6 address of the device is by running the `ifconfig`

```suggestion
Find out the IPv6 address of the device by running the `ifconfig`
```

> @@ -0,0 +1,22 @@
+ifneq (,$(filter edhoc-c_crypto_wolfssl,$(USEMODULE)))

there is no default for crypto and cbor backend, right? (let's fix later if necessary)

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/RIOT-OS/RIOT/pull/16295#pullrequestreview-678268868
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20210608/4087d718/attachment-0001.htm>


More information about the notifications mailing list