[Lake] PRs on encoding clarification and invalid test vectors

John Mattsson <john.mattsson@ericsson.com> Fri, 08 September 2023 08:52 UTC

From: John Mattsson <john.mattsson@ericsson.com>
To: "lake@ietf.org" <lake@ietf.org>
Thread-Topic: PRs on encoding clarification and invalid test vectors
Thread-Index: AQHZ4i0ljlAen5sWNkS9IwAH8RL0OQ==
Date: Fri, 08 Sep 2023 08:51:52 +0000
Message-ID: <GVXPR07MB9678CD3AA66FB02D6969993389EDA@GVXPR07MB9678.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 8fOnUcCzAiCOpiDiSEj2Ilu7M00ty/Wws4p7N5Qm9I0f4xcUCTSbsaDoeUyCStfacxmt2ZFo+Upthv9uJ6VxYhUV6L4dgBCx5TSwrEF+/Wr9RC9wALA0cRg/qBVDu9+y4n1rBoH6GCLRu3DmcZ0tvtZ0wf9mdwFWeR4quubsGDKR7DCeSI6IwV9pDGM15FxZI3hPdfdwcpZFKEi3PE/fGcGaNTq+kPr3uQ0Ruelplm6iMuMWmZqp442reTkbVevLNXVQYE0tV/hglr+uL9JrYyozBL9kq02Lvh0sgyE+L7JXibNVdPOLRxY2gSTJFRp62R08awxl+koGPVT4+tdssb00LPV8qFu+ICZakf36E43IUsIfCrFAnQR1wud7BO+EEnT8oT2WNvK/sGJoqm5/n2VrOd3pCvekjB2Gzpu8Vpi5jx3I/vF+HqSeIA9K6CK7afR+kLFR8GsM5xsKNqIqSG2W07ar2/ag24NdGIZBIsgePT8a2+m9ptk2axqMyWfGMQjJq1hEtDCg1FGJKhbucIHuITXWhVMvuooysnzZLq66Ts3vaeXov+6/MMazzf1oCDmoeogtqTqUrFatUnueix7tgo95ofXyOxwq4e0L5oPD2qGBe8FURufxNBlk9k6OI53Fhfy0eIFYZxnbiTP/rde2vt8xyt3WDX4nwdO01VqgWHKy4omsqV/Cm+LLGw7S6EGEGfIHFsCNryIgbWPlveNvlKIx7s7Pv1+aN2lN9L8XtdwMlYKBl0Ya8UVrbSuRr8bm36Qcu+PM5XCR99THDREQge70dkiWMyvyNFLlMmxZmIzhEpKhDXe/64AtBthLBuNFW+nqviS7NNDJL7i0WPilTZ74mm67kBwprMiJyY7Fb4XieTFxlJ7Gt712KXOtSk4nA06zRTfZXBGd3Fj9VY5roZPBNwAPKObak6Xq2dzjiJtMejoLWOa7hmS8f0PFnpWSu8iVfaBUXQwX/oFQhIp84yUkZnDSH3n49OsI6jnV9vALfwUmHf+z5eYabGQ0DifZUvobq964qu0J2WcciHXBYRCnXZahLBJlksEgDtiZSrwhLqDomD0PLc15oknBXIElbndYBeYYtEiIf1dgUvJ4WYCiDRoTE2KRxj4cyCziHWdFJ2Ono7p3zp01elwlObuk4S7iF7dSNeBARG0jw6YWc70bt3gs1HrsXAqoWZnWqnZX0xNFE0ds9ctgyAvu/Oit6pYUFbJUeEQChtllvDeER7qoURmwYr4gk7gkrfTtEwokv24dZzWdw3JsEiKP/gfNJb6Tytfr4fJWvabWMGm8EfDRRvJWZYXG1x+qg6VEi3U5BX7+80XwCfWQC8XshzWbX0b+vLw7Mt88PY4uL79zsr2CSM43yllT7d/URXSSNLWFxAeu1n1ESrQThyxIweeEDEw24/P7BCtFCikFYKfwWIIAOUD8Pb4uMdsIzwkHjjRL2SDOD52mgA5OyElrC0dJQkHDUvXLQTgQ35Utiu1kvwhl01iDLtIdyk+0U605giMHNSnffFCjahtr9aRFV/8IS1eZ/paf3HR0d4BtsGDy1Pd4BWxyGAU6wwz6vFxwBhVMsGM5Det5kVdez/cxLQ6qmFWO5MdbmVCwcfA8mtP/9l72ll0e2sKf7EvcDpE=
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB9678CD3AA66FB02D6969993389EDAGVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 00f28fb0-9d23-40f2-cd35-08dbb048d8b5
X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Sep 2023 08:51:52.2860 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: l0g+H1pVjuz0ynxaUTF5DhYjvxanJspwGCkxbWrr4qrtoB/neFOaVpJLkR4WYEL9b6BaUVw65j6MZPuEszxTV+D2IjgWLxnEcjY5zFrrBzs=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS2PR07MB9148
Archived-At: <https://mailarchive.ietf.org/arch/msg/lake/FVwT4gcF-rgZMZ2NdgSfiSEWPHo>
Subject: [Lake] PRs on encoding clarification and invalid test vectors
X-BeenThere: lake@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Lightweight Authenticated Key Exchange <lake.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lake>, <mailto:lake-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lake/>
List-Post: <mailto:lake@ietf.org>
List-Help: <mailto:lake-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lake>, <mailto:lake-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Sep 2023 08:52:00 -0000

Hi,

The authors and implementors have worked on producing invalid test vectors, as well as clarifying instructions on encoding and validation. This has been very worthwhile and caught implementation problems and needed clarifications to the specification.

https://github.com/lake-wg/edhoc/pull/446
https://github.com/lake-wg/edhoc/pull/442

Suggestion to add to the EDHOC specification:
”For X25519 and X448, the all-zero output check MUST be done.” as suggested by Charlie but forgotten.
- “Implementations MUST abort the EDHOC session if validation of a received public key fails.”, which was missing.
- “Implementations MAY abort the EDHOC session if the received EDHOC message is not encoded using deterministic CBOR.” instead of the unnecessary hard SHOULD abort.
- CDDL for PLAINTEXT_2, PLAINTEXT_3, and PLAINTEXT_4, which were missing. There is an existing MUST abort if the CDDL does not match.

The plan is to:
- include the traces PR in the next version of the draft.
- include the EDHOC PR duing AUTH48.

Plese review and let us know if you disagree.

Cheers,
John

[Lake] PRs on encoding clarification and invalid … John Mattsson
Re: [Lake] PRs on encoding clarification and inva… Carsten Bormann
Re: [Lake] PRs on encoding clarification and inva… Paul Wouters
Re: [Lake] PRs on encoding clarification and inva… John Mattsson
Re: [Lake] PRs on encoding clarification and inva… John Mattsson
Re: [Lake] PRs on encoding clarification and inva… Paul Wouters
Re: [Lake] PRs on encoding clarification and inva… Göran Selander