From 1a584100547636011bcf00dd740685a55b2aa6f2 Mon Sep 17 00:00:00 2001
From: chrysn <chrysn@fsfe.org>
Date: Wed, 22 Jan 2025 14:40:52 +0100
Subject: [PATCH] Change API for EAD items to support large numbers

The set of supported values is not changed, but the API is changed so
that the implementation can be fixed without an extra breaking change.
---
 ead/lakers-ead-authz/src/lib.rs |  2 +-
 lib/src/edhoc.rs                | 11 ++++++-----
 shared/src/lib.rs               |  9 +++++++--
 3 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/ead/lakers-ead-authz/src/lib.rs b/ead/lakers-ead-authz/src/lib.rs
index 99e8fe47..b3b24d46 100644
--- a/ead/lakers-ead-authz/src/lib.rs
+++ b/ead/lakers-ead-authz/src/lib.rs
@@ -12,7 +12,7 @@ pub use device::{ZeroTouchDevice, ZeroTouchDeviceDone, ZeroTouchDeviceWaitEAD2};
 pub use server::{ZeroTouchServer, ZeroTouchServerUserAcl};
 
 pub mod consts {
-    pub const EAD_AUTHZ_LABEL: u8 = 0x1; // NOTE: in lake-authz-draft-01 it is still TBD1
+    pub const EAD_AUTHZ_LABEL: u16 = 0x1; // NOTE: in lake-authz-draft-01 it is still TBD1
     pub const EAD_AUTHZ_INFO_K_1_LABEL: u8 = 0x0;
     pub const EAD_AUTHZ_INFO_IV_1_LABEL: u8 = 0x1;
     pub const EAD_AUTHZ_ENC_STRUCTURE_LEN: usize = 2 + 8 + 3;
diff --git a/lib/src/edhoc.rs b/lib/src/edhoc.rs
index 730aee24..1150d901 100644
--- a/lib/src/edhoc.rs
+++ b/lib/src/edhoc.rs
@@ -497,14 +497,15 @@ fn encode_ead_item(ead_1: &EADItem) -> Result<EdhocMessageBuffer, EDHOCError> {
     let mut output = EdhocMessageBuffer::new();
 
     // encode label
+    // FIXME: This only works for values up to 23
     let res = if ead_1.is_critical {
         // ensure it won't overflow
-        ead_1
-            .label
-            .checked_add(CBOR_NEG_INT_1BYTE_START)
+        u8::try_from(ead_1.label)
+            .ok()
+            .and_then(|x| x.checked_add(CBOR_NEG_INT_1BYTE_START))
             .and_then(|x| x.checked_sub(1))
     } else {
-        Some(ead_1.label)
+        ead_1.label.try_into().ok()
     };
 
     if let Some(label) = res {
@@ -1201,7 +1202,7 @@ mod tests {
     const MESSAGE_1_TV_SUITE_ONLY_C: &str = "0382021819";
     // message with an array having too many cipher suites (more than 9)
     const MESSAGE_1_TV_SUITE_ONLY_ERR: &str = "038A02020202020202020202";
-    const EAD_DUMMY_LABEL_TV: u8 = 0x01;
+    const EAD_DUMMY_LABEL_TV: u16 = 0x01;
     const EAD_DUMMY_VALUE_TV: &str = "cccccc";
     const EAD_DUMMY_CRITICAL_TV: &str = "20cccccc";
     const MESSAGE_1_WITH_DUMMY_EAD_NO_VALUE_TV: &str =
diff --git a/shared/src/lib.rs b/shared/src/lib.rs
index 556962bf..3d8ad093 100644
--- a/shared/src/lib.rs
+++ b/shared/src/lib.rs
@@ -635,7 +635,12 @@ impl TryInto<EdhocMessageBuffer> for &[u8] {
 #[cfg_attr(feature = "python-bindings", pyclass)]
 #[derive(Clone, Debug)]
 pub struct EADItem {
-    pub label: u8,
+    /// EAD label of the item
+    ///
+    /// # Caveats
+    ///
+    /// Currently, only values up to 23 are supported.
+    pub label: u16,
     pub is_critical: bool,
     // TODO[ead]: have adjustable (smaller) length for this buffer
     pub value: Option<EdhocMessageBuffer>,
@@ -717,7 +722,7 @@ mod edhoc_parser {
                     None
                 };
                 let ead_item = Some(EADItem {
-                    label,
+                    label: label.into(),
                     is_critical,
                     value: ead_value,
                 });