From 2369161f589bc0fe9cbc3fd4fe48c1eb25aa526f Mon Sep 17 00:00:00 2001 From: Pankaj Garg Date: Tue, 4 May 2021 14:21:10 -0700 Subject: [PATCH] Delete RendezvousSession, and move code to controller and server (#6437) * Delete RendezvousSession, and move code to controller and server * some cleanup * some more cleanup * fix Android build * more fixes to Android build * update commented out code --- .../commands/pairing/PairingCommand.cpp | 6 +- .../commands/pairing/PairingCommand.h | 2 +- scripts/tools/memory/README.md | 2 +- src/app/server/RendezvousServer.cpp | 132 +++++++----- src/app/server/RendezvousServer.h | 37 ++-- src/app/server/Server.cpp | 9 +- src/channel/ChannelContext.cpp | 13 -- src/channel/ChannelContext.h | 4 - src/controller/CHIPDeviceController.cpp | 92 ++++---- src/controller/CHIPDeviceController.h | 23 +- .../java/AndroidDeviceControllerWrapper.cpp | 2 +- .../java/AndroidDeviceControllerWrapper.h | 2 +- ...Controller-ScriptDevicePairingDelegate.cpp | 2 - ...ceController-ScriptDevicePairingDelegate.h | 1 - .../CHIP/CHIPDevicePairingDelegateBridge.h | 4 +- .../CHIP/CHIPDevicePairingDelegateBridge.mm | 8 +- src/protocols/secure_channel/BUILD.gn | 2 - .../secure_channel/RendezvousSession.cpp | 204 ------------------ .../secure_channel/RendezvousSession.h | 134 ------------ src/transport/BUILD.gn | 1 - src/transport/RendezvousSessionDelegate.h | 47 ---- src/transport/SessionEstablishmentDelegate.h | 17 -- 22 files changed, 183 insertions(+), 561 deletions(-) delete mode 100644 src/protocols/secure_channel/RendezvousSession.cpp delete mode 100644 src/protocols/secure_channel/RendezvousSession.h delete mode 100644 src/transport/RendezvousSessionDelegate.h diff --git a/examples/chip-tool/commands/pairing/PairingCommand.cpp b/examples/chip-tool/commands/pairing/PairingCommand.cpp index 1d478c6b7801e5..8c48633dca2c7d 100644 --- a/examples/chip-tool/commands/pairing/PairingCommand.cpp +++ b/examples/chip-tool/commands/pairing/PairingCommand.cpp @@ -108,14 +108,14 @@ CHIP_ERROR PairingCommand::Unpair(NodeId remoteId) return mCommissioner.UnpairDevice(remoteId); } -void PairingCommand::OnStatusUpdate(RendezvousSessionDelegate::Status status) +void PairingCommand::OnStatusUpdate(DevicePairingDelegate::Status status) { switch (status) { - case RendezvousSessionDelegate::Status::SecurePairingSuccess: + case DevicePairingDelegate::Status::SecurePairingSuccess: ChipLogProgress(chipTool, "Secure Pairing Success"); break; - case RendezvousSessionDelegate::Status::SecurePairingFailed: + case DevicePairingDelegate::Status::SecurePairingFailed: ChipLogError(chipTool, "Secure Pairing Failed"); break; } diff --git a/examples/chip-tool/commands/pairing/PairingCommand.h b/examples/chip-tool/commands/pairing/PairingCommand.h index 485156a9170413..d0471386e7bd50 100644 --- a/examples/chip-tool/commands/pairing/PairingCommand.h +++ b/examples/chip-tool/commands/pairing/PairingCommand.h @@ -97,7 +97,7 @@ class PairingCommand : public Command, CHIP_ERROR Run(PersistentStorage & storage, NodeId localId, NodeId remoteId) override; /////////// DevicePairingDelegate Interface ///////// - void OnStatusUpdate(chip::RendezvousSessionDelegate::Status status) override; + void OnStatusUpdate(chip::Controller::DevicePairingDelegate::Status status) override; void OnPairingComplete(CHIP_ERROR error) override; void OnPairingDeleted(CHIP_ERROR error) override; diff --git a/scripts/tools/memory/README.md b/scripts/tools/memory/README.md index 4997892b1c0af7..b2546ebe14dcdc 100644 --- a/scripts/tools/memory/README.md +++ b/scripts/tools/memory/README.md @@ -165,7 +165,7 @@ Example: $ diffsyms.py --demangle ${IMAGE1} ${IMAGE2} symbol a b chip::Inet::InetLayer::NewUDPEndPoint(chip::Inet::UDPEndPoint**) 196 194 -chip::Transport::BLE::Init(chip::RendezvousSessionDelegate*, chip::RendezvousParameters const&) 80 100 +chip::Transport::BLE::Init(chip::DevicePairingDelegate*, chip::RendezvousParameters const&) 80 100 ``` ### block.py diff --git a/src/app/server/RendezvousServer.cpp b/src/app/server/RendezvousServer.cpp index 89f66f65929bb4..f0ec390bb139eb 100644 --- a/src/app/server/RendezvousServer.cpp +++ b/src/app/server/RendezvousServer.cpp @@ -33,76 +33,112 @@ using namespace ::chip::Transport; using namespace ::chip::DeviceLayer; namespace chip { - -RendezvousServer::RendezvousServer() : mRendezvousSession(this) {} +static constexpr uint32_t kSpake2p_Iteration_Count = 100; +static const char * kSpake2pKeyExchangeSalt = "SPAKE2P Key Salt"; CHIP_ERROR RendezvousServer::WaitForPairing(const RendezvousParameters & params, Messaging::ExchangeManager * exchangeManager, TransportMgrBase * transportMgr, SecureSessionMgr * sessionMgr, Transport::AdminPairingInfo * admin) { - return mRendezvousSession.Init(params, exchangeManager, transportMgr, sessionMgr, admin); + VerifyOrReturnError(transportMgr != nullptr, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(exchangeManager != nullptr, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(sessionMgr != nullptr, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(admin != nullptr, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(params.HasSetupPINCode() || params.HasPASEVerifier(), CHIP_ERROR_INVALID_ARGUMENT); + +#if CONFIG_NETWORK_LAYER_BLE + VerifyOrReturnError(params.HasAdvertisementDelegate(), CHIP_ERROR_INVALID_ARGUMENT); +#endif + + mAdvDelegate = params.GetAdvertisementDelegate(); + + // Note: Since BLE is only used for initial setup, enable BLE advertisement in rendezvous session can be expected. + if (params.GetPeerAddress().GetTransportType() == Transport::Type::kBle) +#if CONFIG_NETWORK_LAYER_BLE + { + ReturnErrorOnFailure(GetAdvertisementDelegate()->StartAdvertisement()); + } +#else + { + return CHIP_ERROR_UNSUPPORTED_CHIP_FEATURE; + } +#endif + mSessionMgr = sessionMgr; + mAdmin = admin; + mExchangeManager = exchangeManager; + + ReturnErrorOnFailure(mExchangeManager->RegisterUnsolicitedMessageHandlerForType( + Protocols::SecureChannel::MsgType::PBKDFParamRequest, &mPairingSession)); + + if (params.HasPASEVerifier()) + { + ReturnErrorOnFailure(mPairingSession.WaitForPairing(params.GetPASEVerifier(), mNextKeyId++, this)); + } + else + { + ReturnErrorOnFailure(mPairingSession.WaitForPairing(params.GetSetupPINCode(), kSpake2p_Iteration_Count, + reinterpret_cast(kSpake2pKeyExchangeSalt), + strlen(kSpake2pKeyExchangeSalt), mNextKeyId++, this)); + } + + ReturnErrorOnFailure(mPairingSession.MessageDispatch().Init(transportMgr)); + mPairingSession.MessageDispatch().SetPeerAddress(params.GetPeerAddress()); + + return CHIP_NO_ERROR; } -void RendezvousServer::OnRendezvousError(CHIP_ERROR err) +void RendezvousServer::Cleanup() { - ChipLogProgress(AppServer, "OnRendezvousError: %s", ErrorStr(err)); + mExchangeManager->UnregisterUnsolicitedMessageHandlerForType(Protocols::SecureChannel::MsgType::PBKDFParamRequest); + + if (HasAdvertisementDelegate()) + { + GetAdvertisementDelegate()->StopAdvertisement(); + } } -void RendezvousServer::OnRendezvousConnectionOpened() +void RendezvousServer::OnSessionEstablishmentError(CHIP_ERROR err) { - ChipLogProgress(AppServer, "OnRendezvousConnectionOpened"); + Cleanup(); + + ChipLogProgress(AppServer, "OnSessionEstablishmentError: %s", ErrorStr(err)); + ChipLogProgress(AppServer, "Failed in SPAKE2+ handshake"); + + if (mDelegate != nullptr) + { + mDelegate->OnRendezvousStopped(); + } } -void RendezvousServer::OnRendezvousConnectionClosed() +void RendezvousServer::OnSessionEstablished() { - ChipLogProgress(AppServer, "OnRendezvousConnectionClosed"); -} + CHIP_ERROR err = + mSessionMgr->NewPairing(Optional::Value(mPairingSession.PeerConnection().GetPeerAddress()), + mPairingSession.PeerConnection().GetPeerNodeId(), &mPairingSession, + SecureSessionMgr::PairingDirection::kResponder, mAdmin->GetAdminId(), nullptr); + if (err != CHIP_NO_ERROR) + { + ChipLogError(Ble, "Failed in setting up secure channel: err %s", ErrorStr(err)); + OnSessionEstablishmentError(err); + return; + } + + ChipLogProgress(AppServer, "Device completed SPAKE2+ handshake"); + if (mDelegate != nullptr) + { + mDelegate->OnRendezvousStarted(); + } -void RendezvousServer::OnRendezvousMessageReceived(const PacketHeader & packetHeader, const PeerAddress & peerAddress, - System::PacketBufferHandle buffer) -{} + Cleanup(); -void RendezvousServer::OnRendezvousComplete() -{ ChipLogProgress(AppServer, "Device completed Rendezvous process"); - StorablePeerConnection connection(mRendezvousSession.GetPairingSession(), mRendezvousSession.GetAdminId()); + StorablePeerConnection connection(mPairingSession, mAdmin->GetAdminId()); VerifyOrReturn(mStorage != nullptr, ChipLogError(AppServer, "Storage delegate is not available. Cannot store the connection state")); VerifyOrReturn(connection.StoreIntoKVS(*mStorage) == CHIP_NO_ERROR, ChipLogError(AppServer, "Failed to store the connection state")); - uint16_t nextKeyId = mRendezvousSession.GetNextKeyId(); - mStorage->SyncSetKeyValue(kStorablePeerConnectionCountKey, &nextKeyId, sizeof(nextKeyId)); -} - -void RendezvousServer::OnRendezvousStatusUpdate(Status status, CHIP_ERROR err) -{ - VerifyOrExit(err == CHIP_NO_ERROR, ChipLogError(AppServer, "OnRendezvousStatusUpdate: %s", chip::ErrorStr(err))); - - switch (status) - { - case RendezvousSessionDelegate::SecurePairingSuccess: - ChipLogProgress(AppServer, "Device completed SPAKE2+ handshake"); - if (mDelegate != nullptr) - { - mDelegate->OnRendezvousStarted(); - } - break; - - case RendezvousSessionDelegate::SecurePairingFailed: - ChipLogProgress(AppServer, "Failed in SPAKE2+ handshake"); - if (mDelegate != nullptr) - { - mDelegate->OnRendezvousStopped(); - } - break; - - default: - break; - }; - -exit: - return; + mStorage->SyncSetKeyValue(kStorablePeerConnectionCountKey, &mNextKeyId, sizeof(mNextKeyId)); } } // namespace chip diff --git a/src/app/server/RendezvousServer.h b/src/app/server/RendezvousServer.h index 49b38906c04674..0a0b89424bcf37 100644 --- a/src/app/server/RendezvousServer.h +++ b/src/app/server/RendezvousServer.h @@ -21,15 +21,13 @@ #include #include #include -#include +#include namespace chip { -class RendezvousServer : public RendezvousSessionDelegate +class RendezvousServer : public SessionEstablishmentDelegate { public: - RendezvousServer(); - CHIP_ERROR WaitForPairing(const RendezvousParameters & params, Messaging::ExchangeManager * exchangeManager, TransportMgrBase * transportMgr, SecureSessionMgr * sessionMgr, Transport::AdminPairingInfo * admin); @@ -41,21 +39,30 @@ class RendezvousServer : public RendezvousSessionDelegate return CHIP_NO_ERROR; } - //////////////// RendezvousSessionDelegate Implementation /////////////////// + //////////// SessionEstablishmentDelegate Implementation /////////////// + void OnSessionEstablishmentError(CHIP_ERROR error) override; + void OnSessionEstablished() override; + + void Cleanup(); - void OnRendezvousConnectionOpened() override; - void OnRendezvousConnectionClosed() override; - void OnRendezvousError(CHIP_ERROR err) override; - void OnRendezvousMessageReceived(const PacketHeader & packetHeader, const Transport::PeerAddress & peerAddress, - System::PacketBufferHandle buffer) override; - void OnRendezvousComplete() override; - void OnRendezvousStatusUpdate(Status status, CHIP_ERROR err) override; - RendezvousSession * GetRendezvousSession() { return &mRendezvousSession; }; + uint16_t GetNextKeyId() const { return mNextKeyId; } + void SetNextKeyId(uint16_t id) { mNextKeyId = id; } private: - RendezvousSession mRendezvousSession; AppDelegate * mDelegate; - PersistentStorageDelegate * mStorage = nullptr; + PersistentStorageDelegate * mStorage = nullptr; + Messaging::ExchangeManager * mExchangeManager = nullptr; + + PASESession mPairingSession; + uint16_t mNextKeyId = 0; + SecureSessionMgr * mSessionMgr = nullptr; + + Transport::AdminPairingInfo * mAdmin = nullptr; + + const RendezvousAdvertisementDelegate * mAdvDelegate; + + bool HasAdvertisementDelegate() const { return mAdvDelegate != nullptr; } + const RendezvousAdvertisementDelegate * GetAdvertisementDelegate() const { return mAdvDelegate; } }; } // namespace chip diff --git a/src/app/server/Server.cpp b/src/app/server/Server.cpp index c300b4df8a9d64..be49257c525f1c 100644 --- a/src/app/server/Server.cpp +++ b/src/app/server/Server.cpp @@ -184,7 +184,7 @@ static CHIP_ERROR RestoreAllSessionsFromKVS(SecureSessionMgr & sessionMgr, Rende chip::Platform::Delete(session); - server.GetRendezvousSession()->SetNextKeyId(nextSessionKeyId); + server.SetNextKeyId(nextSessionKeyId); return CHIP_NO_ERROR; } @@ -262,9 +262,10 @@ class ServerRendezvousAdvertisementDelegate : public RendezvousAdvertisementDele { ReturnErrorOnFailure(chip::DeviceLayer::ConnectivityMgr().SetBLEAdvertisingEnabled(false)); } + + if (mDelegate != nullptr) { - if (mDelegate != nullptr) - mDelegate->OnPairingWindowClosed(); + mDelegate->OnPairingWindowClosed(); } AdminPairingInfo * admin = gAdminPairings.FindAdmin(mAdmin); @@ -429,7 +430,7 @@ CHIP_ERROR OpenDefaultPairingWindow(ResetAdmins resetAdmins, chip::PairingWindow if (resetAdmins == ResetAdmins::kYes) { - uint16_t nextKeyId = gRendezvousServer.GetRendezvousSession()->GetNextKeyId(); + uint16_t nextKeyId = gRendezvousServer.GetNextKeyId(); EraseAllAdminPairingsUpTo(gNextAvailableAdminId); EraseAllSessionsUpTo(nextKeyId); gNextAvailableAdminId = 0; diff --git a/src/channel/ChannelContext.cpp b/src/channel/ChannelContext.cpp index c7f5f607fa8353..df550c23504e30 100644 --- a/src/channel/ChannelContext.cpp +++ b/src/channel/ChannelContext.cpp @@ -251,19 +251,6 @@ void ChannelContext::HandleNodeIdResolve(CHIP_ERROR error, uint64_t nodeId, cons } } -// Session establishment -CHIP_ERROR ChannelContext::SendSessionEstablishmentMessage(const PacketHeader & header, const Transport::PeerAddress & peerAddress, - System::PacketBufferHandle msgIn) -{ - return mExchangeManager->GetSessionMgr()->GetTransportManager()->SendMessage(header, peerAddress, std::move(msgIn)); -} - -CHIP_ERROR ChannelContext::HandlePairingMessage(const PacketHeader & packetHeader, const Transport::PeerAddress & peerAddress, - System::PacketBufferHandle && msg) -{ - return CHIP_ERROR_INCORRECT_STATE; -} - void ChannelContext::EnterCasePairingState() { mStateVars.mPreparing.mState = PrepareState::kCasePairing; diff --git a/src/channel/ChannelContext.h b/src/channel/ChannelContext.h index 0b3420f19c24f3..5a97fee0bde2e9 100644 --- a/src/channel/ChannelContext.h +++ b/src/channel/ChannelContext.h @@ -111,10 +111,6 @@ class ChannelContext : public ReferenceCounted(this); - VerifyOrExit(mRendezvousSession != nullptr, err = CHIP_ERROR_NO_MEMORY); - mRendezvousSession->SetNextKeyId(mNextKeyId); - err = mRendezvousSession->Init(params.SetLocalNodeId(mLocalDeviceId).SetRemoteNodeId(remoteDeviceId), mExchangeMgr, - mTransportMgr, mSessionMgr, admin); + mIsIPRendezvous = (params.GetPeerAddress().GetTransportType() != Transport::Type::kBle); + + err = mPairingSession.MessageDispatch().Init(mTransportMgr); SuccessOrExit(err); + mPairingSession.MessageDispatch().SetPeerAddress(params.GetPeerAddress()); device->Init(GetControllerDeviceInitParams(), mListenPort, remoteDeviceId, peerAddress, admin->GetAdminId()); @@ -753,7 +753,10 @@ CHIP_ERROR DeviceCommissioner::PairDevice(NodeId remoteDeviceId, RendezvousParam } } #endif - mRendezvousSession->OnRendezvousConnectionOpened(); + exchangeCtxt = mExchangeMgr->NewContext(SecureSessionHandle(), &mPairingSession); + VerifyOrExit(exchangeCtxt != nullptr, err = CHIP_ERROR_INTERNAL); + + err = mPairingSession.Pair(params.GetPeerAddress(), params.GetSetupPINCode(), mNextKeyId++, exchangeCtxt, this); exit: if (err != CHIP_NO_ERROR) @@ -801,7 +804,7 @@ CHIP_ERROR DeviceCommissioner::PairTestDeviceWithoutSecurity(NodeId remoteDevice device->Serialize(serialized); - OnRendezvousComplete(); + OnSessionEstablished(); exit: if (testSecurePairingSecret != nullptr) @@ -865,17 +868,14 @@ CHIP_ERROR DeviceCommissioner::UnpairDevice(NodeId remoteDeviceId) void DeviceCommissioner::FreeRendezvousSession() { - if (mRendezvousSession != nullptr) - { - mNextKeyId = mRendezvousSession->GetNextKeyId(); - PersistNextKeyId(); - chip::Platform::Delete(mRendezvousSession); - mRendezvousSession = nullptr; - } + PersistNextKeyId(); } void DeviceCommissioner::RendezvousCleanup(CHIP_ERROR status) { + mRendezvousAdvDelegate.StopAdvertisement(); + mRendezvousAdvDelegate.RendezvousComplete(); + FreeRendezvousSession(); // TODO: make mStorageDelegate mandatory once all controller applications implement the interface. @@ -897,54 +897,52 @@ void DeviceCommissioner::RendezvousCleanup(CHIP_ERROR status) } } -void DeviceCommissioner::OnRendezvousError(CHIP_ERROR err) +void DeviceCommissioner::OnSessionEstablishmentError(CHIP_ERROR err) { + mSystemLayer->CancelTimer(OnSessionEstablishmentTimeoutCallback, this); + + if (mPairingDelegate != nullptr) + { + mPairingDelegate->OnStatusUpdate(DevicePairingDelegate::SecurePairingFailed); + } + RendezvousCleanup(err); } -void DeviceCommissioner::OnRendezvousComplete() +void DeviceCommissioner::OnSessionEstablished() { - VerifyOrReturn(mDeviceBeingPaired < kNumMaxActiveDevices, OnRendezvousError(CHIP_ERROR_INVALID_DEVICE_DESCRIPTOR)); + VerifyOrReturn(mDeviceBeingPaired < kNumMaxActiveDevices, OnSessionEstablishmentError(CHIP_ERROR_INVALID_DEVICE_DESCRIPTOR)); Device * device = &mActiveDevices[mDeviceBeingPaired]; - mPairedDevices.Insert(device->GetDeviceId()); - mPairedDevicesUpdated = true; - PersistDevice(device); + mPairingSession.PeerConnection().SetPeerNodeId(device->GetDeviceId()); - RendezvousCleanup(CHIP_NO_ERROR); -} - -void DeviceCommissioner::OnRendezvousStatusUpdate(RendezvousSessionDelegate::Status status, CHIP_ERROR err) -{ - Device * device = nullptr; - if (mDeviceBeingPaired >= kNumMaxActiveDevices) + CHIP_ERROR err = + mSessionMgr->NewPairing(Optional::Value(mPairingSession.PeerConnection().GetPeerAddress()), + mPairingSession.PeerConnection().GetPeerNodeId(), &mPairingSession, + SecureSessionMgr::PairingDirection::kInitiator, mAdminId, nullptr); + if (err != CHIP_NO_ERROR) { - ExitNow(); + ChipLogError(Ble, "Failed in setting up secure channel: err %s", ErrorStr(err)); + OnSessionEstablishmentError(err); + return; } - device = &mActiveDevices[mDeviceBeingPaired]; - switch (status) - { - case RendezvousSessionDelegate::SecurePairingSuccess: - ChipLogDetail(Controller, "Remote device completed SPAKE2+ handshake\n"); - mRendezvousSession->GetPairingSession().ToSerializable(device->GetPairing()); - mSystemLayer->CancelTimer(OnSessionEstablishmentTimeoutCallback, this); - break; + ChipLogDetail(Controller, "Remote device completed SPAKE2+ handshake\n"); + mPairingSession.ToSerializable(device->GetPairing()); + mSystemLayer->CancelTimer(OnSessionEstablishmentTimeoutCallback, this); - case RendezvousSessionDelegate::SecurePairingFailed: - ChipLogDetail(Controller, "Remote device failed in SPAKE2+ handshake\n"); - mSystemLayer->CancelTimer(OnSessionEstablishmentTimeoutCallback, this); - break; + mPairedDevices.Insert(device->GetDeviceId()); + mPairedDevicesUpdated = true; + + PersistDevice(device); - default: - break; - }; -exit: if (mPairingDelegate != nullptr) { - mPairingDelegate->OnStatusUpdate(status); + mPairingDelegate->OnStatusUpdate(DevicePairingDelegate::SecurePairingSuccess); } + + RendezvousCleanup(CHIP_NO_ERROR); } void DeviceCommissioner::PersistDeviceList() diff --git a/src/controller/CHIPDeviceController.h b/src/controller/CHIPDeviceController.h index 315fc515af7444..a6c5ae9fb07736 100644 --- a/src/controller/CHIPDeviceController.h +++ b/src/controller/CHIPDeviceController.h @@ -35,11 +35,10 @@ #include #include #include -#include +#include #include #include #include -#include #include #include #include @@ -85,13 +84,19 @@ class DLL_EXPORT DevicePairingDelegate public: virtual ~DevicePairingDelegate() {} + enum Status : uint8_t + { + SecurePairingSuccess = 0, + SecurePairingFailed, + }; + /** * @brief * Called when the pairing reaches a certain stage. * * @param status Current status of pairing */ - virtual void OnStatusUpdate(RendezvousSessionDelegate::Status status) {} + virtual void OnStatusUpdate(DevicePairingDelegate::Status status) {} /** * @brief @@ -294,7 +299,7 @@ class DeviceCommissionerRendezvousAdvertisementDelegate : public RendezvousAdver * required to provide write access to the persistent storage, where the paired device information * will be stored. */ -class DLL_EXPORT DeviceCommissioner : public DeviceController, public RendezvousSessionDelegate +class DLL_EXPORT DeviceCommissioner : public DeviceController, public SessionEstablishmentDelegate { public: DeviceCommissioner(); @@ -348,10 +353,9 @@ class DLL_EXPORT DeviceCommissioner : public DeviceController, public Rendezvous */ CHIP_ERROR UnpairDevice(NodeId remoteDeviceId); - //////////// RendezvousSessionDelegate Implementation /////////////// - void OnRendezvousError(CHIP_ERROR err) override; - void OnRendezvousComplete() override; - void OnRendezvousStatusUpdate(RendezvousSessionDelegate::Status status, CHIP_ERROR err) override; + //////////// SessionEstablishmentDelegate Implementation /////////////// + void OnSessionEstablishmentError(CHIP_ERROR error) override; + void OnSessionEstablished() override; void RendezvousCleanup(CHIP_ERROR status); @@ -370,7 +374,6 @@ class DLL_EXPORT DeviceCommissioner : public DeviceController, public Rendezvous private: DevicePairingDelegate * mPairingDelegate; - RendezvousSession * mRendezvousSession; /* This field is an index in mActiveDevices list. The object at this index in the list contains the device object that's tracking the state of the device that's being paired. @@ -403,6 +406,8 @@ class DLL_EXPORT DeviceCommissioner : public DeviceController, public Rendezvous static void OnSessionEstablishmentTimeoutCallback(System::Layer * aLayer, void * aAppState, System::Error aError); uint16_t mNextKeyId = 0; + + PASESession mPairingSession; }; } // namespace Controller diff --git a/src/controller/java/AndroidDeviceControllerWrapper.cpp b/src/controller/java/AndroidDeviceControllerWrapper.cpp index 965d8f7d813f7d..9685260e014e82 100644 --- a/src/controller/java/AndroidDeviceControllerWrapper.cpp +++ b/src/controller/java/AndroidDeviceControllerWrapper.cpp @@ -215,7 +215,7 @@ AndroidDeviceControllerWrapper * AndroidDeviceControllerWrapper::AllocateNew(Jav return wrapper.release(); } -void AndroidDeviceControllerWrapper::OnStatusUpdate(chip::RendezvousSessionDelegate::Status status) +void AndroidDeviceControllerWrapper::OnStatusUpdate(chip::Controller::DevicePairingDelegate::Status status) { CallVoidInt(GetJavaEnv(), mJavaObjectRef, "onStatusUpdate", static_cast(status)); } diff --git a/src/controller/java/AndroidDeviceControllerWrapper.h b/src/controller/java/AndroidDeviceControllerWrapper.h index 23ee074b386b4c..a057c9ab7b34c0 100644 --- a/src/controller/java/AndroidDeviceControllerWrapper.h +++ b/src/controller/java/AndroidDeviceControllerWrapper.h @@ -41,7 +41,7 @@ class AndroidDeviceControllerWrapper : public chip::Controller::DevicePairingDel void SetJavaObjectRef(JavaVM * vm, jobject obj); // DevicePairingDelegate implementation - void OnStatusUpdate(chip::RendezvousSessionDelegate::Status status) override; + void OnStatusUpdate(chip::Controller::DevicePairingDelegate::Status status) override; void OnPairingComplete(CHIP_ERROR error) override; void OnPairingDeleted(CHIP_ERROR error) override; diff --git a/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.cpp b/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.cpp index 4217c4d218838c..db530aa98f0035 100644 --- a/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.cpp +++ b/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.cpp @@ -19,8 +19,6 @@ #include "ChipDeviceController-ScriptDevicePairingDelegate.h" -#include - namespace chip { namespace Controller { diff --git a/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.h b/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.h index a08e8f877b803d..66bc38228b1135 100644 --- a/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.h +++ b/src/controller/python/ChipDeviceController-ScriptDevicePairingDelegate.h @@ -26,7 +26,6 @@ #pragma once #include -#include namespace chip { namespace Controller { diff --git a/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.h b/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.h index be73e3b3e1838f..c7ae4779ccb0c8 100644 --- a/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.h +++ b/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.h @@ -32,7 +32,7 @@ class CHIPDevicePairingDelegateBridge : public chip::Controller::DevicePairingDe void setDelegate(id delegate, dispatch_queue_t queue); - void OnStatusUpdate(chip::RendezvousSessionDelegate::Status status) override; + void OnStatusUpdate(chip::Controller::DevicePairingDelegate::Status status) override; void OnPairingComplete(CHIP_ERROR error) override; @@ -44,7 +44,7 @@ class CHIPDevicePairingDelegateBridge : public chip::Controller::DevicePairingDe id mDelegate; dispatch_queue_t mQueue; - CHIPPairingStatus MapStatus(chip::RendezvousSessionDelegate::Status status); + CHIPPairingStatus MapStatus(chip::Controller::DevicePairingDelegate::Status status); }; NS_ASSUME_NONNULL_END diff --git a/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.mm b/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.mm index 11e69b1e067790..a0251ea14c30fb 100644 --- a/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.mm +++ b/src/darwin/Framework/CHIP/CHIPDevicePairingDelegateBridge.mm @@ -36,21 +36,21 @@ } } -CHIPPairingStatus CHIPDevicePairingDelegateBridge::MapStatus(chip::RendezvousSessionDelegate::Status status) +CHIPPairingStatus CHIPDevicePairingDelegateBridge::MapStatus(chip::Controller::DevicePairingDelegate::Status status) { CHIPPairingStatus rv = kUnknownStatus; switch (status) { - case chip::RendezvousSessionDelegate::Status::SecurePairingSuccess: + case chip::Controller::DevicePairingDelegate::Status::SecurePairingSuccess: rv = kSecurePairingSuccess; break; - case chip::RendezvousSessionDelegate::Status::SecurePairingFailed: + case chip::Controller::DevicePairingDelegate::Status::SecurePairingFailed: rv = kSecurePairingFailed; break; } return rv; } -void CHIPDevicePairingDelegateBridge::OnStatusUpdate(chip::RendezvousSessionDelegate::Status status) +void CHIPDevicePairingDelegateBridge::OnStatusUpdate(chip::Controller::DevicePairingDelegate::Status status) { NSLog(@"DevicePairingDelegate status updated: %d", status); diff --git a/src/protocols/secure_channel/BUILD.gn b/src/protocols/secure_channel/BUILD.gn index 07fee9e4cf55c3..79be1cbd38accc 100644 --- a/src/protocols/secure_channel/BUILD.gn +++ b/src/protocols/secure_channel/BUILD.gn @@ -9,8 +9,6 @@ static_library("secure_channel") { "PASESession.cpp", "PASESession.h", "RendezvousParameters.h", - "RendezvousSession.cpp", - "RendezvousSession.h", "SessionEstablishmentExchangeDispatch.cpp", "SessionEstablishmentExchangeDispatch.h", "StatusReport.cpp", diff --git a/src/protocols/secure_channel/RendezvousSession.cpp b/src/protocols/secure_channel/RendezvousSession.cpp deleted file mode 100644 index 04a599003f539c..00000000000000 --- a/src/protocols/secure_channel/RendezvousSession.cpp +++ /dev/null @@ -1,204 +0,0 @@ -/* - * - * Copyright (c) 2020-2021 Project CHIP Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include - -#include - -#include -#include -#include - -static constexpr uint32_t kSpake2p_Iteration_Count = 100; -static const char * kSpake2pKeyExchangeSalt = "SPAKE2P Key Salt"; - -using namespace chip::Inet; -using namespace chip::System; -using namespace chip::Transport; - -namespace chip { - -CHIP_ERROR RendezvousSession::Init(const RendezvousParameters & params, Messaging::ExchangeManager * exchangeManager, - TransportMgrBase * transportMgr, SecureSessionMgr * sessionMgr, - Transport::AdminPairingInfo * admin) -{ - mParams = params; - mTransportMgr = transportMgr; - VerifyOrReturnError(exchangeManager != nullptr, CHIP_ERROR_INVALID_ARGUMENT); - VerifyOrReturnError(mDelegate != nullptr, CHIP_ERROR_INCORRECT_STATE); - VerifyOrReturnError(sessionMgr != nullptr, CHIP_ERROR_INVALID_ARGUMENT); - VerifyOrReturnError(admin != nullptr, CHIP_ERROR_INVALID_ARGUMENT); - VerifyOrReturnError(mParams.HasSetupPINCode() || mParams.HasPASEVerifier(), CHIP_ERROR_INVALID_ARGUMENT); -#if CONFIG_NETWORK_LAYER_BLE - VerifyOrReturnError(mParams.HasAdvertisementDelegate(), CHIP_ERROR_INVALID_ARGUMENT); -#endif - - mSecureSessionMgr = sessionMgr; - mAdmin = admin; - mExchangeManager = exchangeManager; - - // Note: Since BLE is only used for initial setup, enable BLE advertisement in rendezvous session can be expected. - if (params.GetPeerAddress().GetTransportType() == Transport::Type::kBle) -#if CONFIG_NETWORK_LAYER_BLE - { - ReturnErrorOnFailure(mParams.GetAdvertisementDelegate()->StartAdvertisement()); - } -#else - { - return CHIP_ERROR_UNSUPPORTED_CHIP_FEATURE; - } -#endif // CONFIG_NETWORK_LAYER_BLE - - if (!mParams.IsController()) - { - ReturnErrorOnFailure(mExchangeManager->RegisterUnsolicitedMessageHandlerForType( - Protocols::SecureChannel::MsgType::PBKDFParamRequest, &mPairingSession)); - - if (mParams.HasPASEVerifier()) - { - ReturnErrorOnFailure(WaitForPairing(mParams.GetPASEVerifier())); - } - else - { - ReturnErrorOnFailure(WaitForPairing(mParams.GetSetupPINCode())); - } - } - - // TODO: We should assume mTransportMgr not null for IP rendezvous. - if (mTransportMgr != nullptr) - { - ReturnErrorOnFailure(mPairingSession.MessageDispatch().Init(mTransportMgr)); - mPairingSession.MessageDispatch().SetPeerAddress(mParams.GetPeerAddress()); - } - - return CHIP_NO_ERROR; -} - -RendezvousSession::~RendezvousSession() -{ - mDelegate = nullptr; -} - -void RendezvousSession::OnSessionEstablished() -{ - SecureSessionMgr::PairingDirection direction = SecureSessionMgr::PairingDirection::kInitiator; - if (!mParams.IsController()) - { - direction = SecureSessionMgr::PairingDirection::kResponder; - } - - // TODO: Once Operational credentials are implemented, node id assignment should be done during opcreds configuration. - // - can use internal node ids (0xFFFF_FFFE_xxxx_xxx - spec still being defined) if a temporary - // node id is required for indexing - // - should only assign a final node id as part of setting operational credentials - if (!mParams.GetRemoteNodeId().HasValue()) - { - ChipLogError(Ble, "Missing node id in rendezvous parameters. Node ID is required until opcerts are implemented"); - } - - mPairingSession.PeerConnection().SetPeerNodeId(mParams.GetRemoteNodeId().ValueOr(kUndefinedNodeId)); - - CHIP_ERROR err = mSecureSessionMgr->NewPairing( - Optional::Value(mPairingSession.PeerConnection().GetPeerAddress()), - mPairingSession.PeerConnection().GetPeerNodeId(), &mPairingSession, direction, mAdmin->GetAdminId(), nullptr); - if (err != CHIP_NO_ERROR) - { - ChipLogError(Ble, "Failed in setting up secure channel: err %s", ErrorStr(err)); - OnRendezvousError(err); - return; - } - - Cleanup(); - - if (mParams.HasAdvertisementDelegate()) - { - mParams.GetAdvertisementDelegate()->RendezvousComplete(); - } - - if (mDelegate != nullptr) - { - mDelegate->OnRendezvousStatusUpdate(RendezvousSessionDelegate::SecurePairingSuccess, CHIP_NO_ERROR); - mDelegate->OnRendezvousComplete(); - } -} - -void RendezvousSession::Cleanup() -{ - if (!mParams.IsController()) - { - mExchangeManager->UnregisterUnsolicitedMessageHandlerForType(Protocols::SecureChannel::MsgType::PBKDFParamRequest); - } - - if (mParams.HasAdvertisementDelegate()) - { - mParams.GetAdvertisementDelegate()->StopAdvertisement(); - } -} - -void RendezvousSession::OnRendezvousConnectionOpened() -{ - if (!mParams.IsController()) - { - return; - } - - CHIP_ERROR err = Pair(mParams.GetSetupPINCode()); - if (err != CHIP_NO_ERROR) - { - OnRendezvousError(err); - } -} - -void RendezvousSession::OnRendezvousConnectionClosed() {} - -void RendezvousSession::OnRendezvousError(CHIP_ERROR err) -{ - Cleanup(); - - if (mDelegate != nullptr) - { - mDelegate->OnRendezvousStatusUpdate(RendezvousSessionDelegate::SecurePairingFailed, err); - mDelegate->OnRendezvousError(err); - } -} - -void RendezvousSession::OnMessageReceived(const PacketHeader & header, const Transport::PeerAddress & source, - System::PacketBufferHandle msgBuf) -{} - -CHIP_ERROR RendezvousSession::WaitForPairing(uint32_t setupPINCode) -{ - return mPairingSession.WaitForPairing(setupPINCode, kSpake2p_Iteration_Count, - reinterpret_cast(kSpake2pKeyExchangeSalt), - strlen(kSpake2pKeyExchangeSalt), mNextKeyId++, this); -} - -CHIP_ERROR RendezvousSession::WaitForPairing(const PASEVerifier & verifier) -{ - return mPairingSession.WaitForPairing(verifier, mNextKeyId++, this); -} - -CHIP_ERROR RendezvousSession::Pair(uint32_t setupPINCode) -{ - Messaging::ExchangeContext * ctxt = mExchangeManager->NewContext(SecureSessionHandle(), &mPairingSession); - ReturnErrorCodeIf(ctxt == nullptr, CHIP_ERROR_INTERNAL); - - CHIP_ERROR err = mPairingSession.Pair(mParams.GetPeerAddress(), setupPINCode, mNextKeyId++, ctxt, this); - return err; -} - -} // namespace chip diff --git a/src/protocols/secure_channel/RendezvousSession.h b/src/protocols/secure_channel/RendezvousSession.h deleted file mode 100644 index 106a6de39034be..00000000000000 --- a/src/protocols/secure_channel/RendezvousSession.h +++ /dev/null @@ -1,134 +0,0 @@ -/* - * - * Copyright (c) 2020-2021 Project CHIP Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * This file defines the CHIP RendezvousSession object that maintains a Rendezvous session. - * - */ -#pragma once - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -namespace chip { - -namespace DeviceLayer { -class CHIPDeviceEvent; -} - -class SecureSessionMgr; -class SecureSessionHandle; - -/** - * RendezvousSession establishes and maintains the first connection between - * a commissioner and a device. This connection is used in order to - * provide the necessary infos for a device to participate to the CHIP - * ecosystem. - * - * All the information transmitted over the underlying transport are - * encrypted upon establishment of an initial secure pairing session. - * - * In order to securely transmit the informations, RendezvousSession - * requires a setupPINCode to be shared between both ends. The - * setupPINCode can be configured using RendezvousParameters - * - * @dotfile dots/Rendezvous/RendezvousSessionGeneral.dot - * - * The state of the secure pairing session setup can be observed by passing a - * RendezvousSessionDelegate object to RendezvousSession. - * Both the commissioner and the device needs to bootstrap RendezvousSession - * using RendezvousParameters. - * - * @dotfile dots/Rendezvous/RendezvousSessionInit.dot - */ -class RendezvousSession : public SessionEstablishmentDelegate, public RendezvousSessionDelegate, public TransportMgrDelegate -{ -public: - RendezvousSession(RendezvousSessionDelegate * delegate) : mDelegate(delegate) {} - ~RendezvousSession() override; - - /** - * @brief - * Initialize the underlying transport using the RendezvousParameters passed in the constructor. - * - * @param params The RendezvousParameters - * @param exchangeManager The instance of exchange manager to create exchange contexts - * @param transportMgr The transport to use - * @param sessionMgr Pointer to secure session manager - * @param admin Pointer to a device administrator info that will be filled up on successful pairing - * @ return CHIP_ERROR The result of the initialization - */ - CHIP_ERROR Init(const RendezvousParameters & params, Messaging::ExchangeManager * exchangeManager, - TransportMgrBase * transportMgr, SecureSessionMgr * sessionMgr, Transport::AdminPairingInfo * admin); - - /** - * @brief - * Return the associated pairing session. - * - * @return PASESession The associated pairing session - */ - PASESession & GetPairingSession() { return mPairingSession; } - - Optional GetLocalNodeId() const { return mParams.GetLocalNodeId(); } - Optional GetRemoteNodeId() const { return mParams.GetRemoteNodeId(); } - - //////////// SessionEstablishmentDelegate Implementation /////////////// - void OnSessionEstablished() override; - - //////////// RendezvousSessionDelegate Implementation /////////////// - void OnRendezvousConnectionOpened() override; - void OnRendezvousConnectionClosed() override; - void OnRendezvousError(CHIP_ERROR err) override; - - //////////// TransportMgrDelegate Implementation /////////////// - void OnMessageReceived(const PacketHeader & header, const Transport::PeerAddress & source, - System::PacketBufferHandle msgBuf) override; - - Transport::AdminId GetAdminId() const { return (mAdmin != nullptr) ? mAdmin->GetAdminId() : Transport::kUndefinedAdminId; } - - uint16_t GetNextKeyId() const { return mNextKeyId; } - void SetNextKeyId(uint16_t id) { mNextKeyId = id; } - -private: - CHIP_ERROR Pair(uint32_t setupPINCode); - CHIP_ERROR WaitForPairing(uint32_t setupPINCode); - CHIP_ERROR WaitForPairing(const PASEVerifier & verifier); - - RendezvousSessionDelegate * mDelegate = nullptr; ///< Underlying transport events - RendezvousParameters mParams; ///< Rendezvous configuration - - PASESession mPairingSession; - Messaging::ExchangeManager * mExchangeManager = nullptr; - TransportMgrBase * mTransportMgr; - uint16_t mNextKeyId = 0; - SecureSessionMgr * mSecureSessionMgr = nullptr; - - Transport::AdminPairingInfo * mAdmin = nullptr; - - void Cleanup(); -}; - -} // namespace chip diff --git a/src/transport/BUILD.gn b/src/transport/BUILD.gn index f06852cbb6ff81..b60f1f5134965c 100644 --- a/src/transport/BUILD.gn +++ b/src/transport/BUILD.gn @@ -24,7 +24,6 @@ static_library("transport") { "AdminPairingTable.h", "PeerConnectionState.h", "PeerConnections.h", - "RendezvousSessionDelegate.h", "SecureMessageCodec.cpp", "SecureMessageCodec.h", "SecureSession.cpp", diff --git a/src/transport/RendezvousSessionDelegate.h b/src/transport/RendezvousSessionDelegate.h deleted file mode 100644 index ee9c60b052d842..00000000000000 --- a/src/transport/RendezvousSessionDelegate.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#pragma once - -#include -#include -#include -#include -#include - -namespace chip { - -class RendezvousSessionDelegate -{ -public: - virtual ~RendezvousSessionDelegate() {} - - enum Status : uint8_t - { - SecurePairingSuccess = 0, - SecurePairingFailed, - }; - - virtual void OnRendezvousConnectionOpened() {} - virtual void OnRendezvousConnectionClosed() {} - virtual void OnRendezvousError(CHIP_ERROR err) {} - virtual void OnRendezvousComplete() {} - virtual void OnRendezvousMessageReceived(const PacketHeader & packetHeader, const Transport::PeerAddress & peerAddress, - System::PacketBufferHandle buffer){}; - virtual void OnRendezvousStatusUpdate(Status status, CHIP_ERROR err) {} -}; -} // namespace chip diff --git a/src/transport/SessionEstablishmentDelegate.h b/src/transport/SessionEstablishmentDelegate.h index 3758d74445b5ee..9338167f51ee8b 100644 --- a/src/transport/SessionEstablishmentDelegate.h +++ b/src/transport/SessionEstablishmentDelegate.h @@ -34,23 +34,6 @@ namespace chip { class DLL_EXPORT SessionEstablishmentDelegate { public: - /** - * @brief - * Called when the session establishment process generates a new message that should be sent to peer. - * - * @param header the message header for the sent message - * @param peerAddress the destination of the message - * @param msgBuf the raw data for the message being sent - * @return CHIP_ERROR Error thrown when sending the message - * - * TODO: Rename function as per issue: https://github.com/project-chip/connectedhomeip/issues/4468 - */ - virtual CHIP_ERROR SendSessionEstablishmentMessage(const PacketHeader & header, const Transport::PeerAddress & peerAddress, - System::PacketBufferHandle msgBuf) - { - return CHIP_ERROR_NOT_IMPLEMENTED; - } - /** * @brief * Called when session establishment fails with an error