Skip to content

Commit

Permalink
Fix retrieval of attestation challenge in Java (#18867)
Browse files Browse the repository at this point in the history
When not using the auto-commissioning flow, the mDeviceBeingCommissioned
proxy is no longer assigned, so the default behavior of retrieving the
attestation challenge fails.

Since at the time of use we already have a reference to the correct
DeviceProxy, added an overload to pass the proxy along to retrieve the
challenge.
  • Loading branch information
g-coppock authored May 31, 2022
1 parent e74d2b3 commit 2d6bb3a
Show file tree
Hide file tree
Showing 4 changed files with 20 additions and 25 deletions.
19 changes: 19 additions & 0 deletions src/app/DeviceProxy.h
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,25 @@ class DLL_EXPORT DeviceProxy

const ReliableMessageProtocolConfig & GetRemoteMRPConfig() const { return mRemoteMRPConfig; }

/**
* @brief
* This function returns the attestation challenge for the secure session.
*
* @param[out] attestationChallenge The output for the attestationChallenge
*
* @return CHIP_ERROR CHIP_NO_ERROR on success, or CHIP_ERROR_INVALID_ARGUMENT if no secure session is active
*/
virtual CHIP_ERROR GetAttestationChallenge(ByteSpan & attestationChallenge)
{
Optional<SessionHandle> secureSessionHandle;

secureSessionHandle = GetSecureSession();
VerifyOrReturnError(secureSessionHandle.HasValue(), CHIP_ERROR_INCORRECT_STATE);

attestationChallenge = secureSessionHandle.Value()->AsSecureSession()->GetCryptoContext().GetAttestationChallenge();
return CHIP_NO_ERROR;
}

protected:
virtual bool IsSecureConnected() const = 0;

Expand Down
13 changes: 0 additions & 13 deletions src/controller/CHIPDeviceController.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -736,19 +736,6 @@ DeviceCommissioner::ContinueCommissioningAfterDeviceAttestationFailure(DevicePro
return CHIP_NO_ERROR;
}

CHIP_ERROR DeviceCommissioner::GetAttestationChallenge(ByteSpan & attestationChallenge)
{
Optional<SessionHandle> secureSessionHandle;

VerifyOrReturnError(mDeviceBeingCommissioned != nullptr, CHIP_ERROR_INCORRECT_STATE);

secureSessionHandle = mDeviceBeingCommissioned->GetSecureSession();
VerifyOrReturnError(secureSessionHandle.HasValue(), CHIP_ERROR_INCORRECT_STATE);

attestationChallenge = secureSessionHandle.Value()->AsSecureSession()->GetCryptoContext().GetAttestationChallenge();
return CHIP_NO_ERROR;
}

CHIP_ERROR DeviceCommissioner::StopPairing(NodeId remoteDeviceId)
{
VerifyOrReturnError(mState == State::Initialized, CHIP_ERROR_INCORRECT_STATE);
Expand Down
10 changes: 0 additions & 10 deletions src/controller/CHIPDeviceController.h
Original file line number Diff line number Diff line change
Expand Up @@ -463,16 +463,6 @@ class DLL_EXPORT DeviceCommissioner : public DeviceController,

CHIP_ERROR GetDeviceBeingCommissioned(NodeId deviceId, CommissioneeDeviceProxy ** device);

/**
* @brief
* This function returns the attestation challenge for the secure session of the device being commissioned.
*
* @param[out] attestationChallenge The output for the attestationChallenge
*
* @return CHIP_ERROR CHIP_NO_ERROR on success, or CHIP_ERROR_INVALID_ARGUMENT if no secure session is active
*/
CHIP_ERROR GetAttestationChallenge(ByteSpan & attestationChallenge);

/**
* @brief
* This function stops a pairing process that's in progress. It does not delete the pairing of a previously
Expand Down
3 changes: 1 addition & 2 deletions src/controller/java/CHIPDeviceController-JNI.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -655,8 +655,7 @@ JNI_METHOD(jbyteArray, getAttestationChallenge)
JniReferences::GetInstance().ThrowError(env, sChipDeviceControllerExceptionCls, CHIP_ERROR_INCORRECT_STATE);
}

AndroidDeviceControllerWrapper * wrapper = AndroidDeviceControllerWrapper::FromJNIHandle(handle);
err = wrapper->Controller()->GetAttestationChallenge(attestationChallenge);
err = chipDevice->GetAttestationChallenge(attestationChallenge);
SuccessOrExit(err);
VerifyOrExit(attestationChallenge.size() == 16, err = CHIP_ERROR_INVALID_ARGUMENT);

Expand Down

0 comments on commit 2d6bb3a

Please sign in to comment.