From 9879113b509d4f53f3499ebe72a5bcef376ecda8 Mon Sep 17 00:00:00 2001 From: Cliff Chung <116232729+cliffamzn@users.noreply.github.com> Date: Mon, 27 Feb 2023 14:05:00 -0800 Subject: [PATCH] Allow for example to disable the TEST_SETUP_PARAMS flag (#25322) Documentation indicates that the `CHIP_DEVICE_CONFIG_ENABLE_TEST_SETUP_PARAMS` can be dangerous to include in production use cases (see `config/standalone/CHIPProjectConfig.h`) We should disable it where necessary --- config/standalone/CHIPProjectConfig.h | 2 ++ .../MatterTvCastingBridge/CastingServerBridge.mm | 8 ++++++++ .../CommissionableDataProviderImpl.mm | 4 ++++ .../tv-casting-common/include/CHIPProjectAppConfig.h | 11 +++++++++-- .../android/CommissionableDataProviderImpl.cpp | 4 ++++ 5 files changed, 27 insertions(+), 2 deletions(-) diff --git a/config/standalone/CHIPProjectConfig.h b/config/standalone/CHIPProjectConfig.h index 296c090fda05c5..101bdec25e1cd4 100644 --- a/config/standalone/CHIPProjectConfig.h +++ b/config/standalone/CHIPProjectConfig.h @@ -39,7 +39,9 @@ // WARNING: This option makes it possible to circumvent basic chip security functionality. // Because of this it SHOULD NEVER BE ENABLED IN PRODUCTION BUILDS. // +#ifndef CHIP_DEVICE_CONFIG_ENABLE_TEST_SETUP_PARAMS #define CHIP_DEVICE_CONFIG_ENABLE_TEST_SETUP_PARAMS 1 +#endif // Enable reading DRBG seed data from /dev/(u)random. // This is needed for test applications and the CHIP device manager to function diff --git a/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CastingServerBridge.mm b/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CastingServerBridge.mm index 3b9204cdaf5436..1c6038ef0eb609 100644 --- a/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CastingServerBridge.mm +++ b/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CastingServerBridge.mm @@ -33,6 +33,14 @@ #include #include +#ifndef CHIP_DEVICE_CONFIG_USE_TEST_SETUP_PIN_CODE +#define CHIP_DEVICE_CONFIG_USE_TEST_SETUP_PIN_CODE 20202021 +#endif + +#ifndef CHIP_DEVICE_CONFIG_USE_TEST_SETUP_DISCRIMINATOR +#define CHIP_DEVICE_CONFIG_USE_TEST_SETUP_DISCRIMINATOR 0xF00 +#endif + @interface CastingServerBridge () @property AppParameters * appParameters; diff --git a/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CommissionableDataProviderImpl.mm b/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CommissionableDataProviderImpl.mm index c1e7c6ef9b6120..40c2efcd99cb65 100644 --- a/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CommissionableDataProviderImpl.mm +++ b/examples/tv-casting-app/darwin/MatterTvCastingBridge/MatterTvCastingBridge/CommissionableDataProviderImpl.mm @@ -33,6 +33,10 @@ namespace { +#ifndef CHIP_DEVICE_CONFIG_USE_TEST_SPAKE2P_ITERATION_COUNT +#define CHIP_DEVICE_CONFIG_USE_TEST_SPAKE2P_ITERATION_COUNT 1000 +#endif + CHIP_ERROR GeneratePaseSalt(std::vector & spake2pSaltVector) { constexpr size_t kSaltLen = kSpake2p_Max_PBKDF_Salt_Length; diff --git a/examples/tv-casting-app/tv-casting-common/include/CHIPProjectAppConfig.h b/examples/tv-casting-app/tv-casting-common/include/CHIPProjectAppConfig.h index 641cf0d120be0c..748c048730c7ce 100644 --- a/examples/tv-casting-app/tv-casting-common/include/CHIPProjectAppConfig.h +++ b/examples/tv-casting-app/tv-casting-common/include/CHIPProjectAppConfig.h @@ -33,8 +33,6 @@ #define CHIP_CONFIG_KVS_PATH "/tmp/chip_casting_kvs" #endif -#include - #define CHIP_DEVICE_CONFIG_ENABLE_COMMISSIONER_DISCOVERY 0 #define CHIP_DEVICE_CONFIG_ENABLE_COMMISSIONER_DISCOVERY_CLIENT 1 @@ -61,3 +59,12 @@ #define CHIP_ENABLE_ROTATING_DEVICE_ID 1 #define CHIP_DEVICE_CONFIG_ROTATING_DEVICE_ID_UNIQUE_ID_LENGTH 128 + +// Disable this since it should not be enabled for production setups +#define CHIP_DEVICE_CONFIG_ENABLE_TEST_SETUP_PARAMS 0 + +#define CHIP_DEVICE_CONFIG_DYNAMIC_ENDPOINT_COUNT 4 + +// Include the CHIPProjectConfig from config/standalone +// Add this at the end so that we can hit our #defines first +#include diff --git a/src/platform/android/CommissionableDataProviderImpl.cpp b/src/platform/android/CommissionableDataProviderImpl.cpp index 1c4e9d3b4a336f..8524dbcbecfa88 100644 --- a/src/platform/android/CommissionableDataProviderImpl.cpp +++ b/src/platform/android/CommissionableDataProviderImpl.cpp @@ -34,6 +34,10 @@ using namespace chip::Crypto; namespace { +#ifndef CHIP_DEVICE_CONFIG_USE_TEST_SPAKE2P_ITERATION_COUNT +#define CHIP_DEVICE_CONFIG_USE_TEST_SPAKE2P_ITERATION_COUNT 1000 +#endif + CHIP_ERROR GeneratePaseSalt(std::vector & spake2pSaltVector) { constexpr size_t kSaltLen = kSpake2p_Max_PBKDF_Salt_Length;