From da03cf7b41817ca279d38de4e39f3ecf6bda761b Mon Sep 17 00:00:00 2001 From: Vivien Nicolas Date: Sat, 22 Oct 2022 18:16:33 +0200 Subject: [PATCH] Update PASE/CASE session establishment response timeouts --- src/protocols/secure_channel/CASESession.cpp | 17 +++++++++++------ src/protocols/secure_channel/PASESession.cpp | 17 +++++++++++------ 2 files changed, 22 insertions(+), 12 deletions(-) diff --git a/src/protocols/secure_channel/CASESession.cpp b/src/protocols/secure_channel/CASESession.cpp index 209d8b29101b79..be20add0566da0 100644 --- a/src/protocols/secure_channel/CASESession.cpp +++ b/src/protocols/secure_channel/CASESession.cpp @@ -116,10 +116,15 @@ using HKDF_sha_crypto = HKDF_shaHSM; using HKDF_sha_crypto = HKDF_sha; #endif -// Wait at most 30 seconds for the response from the peer. -// This timeout value assumes the underlying transport is reliable. -// The session establishment fails if the response is not received within timeout window. -static constexpr ExchangeContext::Timeout kSigma_Response_Timeout = System::Clock::Seconds16(30); +// Amounts of time to allow for server-side processing of messages. +// +// This timeout values only allow for the server-side processing and assume that any transport-specific +// latency will be added to them. +// +// The session establishment fails if the response is not received within the resulting timeout window, +// which accounts for both transport latency and the server-side latency. +static constexpr ExchangeContext::Timeout kExpectedLowProcessingTime = System::Clock::Seconds16(2); +static constexpr ExchangeContext::Timeout kExpectedHighProcessingTime = System::Clock::Seconds16(30); CASESession::~CASESession() { @@ -260,7 +265,7 @@ CHIP_ERROR CASESession::EstablishSession(SessionManager & sessionManager, Fabric mSessionResumptionStorage = sessionResumptionStorage; mLocalMRPConfig = mrpLocalConfig; - mExchangeCtxt->SetResponseTimeout(kSigma_Response_Timeout + mExchangeCtxt->GetSessionHandle()->GetAckTimeout()); + mExchangeCtxt->UseSuggestedResponseTimeout(kExpectedLowProcessingTime); mPeerNodeId = peerScopedNodeId.GetNodeId(); mLocalNodeId = fabricInfo->GetNodeId(); @@ -1723,8 +1728,8 @@ CHIP_ERROR CASESession::ValidateReceivedMessage(ExchangeContext * ec, const Payl else { mExchangeCtxt = ec; - mExchangeCtxt->SetResponseTimeout(kSigma_Response_Timeout + mExchangeCtxt->GetSessionHandle()->GetAckTimeout()); } + mExchangeCtxt->UseSuggestedResponseTimeout(kExpectedHighProcessingTime); VerifyOrReturnError(!msg.IsNull(), CHIP_ERROR_INVALID_ARGUMENT); return CHIP_NO_ERROR; diff --git a/src/protocols/secure_channel/PASESession.cpp b/src/protocols/secure_channel/PASESession.cpp index 67b462fa860838..dd029e7e669285 100644 --- a/src/protocols/secure_channel/PASESession.cpp +++ b/src/protocols/secure_channel/PASESession.cpp @@ -57,10 +57,15 @@ const char * kSpake2pContext = "CHIP PAKE V1 Commissioning"; const char * kSpake2pI2RSessionInfo = "Commissioning I2R Key"; const char * kSpake2pR2ISessionInfo = "Commissioning R2I Key"; -// Wait at most 30 seconds for the response from the peer. -// This timeout value assumes the underlying transport is reliable. -// The session establishment fails if the response is not received with in timeout window. -static constexpr ExchangeContext::Timeout kSpake2p_Response_Timeout = System::Clock::Seconds16(30); +// Amounts of time to allow for server-side processing of messages. +// +// This timeout values only allow for the server-side processing and assume that any transport-specific +// latency will be added to them. +// +// The session establishment fails if the response is not received within the resulting timeout window, +// which accounts for both transport latency and the server-side latency. +static constexpr ExchangeContext::Timeout kExpectedLowProcessingTime = System::Clock::Seconds16(2); +static constexpr ExchangeContext::Timeout kExpectedHighProcessingTime = System::Clock::Seconds16(30); PASESession::~PASESession() { @@ -216,7 +221,7 @@ CHIP_ERROR PASESession::Pair(SessionManager & sessionManager, uint32_t peerSetUp // When commissioning starts, the peer is assumed to be active. mExchangeCtxt->GetSessionHandle()->AsUnauthenticatedSession()->MarkActiveRx(); - mExchangeCtxt->SetResponseTimeout(kSpake2p_Response_Timeout + mExchangeCtxt->GetSessionHandle()->GetAckTimeout()); + mExchangeCtxt->UseSuggestedResponseTimeout(kExpectedLowProcessingTime); mLocalMRPConfig = mrpLocalConfig; @@ -787,8 +792,8 @@ CHIP_ERROR PASESession::ValidateReceivedMessage(ExchangeContext * exchange, cons else { mExchangeCtxt = exchange; - mExchangeCtxt->SetResponseTimeout(kSpake2p_Response_Timeout + mExchangeCtxt->GetSessionHandle()->GetAckTimeout()); } + mExchangeCtxt->UseSuggestedResponseTimeout(kExpectedHighProcessingTime); VerifyOrReturnError(!msg.IsNull(), CHIP_ERROR_INVALID_ARGUMENT); VerifyOrReturnError((mNextExpectedMsg.HasValue() && payloadHeader.HasMessageType(mNextExpectedMsg.Value())) ||