From e0db58c086154b36391bd148f5bc4110d571a954 Mon Sep 17 00:00:00 2001 From: Boris Zbarsky Date: Mon, 22 May 2023 10:40:45 -0400 Subject: [PATCH] Fix KeySetWrite command payload validation. There are three fixes here: 1. Move the epoch key validity checks up front, since per spec those should happen before any internal state verification checks. 2. Add a check that the GroupKeySecurityPolicy in the keyset has a valid value for GroupKeySecurityPolicyEnum. 3. If we don't support MCSP, we should be failing out if the GroupKeySecurityPolicy is set to CacheAndSync. Fixes https://github.com/project-chip/connectedhomeip/issues/26692 --- .../group-key-mgmt-server.cpp | 53 +++++++++++++++---- 1 file changed, 42 insertions(+), 11 deletions(-) diff --git a/src/app/clusters/group-key-mgmt-server/group-key-mgmt-server.cpp b/src/app/clusters/group-key-mgmt-server/group-key-mgmt-server.cpp index 6f890fdd747777..ceafbc1a29f728 100644 --- a/src/app/clusters/group-key-mgmt-server/group-key-mgmt-server.cpp +++ b/src/app/clusters/group-key-mgmt-server/group-key-mgmt-server.cpp @@ -109,6 +109,9 @@ class GroupKeyManagementAttributeAccess : public AttributeAccessInterface // Register for the GroupKeyManagement cluster on all endpoints. GroupKeyManagementAttributeAccess() : AttributeAccessInterface(Optional(0), GroupKeyManagement::Id) {} + // TODO: Once there is MCSP support, this may need to change. + static constexpr bool IsMCSPSupported() { return false; } + CHIP_ERROR Read(const ConcreteReadAttributePath & aPath, AttributeValueEncoder & aEncoder) override { VerifyOrDie(aPath.mClusterId == GroupKeyManagement::Id); @@ -117,8 +120,15 @@ class GroupKeyManagementAttributeAccess : public AttributeAccessInterface { case GroupKeyManagement::Attributes::ClusterRevision::Id: return ReadClusterRevision(aPath.mEndpointId, aEncoder); - case Attributes::FeatureMap::Id: - return aEncoder.Encode(static_cast(0)); + case Attributes::FeatureMap::Id: { + uint32_t features = 0; + if (IsMCSPSupported()) + { + // TODO: Once there is MCSP support, this will need to add the + // right feature bit. + } + return aEncoder.Encode(features); + } case GroupKeyManagement::Attributes::GroupKeyMap::Id: return ReadGroupKeyMap(aPath.mEndpointId, aEncoder); case GroupKeyManagement::Attributes::GroupTable::Id: @@ -296,6 +306,36 @@ bool emberAfGroupKeyManagementClusterKeySetWriteCallback( chip::app::CommandHandler * commandObj, const chip::app::ConcreteCommandPath & commandPath, const chip::app::Clusters::GroupKeyManagement::Commands::KeySetWrite::DecodableType & commandData) { + if (commandData.groupKeySet.epochKey0.IsNull() || commandData.groupKeySet.epochStartTime0.IsNull() || + commandData.groupKeySet.epochKey0.Value().empty() || (0 == commandData.groupKeySet.epochStartTime0.Value())) + { + // If the EpochKey0 field is null or its associated EpochStartTime0 field is null, + // then this command SHALL fail with an INVALID_COMMAND + commandObj->AddStatus(commandPath, Status::InvalidCommand); + return true; + } + + if (commandData.groupKeySet.groupKeySecurityPolicy == GroupKeySecurityPolicyEnum::kUnknownEnumValue) + { + // If a client indicates an enumeration value to the server, that is not + // supported by the server, because it is ... a new value unrecognized + // by a legacy server, then the server SHALL generate a general + // constraint error + commandObj->AddStatus(commandPath, Status::ConstraintError); + return true; + } + + if (!GroupKeyManagementAttributeAccess::IsMCSPSupported() && + commandData.groupKeySet.groupKeySecurityPolicy == GroupKeySecurityPolicyEnum::kCacheAndSync) + { + // When CacheAndSync is not supported in the FeatureMap of this cluster, + // any action attempting to set CacheAndSync in the + // GroupKeySecurityPolicy field SHALL fail with an INVALID_COMMAND + // error. + commandObj->AddStatus(commandPath, Status::InvalidCommand); + return true; + } + auto provider = GetGroupDataProvider(); auto fabric = Server::GetInstance().GetFabricTable().FindFabricWithIndex(commandObj->GetAccessingFabricIndex()); @@ -314,15 +354,6 @@ bool emberAfGroupKeyManagementClusterKeySetWriteCallback( return true; } - if (commandData.groupKeySet.epochKey0.IsNull() || commandData.groupKeySet.epochStartTime0.IsNull() || - commandData.groupKeySet.epochKey0.Value().empty() || (0 == commandData.groupKeySet.epochStartTime0.Value())) - { - // If the EpochKey0 field is null or its associated EpochStartTime0 field is null, - // then this command SHALL fail with an INVALID_COMMAND - commandObj->AddStatus(commandPath, Status::InvalidCommand); - return true; - } - GroupDataProvider::KeySet keyset(commandData.groupKeySet.groupKeySetID, commandData.groupKeySet.groupKeySecurityPolicy, 0); // Epoch Key 0