Secure session establishment can fail if local MRP parameters cannot fit within 16 bits #17812
Assignees
Labels
Comments
msandstedt
changed the title
|
@msandstedt This is a spec-level issue, right? I do wonder whether it's worth just changing the units on these values from ms to 10s of ms or 100s of ms, depending on the granularity we think we actually need.... |
|
Makes sense to me. I'd prefer to go with the approach that @tcarmelveilleux proposed in the PR and keep the granularity of |
|
Thanks. Makes sense. Will do. |
msandstedt
changed the title
msandstedt
added a commit
to msandstedt/connectedhomeip
that referenced
this issue
May 2, 2022
Nodes store and advertise MRP parameters as 32-bit values. However, the mrp-parameter-struct had been specified to only hold 16-bit values on the wire. This would lead to session establishment failures with nodes attempting to exchange values in excess of 65536 milliseconds, despite the fact that values up to 360,000 milliseconds are legal. This corrects the problem to allow up-to 32-bit values per the spec change here: https://github.com/CHIP-Specifications/connectedhomeip-spec/pull/5173 In most cases, peers will be using smaller MRP values and and will therefore still exchange 1 or 2-byte fields on the wire, making this change mostly backward compatible. Testing: verification of successful exchange of larger MRP values up to 360,000 has been added to TestCASESession.cpp. TestTxtFields.cpp already has coverage for advertisement of large values. Fixes project-chip#17812
|
@robszewczyk , @tcarmelveilleux , See the sdk PR here: #17978 |
msandstedt
added a commit
to msandstedt/connectedhomeip
that referenced
this issue
May 2, 2022
Nodes store and advertise MRP parameters as 32-bit values. However, the mrp-parameter-struct had been specified to only hold 16-bit values on the wire. This would lead to session establishment failures with nodes attempting to exchange values in excess of 65536 milliseconds, despite the fact that values up to 360,000 milliseconds are legal. This corrects the problem to allow up-to 32-bit values per the spec change here: https://github.com/CHIP-Specifications/connectedhomeip-spec/pull/5173 In most cases, peers will be using smaller MRP values and and will therefore still exchange 1 or 2-byte fields on the wire, making this change mostly backward compatible. Testing: verification of successful exchange of larger MRP values up to 360,000 has been added to TestCASESession.cpp. TestTxtFields.cpp already has coverage for advertisement of large values. Fixes project-chip#17812
andy31415
pushed a commit
that referenced
this issue
May 3, 2022
* Change mrp-parameter-struct to hold 32-bit milliseconds Nodes store and advertise MRP parameters as 32-bit values. However, the mrp-parameter-struct had been specified to only hold 16-bit values on the wire. This would lead to session establishment failures with nodes attempting to exchange values in excess of 65536 milliseconds, despite the fact that values up to 360,000 milliseconds are legal. This corrects the problem to allow up-to 32-bit values per the spec change here: https://github.com/CHIP-Specifications/connectedhomeip-spec/pull/5173 In most cases, peers will be using smaller MRP values and and will therefore still exchange 1 or 2-byte fields on the wire, making this change mostly backward compatible. Testing: verification of successful exchange of larger MRP values up to 360,000 has been added to TestCASESession.cpp. TestTxtFields.cpp already has coverage for advertisement of large values. Fixes #17812 * per bzbarsky, s/verySleep/verySleepy
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem
Nodes can exchange MRP parameters during CASE/PASE handshake with the mrp-parameter-struct, which encloses active and idle retry times as 16-bit values.
However, maximum bounds for these are 360,000 milliseconds. It appears that when populating these, the pairing session code will simply fail. The implication is that long MRP intervals can likely break PASE and CASE at this location in the code:
https://github.com/project-chip/connectedhomeip/blob/master/src/transport/PairingSession.cpp#L62
Proposed Solution
The text was updated successfully, but these errors were encountered: