[1.0] Missing ICAC at wrapper init can cause unexpected NOC chain generation on Android #22455
Assignees
Comments
tcarmelveilleux
added a commit
to tcarmelveilleux/connectedhomeip
that referenced
this issue
Sep 7, 2022
- Passing null for existing ICAC, when a NOC and RCAC were provided and desired to be used casued confusing behavior of NOC/RCAC being ignored and a completely different cert chain being generated. Fixes project-chip#22455 Changes done: - Add code to just use empty internal ICAC when null is provided in Java - Add log to tell users when an ephemeral NOC chain is generated. Testing done: - CI still passes - Tested in unit/integration with our internal infrastructure that uses this API both with/without ICAC
woody-apple
pushed a commit
to tcarmelveilleux/connectedhomeip
that referenced
this issue
Sep 8, 2022
- Passing null for existing ICAC, when a NOC and RCAC were provided and desired to be used casued confusing behavior of NOC/RCAC being ignored and a completely different cert chain being generated. Fixes project-chip#22455 Changes done: - Add code to just use empty internal ICAC when null is provided in Java - Add log to tell users when an ephemeral NOC chain is generated. Testing done: - CI still passes - Tested in unit/integration with our internal infrastructure that uses this API both with/without ICAC
woody-apple
pushed a commit
that referenced
this issue
Sep 8, 2022
) * Allow null ICAC in `AndroidDeviceControllerWrapper::AllocateNew` - Passing null for existing ICAC, when a NOC and RCAC were provided and desired to be used casued confusing behavior of NOC/RCAC being ignored and a completely different cert chain being generated. Fixes #22455 Changes done: - Add code to just use empty internal ICAC when null is provided in Java - Add log to tell users when an ephemeral NOC chain is generated. Testing done: - CI still passes - Tested in unit/integration with our internal infrastructure that uses this API both with/without ICAC * Restyled
isiu-apple
pushed a commit
to isiu-apple/connectedhomeip
that referenced
this issue
Sep 16, 2022
…ject-chip#22458) * Allow null ICAC in `AndroidDeviceControllerWrapper::AllocateNew` - Passing null for existing ICAC, when a NOC and RCAC were provided and desired to be used casued confusing behavior of NOC/RCAC being ignored and a completely different cert chain being generated. Fixes project-chip#22455 Changes done: - Add code to just use empty internal ICAC when null is provided in Java - Add log to tell users when an ephemeral NOC chain is generated. Testing done: - CI still passes - Tested in unit/integration with our internal infrastructure that uses this API both with/without ICAC * Restyled
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reproduction steps
Bug prevalence
100%
GitHub hash of the SDK that was being used
383c416
Platform
android
Platform Version(s)
No response
Type
Platform Issue
Anything else?
This bug was quite hard to find and caused some users of Android APIs that did not use ICACs in their infrastructure to be unable to initialize the SDK without workaround that are non-obvious at first, such as passing an empty byte array when
nullis a valid java equivalent in most instances.The text was updated successfully, but these errors were encountered: