Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[nrfconnect] Fix handling Spake2+ salt in factory data script #20972

Merged
merged 1 commit into from
Jul 20, 2022
Merged

[nrfconnect] Fix handling Spake2+ salt in factory data script #20972

merged 1 commit into from
Jul 20, 2022

Conversation

woody-apple
Copy link
Contributor

Problem

The script takes base64-encoded salt and passes it to spake2p tool that expects an ascii string. It generates an incorrect Spake2+ verifier.

Change overview

  • Decode base64 salt before passing it over.
  • Fix comments and help texts.
  • Add unit tests to verify basic functionality of the script.

Testing

Built nRF Connect lock-app with -DCONFIG_CHIP_FACTORY_DATA=y -DCONFIG_CHIP_FACTORY_DATA_BUILD=y -DCONFIG_CHIP_DEVICE_SPAKE2_PASSCODE=20212223 -DCONFIG_CHIP_FACTORY_DATA_GENERATE_SPAKE2_VERIFIER=y flags and commissioned the device.
Added unit tests to verify the factory data generation script output.

@Damian-Nordic @web-flow
[nrfconnect] Fix handling Spake2+ salt in factory data script (#20924)
86065e2 
* [nrfconnect] Fix handling Spake2+ salt in factory data script

The script would take base64-encoded salt and pass it to
spake2p tool that expects an ascii string. It would generate
an incorrect Spake2+ verifier.

Signed-off-by: Damian Krolik <[email protected]>

* Fix and improve comments and help texts

Signed-off-by: Damian Krolik <[email protected]>

* Add unit tests

* Update spake2p tool to take base64 salt

* Fix typo
@woody-apple woody-apple enabled auto-merge (squash) July 20, 2022 00:31
@github-actions
Copy link

github-actions bot commented Jul 20, 2022
edited
Loading

PR #20972: Size comparison from 4d99c20 to 86065e2

Increases (2 builds for cc13x2_26x2, telink)
platform target config section 4d99c20 86065e2 change % change
cc13x2_26x2 pump-app LP_CC2652R7 (read/write) 162260 162268 8 0.0
telink lighting-app tlsr9518adk80d (read/write) 818436 818444 8 0.0
text 583072 583074 2 0.0
Decreases (5 builds for cc13x2_26x2, esp32, nrfconnect)
platform target config section 4d99c20 86065e2 change % change
cc13x2_26x2 pump-app LP_CC2652R7 (read only) 680019 680011 -8 -0.0
.text 590724 590716 -8 -0.0
esp32 all-clusters-app c3devkit (read only) 1021542 1021540 -2 -0.0
.flash.text 1021542 1021540 -2 -0.0
nrfconnect lock-app nrf5340dk_nrf5340_cpuapp text 684444 684440 -4 -0.0
pump-app nrf52840dk_nrf52840 text 749224 749220 -4 -0.0
pump-controller-app nrf52840dk_nrf52840 text 740520 740516 -4 -0.0
Full report (51 builds for bl602, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, telink)
platform target config section 4d99c20 86065e2 change % change
bl602 lighting-app bl602 (read/write) 1379514 1379514 0 0.0
.bss 116970 116970 0 0.0
.data 4480 4480 0 0.0
.text 1050152 1050152 0 0.0
bl602+rpc (read/write) 1424946 1424946 0 0.0
.bss 124418 124418 0 0.0
.data 4600 4600 0 0.0
.text 1081836 1081836 0 0.0
cc13x2_26x2 all-clusters-app LP_CC2652R7 (read only) 667919 667919 0 0.0
(read/write) 183328 183328 0 0.0
.bss 74140 74140 0 0.0
.data 3356 3356 0 0.0
.rodata 88319 88319 0 0.0
.text 579284 579284 0 0.0
all-clusters-minimal-app LP_CC2652R7 (read only) 633511 633511 0 0.0
(read/write) 157708 157708 0 0.0
.bss 73436 73436 0 0.0
.data 3356 3356 0 0.0
.rodata 77551 77551 0 0.0
.text 555636 555636 0 0.0
lock-ftd LP_CC2652R7 (read only) 671011 671011 0 0.0
(read/write) 170412 170412 0 0.0
.bss 71204 71204 0 0.0
.data 3280 3280 0 0.0
.rodata 76443 76443 0 0.0
.text 594088 594088 0 0.0
lock-mtd LP_CC2652R7 (read only) 653295 653295 0 0.0
(read/write) 183816 183816 0 0.0
.bss 66892 66892 0 0.0
.data 3280 3280 0 0.0
.rodata 101191 101191 0 0.0
.text 551624 551624 0 0.0
pump-app LP_CC2652R7 (read only) 680019 680011 -8 -0.0
(read/write) 162260 162268 8 0.0
.bss 71292 71292 0 0.0
.data 3280 3280 0 0.0
.rodata 88811 88811 0 0.0
.text 590724 590716 -8 -0.0
pump-controller-app LP_CC2652R7 (read only) 665795 665795 0 0.0
(read/write) 176604 176604 0 0.0
.bss 71412 71412 0 0.0
.data 3276 3276 0 0.0
.rodata 84675 84675 0 0.0
.text 580640 580640 0 0.0
shell LP_CC2652R7 (read only) 660386 660386 0 0.0
(read/write) 186364 186364 0 0.0
.bss 76444 76444 0 0.0
.data 3360 3360 0 0.0
.rodata 85090 85090 0 0.0
.text 574980 574980 0 0.0
cyw30739 light cyw930739m2evb_01 (read/write) 581338 581338 0 0.0
.app_xip_area 460032 460032 0 0.0
.bss 64244 64244 0 0.0
.data 716 716 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
lock cyw930739m2evb_01 (read/write) 587246 587246 0 0.0
.app_xip_area 461212 461212 0 0.0
.bss 68972 68972 0 0.0
.data 720 720 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
ota-requestor-no-progress-logging cyw930739m2evb_01 (read/write) 584694 584694 0 0.0
.app_xip_area 464236 464236 0 0.0
.bss 63452 63452 0 0.0
.data 660 660 0 0.0
.rodata 0 0 0 0.0
.text 112 112 0 0.0
efr32 lighting-app BRD4161A (read/write) 1085824 1085824 0 0.0
.bss 133060 133060 0 0.0
.data 2048 2048 0 0.0
.text 950696 950696 0 0.0
BRD4161A+rpc (read/write) 1140148 1140148 0 0.0
.bss 149732 149732 0 0.0
.data 2260 2260 0 0.0
.text 988132 988132 0 0.0
BRD4161A+rs911x (read/write) 951024 951024 0 0.0
.bss 140776 140776 0 0.0
.data 2048 2048 0 0.0
.text 808180 808180 0 0.0
lock-app BRD4161A+wf200 (read/write) 1127392 1127392 0 0.0
.bss 144152 144152 0 0.0
.data 2056 2056 0 0.0
.text 981164 981164 0 0.0
window-app BRD4161A (read/write) 1079316 1079316 0 0.0
.bss 134532 134532 0 0.0
.data 2076 2076 0 0.0
.text 942688 942688 0 0.0
esp32 all-clusters-app c3devkit (read only) 1021542 1021540 -2 -0.0
(read/write) 1486034 1486034 0 0.0
.dram0.bss 70088 70088 0 0.0
.dram0.data 14600 14600 0 0.0
.flash.rodata 215904 215904 0 0.0
.flash.text 1021542 1021540 -2 -0.0
.iram0.text 62902 62902 0 0.0
m5stack (read only) 1075367 1075367 0 0.0
(read/write) 488080 488080 0 0.0
.dram0.bss 75608 75608 0 0.0
.dram0.data 34144 34144 0 0.0
.flash.rodata 246332 246332 0 0.0
.flash.text 1069983 1069983 0 0.0
.iram0.text 123267 123267 0 0.0
k32w light k32w061+release (read/write) 660104 660104 0 0.0
.bss 69540 69540 0 0.0
.data 1992 1992 0 0.0
.text 582772 582772 0 0.0
lock k32w061+release (read/write) 687084 687084 0 0.0
.bss 70012 70012 0 0.0
.data 2004 2004 0 0.0
.text 609268 609268 0 0.0
linux all-clusters-app debug (read only) 2976585 2976585 0 0.0
(read/write) 155184 155184 0 0.0
.bss 61696 61696 0 0.0
.data 2064 2064 0 0.0
.data.rel.ro 85160 85160 0 0.0
.dynamic 608 608 0 0.0
.got 4568 4568 0 0.0
.init 27 27 0 0.0
.init_array 1064 1064 0 0.0
.rodata 264605 264605 0 0.0
.text 2534002 2534002 0 0.0
all-clusters-minimal-app debug (read only) 2823177 2823177 0 0.0
(read/write) 146856 146856 0 0.0
.bss 60896 60896 0 0.0
.data 2064 2064 0 0.0
.data.rel.ro 77720 77720 0 0.0
.dynamic 608 608 0 0.0
.got 4488 4488 0 0.0
.init 27 27 0 0.0
.init_array 1056 1056 0 0.0
.rodata 265565 265565 0 0.0
.text 2382290 2382290 0 0.0
bridge-app debug+rpc (read only) 2323289 2323289 0 0.0
(read/write) 125672 125672 0 0.0
.bss 48992 48992 0 0.0
.data 3824 3824 0 0.0
.data.rel.ro 67096 67096 0 0.0
.dynamic 608 608 0 0.0
.got 4392 4392 0 0.0
.init 27 27 0 0.0
.init_array 736 736 0 0.0
.rodata 198080 198080 0 0.0
.text 1963186 1963186 0 0.0
chip-tool debug (read only) 10329593 10329593 0 0.0
(read/write) 630600 630600 0 0.0
.bss 24728 24728 0 0.0
.data 3266 3266 0 0.0
.data.rel.ro 596216 596216 0 0.0
.dynamic 608 608 0 0.0
.got 5088 5088 0 0.0
.init 27 27 0 0.0
.init_array 648 648 0 0.0
.rodata 516149 516149 0 0.0
.text 8362900 8362900 0 0.0
chip-tool-ipv6only arm64 (read only) 10066956 10066956 0 0.0
(read/write) 695761 695761 0 0.0
.bss 42993 42993 0 0.0
.data 3304 3304 0 0.0
.data.rel.ro 631872 631872 0 0.0
.dynamic 528 528 0 0.0
.got 13664 13664 0 0.0
.init 24 24 0 0.0
.init_array 192 192 0 0.0
.rodata 480156 480156 0 0.0
.text 8004180 8004180 0 0.0
lighting-app debug+rpc (read only) 2561049 2561049 0 0.0
(read/write) 129696 129696 0 0.0
.bss 49504 49504 0 0.0
.data 2096 2096 0 0.0
.data.rel.ro 72248 72248 0 0.0
.dynamic 608 608 0 0.0
.got 4392 4392 0 0.0
.init 27 27 0 0.0
.init_array 824 824 0 0.0
.rodata 213832 213832 0 0.0
.text 2176962 2176962 0 0.0
lock-app debug (read only) 2525945 2525945 0 0.0
(read/write) 124680 124680 0 0.0
.bss 47904 47904 0 0.0
.data 1712 1712 0 0.0
.data.rel.ro 69208 69208 0 0.0
.dynamic 608 608 0 0.0
.got 4424 4424 0 0.0
.init 27 27 0 0.0
.init_array 800 800 0 0.0
.rodata 228936 228936 0 0.0
.text 2131554 2131554 0 0.0
ota-provider-app debug (read only) 2329441 2329441 0 0.0
(read/write) 118480 118480 0 0.0
.bss 47552 47552 0 0.0
.data 1936 1936 0 0.0
.data.rel.ro 63192 63192 0 0.0
.dynamic 608 608 0 0.0
.got 4488 4488 0 0.0
.init 27 27 0 0.0
.init_array 680 680 0 0.0
.rodata 203640 203640 0 0.0
.text 1962738 1962738 0 0.0
ota-requestor-app debug (read only) 2448041 2448041 0 0.0
(read/write) 125416 125416 0 0.0
.bss 49920 49920 0 0.0
.data 2240 2240 0 0.0
.data.rel.ro 67416 67416 0 0.0
.dynamic 608 608 0 0.0
.got 4480 4480 0 0.0
.init 27 27 0 0.0
.init_array 736 736 0 0.0
.rodata 207392 207392 0 0.0
.text 2069186 2069186 0 0.0
shell debug (read only) 2563425 2563425 0 0.0
(read/write) 141208 141208 0 0.0
.bss 57480 57480 0 0.0
.data 1248 1248 0 0.0
.data.rel.ro 76792 76792 0 0.0
.dynamic 608 608 0 0.0
.got 4136 4136 0 0.0
.init 27 27 0 0.0
.init_array 936 936 0 0.0
.rodata 227986 227986 0 0.0
.text 2178050 2178050 0 0.0
thermostat-no-ble arm64 (read only) 2603156 2603156 0 0.0
(read/write) 158481 158481 0 0.0
.bss 65281 65281 0 0.0
.data 1704 1704 0 0.0
.data.rel.ro 83368 83368 0 0.0
.dynamic 528 528 0 0.0
.got 5104 5104 0 0.0
.init 24 24 0 0.0
.init_array 400 400 0 0.0
.rodata 165660 165660 0 0.0
.text 2197200 2197200 0 0.0
tv-app debug (read only) 3111553 3111553 0 0.0
(read/write) 256768 256768 0 0.0
.bss 166872 166872 0 0.0
.data 4736 4736 0 0.0
.data.rel.ro 78728 78728 0 0.0
.dynamic 608 608 0 0.0
.got 4848 4848 0 0.0
.init 27 27 0 0.0
.init_array 960 960 0 0.0
.rodata 249440 249440 0 0.0
.text 2673858 2673858 0 0.0
tv-casting-app debug (read only) 5359409 5359409 0 0.0
(read/write) 157816 157816 0 0.0
.bss 51064 51064 0 0.0
.data 2432 2432 0 0.0
.data.rel.ro 98032 98032 0 0.0
.dynamic 608 608 0 0.0
.got 4736 4736 0 0.0
.init 27 27 0 0.0
.init_array 920 920 0 0.0
.rodata 332681 332681 0 0.0
.text 4761042 4761042 0 0.0
mbed lock-app CY8CPROTO_062_4343W+release (read only) 6224 6224 0 0.0
(read/write) 2448544 2448544 0 0.0
.bss 213948 213948 0 0.0
.data 5872 5872 0 0.0
.text 1411188 1411188 0 0.0
nrfconnect all-clusters-app nrf52840dk_nrf52840 (read/write) 1176035 1176035 0 0.0
bss 142908 142908 0 0.0
rodata 142204 142204 0 0.0
text 812024 812024 0 0.0
all-clusters-minimal-app nrf52840dk_nrf52840 (read/write) 1156099 1156099 0 0.0
bss 142144 142144 0 0.0
rodata 133748 133748 0 0.0
text 801340 801340 0 0.0
lighting-app nrf52840dk_nrf52840 (read/write) 1167267 1167267 0 0.0
bss 144471 144471 0 0.0
rodata 124116 124116 0 0.0
text 819828 819828 0 0.0
nrf52840dk_nrf52840+rpc (read/write) 1137667 1137667 0 0.0
bss 144900 144900 0 0.0
rodata 115588 115588 0 0.0
text 797808 797808 0 0.0
nrf52840dongle_nrf52840 (read/write) 1073759 1073759 0 0.0
bss 151702 151702 0 0.0
rodata 93136 93136 0 0.0
text 747800 747800 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 1070806 1070806 0 0.0
bss 140842 140842 0 0.0
rodata 116532 116532 0 0.0
text 732372 732372 0 0.0
lock-app nrf52840dk_nrf52840 (read/write) 1128099 1128099 0 0.0
bss 135439 135439 0 0.0
rodata 142020 142020 0 0.0
text 771832 771832 0 0.0
nrf5340dk_nrf5340_cpuapp (read/write) 1031826 1031826 0 0.0
bss 131842 131842 0 0.0
rodata 134496 134496 0 0.0
text 684444 684440 -4 -0.0
pump-app nrf52840dk_nrf52840 (read/write) 1079879 1079879 0 0.0
bss 134366 134366 0 0.0
rodata 117464 117464 0 0.0
text 749224 749220 -4 -0.0
pump-controller-app nrf52840dk_nrf52840 (read/write) 1067831 1067831 0 0.0
bss 134161 134161 0 0.0
rodata 114248 114248 0 0.0
text 740520 740516 -4 -0.0
p6 all-clusters-app default (read only) 882128 882128 0 0.0
(read/write) 1685404 1685404 0 0.0
.bss 148568 148568 0 0.0
.data 2648 2648 0 0.0
.text 1525800 1525800 0 0.0
all-clusters-minimal-app default (read only) 882848 882848 0 0.0
(read/write) 1629516 1629516 0 0.0
.bss 147848 147848 0 0.0
.data 2648 2648 0 0.0
.text 1470632 1470632 0 0.0
light-app default (read only) 891152 891152 0 0.0
(read/write) 1549516 1549516 0 0.0
.bss 139752 139752 0 0.0
.data 2440 2440 0 0.0
.text 1398936 1398936 0 0.0
lock-app default (read only) 891280 891280 0 0.0
(read/write) 1576516 1576516 0 0.0
.bss 139608 139608 0 0.0
.data 2456 2456 0 0.0
.text 1426064 1426064 0 0.0
telink light-switch-app tlsr9518adk80d (read/write) 798388 798388 0 0.0
bss 70584 70584 0 0.0
noinit 40416 40416 0 0.0
text 566528 566528 0 0.0
lighting-app tlsr9518adk80d (read/write) 818436 818444 8 0.0
bss 71428 71428 0 0.0
noinit 40416 40416 0 0.0
text 583072 583074 2 0.0

@woody-apple woody-apple merged commit f34a18c into sve Jul 20, 2022
@woody-apple woody-apple deleted the cherry-pick-5eb84bcac5b7a55ec0f7191734f227f43ed1596d branch July 20, 2022 02:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
sve cherry pick
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@woody-apple @Damian-Nordic