Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expose DeviceCommissioner::ComputePASEVerifier to Obj-C. #22112

Merged
merged 3 commits into from
Aug 25, 2022
Merged

Expose DeviceCommissioner::ComputePASEVerifier to Obj-C. #22112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
eded3be
Expose `DeviceCommissioner::ComputePASEVerifier` to Obj-C.
mburshteyn1 Aug 23, 2022
824564e
Restyled by whitespace
restyled-commits Aug 24, 2022
a06578d
Restyled by clang-format
restyled-commits Aug 24, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions src/darwin/Framework/CHIP/MTRDeviceController.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,15 @@ typedef void (^MTRDeviceConnectionCallback)(MTRBaseDevice * _Nullable device, NS
*/
- (void)setNocChainIssuer:(id<MTRNOCChainIssuer>)nocChainIssuer queue:(dispatch_queue_t)queue;

/**
* Compute a PASE verifier and passcode ID for the desired setup pincode.
*
* @param[in] setupPincode The desired PIN code to use
* @param[in] iterations The number of iterations to use when generating the verifier
* @param[in] salt The 16-byte salt for verifier computation
*/
- (nullable NSData *)computePaseVerifier:(uint32_t)setupPincode iterations:(uint32_t)iterations salt:(NSData *)salt;

/**
* Shutdown the controller. Calls to shutdown after the first one are NO-OPs.
*/
Expand Down
28 changes: 28 additions & 0 deletions src/darwin/Framework/CHIP/MTRDeviceController.mm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -668,6 +668,34 @@ - (void)setNocChainIssuer:(id<MTRNOCChainIssuer>)nocChainIssuer queue:(dispatch_
});
}

- (nullable NSData *)computePaseVerifier:(uint32_t)setupPincode iterations:(uint32_t)iterations salt:(NSData *)salt
{
__block CHIP_ERROR errorCode = CHIP_ERROR_INCORRECT_STATE;
if (![self isRunning]) {
[self checkForError:errorCode logMsg:kErrorNotRunning error:nil];
Comment on lines +674 to +675
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use checkIsRunning.

return nil;
}

__block NSData * result;
__block chip::Spake2pVerifier paseVerifier;
__block chip::ByteSpan saltByteSpan = chip::ByteSpan(static_cast<const uint8_t *>(salt.bytes), salt.length);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use AsByteSpan().


dispatch_sync(_chipWorkQueue, ^{
if ([self isRunning]) {
errorCode = self.cppCommissioner->ComputePASEVerifier(iterations, setupPincode, saltByteSpan, paseVerifier);
MTR_LOG_ERROR("ComputePaseVerifier: %s", chip::ErrorStr(errorCode));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And if this fails... now what? We return garbage?


uint8_t serializedVerifier[sizeof(paseVerifier.mW0) + sizeof(paseVerifier.mL)];
memcpy(serializedVerifier, paseVerifier.mW0, chip::kSpake2p_WS_Length);
memcpy(&serializedVerifier[sizeof(paseVerifier.mW0)], paseVerifier.mL, sizeof(paseVerifier.mL));

result = [NSData dataWithBytes:serializedVerifier length:sizeof(serializedVerifier)];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use AsData().

}
});

return result;
}

- (BOOL)checkForInitError:(BOOL)condition logMsg:(NSString *)logMsg
{
if (condition) {
Expand Down