Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Message counter implementation #5389

Merged
merged 10 commits into from
May 12, 2021
Merged

Conversation

kghost
Copy link
Contributor

@kghost kghost commented Mar 16, 2021

Problem

Implement and enable MessageCounter according to spec

Summary of Changes

  1. Isolate MessageCounterManager from messaging layer, make it a pure protocol.
  2. Add message counter verification of received packet before decode it. (As described by spec)
  3. Add global unsecure message counter and global secure message counter.
  4. Encode outgoing packets using corresponding message counters (As described by spec)

@todo
Copy link

todo bot commented Mar 16, 2021

Re-evaluate the storing of Admin ID in SecureSessionHandle

// TODO: Re-evaluate the storing of Admin ID in SecureSessionHandle
// The Admin ID will not be available for PASE and group sessions. So need
// to identify an approach that'll allow looking up the corresponding information for
// such sessions.
Transport::AdminId mAdmin;
};
} // namespace chip


This comment was generated by todo based on a TODO comment in b49127b in #5389. cc @kghost.

@todo
Copy link

todo bot commented Mar 16, 2021

control message counter is not implemented yet

// TODO: control message counter is not implemented yet
}
else
{
// TODO: "initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group and unicast messages
if (!mMessageCounterManager->IsSyncCompleted(state))
{
// Queue and start message sync procedure
err = mMessageCounterManager->QueueReceivedMessageAndStartSync({ state->GetPeerNodeId(), state->GetPeerKeyID(), state->GetAdminId() }, state, packetHeader, peerAddress, std::move(msg));
if (err != CHIP_NO_ERROR)


This comment was generated by todo based on a TODO comment in b49127b in #5389. cc @kghost.

@todo
Copy link

todo bot commented Mar 16, 2021

"initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group and unicast messages

// TODO: "initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group and unicast messages
if (!mMessageCounterManager->IsSyncCompleted(state))
{
// Queue and start message sync procedure
err = mMessageCounterManager->QueueReceivedMessageAndStartSync({ state->GetPeerNodeId(), state->GetPeerKeyID(), state->GetAdminId() }, state, packetHeader, peerAddress, std::move(msg));
if (err != CHIP_NO_ERROR)
{
ChipLogError(Inet, "Message counter synchronization for received message, failed to QueueReceivedMessageAndStartSync, err = %d", err);
}


This comment was generated by todo based on a TODO comment in b49127b in #5389. cc @kghost.

@todo
Copy link

todo bot commented Mar 16, 2021

"initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group and unicast messages

// TODO: "initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group and unicast messages
if (!mMessageCounterManager->IsSyncCompleted(state))
{
// Queue and start message sync procedure
err = mMessageCounterManager->QueueReceivedMessageAndStartSync({ state->GetPeerNodeId(), state->GetPeerKeyID(), state->GetAdminId() }, state, packetHeader, peerAddress, std::move(msg));
if (err != CHIP_NO_ERROR)
{
ChipLogError(Inet, "Message counter synchronization for received message, failed to QueueReceivedMessageAndStartSync, err = %d", err);
}


This comment was generated by todo based on a TODO comment in ddfad10 in #5389. cc @kghost.

@todo
Copy link

todo bot commented Mar 16, 2021

"initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group

// TODO: "initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group
// and unicast messages
if (!mMessageCounterManager->IsSyncCompleted(state))
{
// Queue and start message sync procedure
err = mMessageCounterManager->QueueReceivedMessageAndStartSync(
{ state->GetPeerNodeId(), state->GetPeerKeyID(), state->GetAdminId() }, state, packetHeader, peerAddress,
std::move(msg));
if (err != CHIP_NO_ERROR)
{


This comment was generated by todo based on a TODO comment in 1704604 in #5389. cc @kghost.

@todo
Copy link

todo bot commented Mar 16, 2021

"initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group

// TODO: "initial Session Establishment bootstrap" is under specified, use message counter sync protocol for both group
// and unicast messages
if (!mMessageCounterManager->IsSyncCompleted(state))
{
// Queue and start message sync procedure
err = mMessageCounterManager->QueueReceivedMessageAndStartSync(
{ state->GetPeerNodeId(), state->GetPeerKeyID(), state->GetAdminId() }, state, packetHeader, peerAddress,
std::move(msg));
if (err != CHIP_NO_ERROR)
{


This comment was generated by todo based on a TODO comment in 023e407 in #5389. cc @kghost.

@kghost kghost force-pushed the tp-mcsp branch 2 times, most recently from 5ea8f29 to 578e166 Compare May 8, 2021 09:49
src/controller/CHIPDeviceController.cpp Show resolved Hide resolved
src/lib/core/CHIPConfig.h Outdated Show resolved Hide resolved
src/lib/support/Span.h Outdated Show resolved Hide resolved
src/lib/support/Span.h Outdated Show resolved Hide resolved
src/protocols/secure_channel/MessageCounterManager.cpp Outdated Show resolved Hide resolved
src/transport/tests/TestSecureSessionMgr.cpp Show resolved Hide resolved
src/transport/tests/TestSecureSessionMgr.cpp Show resolved Hide resolved
src/transport/tests/TestSecureSessionMgr.cpp Show resolved Hide resolved
src/transport/tests/TestSecureSessionMgr.cpp Show resolved Hide resolved
src/transport/tests/TestSecureSessionMgr.cpp Show resolved Hide resolved
src/controller/CHIPDeviceController.cpp Outdated Show resolved Hide resolved
src/lib/core/CHIPConfig.h Outdated Show resolved Hide resolved
src/lib/support/Span.h Outdated Show resolved Hide resolved
src/lib/support/Span.h Outdated Show resolved Hide resolved
src/protocols/secure_channel/MessageCounterManager.cpp Outdated Show resolved Hide resolved
src/transport/PeerMessageCounter.h Show resolved Hide resolved
Copy link
Contributor

@bzbarsky-apple bzbarsky-apple left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there!

Copy link
Contributor

@bzbarsky-apple bzbarsky-apple left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

The merge conflict still needs resolving.

@github-actions
Copy link

Size increase report for "nrfconnect-example-build" from 8185019

File Section File VM
chip-shell.elf text 272 272
chip-shell.elf rodata 256 260
chip-shell.elf bss 0 225
chip-shell.elf [LOAD #3 [RW]] 0 31
chip-lock.elf bss 0 247
chip-lock.elf rodata 152 148
chip-lock.elf device_handles -12 -12
chip-lock.elf [LOAD #3 [RW]] 0 -23
chip-lock.elf text -68 -68
chip-lighting.elf bss 0 243
chip-lighting.elf rodata 152 148
chip-lighting.elf device_handles 4 4
chip-lighting.elf [LOAD #3 [RW]] 0 -19
chip-lighting.elf text -68 -68
Full report output
BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-shell.elf and ./pull_artifact/chip-shell.elf:

sections,vmsize,filesize
.debug_info,0,76672
.debug_str,0,23261
.debug_line,0,4273
.debug_abbrev,0,3215
.strtab,0,1975
.symtab,0,1136
.debug_ranges,0,848
.debug_frame,0,608
text,272,272
rodata,260,256
bss,225,0
.debug_aranges,0,120
[LOAD #3 [RW]],31,0
.shstrtab,0,-3
.debug_loc,0,-1093

Comparing ./master_artifact/chip-lock.elf and ./pull_artifact/chip-lock.elf:

sections,vmsize,filesize
.debug_info,0,23822
.debug_line,0,7261
.debug_str,0,5286
.debug_abbrev,0,3605
.strtab,0,1963
.symtab,0,992
.debug_ranges,0,808
.debug_frame,0,252
bss,247,0
.debug_aranges,0,176
rodata,148,152
.shstrtab,0,-3
device_handles,-12,-12
[LOAD #3 [RW]],-23,0
text,-68,-68
.debug_loc,0,-522

Comparing ./master_artifact/chip-lighting.elf and ./pull_artifact/chip-lighting.elf:

sections,vmsize,filesize
.debug_info,0,799425
.debug_line,0,16866
.debug_abbrev,0,10665
.debug_str,0,5569
.strtab,0,1963
.symtab,0,992
.debug_ranges,0,808
.debug_frame,0,252
bss,243,0
.debug_aranges,0,176
rodata,148,152
device_handles,4,4
.shstrtab,0,1
[LOAD #3 [RW]],-19,0
text,-68,-68
.debug_loc,0,-529


@github-actions
Copy link

Size increase report for "esp32-example-build" from 8185019

File Section File VM
chip-pigweed-app.elf .flash.rodata 4 4
Full report output
BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-pigweed-app.elf and ./pull_artifact/chip-pigweed-app.elf:

sections,vmsize,filesize
.debug_str,0,25
.debug_info,0,9
.flash.rodata,4,4
.debug_loc,0,-1
.xt.prop._ZSt9__find_ifIPKSt4byteN9__gnu_cxx5__ops10_Iter_predIPFbS0_EEEET_S9_S9_T0_St26random_access_iterator_tag,0,-1
[Unmapped],0,-4

Comparing ./master_artifact/chip-all-clusters-app.elf and ./pull_artifact/chip-all-clusters-app.elf:

BLOAT EXECUTION FAILED WITH CODE 1:
bloaty: integer overflow


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

We need to bring appState concept back to support exchange specific context
7 participants