-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Chip tool operational credentials cluster fix #6873
Chip tool operational credentials cluster fix #6873
Conversation
(#5098) We should pass the Command Object and EndpointId to the cluster callbacks.connectedhomeip/examples/chip-tool/gen/IMClusterCommandHandler.cpp Lines 4119 to 4129 in 2d0e18f
This comment was generated by todo based on a
|
(#5542): The cluster handlers should accept a ByteSpan for all string types.connectedhomeip/examples/chip-tool/gen/IMClusterCommandHandler.cpp Lines 4166 to 4176 in 2d0e18f
This comment was generated by todo based on a
|
(#5098) We should pass the Command Object and EndpointId to the cluster callbacks.connectedhomeip/examples/chip-tool/gen/IMClusterCommandHandler.cpp Lines 4188 to 4196 in 2d0e18f
This comment was generated by todo based on a
|
| * AddOpCert | 0x06 | | ||
| * OpCSRRequest | 0x04 | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's odd that those are not in order. Not for this PR to fix, but it's odd.
OperationalCredentialsAddOpCert() : ModelCommand("add-op-cert") | ||
{ | ||
AddArgument("noc", &mNoc); | ||
AddArgument("iCACertificate", &mICACertificate); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
iCACertificate
is very odd casig. Suggest ICACertificate
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will provide a fix in a followup. This is because the template is doing {{asCamelCased name}}
omitting the second argument of https://github.com/project-chip/zap/blob/7c928747ef6c32671d39901c881b82f57a6e1c08/src-electron/generator/helper-c.js#L200 which force the first letter to be lower cased.
|
||
chip::Controller::OperationalCredentialsCluster cluster; | ||
cluster.Associate(device, endpointId); | ||
return cluster.AddOpCert( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add TODO about needing to send the NOC and ICA certs in a CHIP certificate array.
public: | ||
OperationalCredentialsOpCSRRequest() : ModelCommand("op-csrrequest") | ||
{ | ||
AddArgument("cSRNonce", &mCSRNonce); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename to CSRNonce
.
ChipLogProgress(Zcl, " CSR: %s", CSR); | ||
ChipLogProgress(Zcl, " CSRNonce: %s", CSRNonce); | ||
ChipLogProgress(Zcl, " VendorReserved1: %s", VendorReserved1); | ||
ChipLogProgress(Zcl, " VendorReserved2: %s", VendorReserved2); | ||
ChipLogProgress(Zcl, " VendorReserved3: %s", VendorReserved3); | ||
ChipLogProgress(Zcl, " Signature: %s", Signature); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
None of these are human readable strings. Is there a reason they are printed as strings here? How does a chip::ByteSpan
print? I could not find the path used to convert it to a const char*
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It has mostly been used for debugging. I will remove that in a followup, likely just printing the length of the chip::ByteSpan
for OCTET_STRING
, while still printing the content for CHAR_STRING
(which are chip::ByteSpan
under the hood).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So what will happen here today, though?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did replace the code that uses %s
in order to just prints the size and removes a few other places where chip::Bytespan
was printed badly.
As discussed I will use
CHIP_ERROR BytesToHex(const uint8_t * src_bytes, size_t src_size, char * dest_hex, size_t dest_size_max, BitFlags<HexFlags> flags); |
chip-tool
is broken without this patch I guess it is more urgent to repair it...
chip::Controller::OperationalCredentialsCluster cluster; | ||
cluster.Associate(device, endpointId); | ||
return cluster.OpCSRRequest(onSuccessCallback->Cancel(), onFailureCallback->Cancel(), | ||
chip::ByteSpan(chip::Uint8::from_char(mCSRNonce), strlen(mCSRNonce))); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will crash: mCSRNonce is not a string, it's a byte string. strlen should not be called on any CSR fields.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
chip-tool
lacks support of real OCTET_STRING
.
Ideally it should take a string as input specified as hex byte and convert it before sending. At the moment, everything is a string passed from the command line. So strlen
is called on the content of the command line argument. It will likely not crash here, since mCSRNonce
is a char *
, but it will probably not work as you may expect.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TODO comment then? or will this stop compiling once we support octed_string and will get fixed as a result?
2d0e18f
to
f65cad4
Compare
@andreilitvin can it be merged as hotfix? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved, conditional on not logging any ByteSpan
@cjandhyala or @vivien-apple how has this been tested? @vivien-apple are there any tests we can add to make sure this doesn't regress here? Thanks |
f65cad4
to
4c37838
Compare
{{/chip_attribute_list_entryTypes}} | ||
{{else}} | ||
{{#if (isOctetString type)}} | ||
ChipLogProgress(Zcl, " {{asSymbol label}}: %zu", entries[i].size()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
%zu
is not available on all embedded platforms.
In a future PR, suggest:
Suggest having the code eventually static cast size() to uint32_t
in the log call and use PRIu32
for the specifier.
/rebase |
4c37838
to
b038fdd
Compare
Problem
chip-tool
can not pair anymore since theOperational Credentials
cluster has landed because the response to theAddOptCert
command is not enabled.In order to enable it, it requires a few fixes, which is what this PR is about.
Summary of Changes
AddOptCert
command/responsegen/
folders.