Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2021 Project CHIP Authors
4 : * All rights reserved.
5 : *
6 : * Licensed under the Apache License, Version 2.0 (the "License");
7 : * you may not use this file except in compliance with the License.
8 : * You may obtain a copy of the License at
9 : *
10 : * http://www.apache.org/licenses/LICENSE-2.0
11 : *
12 : * Unless required by applicable law or agreed to in writing, software
13 : * distributed under the License is distributed on an "AS IS" BASIS,
14 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 : * See the License for the specific language governing permissions and
16 : * limitations under the License.
17 : */
18 : #pragma once
19 :
20 : #include <app/AttributePathParams.h>
21 : #include <controller/CommissioneeDeviceProxy.h>
22 : #include <controller/CommissioningDelegate.h>
23 : #include <credentials/DeviceAttestationConstructor.h>
24 : #include <crypto/CHIPCryptoPAL.h>
25 : #include <lib/support/ScopedBuffer.h>
26 : #include <protocols/secure_channel/RendezvousParameters.h>
27 :
28 : namespace chip {
29 : namespace Controller {
30 :
31 : class DeviceCommissioner;
32 :
33 : class AutoCommissioner : public CommissioningDelegate
34 : {
35 : public:
36 : AutoCommissioner();
37 : ~AutoCommissioner() override;
38 : CHIP_ERROR SetCommissioningParameters(const CommissioningParameters & params) override;
39 : const CommissioningParameters & GetCommissioningParameters() const override;
40 : void SetOperationalCredentialsDelegate(OperationalCredentialsDelegate * operationalCredentialsDelegate) override;
41 :
42 : CHIP_ERROR StartCommissioning(DeviceCommissioner * commissioner, CommissioneeDeviceProxy * proxy) override;
43 : void StopCommissioning() { mStopCommissioning = true; };
44 :
45 : CHIP_ERROR CommissioningStepFinished(CHIP_ERROR err, CommissioningDelegate::CommissioningReport report) override;
46 :
47 : ByteSpan GetAttestationElements() const { return ByteSpan(mAttestationElements, mAttestationElementsLen); }
48 : ByteSpan GetAttestationSignature() const { return ByteSpan(mAttestationSignature, mAttestationSignatureLen); }
49 : ByteSpan GetAttestationNonce() const { return ByteSpan(mAttestationNonce); }
50 :
51 : protected:
52 : CommissioningStage GetNextCommissioningStage(CommissioningStage currentStage, CHIP_ERROR & lastErr);
53 : DeviceCommissioner * GetCommissioner() { return mCommissioner; }
54 : CHIP_ERROR PerformStep(CommissioningStage nextStage);
55 : CommissioneeDeviceProxy * GetCommissioneeDeviceProxy() { return mCommissioneeDeviceProxy; }
56 : /**
57 : * The device argument to GetCommandTimeout is the device whose session will
58 : * be used for sending the relevant command.
59 : */
60 : Optional<System::Clock::Timeout> GetCommandTimeout(DeviceProxy * device, CommissioningStage stage) const;
61 : CommissioningParameters mParams = CommissioningParameters();
62 :
63 : private:
64 : DeviceProxy * GetDeviceProxyForStep(CommissioningStage nextStage);
65 :
66 : // Adjust the failsafe timer if CommissioningDelegate GetCASEFailsafeTimerSeconds is set
67 : void SetCASEFailsafeTimerIfNeeded();
68 :
69 : const ByteSpan GetDAC() { return mDAC.Span(); }
70 : const ByteSpan GetPAI() { return mPAI.Span(); }
71 :
72 : CHIP_ERROR NOCChainGenerated(ByteSpan noc, ByteSpan icac, ByteSpan rcac, Crypto::IdentityProtectionKeySpan ipk,
73 : NodeId adminSubject);
74 : EndpointId GetEndpoint(const CommissioningStage & stage) const;
75 : CommissioningStage GetNextCommissioningStageInternal(CommissioningStage currentStage, CHIP_ERROR & lastErr);
76 :
77 : CHIP_ERROR VerifyICDRegistrationInfo(const CommissioningParameters & params);
78 :
79 : // Helper function to determine whether next stage should be kWiFiNetworkSetup,
80 : // kThreadNetworkSetup or kCleanup, depending whether network information has
81 : // been provided that matches the thread/wifi endpoint of the target.
82 : CommissioningStage GetNextCommissioningStageNetworkSetup(CommissioningStage currentStage, CHIP_ERROR & lastErr);
83 :
84 : // Helper function to allocate memory for a scopedMemoryBuffer and populate it with the data from the input span
85 : CHIP_ERROR AllocateMemoryAndCopySpan(Platform::ScopedMemoryBufferWithSize<uint8_t> & scopedBuffer, ByteSpan span);
86 :
87 : // Helper function to determine if a scan attempt should be made given the
88 : // scan attempt commissioning params and the corresponding network endpoint of
89 : // the target.
90 0 : bool IsScanNeeded()
91 : {
92 0 : return ((mParams.GetAttemptWiFiNetworkScan().ValueOr(false) &&
93 0 : mDeviceCommissioningInfo.network.wifi.endpoint != kInvalidEndpointId) ||
94 0 : (mParams.GetAttemptThreadNetworkScan().ValueOr(false) &&
95 0 : mDeviceCommissioningInfo.network.thread.endpoint != kInvalidEndpointId));
96 : };
97 :
98 : // Helper function to Determine whether secondary network interface is supported.
99 : // Only true if information is provided for both networks, and the target has endpoint
100 : // for wifi and thread.
101 0 : bool IsSecondaryNetworkSupported() const
102 : {
103 0 : return ((mParams.GetSupportsConcurrentConnection().ValueOr(false) && mParams.GetWiFiCredentials().HasValue() &&
104 0 : mDeviceCommissioningInfo.network.wifi.endpoint != kInvalidEndpointId) &&
105 0 : mParams.GetThreadOperationalDataset().HasValue() &&
106 0 : mDeviceCommissioningInfo.network.thread.endpoint != kInvalidEndpointId);
107 : }
108 :
109 0 : void TrySecondaryNetwork() { mTryingSecondaryNetwork = true; }
110 0 : bool TryingSecondaryNetwork() const { return mTryingSecondaryNetwork; }
111 0 : void ResetTryingSecondaryNetwork() { mTryingSecondaryNetwork = false; }
112 : bool mTryingSecondaryNetwork = false;
113 :
114 : bool mStopCommissioning = false;
115 :
116 : DeviceCommissioner * mCommissioner = nullptr;
117 : CommissioneeDeviceProxy * mCommissioneeDeviceProxy = nullptr;
118 : OperationalCredentialsDelegate * mOperationalCredentialsDelegate = nullptr;
119 : OperationalDeviceProxy mOperationalDeviceProxy;
120 :
121 : // BEGIN memory space for commissioning parameters that are Spans or similar pointers:
122 : // The caller is not guaranteed to retain the memory these parameters point to.
123 : uint8_t mSsid[CommissioningParameters::kMaxSsidLen];
124 : uint8_t mCredentials[CommissioningParameters::kMaxCredentialsLen];
125 : uint8_t mThreadOperationalDataset[CommissioningParameters::kMaxThreadDatasetLen];
126 : char mCountryCode[CommissioningParameters::kMaxCountryCodeLen];
127 :
128 : // Time zone is statically allocated because it is max 2 and not trivially destructible
129 : static constexpr size_t kMaxSupportedTimeZones = 2;
130 : app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type mTimeZoneBuf[kMaxSupportedTimeZones];
131 : static constexpr size_t kMaxTimeZoneNameLen = 64;
132 : char mTimeZoneNames[kMaxTimeZoneNameLen][kMaxSupportedTimeZones];
133 :
134 : // DSTOffsetStructs are similarly not trivially destructible. They don't have a defined size, but we're
135 : // going to do static allocation of the buffers anyway until we replace chip::Optional with std::optional.
136 : static constexpr size_t kMaxSupportedDstStructs = 10;
137 : app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type mDstOffsetsBuf[kMaxSupportedDstStructs];
138 :
139 : static constexpr size_t kMaxDefaultNtpSize = 128;
140 : char mDefaultNtp[kMaxDefaultNtpSize];
141 :
142 : uint8_t mICDSymmetricKey[Crypto::kAES_CCM128_Key_Length];
143 : Platform::ScopedMemoryBufferWithSize<app::AttributePathParams> mExtraReadPaths;
144 :
145 : // END memory space for commisisoning parameters
146 :
147 : bool mNeedsNetworkSetup = false;
148 : ReadCommissioningInfo mDeviceCommissioningInfo;
149 : bool mNeedsDST = false;
150 :
151 : bool mNeedIcdRegistration = false;
152 : // TODO: Why were the nonces statically allocated, but the certs dynamically allocated?
153 : Platform::ScopedMemoryBufferWithSize<uint8_t> mDAC;
154 : Platform::ScopedMemoryBufferWithSize<uint8_t> mPAI;
155 :
156 : uint8_t mAttestationNonce[kAttestationNonceLength];
157 : uint8_t mCSRNonce[kCSRNonceLength];
158 : uint8_t mNOCertBuffer[Credentials::kMaxCHIPCertLength];
159 : uint8_t mICACertBuffer[Credentials::kMaxCHIPCertLength];
160 :
161 : uint16_t mAttestationElementsLen = 0;
162 : uint8_t mAttestationElements[Credentials::kMaxRspLen];
163 : uint16_t mAttestationSignatureLen = 0;
164 : uint8_t mAttestationSignature[Crypto::kMax_ECDSA_Signature_Length];
165 :
166 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
167 : Platform::ScopedMemoryBufferWithSize<uint8_t> mJFAdminRCAC;
168 : Platform::ScopedMemoryBufferWithSize<uint8_t> mJFAdminICAC;
169 : Platform::ScopedMemoryBufferWithSize<uint8_t> mJFAdminNOC;
170 : #endif
171 : };
172 : } // namespace Controller
173 : } // namespace chip
|
