Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2021-2024 Project CHIP Authors
4 : * All rights reserved.
5 : *
6 : * Licensed under the Apache License, Version 2.0 (the "License");
7 : * you may not use this file except in compliance with the License.
8 : * You may obtain a copy of the License at
9 : *
10 : * http://www.apache.org/licenses/LICENSE-2.0
11 : *
12 : * Unless required by applicable law or agreed to in writing, software
13 : * distributed under the License is distributed on an "AS IS" BASIS,
14 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 : * See the License for the specific language governing permissions and
16 : * limitations under the License.
17 : */
18 :
19 : #pragma once
20 : #include <app-common/zap-generated/cluster-objects.h>
21 : #include <app/AttributePathParams.h>
22 : #include <app/ClusterStateCache.h>
23 : #include <app/OperationalSessionSetup.h>
24 : #include <controller/CommissioneeDeviceProxy.h>
25 : #include <credentials/attestation_verifier/DeviceAttestationDelegate.h>
26 : #include <credentials/attestation_verifier/DeviceAttestationVerifier.h>
27 : #include <crypto/CHIPCryptoPAL.h>
28 : #include <lib/support/Span.h>
29 : #include <lib/support/Variant.h>
30 : #include <matter/tracing/build_config.h>
31 : #include <system/SystemClock.h>
32 :
33 : namespace chip {
34 : namespace Controller {
35 :
36 : class DeviceCommissioner;
37 :
38 : enum CommissioningStage : uint8_t
39 : {
40 : kError,
41 : kSecurePairing, ///< Establish a PASE session with the device
42 : kReadCommissioningInfo, ///< Query Attributes relevant to commissioning (can perform multiple read interactions)
43 : kArmFailsafe, ///< Send ArmFailSafe (0x30:0) command to the device
44 : kConfigRegulatory, ///< Send SetRegulatoryConfig (0x30:2) command to the device
45 : kConfigureUTCTime, ///< SetUTCTime if the DUT has a time cluster
46 : kConfigureTimeZone, ///< Configure a time zone if one is required and available
47 : kConfigureDSTOffset, ///< Configure DST offset if one is required and available
48 : kConfigureDefaultNTP, ///< Configure a default NTP server if one is required and available
49 : kSendPAICertificateRequest, ///< Send PAI CertificateChainRequest (0x3E:2) command to the device
50 : kSendDACCertificateRequest, ///< Send DAC CertificateChainRequest (0x3E:2) command to the device
51 : kSendAttestationRequest, ///< Send AttestationRequest (0x3E:0) command to the device
52 : kAttestationVerification, ///< Verify AttestationResponse (0x3E:1) validity
53 : kAttestationRevocationCheck, ///< Verify Revocation Status of device's DAC chain
54 : kSendOpCertSigningRequest, ///< Send CSRRequest (0x3E:4) command to the device
55 : kValidateCSR, ///< Verify CSRResponse (0x3E:5) validity
56 : kGenerateNOCChain, ///< TLV encode Node Operational Credentials (NOC) chain certs
57 : kSendTrustedRootCert, ///< Send AddTrustedRootCertificate (0x3E:11) command to the device
58 : kSendNOC, ///< Send AddNOC (0x3E:6) command to the device
59 : kConfigureTrustedTimeSource, ///< Configure a trusted time source if one is required and available (must be done after SendNOC)
60 : kICDGetRegistrationInfo, ///< Waiting for the higher layer to provide ICD registration informations.
61 : kICDRegistration, ///< Register for ICD management
62 : kWiFiNetworkSetup, ///< Send AddOrUpdateWiFiNetwork (0x31:2) command to the device
63 : kThreadNetworkSetup, ///< Send AddOrUpdateThreadNetwork (0x31:3) command to the device
64 : kFailsafeBeforeWiFiEnable, ///< Extend the fail-safe before doing kWiFiNetworkEnable
65 : kFailsafeBeforeThreadEnable, ///< Extend the fail-safe before doing kThreadNetworkEnable
66 : kWiFiNetworkEnable, ///< Send ConnectNetwork (0x31:6) command to the device for the WiFi network
67 : kThreadNetworkEnable, ///< Send ConnectNetwork (0x31:6) command to the device for the Thread network
68 : kEvictPreviousCaseSessions, ///< Evict previous stale case sessions from a commissioned device with this node ID before
69 : kFindOperationalForStayActive, ///< Perform operational discovery and establish a CASE session with the device for ICD
70 : ///< StayActive command
71 : kFindOperationalForCommissioningComplete, ///< Perform operational discovery and establish a CASE session with the device for
72 : ///< Commissioning Complete command
73 : kSendComplete, ///< Send CommissioningComplete (0x30:4) command to the device
74 : kICDSendStayActive, ///< Send Keep Alive to ICD
75 : /// Send ScanNetworks (0x31:0) command to the device.
76 : /// ScanNetworks can happen anytime after kArmFailsafe.
77 : kScanNetworks,
78 : /// Waiting for the higher layer to provide network credentials before continuing the workflow.
79 : /// Call CHIPDeviceController::NetworkCredentialsReady() when CommissioningParameters is populated with
80 : /// network credentials to use in kWiFiNetworkSetup or kThreadNetworkSetup steps.
81 : kNeedsNetworkCreds,
82 : kPrimaryOperationalNetworkFailed, ///< Indicate that the primary operational network (on root endpoint) failed, should remove
83 : ///< the primary network config later.
84 : kRemoveWiFiNetworkConfig, ///< Remove Wi-Fi network config.
85 : kRemoveThreadNetworkConfig, ///< Remove Thread network config.
86 : kConfigureTCAcknowledgments, ///< Send SetTCAcknowledgements (0x30:6) command to the device
87 : kCleanup, ///< Call delegates with status, free memory, clear timers and state/
88 : kJFValidateNOC, ///< Verify Admin NOC contains an Administrator CAT
89 : kSendVIDVerificationRequest, ///< Send SignVIDVerificationRequest command to the device
90 : };
91 :
92 : enum class ICDRegistrationStrategy : uint8_t
93 : {
94 : kIgnore, ///< Do not check whether the device is an ICD during commissioning
95 : kBeforeComplete, ///< Do commissioner self-registration or external controller registration,
96 : ///< Controller should provide a ICDKey manager for generating symmetric key
97 : };
98 :
99 : const char * StageToString(CommissioningStage stage);
100 :
101 : #if MATTER_TRACING_ENABLED
102 : const char * MetricKeyForCommissioningStage(CommissioningStage stage);
103 : #endif
104 :
105 : struct WiFiCredentials
106 : {
107 : ByteSpan ssid;
108 : ByteSpan credentials;
109 0 : WiFiCredentials(ByteSpan newSsid, ByteSpan newCreds) : ssid(newSsid), credentials(newCreds) {}
110 : };
111 :
112 : struct TermsAndConditionsAcknowledgement
113 : {
114 : uint16_t acceptedTermsAndConditions;
115 : uint16_t acceptedTermsAndConditionsVersion;
116 : };
117 :
118 : struct NOCChainGenerationParameters
119 : {
120 : ByteSpan nocsrElements;
121 : ByteSpan signature;
122 : };
123 :
124 : struct CompletionStatus
125 : {
126 0 : CompletionStatus() : err(CHIP_NO_ERROR), failedStage(NullOptional), attestationResult(NullOptional) {}
127 : CHIP_ERROR err;
128 : Optional<CommissioningStage> failedStage;
129 : Optional<Credentials::AttestationVerificationResult> attestationResult;
130 : Optional<app::Clusters::GeneralCommissioning::CommissioningErrorEnum> commissioningError;
131 : Optional<app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum> networkCommissioningStatus;
132 : };
133 :
134 : inline constexpr uint16_t kDefaultFailsafeTimeout = 60;
135 :
136 : // Per spec, all commands that are sent with the failsafe armed need at least
137 : // a 30s timeout.
138 : inline constexpr System::Clock::Timeout kMinimumCommissioningStepTimeout = System::Clock::Seconds16(30);
139 :
140 : class CommissioningParameters
141 : {
142 : public:
143 : static constexpr size_t kMaxThreadDatasetLen = 254;
144 : static constexpr size_t kMaxSsidLen = 32;
145 : static constexpr size_t kMaxCredentialsLen = 64;
146 : static constexpr size_t kMaxCountryCodeLen = 2;
147 :
148 : // Value to use when setting the commissioning failsafe timer on the node being commissioned.
149 : // If the failsafe timer value is passed in as part of the commissioning parameters, that value will be used. If not supplied,
150 : // the AutoCommissioner will set this to the recommended value read from the node. If that is not set, it will fall back to the
151 : // default kDefaultFailsafeTimeout.
152 : // This value should be set before running PerformCommissioningStep for the kArmFailsafe step.
153 0 : const Optional<uint16_t> GetFailsafeTimerSeconds() const { return mFailsafeTimerSeconds; }
154 :
155 : // Value to use when re-setting the commissioning failsafe timer immediately prior to operational discovery.
156 : // If a CASE failsafe timer value is passed in as part of the commissioning parameters, then the failsafe timer
157 : // will be reset using this value before operational discovery begins. If not supplied, then the AutoCommissioner
158 : // will not automatically reset the failsafe timer before operational discovery begins. It can be useful for the
159 : // commissioner to set the CASE failsafe timer to a small value (ex. 30s) when the regular failsafe timer is set
160 : // to a larger value to accommodate user interaction during setup (network credential selection, user consent
161 : // after device attestation).
162 0 : const Optional<uint16_t> GetCASEFailsafeTimerSeconds() const { return mCASEFailsafeTimerSeconds; }
163 :
164 : // The location (indoor/outdoor) of the node being commissioned.
165 : // The node regulartory location (indoor/outdoor) should be set by the commissioner explicitly as it may be different than the
166 : // location of the commissioner. This location will be set on the node if the node supports configurable regulatory location
167 : // (from GetLocationCapability - see below). If the regulatory location is not supplied, this will fall back to the location in
168 : // GetDefaultRegulatoryLocation and then to Outdoor (most restrictive).
169 : // This value should be set before calling PerformCommissioningStep for the kConfigRegulatory step.
170 0 : const Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> GetDeviceRegulatoryLocation() const
171 : {
172 0 : return mDeviceRegulatoryLocation;
173 : }
174 :
175 : // Value to determine whether the node supports Concurrent Connections as read from the GeneralCommissioning cluster.
176 : // In the AutoCommissioner, this is automatically set from from the kReadCommissioningInfo stage.
177 0 : Optional<bool> GetSupportsConcurrentConnection() const { return mSupportsConcurrentConnection; }
178 :
179 : // The country code to be used for the node, if set.
180 18 : Optional<CharSpan> GetCountryCode() const { return mCountryCode; }
181 :
182 0 : Optional<TermsAndConditionsAcknowledgement> GetTermsAndConditionsAcknowledgement() const
183 : {
184 0 : return mTermsAndConditionsAcknowledgement;
185 : }
186 :
187 : // Time zone to set for the node
188 : // If required, this will be truncated to fit the max size allowable on the node
189 0 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type>> GetTimeZone() const
190 : {
191 0 : return mTimeZone;
192 : }
193 :
194 : // DST offset list. If required, this will be truncated to fit the max size allowable on the node
195 : // DST list will only be sent if the commissionee requires DST offsets, as indicated in the SetTimeZone response
196 0 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type>> GetDSTOffsets() const
197 : {
198 0 : return mDSTOffsets;
199 : }
200 :
201 : // Default NTP to set on the node if supported and required
202 : // Default implementation will not overide a value already set on the commissionee
203 : // TODO: Add a force option?
204 0 : Optional<app::DataModel::Nullable<CharSpan>> GetDefaultNTP() const { return mDefaultNTP; }
205 :
206 : // Trusted time source
207 : // Default implementation will not override a value already set on the commissionee
208 : // TODO: Add a force option?
209 : Optional<app::DataModel::Nullable<app::Clusters::TimeSynchronization::Structs::FabricScopedTrustedTimeSourceStruct::Type>>
210 0 : GetTrustedTimeSource() const
211 : {
212 0 : return mTrustedTimeSource;
213 : }
214 :
215 : // Nonce sent to the node to use during the CSR request.
216 : // When using the AutoCommissioner, this value will be ignored in favour of the value supplied by the
217 : // OperationalCredentialsDelegate ObtainCsrNonce function. If the credential delegate is not supplied, the value supplied here
218 : // will be used. If neither is supplied random value will be used as a fallback.
219 : // This value must be set before calling PerformCommissioningStep for the kSendOpCertSigningRequest step.
220 16 : const Optional<ByteSpan> GetCSRNonce() const { return mCSRNonce; }
221 :
222 : // Nonce value sent to the node to use during the attestation request.
223 : // When using the AutoCommissioner, this value will fall back to random if not supplied.
224 : // If a non-random value is to be used, the value must be set before calling PerformCommissioningStep for the
225 : // kSendAttestationRequest step.
226 17 : const Optional<ByteSpan> GetAttestationNonce() const { return mAttestationNonce; }
227 :
228 : // WiFi SSID and credentials to use when adding/updating and enabling WiFi on the node.
229 : // This value must be set before calling PerformCommissioningStep for the kWiFiNetworkSetup or kWiFiNetworkEnable steps.
230 19 : const Optional<WiFiCredentials> GetWiFiCredentials() const { return mWiFiCreds; }
231 :
232 : // Thread operational dataset to use when adding/updating and enabling the thread network on the node.
233 : // This value must be set before calling PerformCommissioningStep for the kThreadNetworkSetup or kThreadNetworkEnable steps.
234 20 : const Optional<ByteSpan> GetThreadOperationalDataset() const { return mThreadOperationalDataset; }
235 :
236 : // The NOCSR parameters (elements and signature) returned from the node. In the AutoCommissioner, this is set using the data
237 : // returned from the kSendOpCertSigningRequest stage.
238 : // This value must be set before calling PerformCommissioningStep for the kGenerateNOCChain step.
239 0 : const Optional<NOCChainGenerationParameters> GetNOCChainGenerationParameters() const { return mNOCChainGenerationParameters; }
240 :
241 : // The root certificate for the operational certificate chain. In the auto commissioner, this is set by by the kGenerateNOCChain
242 : // stage through the OperationalCredentialsDelegate.
243 : // This value must be set before calling PerformCommissioningStep for the kSendTrustedRootCert step.
244 0 : const Optional<ByteSpan> GetRootCert() const { return mRootCert; }
245 :
246 : // The node operational certificate for the node being commissioned. In the AutoCommissioner, this is set by by the
247 : // kGenerateNOCChain stage through the OperationalCredentialsDelegate.
248 : // This value must be set before calling PerformCommissioningStep for the kSendNOC step.
249 : // This value must also be set before calling PerformCommissioningStep for the kSendTrustedRootCert step, as it is used to set
250 : // the node id in the DeviceProxy.
251 0 : const Optional<ByteSpan> GetNoc() const { return mNoc; }
252 :
253 : // The intermediate certificate for the node being commissioned. In the AutoCommissioner, this is set by by the
254 : // kGenerateNOCChain stage through the OperationalCredentialsDelegate.
255 : // This value should be set before calling PerformCommissioningStep for the kSendNOC step.
256 0 : const Optional<ByteSpan> GetIcac() const { return mIcac; }
257 :
258 : // Epoch key for the identity protection key for the node being commissioned. In the AutoCommissioner, this is set by by the
259 : // kGenerateNOCChain stage through the OperationalCredentialsDelegate.
260 : // This value must be set before calling PerformCommissioningStep for the kSendNOC step.
261 0 : const Optional<Crypto::IdentityProtectionKeySpan> GetIpk() const
262 : {
263 0 : return mIpk.HasValue() ? MakeOptional(mIpk.Value().Span()) : NullOptional;
264 : }
265 :
266 : // Admin subject id used for the case access control entry created if the AddNOC command succeeds. In the AutoCommissioner, this
267 : // is set by by the kGenerateNOCChain stage through the OperationalCredentialsDelegate.
268 : // This must be set before calling PerformCommissioningStep for the kSendNOC step.
269 0 : const Optional<NodeId> GetAdminSubject() const { return mAdminSubject; }
270 :
271 : // Attestation elements from the node. These are obtained from node in response to the AttestationRequest command. In the
272 : // AutoCommissioner, this is automatically set from the report from the kSendAttestationRequest stage.
273 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
274 0 : const Optional<ByteSpan> GetAttestationElements() const { return mAttestationElements; }
275 :
276 : // Attestation signature from the node. This is obtained from node in response to the AttestationRequest command. In the
277 : // AutoCommissioner, this is automatically set from the report from the kSendAttestationRequest stage.
278 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
279 0 : const Optional<ByteSpan> GetAttestationSignature() const { return mAttestationSignature; }
280 :
281 : // Product attestation intermediate certificate from the node. This is obtained from the node in response to the
282 : // CertificateChainRequest command for the PAI. In the AutoCommissioner, this is automatically set from the report from the
283 : // kSendPAICertificateRequest stage.
284 : // This must be set before calling PerformCommissioningStep for the kAttestationVerificationstep.
285 0 : const Optional<ByteSpan> GetPAI() const { return mPAI; }
286 :
287 : // Device attestation certificate from the node. This is obtained from the node in response to the CertificateChainRequest
288 : // command for the DAC. In the AutoCommissioner, this is automatically set from the report from the kSendDACCertificateRequest
289 : // stage.
290 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
291 0 : const Optional<ByteSpan> GetDAC() const { return mDAC; }
292 :
293 : // Node ID when a matching fabric is found in the Node Operational Credentials cluster.
294 : // In the AutoCommissioner, this is set from kReadCommissioningInfo stage.
295 : const Optional<NodeId> GetRemoteNodeId() const { return mRemoteNodeId; }
296 :
297 : // Node vendor ID from the basic information cluster. In the AutoCommissioner, this is automatically set from report from the
298 : // kReadCommissioningInfo stage.
299 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
300 0 : const Optional<VendorId> GetRemoteVendorId() const { return mRemoteVendorId; }
301 :
302 : // Node product ID from the basic information cluster. In the AutoCommissioner, this is automatically set from report from the
303 : // kReadCommissioningInfo stage.
304 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
305 0 : const Optional<uint16_t> GetRemoteProductId() const { return mRemoteProductId; }
306 :
307 : // Default regulatory location set by the node, as read from the GeneralCommissioning cluster. In the AutoCommissioner, this is
308 : // automatically set from report from the kReadCommissioningInfo stage.
309 : // This should be set before calling PerformCommissioningStep for the kConfigRegulatory step.
310 0 : const Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> GetDefaultRegulatoryLocation() const
311 : {
312 0 : return mDefaultRegulatoryLocation;
313 : }
314 :
315 : // Location capabilities of the node, as read from the GeneralCommissioning cluster. In the AutoCommissioner, this is
316 : // automatically set from report from the kReadCommissioningInfo stage.
317 : // This should be set before calling PerformCommissioningStep for the kConfigRegulatory step.
318 0 : const Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> GetLocationCapability() const
319 : {
320 0 : return mLocationCapability;
321 : }
322 :
323 : // Status to send when calling CommissioningComplete on the PairingDelegate during the kCleanup step. The AutoCommissioner uses
324 : // this to pass through any error messages received during commissioning.
325 0 : const CompletionStatus & GetCompletionStatus() const { return completionStatus; }
326 :
327 0 : CommissioningParameters & SetFailsafeTimerSeconds(uint16_t seconds)
328 : {
329 0 : mFailsafeTimerSeconds.SetValue(seconds);
330 0 : return *this;
331 : }
332 :
333 : CommissioningParameters & SetCASEFailsafeTimerSeconds(uint16_t seconds)
334 : {
335 : mCASEFailsafeTimerSeconds.SetValue(seconds);
336 : return *this;
337 : }
338 :
339 : CommissioningParameters & SetDeviceRegulatoryLocation(app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum location)
340 : {
341 : mDeviceRegulatoryLocation.SetValue(location);
342 : return *this;
343 : }
344 :
345 0 : CommissioningParameters & SetSupportsConcurrentConnection(bool concurrentConnection)
346 : {
347 0 : mSupportsConcurrentConnection.SetValue(concurrentConnection);
348 0 : return *this;
349 : }
350 :
351 : // The lifetime of the buffer countryCode is pointing to should exceed the
352 : // lifetime of CommissioningParameters object.
353 0 : CommissioningParameters & SetCountryCode(CharSpan countryCode)
354 : {
355 0 : mCountryCode.SetValue(countryCode);
356 0 : return *this;
357 : }
358 :
359 : CommissioningParameters &
360 : SetTermsAndConditionsAcknowledgement(TermsAndConditionsAcknowledgement termsAndConditionsAcknowledgement)
361 : {
362 : mTermsAndConditionsAcknowledgement.SetValue(termsAndConditionsAcknowledgement);
363 : return *this;
364 : }
365 :
366 : // The lifetime of the list buffer needs to exceed the lifetime of the CommissioningParameters object.
367 : CommissioningParameters &
368 0 : SetTimeZone(app::DataModel::List<app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type> timeZone)
369 : {
370 0 : mTimeZone.SetValue(timeZone);
371 0 : return *this;
372 : }
373 :
374 : // The lifetime of the list buffer needs to exceed the lifetime of the CommissioningParameters object.
375 : CommissioningParameters &
376 0 : SetDSTOffsets(app::DataModel::List<app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type> dstOffsets)
377 : {
378 0 : mDSTOffsets.SetValue(dstOffsets);
379 0 : return *this;
380 : }
381 :
382 : // The lifetime of the char span needs to exceed the lifetime of the CommissioningParameters
383 0 : CommissioningParameters & SetDefaultNTP(app::DataModel::Nullable<CharSpan> defaultNTP)
384 : {
385 0 : mDefaultNTP.SetValue(defaultNTP);
386 0 : return *this;
387 : }
388 :
389 : CommissioningParameters & SetTrustedTimeSource(
390 : app::DataModel::Nullable<app::Clusters::TimeSynchronization::Structs::FabricScopedTrustedTimeSourceStruct::Type>
391 : trustedTimeSource)
392 : {
393 : mTrustedTimeSource.SetValue(trustedTimeSource);
394 : return *this;
395 : }
396 :
397 : // The lifetime of the buffer csrNonce is pointing to, should exceed the lifetime of CommissioningParameters object.
398 0 : CommissioningParameters & SetCSRNonce(ByteSpan csrNonce)
399 : {
400 0 : mCSRNonce.SetValue(csrNonce);
401 0 : return *this;
402 : }
403 :
404 : // The lifetime of the buffer attestationNonce is pointing to, should exceed the lifetime of CommissioningParameters object.
405 0 : CommissioningParameters & SetAttestationNonce(ByteSpan attestationNonce)
406 : {
407 0 : mAttestationNonce.SetValue(attestationNonce);
408 0 : return *this;
409 : }
410 :
411 : // If a WiFiCredentials is provided, then the WiFiNetworkScan will not be attempted
412 0 : CommissioningParameters & SetWiFiCredentials(WiFiCredentials wifiCreds)
413 : {
414 0 : mWiFiCreds.SetValue(wifiCreds);
415 0 : mAttemptWiFiNetworkScan.SetValue(false);
416 0 : return *this;
417 : }
418 :
419 : // If a ThreadOperationalDataset is provided, then the ThreadNetworkScan will not be attempted
420 0 : CommissioningParameters & SetThreadOperationalDataset(ByteSpan threadOperationalDataset)
421 : {
422 :
423 0 : mThreadOperationalDataset.SetValue(threadOperationalDataset);
424 0 : mAttemptThreadNetworkScan = MakeOptional(static_cast<bool>(false));
425 0 : return *this;
426 : }
427 : // This parameter should be set with the information returned from kSendOpCertSigningRequest. It must be set before calling
428 : // kGenerateNOCChain.
429 0 : CommissioningParameters & SetNOCChainGenerationParameters(const NOCChainGenerationParameters & params)
430 : {
431 0 : mNOCChainGenerationParameters.SetValue(params);
432 0 : return *this;
433 : }
434 : // Root certs can be generated from the kGenerateNOCChain step. This must be set before calling kSendTrustedRootCert.
435 0 : CommissioningParameters & SetRootCert(const ByteSpan & rcac)
436 : {
437 0 : mRootCert.SetValue(rcac);
438 0 : return *this;
439 : }
440 : // NOC and intermediate cert can be generated from the kGenerateNOCChain step. NOC must be set before calling
441 : // kSendTrustedRootCert. ICAC and NOC must be set before calling kSendNOC
442 0 : CommissioningParameters & SetNoc(const ByteSpan & noc)
443 : {
444 0 : mNoc.SetValue(noc);
445 0 : return *this;
446 : }
447 0 : CommissioningParameters & SetIcac(const ByteSpan & icac)
448 : {
449 0 : mIcac.SetValue(icac);
450 0 : return *this;
451 : }
452 0 : CommissioningParameters & SetIpk(const Crypto::IdentityProtectionKeySpan ipk)
453 : {
454 0 : mIpk.SetValue(Crypto::IdentityProtectionKey(ipk));
455 0 : return *this;
456 : }
457 0 : CommissioningParameters & SetAdminSubject(const NodeId adminSubject)
458 : {
459 0 : mAdminSubject.SetValue(adminSubject);
460 0 : return *this;
461 : }
462 0 : CommissioningParameters & SetAttestationElements(const ByteSpan & attestationElements)
463 : {
464 0 : mAttestationElements = MakeOptional(attestationElements);
465 0 : return *this;
466 : }
467 0 : CommissioningParameters & SetAttestationSignature(const ByteSpan & attestationSignature)
468 : {
469 0 : mAttestationSignature = MakeOptional(attestationSignature);
470 0 : return *this;
471 : }
472 0 : CommissioningParameters & SetPAI(const ByteSpan & pai)
473 : {
474 0 : mPAI = MakeOptional(pai);
475 0 : return *this;
476 : }
477 0 : CommissioningParameters & SetDAC(const ByteSpan & dac)
478 : {
479 0 : mDAC = MakeOptional(dac);
480 0 : return *this;
481 : }
482 0 : CommissioningParameters & SetRemoteNodeId(NodeId id)
483 : {
484 0 : mRemoteNodeId = MakeOptional(id);
485 0 : return *this;
486 : }
487 0 : CommissioningParameters & SetRemoteVendorId(VendorId id)
488 : {
489 0 : mRemoteVendorId = MakeOptional(id);
490 0 : return *this;
491 : }
492 0 : CommissioningParameters & SetRemoteProductId(uint16_t id)
493 : {
494 0 : mRemoteProductId = MakeOptional(id);
495 0 : return *this;
496 : }
497 0 : CommissioningParameters & SetDefaultRegulatoryLocation(app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum location)
498 : {
499 0 : mDefaultRegulatoryLocation = MakeOptional(location);
500 0 : return *this;
501 : }
502 0 : CommissioningParameters & SetLocationCapability(app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum capability)
503 : {
504 0 : mLocationCapability = MakeOptional(capability);
505 0 : return *this;
506 : }
507 0 : void SetCompletionStatus(const CompletionStatus & status) { completionStatus = status; }
508 :
509 : CommissioningParameters & SetDeviceAttestationDelegate(Credentials::DeviceAttestationDelegate * deviceAttestationDelegate)
510 : {
511 : mDeviceAttestationDelegate = deviceAttestationDelegate;
512 : return *this;
513 : }
514 :
515 0 : Credentials::DeviceAttestationDelegate * GetDeviceAttestationDelegate() const { return mDeviceAttestationDelegate; }
516 :
517 : // If an SSID is provided, and AttemptWiFiNetworkScan is true,
518 : // then a directed scan will be performed using the SSID provided in the WiFiCredentials object
519 0 : Optional<bool> GetAttemptWiFiNetworkScan() const { return mAttemptWiFiNetworkScan; }
520 : CommissioningParameters & SetAttemptWiFiNetworkScan(bool attemptWiFiNetworkScan)
521 : {
522 : mAttemptWiFiNetworkScan = MakeOptional(attemptWiFiNetworkScan);
523 : return *this;
524 : }
525 :
526 : // If a ThreadOperationalDataset is provided, then the ThreadNetworkScan will not be attempted
527 0 : Optional<bool> GetAttemptThreadNetworkScan() const { return mAttemptThreadNetworkScan; }
528 : CommissioningParameters & SetAttemptThreadNetworkScan(bool attemptThreadNetworkScan)
529 : {
530 : if (!mThreadOperationalDataset.HasValue())
531 : {
532 : mAttemptThreadNetworkScan = MakeOptional(attemptThreadNetworkScan);
533 : }
534 : return *this;
535 : }
536 :
537 : // Only perform the PASE steps of commissioning.
538 : // Commissioning will be completed by another admin on the network.
539 0 : Optional<bool> GetSkipCommissioningComplete() const { return mSkipCommissioningComplete; }
540 : CommissioningParameters & SetSkipCommissioningComplete(bool skipCommissioningComplete)
541 : {
542 : mSkipCommissioningComplete = MakeOptional(skipCommissioningComplete);
543 : return *this;
544 : }
545 :
546 : // Check for matching fabric on target device by reading fabric list and looking for a
547 : // fabricId and RootCert match. If a match is detected, then use GetNodeId() to
548 : // access the nodeId for the device on the matching fabric.
549 0 : bool GetCheckForMatchingFabric() const { return mCheckForMatchingFabric; }
550 : CommissioningParameters & SetCheckForMatchingFabric(bool checkForMatchingFabric)
551 : {
552 : mCheckForMatchingFabric = checkForMatchingFabric;
553 : return *this;
554 : }
555 :
556 0 : ICDRegistrationStrategy GetICDRegistrationStrategy() const { return mICDRegistrationStrategy; }
557 : CommissioningParameters & SetICDRegistrationStrategy(ICDRegistrationStrategy icdRegistrationStrategy)
558 : {
559 : mICDRegistrationStrategy = icdRegistrationStrategy;
560 : return *this;
561 : }
562 :
563 0 : Optional<NodeId> GetICDCheckInNodeId() const { return mICDCheckInNodeId; }
564 0 : CommissioningParameters & SetICDCheckInNodeId(NodeId icdCheckInNodeId)
565 : {
566 0 : mICDCheckInNodeId = MakeOptional(icdCheckInNodeId);
567 0 : return *this;
568 : }
569 :
570 0 : Optional<uint64_t> GetICDMonitoredSubject() const { return mICDMonitoredSubject; }
571 0 : CommissioningParameters & SetICDMonitoredSubject(uint64_t icdMonitoredSubject)
572 : {
573 0 : mICDMonitoredSubject = MakeOptional(icdMonitoredSubject);
574 0 : return *this;
575 : }
576 :
577 0 : Optional<ByteSpan> GetICDSymmetricKey() const { return mICDSymmetricKey; }
578 0 : CommissioningParameters & SetICDSymmetricKey(ByteSpan icdSymmetricKey)
579 : {
580 0 : mICDSymmetricKey = MakeOptional(icdSymmetricKey);
581 0 : return *this;
582 : }
583 :
584 0 : Optional<app::Clusters::IcdManagement::ClientTypeEnum> GetICDClientType() const { return mICDClientType; }
585 0 : CommissioningParameters & SetICDClientType(app::Clusters::IcdManagement::ClientTypeEnum icdClientType)
586 : {
587 0 : mICDClientType = MakeOptional(icdClientType);
588 0 : return *this;
589 : }
590 :
591 0 : Optional<uint32_t> GetICDStayActiveDurationMsec() const { return mICDStayActiveDurationMsec; }
592 : CommissioningParameters & SetICDStayActiveDurationMsec(uint32_t stayActiveDurationMsec)
593 : {
594 : mICDStayActiveDurationMsec = MakeOptional(stayActiveDurationMsec);
595 : return *this;
596 : }
597 0 : void ClearICDStayActiveDurationMsec() { mICDStayActiveDurationMsec.ClearValue(); }
598 :
599 0 : Span<const app::AttributePathParams> GetExtraReadPaths() const { return mExtraReadPaths; }
600 :
601 : // Additional attribute paths to read as part of the kReadCommissioningInfo stage.
602 : // These values read from the device will be available in ReadCommissioningInfo.attributes.
603 : // Clients should avoid requesting paths that are already read internally by the commissioner
604 : // as no consolidation of internally read and extra paths provided here will be performed.
605 0 : CommissioningParameters & SetExtraReadPaths(Span<const app::AttributePathParams> paths)
606 : {
607 0 : mExtraReadPaths = paths;
608 0 : return *this;
609 : }
610 :
611 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
612 : // Execute Joint Commissioning Method
613 : Optional<bool> GetExecuteJCM() const { return mExecuteJCM; }
614 :
615 : CommissioningParameters & SetExecuteJCM(bool executeJCM)
616 : {
617 : mExecuteJCM = MakeOptional(executeJCM);
618 : return *this;
619 : }
620 :
621 : const Optional<ByteSpan> GetJFAdminNOC() const { return mJFAdminNOC; }
622 :
623 : CommissioningParameters & SetJFAdminNOC(const ByteSpan & JFAdminNOC)
624 : {
625 : mJFAdminNOC = MakeOptional(JFAdminNOC);
626 : return *this;
627 : }
628 :
629 : const Optional<ByteSpan> GetJFAdminICAC() const { return mJFAdminICAC; }
630 :
631 : CommissioningParameters & SetJFAdminICAC(const ByteSpan & JFAdminICAC)
632 : {
633 : mJFAdminICAC = MakeOptional(JFAdminICAC);
634 : return *this;
635 : }
636 :
637 : const Optional<ByteSpan> GetJFAdminRCAC() const { return mJFAdminRCAC; }
638 :
639 : CommissioningParameters & SetJFAdminRCAC(const ByteSpan & JFAdminRCAC)
640 : {
641 : mJFAdminRCAC = MakeOptional(JFAdminRCAC);
642 : return *this;
643 : }
644 :
645 : const Optional<EndpointId> GetJFAdminEndpointId() const { return mJFAdminEndpointId; }
646 :
647 : CommissioningParameters & SetJFAdminEndpointId(const EndpointId JFAdminEndpointId)
648 : {
649 : mJFAdminEndpointId = MakeOptional(JFAdminEndpointId);
650 : return *this;
651 : }
652 :
653 : const Optional<FabricIndex> GetJFAdministratorFabricIndex() const { return mJFAdministratorFabricIndex; }
654 :
655 : CommissioningParameters & SetJFAdministratorFabricIndex(const FabricIndex JFAdministratorFabricIndex)
656 : {
657 : mJFAdministratorFabricIndex = MakeOptional(JFAdministratorFabricIndex);
658 : return *this;
659 : }
660 :
661 : const Optional<FabricId> GetJFAdminFabricId() const { return mJFAdminFabricId; }
662 :
663 : CommissioningParameters & SetJFAdminFabricId(const FabricId JFAdminFabricId)
664 : {
665 : mJFAdminFabricId = MakeOptional(JFAdminFabricId);
666 : return *this;
667 : }
668 :
669 : const Optional<VendorId> GetJFAdminVendorId() const { return mJFAdminVendorId; }
670 :
671 : CommissioningParameters & SetJFAdminVendorId(const VendorId JFAdminVendorId)
672 : {
673 : mJFAdminVendorId = MakeOptional(JFAdminVendorId);
674 : return *this;
675 : }
676 :
677 : #endif // CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
678 :
679 : // Clear all members that depend on some sort of external buffer. Can be
680 : // used to make sure that we are not holding any dangling pointers.
681 19 : void ClearExternalBufferDependentValues()
682 : {
683 19 : mCSRNonce.ClearValue();
684 19 : mAttestationNonce.ClearValue();
685 19 : mWiFiCreds.ClearValue();
686 19 : mCountryCode.ClearValue();
687 19 : mThreadOperationalDataset.ClearValue();
688 19 : mNOCChainGenerationParameters.ClearValue();
689 19 : mRootCert.ClearValue();
690 19 : mNoc.ClearValue();
691 19 : mIcac.ClearValue();
692 19 : mIpk.ClearValue();
693 19 : mAttestationElements.ClearValue();
694 19 : mAttestationSignature.ClearValue();
695 19 : mPAI.ClearValue();
696 19 : mDAC.ClearValue();
697 19 : mTimeZone.ClearValue();
698 19 : mDSTOffsets.ClearValue();
699 19 : mDefaultNTP.ClearValue();
700 19 : mICDSymmetricKey.ClearValue();
701 19 : mExtraReadPaths = decltype(mExtraReadPaths)();
702 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
703 : mJFAdminNOC.ClearValue();
704 : mJFAdminICAC.ClearValue();
705 : mJFAdminRCAC.ClearValue();
706 : #endif // CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
707 19 : }
708 :
709 : private:
710 : // Items that can be set by the commissioner
711 : Optional<uint16_t> mFailsafeTimerSeconds;
712 : Optional<uint16_t> mCASEFailsafeTimerSeconds;
713 : Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> mDeviceRegulatoryLocation;
714 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type>> mTimeZone;
715 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type>> mDSTOffsets;
716 : Optional<app::DataModel::Nullable<CharSpan>> mDefaultNTP;
717 : Optional<app::DataModel::Nullable<app::Clusters::TimeSynchronization::Structs::FabricScopedTrustedTimeSourceStruct::Type>>
718 : mTrustedTimeSource;
719 : Optional<ByteSpan> mCSRNonce;
720 : Optional<ByteSpan> mAttestationNonce;
721 : Optional<WiFiCredentials> mWiFiCreds;
722 : Optional<CharSpan> mCountryCode;
723 : Optional<TermsAndConditionsAcknowledgement> mTermsAndConditionsAcknowledgement;
724 : Optional<ByteSpan> mThreadOperationalDataset;
725 : Optional<NOCChainGenerationParameters> mNOCChainGenerationParameters;
726 : Optional<ByteSpan> mRootCert;
727 : Optional<ByteSpan> mNoc;
728 : Optional<ByteSpan> mIcac;
729 : Optional<Crypto::IdentityProtectionKey> mIpk;
730 : Optional<NodeId> mAdminSubject;
731 : // Items that come from the device in commissioning steps
732 : Optional<ByteSpan> mAttestationElements;
733 : Optional<ByteSpan> mAttestationSignature;
734 : Optional<ByteSpan> mPAI;
735 : Optional<ByteSpan> mDAC;
736 : Optional<NodeId> mRemoteNodeId;
737 : Optional<VendorId> mRemoteVendorId;
738 : Optional<uint16_t> mRemoteProductId;
739 : Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> mDefaultRegulatoryLocation;
740 : Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> mLocationCapability;
741 : Optional<bool> mSupportsConcurrentConnection;
742 : CompletionStatus completionStatus;
743 : Credentials::DeviceAttestationDelegate * mDeviceAttestationDelegate =
744 : nullptr; // Delegate to handle device attestation failures during commissioning
745 : Optional<bool> mAttemptWiFiNetworkScan;
746 : Optional<bool> mAttemptThreadNetworkScan; // This automatically gets set to false when a ThreadOperationalDataset is set
747 : Optional<bool> mSkipCommissioningComplete;
748 :
749 : Optional<NodeId> mICDCheckInNodeId;
750 : Optional<uint64_t> mICDMonitoredSubject;
751 : Optional<ByteSpan> mICDSymmetricKey;
752 : Optional<app::Clusters::IcdManagement::ClientTypeEnum> mICDClientType;
753 : Optional<uint32_t> mICDStayActiveDurationMsec;
754 : ICDRegistrationStrategy mICDRegistrationStrategy = ICDRegistrationStrategy::kIgnore;
755 : bool mCheckForMatchingFabric = false;
756 : Span<const app::AttributePathParams> mExtraReadPaths;
757 :
758 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
759 : Optional<bool> mExecuteJCM;
760 :
761 : Optional<EndpointId> mJFAdminEndpointId;
762 : Optional<FabricIndex> mJFAdministratorFabricIndex;
763 :
764 : Optional<FabricId> mJFAdminFabricId;
765 : Optional<VendorId> mJFAdminVendorId;
766 :
767 : Optional<ByteSpan> mJFAdminNOC;
768 : Optional<ByteSpan> mJFAdminICAC;
769 : Optional<ByteSpan> mJFAdminRCAC;
770 : #endif // CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
771 : };
772 :
773 : struct RequestedCertificate
774 : {
775 0 : RequestedCertificate(ByteSpan newCertificate) : certificate(newCertificate) {}
776 : ByteSpan certificate;
777 : };
778 :
779 : struct AttestationResponse
780 : {
781 0 : AttestationResponse(ByteSpan newAttestationElements, ByteSpan newSignature) :
782 0 : attestationElements(newAttestationElements), signature(newSignature)
783 0 : {}
784 : ByteSpan attestationElements;
785 : ByteSpan signature;
786 : };
787 :
788 : struct CSRResponse
789 : {
790 0 : CSRResponse(ByteSpan elements, ByteSpan newSignature) : nocsrElements(elements), signature(newSignature) {}
791 : ByteSpan nocsrElements;
792 : ByteSpan signature;
793 : };
794 :
795 : struct NocChain
796 : {
797 0 : NocChain(ByteSpan newNoc, ByteSpan newIcac, ByteSpan newRcac, Crypto::IdentityProtectionKeySpan newIpk,
798 0 : NodeId newAdminSubject) :
799 0 : noc(newNoc),
800 0 : icac(newIcac), rcac(newRcac), ipk(newIpk), adminSubject(newAdminSubject)
801 0 : {}
802 : ByteSpan noc;
803 : ByteSpan icac;
804 : ByteSpan rcac;
805 : Crypto::IdentityProtectionKeySpan ipk;
806 : NodeId adminSubject;
807 : };
808 :
809 : struct OperationalNodeFoundData
810 : {
811 0 : OperationalNodeFoundData(OperationalDeviceProxy proxy) : operationalProxy(proxy) {}
812 : OperationalDeviceProxy operationalProxy;
813 : };
814 :
815 : struct NetworkClusterInfo
816 : {
817 : EndpointId endpoint = kInvalidEndpointId;
818 : app::Clusters::NetworkCommissioning::Attributes::ConnectMaxTimeSeconds::TypeInfo::DecodableType minConnectionTime = 0;
819 : };
820 : struct NetworkClusters
821 : {
822 : NetworkClusterInfo wifi;
823 : NetworkClusterInfo thread;
824 : NetworkClusterInfo eth;
825 : };
826 : struct BasicClusterInfo
827 : {
828 : VendorId vendorId = VendorId::Common;
829 : uint16_t productId = 0;
830 : };
831 : struct GeneralCommissioningInfo
832 : {
833 : uint64_t breadcrumb = 0;
834 : uint16_t recommendedFailsafe = 0;
835 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum currentRegulatoryLocation =
836 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum::kIndoorOutdoor;
837 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum locationCapability =
838 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum::kIndoorOutdoor;
839 : ;
840 : };
841 :
842 : // ICDManagementClusterInfo is populated when the controller reads information from
843 : // the ICD Management cluster, and is used to communicate that information.
844 : struct ICDManagementClusterInfo
845 : {
846 : // Whether the ICD is capable of functioning as a LIT device. If false, the ICD can only be a SIT device.
847 : bool isLIT = false;
848 : // Whether the ICD supports the check-in protocol. LIT devices have to support it, but SIT devices
849 : // might or might not.
850 : bool checkInProtocolSupport = false;
851 : // Indicate the maximum interval in seconds the server can stay in idle mode.
852 : uint32_t idleModeDuration = 0;
853 : // Indicate the minimum interval in milliseconds the server typically will stay in active mode after initial transition out of
854 : // idle mode.
855 : uint32_t activeModeDuration = 0;
856 : // Indicate the minimum amount of time in milliseconds the server typically will stay active after network activity when in
857 : // active mode.
858 : uint16_t activeModeThreshold = 0;
859 : // userActiveModeTriggerHint indicates which user action(s) will trigger the ICD to switch to Active mode.
860 : // For a LIT: The device is required to provide a value for the bitmap.
861 : // For a SIT: The device may not provide a value. In that case, none of the bits will be set.
862 : //
863 : // userActiveModeTriggerInstruction may provide additional information for users for some specific
864 : // userActiveModeTriggerHint values.
865 : BitMask<app::Clusters::IcdManagement::UserActiveModeTriggerBitmap> userActiveModeTriggerHint;
866 : CharSpan userActiveModeTriggerInstruction;
867 : };
868 :
869 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
870 : struct JFFabricTableInfo
871 : {
872 : VendorId vendorId = VendorId::Common;
873 : FabricId fabricId = kUndefinedFabricId;
874 : };
875 :
876 : #endif // CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
877 :
878 : struct ReadCommissioningInfo
879 : {
880 : #if CHIP_CONFIG_ENABLE_READ_CLIENT
881 : app::ClusterStateCache const * attributes = nullptr;
882 : #endif
883 : NetworkClusters network;
884 : BasicClusterInfo basic;
885 : GeneralCommissioningInfo general;
886 : bool requiresUTC = false;
887 : bool requiresTimeZone = false;
888 : bool requiresDefaultNTP = false;
889 : bool requiresTrustedTimeSource = false;
890 : uint8_t maxTimeZoneSize = 1;
891 : uint8_t maxDSTSize = 1;
892 : NodeId remoteNodeId = kUndefinedNodeId;
893 : bool supportsConcurrentConnection = true;
894 : ICDManagementClusterInfo icd;
895 :
896 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
897 : EndpointId JFAdminEndpointId = kInvalidEndpointId;
898 : FabricIndex JFAdministratorFabricIndex = kUndefinedFabricIndex;
899 :
900 : JFFabricTableInfo JFAdminFabricTable;
901 :
902 : ByteSpan JFAdminNOC;
903 : ByteSpan JFAdminICAC;
904 : ByteSpan JFAdminRCAC;
905 : #endif // CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
906 : };
907 :
908 : struct TimeZoneResponseInfo
909 : {
910 : bool requiresDSTOffsets;
911 : };
912 :
913 : struct AttestationErrorInfo
914 : {
915 0 : AttestationErrorInfo(Credentials::AttestationVerificationResult result) : attestationResult(result) {}
916 : Credentials::AttestationVerificationResult attestationResult;
917 : };
918 :
919 : struct CommissioningErrorInfo
920 : {
921 0 : CommissioningErrorInfo(app::Clusters::GeneralCommissioning::CommissioningErrorEnum result) : commissioningError(result) {}
922 : app::Clusters::GeneralCommissioning::CommissioningErrorEnum commissioningError;
923 : };
924 :
925 : struct NetworkCommissioningStatusInfo
926 : {
927 0 : NetworkCommissioningStatusInfo(app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum result) :
928 0 : networkCommissioningStatus(result)
929 0 : {}
930 : app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum networkCommissioningStatus;
931 : };
932 :
933 : class CommissioningDelegate
934 : {
935 : public:
936 10 : virtual ~CommissioningDelegate(){};
937 : /* CommissioningReport is returned after each commissioning step is completed. The reports for each step are:
938 : * kReadCommissioningInfo: ReadCommissioningInfo
939 : * kArmFailsafe: CommissioningErrorInfo if there is an error
940 : * kConfigRegulatory: CommissioningErrorInfo if there is an error
941 : * kConfigureUTCTime: None
942 : * kConfigureTimeZone: TimeZoneResponseInfo
943 : * kConfigureDSTOffset: None
944 : * kConfigureDefaultNTP: None
945 : * kSendPAICertificateRequest: RequestedCertificate
946 : * kSendDACCertificateRequest: RequestedCertificate
947 : * kSendAttestationRequest: AttestationResponse
948 : * kAttestationVerification: AttestationErrorInfo if there is an error
949 : * kAttestationRevocationCheck: AttestationErrorInfo if there is an error
950 : * kSendOpCertSigningRequest: CSRResponse
951 : * kGenerateNOCChain: NocChain
952 : * kSendTrustedRootCert: None
953 : * kSendNOC: None
954 : * kConfigureTrustedTimeSource: None
955 : * kWiFiNetworkSetup: NetworkCommissioningStatusInfo if there is an error
956 : * kThreadNetworkSetup: NetworkCommissioningStatusInfo if there is an error
957 : * kWiFiNetworkEnable: NetworkCommissioningStatusInfo if there is an error
958 : * kThreadNetworkEnable: NetworkCommissioningStatusInfo if there is an error
959 : * kEvictPreviousCaseSessions: None
960 : * kFindOperationalForStayActive OperationalNodeFoundData
961 : * kFindOperationalForCommissioningComplete: OperationalNodeFoundData
962 : * kICDSendStayActive: CommissioningErrorInfo if there is an error
963 : * kSendComplete: CommissioningErrorInfo if there is an error
964 : * kCleanup: None
965 : */
966 : struct CommissioningReport
967 : : Variant<RequestedCertificate, AttestationResponse, CSRResponse, NocChain, OperationalNodeFoundData, ReadCommissioningInfo,
968 : AttestationErrorInfo, CommissioningErrorInfo, NetworkCommissioningStatusInfo, TimeZoneResponseInfo>
969 : {
970 0 : CommissioningReport() : stageCompleted(CommissioningStage::kError) {}
971 : CommissioningStage stageCompleted;
972 : };
973 : virtual CHIP_ERROR SetCommissioningParameters(const CommissioningParameters & params) = 0;
974 : virtual const CommissioningParameters & GetCommissioningParameters() const = 0;
975 : virtual void SetOperationalCredentialsDelegate(OperationalCredentialsDelegate * operationalCredentialsDelegate) = 0;
976 : virtual CHIP_ERROR StartCommissioning(DeviceCommissioner * commissioner, CommissioneeDeviceProxy * proxy) = 0;
977 : virtual CHIP_ERROR CommissioningStepFinished(CHIP_ERROR err, CommissioningReport report) = 0;
978 : };
979 :
980 : } // namespace Controller
981 : } // namespace chip
|
