Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2021-2024 Project CHIP Authors
4 : * All rights reserved.
5 : *
6 : * Licensed under the Apache License, Version 2.0 (the "License");
7 : * you may not use this file except in compliance with the License.
8 : * You may obtain a copy of the License at
9 : *
10 : * http://www.apache.org/licenses/LICENSE-2.0
11 : *
12 : * Unless required by applicable law or agreed to in writing, software
13 : * distributed under the License is distributed on an "AS IS" BASIS,
14 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 : * See the License for the specific language governing permissions and
16 : * limitations under the License.
17 : */
18 :
19 : #pragma once
20 : #include <app-common/zap-generated/cluster-objects.h>
21 : #include <app/AttributePathParams.h>
22 : #include <app/ClusterStateCache.h>
23 : #include <app/OperationalSessionSetup.h>
24 : #include <controller/CommissioneeDeviceProxy.h>
25 : #include <credentials/attestation_verifier/DeviceAttestationDelegate.h>
26 : #include <credentials/attestation_verifier/DeviceAttestationVerifier.h>
27 : #include <credentials/jcm/TrustVerification.h>
28 : #include <crypto/CHIPCryptoPAL.h>
29 : #include <lib/support/CharSpanToStdString.h>
30 : #include <lib/support/Span.h>
31 : #include <lib/support/Variant.h>
32 : #include <matter/tracing/build_config.h>
33 : #include <system/SystemClock.h>
34 :
35 : #include <string>
36 :
37 : namespace chip {
38 : namespace Controller {
39 :
40 : class DeviceCommissioner;
41 :
42 : enum CommissioningStage : uint8_t
43 : {
44 : kError,
45 : kSecurePairing, ///< Establish a PASE session with the device
46 : kReadCommissioningInfo, ///< Query Attributes relevant to commissioning (can perform multiple read interactions)
47 : kArmFailsafe, ///< Send ArmFailSafe (0x30:0) command to the device
48 : kConfigRegulatory, ///< Send SetRegulatoryConfig (0x30:2) command to the device
49 : kConfigureUTCTime, ///< SetUTCTime if the DUT has a time cluster
50 : kConfigureTimeZone, ///< Configure a time zone if one is required and available
51 : kConfigureDSTOffset, ///< Configure DST offset if one is required and available
52 : kConfigureDefaultNTP, ///< Configure a default NTP server if one is required and available
53 : kSendPAICertificateRequest, ///< Send PAI CertificateChainRequest (0x3E:2) command to the device
54 : kSendDACCertificateRequest, ///< Send DAC CertificateChainRequest (0x3E:2) command to the device
55 : kSendAttestationRequest, ///< Send AttestationRequest (0x3E:0) command to the device
56 : kAttestationVerification, ///< Verify AttestationResponse (0x3E:1) validity
57 : kAttestationRevocationCheck, ///< Verify Revocation Status of device's DAC chain
58 : kJCMTrustVerification, ///< Perform JCM trust verification steps
59 : kSendOpCertSigningRequest, ///< Send CSRRequest (0x3E:4) command to the device
60 : kValidateCSR, ///< Verify CSRResponse (0x3E:5) validity
61 : kGenerateNOCChain, ///< TLV encode Node Operational Credentials (NOC) chain certs
62 : kSendTrustedRootCert, ///< Send AddTrustedRootCertificate (0x3E:11) command to the device
63 : kSendNOC, ///< Send AddNOC (0x3E:6) command to the device
64 : kConfigureTrustedTimeSource, ///< Configure a trusted time source if one is required and available (must be done after SendNOC)
65 : kICDGetRegistrationInfo, ///< Waiting for the higher layer to provide ICD registration informations.
66 : kICDRegistration, ///< Register for ICD management
67 :
68 : // NOTE: If any new steps are added between kWiFiNetworkSetup and kICDSendStayActive, double-check
69 : // whether the logic in AutoCommissioner::CommissioningStepFinished that checks for "network
70 : // failure" conditions still makes sense.
71 : kWiFiNetworkSetup, ///< Send AddOrUpdateWiFiNetwork (0x31:2) command to the device
72 : kThreadNetworkSetup, ///< Send AddOrUpdateThreadNetwork (0x31:3) command to the device
73 : kFailsafeBeforeWiFiEnable, ///< Extend the fail-safe before doing kWiFiNetworkEnable
74 : kFailsafeBeforeThreadEnable, ///< Extend the fail-safe before doing kThreadNetworkEnable
75 : kWiFiNetworkEnable, ///< Send ConnectNetwork (0x31:6) command to the device for the WiFi network
76 : kThreadNetworkEnable, ///< Send ConnectNetwork (0x31:6) command to the device for the Thread network
77 : kEvictPreviousCaseSessions, ///< Evict previous stale case sessions from a commissioned device with this node ID before
78 : kFindOperationalForStayActive, ///< Perform operational discovery and establish a CASE session with the device for ICD
79 : ///< StayActive command
80 : kFindOperationalForCommissioningComplete, ///< Perform operational discovery and establish a CASE session with the device for
81 : ///< Commissioning Complete command
82 : kSendComplete, ///< Send CommissioningComplete (0x30:4) command to the device
83 : kICDSendStayActive, ///< Send Keep Alive to ICD
84 : // NOTE: If any new steps are added between kWiFiNetworkSetup and kICDSendStayActive, double-check
85 : // whether the logic in AutoCommissioner::CommissioningStepFinished that checks for "network
86 : // failure" conditions still makes sense.
87 :
88 : /// Send ScanNetworks (0x31:0) command to the device.
89 : /// ScanNetworks can happen anytime after kArmFailsafe.
90 : kScanNetworks,
91 : /// Waiting for the higher layer to provide network credentials before continuing the workflow.
92 : /// Call CHIPDeviceController::NetworkCredentialsReady() when CommissioningParameters is populated with
93 : /// network credentials to use in kWiFiNetworkSetup or kThreadNetworkSetup steps.
94 : kNeedsNetworkCreds,
95 : kPrimaryOperationalNetworkFailed, ///< Indicate that the primary operational network (on root endpoint) failed, should remove
96 : ///< the primary network config later.
97 : kRemoveWiFiNetworkConfig, ///< Remove Wi-Fi network config.
98 : kRemoveThreadNetworkConfig, ///< Remove Thread network config.
99 : kConfigureTCAcknowledgments, ///< Send SetTCAcknowledgements (0x30:6) command to the device
100 : kRequestWiFiCredentials, ///< Wi-Fi credentials are needed; ask for those.
101 : kRequestThreadCredentials, ///< Thread credentials are needed; ask for those.
102 : kCleanup, ///< Call delegates with status, free memory, clear timers and state.
103 : #if CHIP_DEVICE_CONFIG_ENABLE_NFC_BASED_COMMISSIONING
104 : kUnpoweredPhaseComplete, ///< Commissioning completed until connect network for unpowered commissioning (NFC)
105 : #endif
106 : };
107 :
108 : enum class ICDRegistrationStrategy : uint8_t
109 : {
110 : kIgnore, ///< Do not check whether the device is an ICD during commissioning
111 : kBeforeComplete, ///< Do commissioner self-registration or external controller registration,
112 : ///< Controller should provide a ICDKey manager for generating symmetric key
113 : };
114 :
115 : const char * StageToString(CommissioningStage stage);
116 :
117 : #if MATTER_TRACING_ENABLED
118 : const char * MetricKeyForCommissioningStage(CommissioningStage stage);
119 : #endif
120 :
121 : struct WiFiCredentials
122 : {
123 : ByteSpan ssid;
124 : ByteSpan credentials;
125 13 : WiFiCredentials(ByteSpan newSsid, ByteSpan newCreds) : ssid(newSsid), credentials(newCreds) {}
126 : };
127 :
128 : struct TermsAndConditionsAcknowledgement
129 : {
130 : uint16_t acceptedTermsAndConditions;
131 : uint16_t acceptedTermsAndConditionsVersion;
132 : };
133 :
134 : struct NOCChainGenerationParameters
135 : {
136 : ByteSpan nocsrElements;
137 : ByteSpan signature;
138 : };
139 :
140 : struct CompletionStatus
141 : {
142 147 : CompletionStatus() : err(CHIP_NO_ERROR), failedStage(NullOptional), attestationResult(NullOptional) {}
143 :
144 : CHIP_ERROR err;
145 : Optional<CommissioningStage> failedStage;
146 : Optional<Credentials::AttestationVerificationResult> attestationResult;
147 : Optional<app::Clusters::GeneralCommissioning::CommissioningErrorEnum> commissioningError;
148 : Optional<app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum> networkCommissioningStatus;
149 : /// Optional device-reported low-level error from ConnectNetworkResponse.errorValue (e.g.
150 : /// driver-specific TX-power-limited / interference / association-failure code), distinct
151 : /// from the spec-level NetworkCommissioningStatusEnum already captured above.
152 : Optional<int32_t> connectNetworkErrorValue;
153 : /// Optional NodeOperationalCertStatusEnum from the device's NOCResponse during the
154 : /// AddNOC / UpdateNOC / RemoveFabric flows. Lets callers distinguish kInvalidPublicKey
155 : /// from kInvalidNodeOpId from kFabricConflict from kLabelConflict, etc., without losing
156 : /// fidelity to a generic CHIP_ERROR.
157 : Optional<app::Clusters::OperationalCredentials::NodeOperationalCertStatusEnum> operationalCertStatus;
158 :
159 : /// Owned copy of the device-supplied GeneralCommissioning debugText from
160 : /// ArmFailSafeResponse / SetRegulatoryConfigResponse / CommissioningCompleteResponse.
161 : /// Empty if no debug text was provided.
162 : std::string commissioningDebugText;
163 :
164 : /// Owned copy of the device-supplied NetworkCommissioning debugText from
165 : /// NetworkConfigResponse / ConnectNetworkResponse. Empty if no debug text was provided.
166 : std::string networkCommissioningDebugText;
167 : };
168 :
169 : inline constexpr uint16_t kDefaultFailsafeTimeout = 60;
170 :
171 : // Per spec, all commands that are sent with the failsafe armed need at least
172 : // a 30s timeout.
173 : inline constexpr System::Clock::Timeout kMinimumCommissioningStepTimeout = System::Clock::Seconds16(30);
174 :
175 : class CommissioningParameters
176 : {
177 : public:
178 : static constexpr size_t kMaxThreadDatasetLen = 254;
179 : static constexpr size_t kMaxSsidLen = 32;
180 : static constexpr size_t kMaxCredentialsLen = 64;
181 : static constexpr size_t kMaxCountryCodeLen = 2;
182 :
183 : // Value to use when setting the commissioning failsafe timer on the node being commissioned.
184 : // If the failsafe timer value is passed in as part of the commissioning parameters, that value will be used. If not supplied,
185 : // the AutoCommissioner will set this to the recommended value read from the node. If that is not set, it will fall back to the
186 : // default kDefaultFailsafeTimeout.
187 : // This value should be set before running PerformCommissioningStep for the kArmFailsafe step.
188 2 : const Optional<uint16_t> GetFailsafeTimerSeconds() const { return mFailsafeTimerSeconds; }
189 :
190 : // Value to use when re-setting the commissioning failsafe timer immediately prior to operational discovery.
191 : // If a CASE failsafe timer value is passed in as part of the commissioning parameters, then the failsafe timer
192 : // will be reset using this value before operational discovery begins. If not supplied, then the AutoCommissioner
193 : // will not automatically reset the failsafe timer before operational discovery begins. It can be useful for the
194 : // commissioner to set the CASE failsafe timer to a small value (ex. 30s) when the regular failsafe timer is set
195 : // to a larger value to accommodate user interaction during setup (network credential selection, user consent
196 : // after device attestation).
197 3 : const Optional<uint16_t> GetCASEFailsafeTimerSeconds() const { return mCASEFailsafeTimerSeconds; }
198 :
199 : // The location (indoor/outdoor) of the node being commissioned.
200 : // The node regulartory location (indoor/outdoor) should be set by the commissioner explicitly as it may be different than the
201 : // location of the commissioner. This location will be set on the node if the node supports configurable regulatory location
202 : // (from GetLocationCapability - see below). If the regulatory location is not supplied, this will fall back to the location in
203 : // GetDefaultRegulatoryLocation and then to Outdoor (most restrictive).
204 : // This value should be set before calling PerformCommissioningStep for the kConfigRegulatory step.
205 1 : const Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> GetDeviceRegulatoryLocation() const
206 : {
207 1 : return mDeviceRegulatoryLocation;
208 : }
209 :
210 : // Value to determine whether the node supports Concurrent Connections as read from the GeneralCommissioning cluster.
211 : // In the AutoCommissioner, this is automatically set from from the kReadCommissioningInfo stage.
212 8 : Optional<bool> GetSupportsConcurrentConnection() const { return mSupportsConcurrentConnection; }
213 :
214 : // The country code to be used for the node, if set.
215 71 : Optional<CharSpan> GetCountryCode() const { return mCountryCode; }
216 :
217 2 : Optional<TermsAndConditionsAcknowledgement> GetTermsAndConditionsAcknowledgement() const
218 : {
219 2 : return mTermsAndConditionsAcknowledgement;
220 : }
221 :
222 : // Time zone to set for the node
223 : // If required, this will be truncated to fit the max size allowable on the node
224 78 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type>> GetTimeZone() const
225 : {
226 78 : return mTimeZone;
227 : }
228 :
229 : // DST offset list. If required, this will be truncated to fit the max size allowable on the node
230 : // DST list will only be sent if the commissionee requires DST offsets, as indicated in the SetTimeZone response
231 74 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type>> GetDSTOffsets() const
232 : {
233 74 : return mDSTOffsets;
234 : }
235 :
236 : // Default NTP to set on the node if supported and required
237 : // Default implementation will not overide a value already set on the commissionee
238 : // TODO: Add a force option?
239 77 : Optional<app::DataModel::Nullable<CharSpan>> GetDefaultNTP() const { return mDefaultNTP; }
240 :
241 : // Trusted time source
242 : // Default implementation will not override a value already set on the commissionee
243 : // TODO: Add a force option?
244 : Optional<app::DataModel::Nullable<app::Clusters::TimeSynchronization::Structs::FabricScopedTrustedTimeSourceStruct::Type>>
245 2 : GetTrustedTimeSource() const
246 : {
247 2 : return mTrustedTimeSource;
248 : }
249 :
250 : // Nonce sent to the node to use during the CSR request.
251 : // When using the AutoCommissioner, this value will be ignored in favour of the value supplied by the
252 : // OperationalCredentialsDelegate ObtainCsrNonce function. If the credential delegate is not supplied, the value supplied here
253 : // will be used. If neither is supplied random value will be used as a fallback.
254 : // This value must be set before calling PerformCommissioningStep for the kSendOpCertSigningRequest step.
255 68 : const Optional<ByteSpan> GetCSRNonce() const { return mCSRNonce; }
256 :
257 : // Nonce value sent to the node to use during the attestation request.
258 : // When using the AutoCommissioner, this value will fall back to random if not supplied.
259 : // If a non-random value is to be used, the value must be set before calling PerformCommissioningStep for the
260 : // kSendAttestationRequest step.
261 69 : const Optional<ByteSpan> GetAttestationNonce() const { return mAttestationNonce; }
262 :
263 : // WiFi SSID and credentials to use when adding/updating and enabling WiFi on the node.
264 : // This value must be set before calling PerformCommissioningStep for the kWiFiNetworkSetup or kWiFiNetworkEnable steps.
265 79 : const Optional<WiFiCredentials> GetWiFiCredentials() const { return mWiFiCreds; }
266 :
267 : // Thread operational dataset to use when adding/updating and enabling the thread network on the node.
268 : // This value must be set before calling PerformCommissioningStep for the kThreadNetworkSetup or kThreadNetworkEnable steps.
269 80 : const Optional<ByteSpan> GetThreadOperationalDataset() const { return mThreadOperationalDataset; }
270 :
271 : // The NOCSR parameters (elements and signature) returned from the node. In the AutoCommissioner, this is set using the data
272 : // returned from the kSendOpCertSigningRequest stage.
273 : // This value must be set before calling PerformCommissioningStep for the kGenerateNOCChain step.
274 2 : const Optional<NOCChainGenerationParameters> GetNOCChainGenerationParameters() const { return mNOCChainGenerationParameters; }
275 :
276 : // The root certificate for the operational certificate chain. In the auto commissioner, this is set by by the kGenerateNOCChain
277 : // stage through the OperationalCredentialsDelegate.
278 : // This value must be set before calling PerformCommissioningStep for the kSendTrustedRootCert step.
279 2 : const Optional<ByteSpan> GetRootCert() const { return mRootCert; }
280 :
281 : // The node operational certificate for the node being commissioned. In the AutoCommissioner, this is set by by the
282 : // kGenerateNOCChain stage through the OperationalCredentialsDelegate.
283 : // This value must be set before calling PerformCommissioningStep for the kSendNOC step.
284 : // This value must also be set before calling PerformCommissioningStep for the kSendTrustedRootCert step, as it is used to set
285 : // the node id in the DeviceProxy.
286 2 : const Optional<ByteSpan> GetNoc() const { return mNoc; }
287 :
288 : // The intermediate certificate for the node being commissioned. In the AutoCommissioner, this is set by by the
289 : // kGenerateNOCChain stage through the OperationalCredentialsDelegate.
290 : // This value should be set before calling PerformCommissioningStep for the kSendNOC step.
291 2 : const Optional<ByteSpan> GetIcac() const { return mIcac; }
292 :
293 : // Epoch key for the identity protection key for the node being commissioned. In the AutoCommissioner, this is set by by the
294 : // kGenerateNOCChain stage through the OperationalCredentialsDelegate.
295 : // This value must be set before calling PerformCommissioningStep for the kSendNOC step.
296 2 : const Optional<Crypto::IdentityProtectionKeySpan> GetIpk() const
297 : {
298 4 : return mIpk.HasValue() ? MakeOptional(mIpk.Value().Span()) : NullOptional;
299 : }
300 :
301 : // Admin subject id used for the case access control entry created if the AddNOC command succeeds. In the AutoCommissioner, this
302 : // is set by by the kGenerateNOCChain stage through the OperationalCredentialsDelegate.
303 : // This must be set before calling PerformCommissioningStep for the kSendNOC step.
304 1 : const Optional<NodeId> GetAdminSubject() const { return mAdminSubject; }
305 :
306 : // Attestation elements from the node. These are obtained from node in response to the AttestationRequest command. In the
307 : // AutoCommissioner, this is automatically set from the report from the kSendAttestationRequest stage.
308 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
309 3 : const Optional<ByteSpan> GetAttestationElements() const { return mAttestationElements; }
310 :
311 : // Attestation signature from the node. This is obtained from node in response to the AttestationRequest command. In the
312 : // AutoCommissioner, this is automatically set from the report from the kSendAttestationRequest stage.
313 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
314 3 : const Optional<ByteSpan> GetAttestationSignature() const { return mAttestationSignature; }
315 :
316 : // Product attestation intermediate certificate from the node. This is obtained from the node in response to the
317 : // CertificateChainRequest command for the PAI. In the AutoCommissioner, this is automatically set from the report from the
318 : // kSendPAICertificateRequest stage.
319 : // This must be set before calling PerformCommissioningStep for the kAttestationVerificationstep.
320 3 : const Optional<ByteSpan> GetPAI() const { return mPAI; }
321 :
322 : // Device attestation certificate from the node. This is obtained from the node in response to the CertificateChainRequest
323 : // command for the DAC. In the AutoCommissioner, this is automatically set from the report from the kSendDACCertificateRequest
324 : // stage.
325 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
326 3 : const Optional<ByteSpan> GetDAC() const { return mDAC; }
327 :
328 : // Node ID when a matching fabric is found in the Node Operational Credentials cluster.
329 : // In the AutoCommissioner, this is set from kReadCommissioningInfo stage.
330 2 : const Optional<NodeId> GetRemoteNodeId() const { return mRemoteNodeId; }
331 :
332 : // Node vendor ID from the basic information cluster. In the AutoCommissioner, this is automatically set from report from the
333 : // kReadCommissioningInfo stage.
334 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
335 1 : const Optional<VendorId> GetRemoteVendorId() const { return mRemoteVendorId; }
336 :
337 : // Node product ID from the basic information cluster. In the AutoCommissioner, this is automatically set from report from the
338 : // kReadCommissioningInfo stage.
339 : // This must be set before calling PerformCommissioningStep for the kAttestationVerification step.
340 1 : const Optional<uint16_t> GetRemoteProductId() const { return mRemoteProductId; }
341 :
342 : // Default regulatory location set by the node, as read from the GeneralCommissioning cluster. In the AutoCommissioner, this is
343 : // automatically set from report from the kReadCommissioningInfo stage.
344 : // This should be set before calling PerformCommissioningStep for the kConfigRegulatory step.
345 1 : const Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> GetDefaultRegulatoryLocation() const
346 : {
347 1 : return mDefaultRegulatoryLocation;
348 : }
349 :
350 : // Location capabilities of the node, as read from the GeneralCommissioning cluster. In the AutoCommissioner, this is
351 : // automatically set from report from the kReadCommissioningInfo stage.
352 : // This should be set before calling PerformCommissioningStep for the kConfigRegulatory step.
353 1 : const Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> GetLocationCapability() const
354 : {
355 1 : return mLocationCapability;
356 : }
357 :
358 : // Status to send when calling CommissioningComplete on the PairingDelegate during the kCleanup step. The AutoCommissioner uses
359 : // this to pass through any error messages received during commissioning.
360 2 : const CompletionStatus & GetCompletionStatus() const { return completionStatus; }
361 :
362 1 : CommissioningParameters & SetFailsafeTimerSeconds(uint16_t seconds)
363 : {
364 1 : mFailsafeTimerSeconds.SetValue(seconds);
365 1 : return *this;
366 : }
367 :
368 1 : CommissioningParameters & SetCASEFailsafeTimerSeconds(uint16_t seconds)
369 : {
370 1 : mCASEFailsafeTimerSeconds.SetValue(seconds);
371 1 : return *this;
372 : }
373 :
374 1 : CommissioningParameters & SetDeviceRegulatoryLocation(app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum location)
375 : {
376 1 : mDeviceRegulatoryLocation.SetValue(location);
377 1 : return *this;
378 : }
379 :
380 7 : CommissioningParameters & SetSupportsConcurrentConnection(bool concurrentConnection)
381 : {
382 7 : mSupportsConcurrentConnection.SetValue(concurrentConnection);
383 7 : return *this;
384 : }
385 :
386 : // The lifetime of the buffer countryCode is pointing to should exceed the
387 : // lifetime of CommissioningParameters object.
388 2 : CommissioningParameters & SetCountryCode(CharSpan countryCode)
389 : {
390 2 : mCountryCode.SetValue(countryCode);
391 2 : return *this;
392 : }
393 :
394 : CommissioningParameters &
395 1 : SetTermsAndConditionsAcknowledgement(TermsAndConditionsAcknowledgement termsAndConditionsAcknowledgement)
396 : {
397 1 : mTermsAndConditionsAcknowledgement.SetValue(termsAndConditionsAcknowledgement);
398 1 : return *this;
399 : }
400 :
401 : // The lifetime of the list buffer needs to exceed the lifetime of the CommissioningParameters object.
402 : CommissioningParameters &
403 3 : SetTimeZone(app::DataModel::List<app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type> timeZone)
404 : {
405 3 : mTimeZone.SetValue(timeZone);
406 3 : return *this;
407 : }
408 :
409 : // The lifetime of the list buffer needs to exceed the lifetime of the CommissioningParameters object.
410 : CommissioningParameters &
411 3 : SetDSTOffsets(app::DataModel::List<app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type> dstOffsets)
412 : {
413 3 : mDSTOffsets.SetValue(dstOffsets);
414 3 : return *this;
415 : }
416 :
417 : // The lifetime of the char span needs to exceed the lifetime of the CommissioningParameters
418 4 : CommissioningParameters & SetDefaultNTP(app::DataModel::Nullable<CharSpan> defaultNTP)
419 : {
420 4 : mDefaultNTP.SetValue(defaultNTP);
421 4 : return *this;
422 : }
423 :
424 1 : CommissioningParameters & SetTrustedTimeSource(
425 : app::DataModel::Nullable<app::Clusters::TimeSynchronization::Structs::FabricScopedTrustedTimeSourceStruct::Type>
426 : trustedTimeSource)
427 : {
428 1 : mTrustedTimeSource.SetValue(trustedTimeSource);
429 1 : return *this;
430 : }
431 :
432 : // The lifetime of the buffer csrNonce is pointing to, should exceed the lifetime of CommissioningParameters object.
433 66 : CommissioningParameters & SetCSRNonce(ByteSpan csrNonce)
434 : {
435 66 : mCSRNonce.SetValue(csrNonce);
436 66 : return *this;
437 : }
438 :
439 : // The lifetime of the buffer attestationNonce is pointing to, should exceed the lifetime of CommissioningParameters object.
440 67 : CommissioningParameters & SetAttestationNonce(ByteSpan attestationNonce)
441 : {
442 67 : mAttestationNonce.SetValue(attestationNonce);
443 67 : return *this;
444 : }
445 :
446 : // If a WiFiCredentials is provided, then the WiFiNetworkScan will not be attempted
447 12 : CommissioningParameters & SetWiFiCredentials(WiFiCredentials wifiCreds)
448 : {
449 12 : mWiFiCreds.SetValue(wifiCreds);
450 12 : mAttemptWiFiNetworkScan.SetValue(false);
451 12 : return *this;
452 : }
453 :
454 : // If a ThreadOperationalDataset is provided, then the ThreadNetworkScan will not be attempted
455 12 : CommissioningParameters & SetThreadOperationalDataset(ByteSpan threadOperationalDataset)
456 : {
457 :
458 12 : mThreadOperationalDataset.SetValue(threadOperationalDataset);
459 12 : mAttemptThreadNetworkScan = MakeOptional(static_cast<bool>(false));
460 12 : return *this;
461 : }
462 : // This parameter should be set with the information returned from kSendOpCertSigningRequest. It must be set before calling
463 : // kGenerateNOCChain.
464 1 : CommissioningParameters & SetNOCChainGenerationParameters(const NOCChainGenerationParameters & params)
465 : {
466 1 : mNOCChainGenerationParameters.SetValue(params);
467 1 : return *this;
468 : }
469 : // Root certs can be generated from the kGenerateNOCChain step. This must be set before calling kSendTrustedRootCert.
470 3 : CommissioningParameters & SetRootCert(const ByteSpan & rcac)
471 : {
472 3 : mRootCert.SetValue(rcac);
473 3 : return *this;
474 : }
475 : // NOC and intermediate cert can be generated from the kGenerateNOCChain step. NOC must be set before calling
476 : // kSendTrustedRootCert. ICAC and NOC must be set before calling kSendNOC
477 1 : CommissioningParameters & SetNoc(const ByteSpan & noc)
478 : {
479 1 : mNoc.SetValue(noc);
480 1 : return *this;
481 : }
482 1 : CommissioningParameters & SetIcac(const ByteSpan & icac)
483 : {
484 1 : mIcac.SetValue(icac);
485 1 : return *this;
486 : }
487 1 : CommissioningParameters & SetIpk(const Crypto::IdentityProtectionKeySpan ipk)
488 : {
489 1 : mIpk.SetValue(Crypto::IdentityProtectionKey(ipk));
490 1 : return *this;
491 : }
492 1 : CommissioningParameters & SetAdminSubject(const NodeId adminSubject)
493 : {
494 1 : mAdminSubject.SetValue(adminSubject);
495 1 : return *this;
496 : }
497 1 : CommissioningParameters & SetAttestationElements(const ByteSpan & attestationElements)
498 : {
499 1 : mAttestationElements = MakeOptional(attestationElements);
500 1 : return *this;
501 : }
502 1 : CommissioningParameters & SetAttestationSignature(const ByteSpan & attestationSignature)
503 : {
504 1 : mAttestationSignature = MakeOptional(attestationSignature);
505 1 : return *this;
506 : }
507 1 : CommissioningParameters & SetPAI(const ByteSpan & pai)
508 : {
509 1 : mPAI = MakeOptional(pai);
510 1 : return *this;
511 : }
512 1 : CommissioningParameters & SetDAC(const ByteSpan & dac)
513 : {
514 1 : mDAC = MakeOptional(dac);
515 1 : return *this;
516 : }
517 1 : CommissioningParameters & SetRemoteNodeId(NodeId id)
518 : {
519 1 : mRemoteNodeId = MakeOptional(id);
520 1 : return *this;
521 : }
522 1 : CommissioningParameters & SetRemoteVendorId(VendorId id)
523 : {
524 1 : mRemoteVendorId = MakeOptional(id);
525 1 : return *this;
526 : }
527 1 : CommissioningParameters & SetRemoteProductId(uint16_t id)
528 : {
529 1 : mRemoteProductId = MakeOptional(id);
530 1 : return *this;
531 : }
532 1 : CommissioningParameters & SetDefaultRegulatoryLocation(app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum location)
533 : {
534 1 : mDefaultRegulatoryLocation = MakeOptional(location);
535 1 : return *this;
536 : }
537 1 : CommissioningParameters & SetLocationCapability(app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum capability)
538 : {
539 1 : mLocationCapability = MakeOptional(capability);
540 1 : return *this;
541 : }
542 1 : void SetCompletionStatus(const CompletionStatus & status) { completionStatus = status; }
543 :
544 1 : CommissioningParameters & SetDeviceAttestationDelegate(Credentials::DeviceAttestationDelegate * deviceAttestationDelegate)
545 : {
546 1 : mDeviceAttestationDelegate = deviceAttestationDelegate;
547 1 : return *this;
548 : }
549 :
550 3 : Credentials::DeviceAttestationDelegate * GetDeviceAttestationDelegate() const { return mDeviceAttestationDelegate; }
551 :
552 : // If an SSID is provided, and AttemptWiFiNetworkScan is true,
553 : // then a directed scan will be performed using the SSID provided in the WiFiCredentials object
554 7 : Optional<bool> GetAttemptWiFiNetworkScan() const { return mAttemptWiFiNetworkScan; }
555 4 : CommissioningParameters & SetAttemptWiFiNetworkScan(bool attemptWiFiNetworkScan)
556 : {
557 4 : mAttemptWiFiNetworkScan = MakeOptional(attemptWiFiNetworkScan);
558 4 : return *this;
559 : }
560 :
561 : // If a ThreadOperationalDataset is provided, then the ThreadNetworkScan will not be attempted
562 7 : Optional<bool> GetAttemptThreadNetworkScan() const { return mAttemptThreadNetworkScan; }
563 5 : CommissioningParameters & SetAttemptThreadNetworkScan(bool attemptThreadNetworkScan)
564 : {
565 5 : if (!mThreadOperationalDataset.HasValue())
566 : {
567 4 : mAttemptThreadNetworkScan = MakeOptional(attemptThreadNetworkScan);
568 : }
569 5 : return *this;
570 : }
571 :
572 : // Only perform the PASE steps of commissioning.
573 : // Commissioning will be completed by another admin on the network.
574 5 : Optional<bool> GetSkipCommissioningComplete() const { return mSkipCommissioningComplete; }
575 1 : CommissioningParameters & SetSkipCommissioningComplete(bool skipCommissioningComplete)
576 : {
577 1 : mSkipCommissioningComplete = MakeOptional(skipCommissioningComplete);
578 1 : return *this;
579 : }
580 :
581 : // Check for matching fabric on target device by reading fabric list and looking for a
582 : // fabricId and RootCert match. If a match is detected, then use GetNodeId() to
583 : // access the nodeId for the device on the matching fabric.
584 1 : bool GetCheckForMatchingFabric() const { return mCheckForMatchingFabric; }
585 1 : CommissioningParameters & SetCheckForMatchingFabric(bool checkForMatchingFabric)
586 : {
587 1 : mCheckForMatchingFabric = checkForMatchingFabric;
588 1 : return *this;
589 : }
590 :
591 : #if CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
592 : // Check for Joint Commissioning Method
593 9 : Optional<bool> GetUseJCM() const { return mUseJCM; }
594 :
595 : // Set the Joint Commissioning Method
596 7 : CommissioningParameters & SetUseJCM(bool useJCM)
597 : {
598 7 : mUseJCM = MakeOptional(useJCM);
599 7 : return *this;
600 : }
601 : #endif // CHIP_DEVICE_CONFIG_ENABLE_JOINT_FABRIC
602 :
603 67 : ICDRegistrationStrategy GetICDRegistrationStrategy() const { return mICDRegistrationStrategy; }
604 2 : CommissioningParameters & SetICDRegistrationStrategy(ICDRegistrationStrategy icdRegistrationStrategy)
605 : {
606 2 : mICDRegistrationStrategy = icdRegistrationStrategy;
607 2 : return *this;
608 : }
609 :
610 6 : Optional<NodeId> GetICDCheckInNodeId() const { return mICDCheckInNodeId; }
611 3 : CommissioningParameters & SetICDCheckInNodeId(NodeId icdCheckInNodeId)
612 : {
613 3 : mICDCheckInNodeId = MakeOptional(icdCheckInNodeId);
614 3 : return *this;
615 : }
616 :
617 6 : Optional<uint64_t> GetICDMonitoredSubject() const { return mICDMonitoredSubject; }
618 3 : CommissioningParameters & SetICDMonitoredSubject(uint64_t icdMonitoredSubject)
619 : {
620 3 : mICDMonitoredSubject = MakeOptional(icdMonitoredSubject);
621 3 : return *this;
622 : }
623 :
624 12 : Optional<ByteSpan> GetICDSymmetricKey() const { return mICDSymmetricKey; }
625 3 : CommissioningParameters & SetICDSymmetricKey(ByteSpan icdSymmetricKey)
626 : {
627 3 : mICDSymmetricKey = MakeOptional(icdSymmetricKey);
628 3 : return *this;
629 : }
630 :
631 6 : Optional<app::Clusters::IcdManagement::ClientTypeEnum> GetICDClientType() const { return mICDClientType; }
632 3 : CommissioningParameters & SetICDClientType(app::Clusters::IcdManagement::ClientTypeEnum icdClientType)
633 : {
634 3 : mICDClientType = MakeOptional(icdClientType);
635 3 : return *this;
636 : }
637 :
638 3 : Optional<uint32_t> GetICDStayActiveDurationMsec() const { return mICDStayActiveDurationMsec; }
639 1 : CommissioningParameters & SetICDStayActiveDurationMsec(uint32_t stayActiveDurationMsec)
640 : {
641 1 : mICDStayActiveDurationMsec = MakeOptional(stayActiveDurationMsec);
642 1 : return *this;
643 : }
644 1 : void ClearICDStayActiveDurationMsec() { mICDStayActiveDurationMsec.ClearValue(); }
645 :
646 75 : Span<const app::AttributePathParams> GetExtraReadPaths() const { return mExtraReadPaths; }
647 :
648 : // Additional attribute paths to read as part of the kReadCommissioningInfo stage.
649 : // These values read from the device will be available in ReadCommissioningInfo.attributes.
650 : // Clients should avoid requesting paths that are already read internally by the commissioner
651 : // as no consolidation of internally read and extra paths provided here will be performed.
652 9 : CommissioningParameters & SetExtraReadPaths(Span<const app::AttributePathParams> paths)
653 : {
654 9 : mExtraReadPaths = paths;
655 9 : return *this;
656 : }
657 :
658 : // Clear all members that depend on some sort of external buffer. Can be
659 : // used to make sure that we are not holding any dangling pointers.
660 70 : void ClearExternalBufferDependentValues()
661 : {
662 70 : mCSRNonce.ClearValue();
663 70 : mAttestationNonce.ClearValue();
664 70 : mWiFiCreds.ClearValue();
665 70 : mCountryCode.ClearValue();
666 70 : mThreadOperationalDataset.ClearValue();
667 70 : mNOCChainGenerationParameters.ClearValue();
668 70 : mRootCert.ClearValue();
669 70 : mNoc.ClearValue();
670 70 : mIcac.ClearValue();
671 70 : mIpk.ClearValue();
672 70 : mAttestationElements.ClearValue();
673 70 : mAttestationSignature.ClearValue();
674 70 : mPAI.ClearValue();
675 70 : mDAC.ClearValue();
676 70 : mTimeZone.ClearValue();
677 70 : mDSTOffsets.ClearValue();
678 70 : mDefaultNTP.ClearValue();
679 70 : mICDSymmetricKey.ClearValue();
680 70 : mExtraReadPaths = decltype(mExtraReadPaths)();
681 70 : }
682 :
683 : private:
684 : // Items that can be set by the commissioner
685 : Optional<uint16_t> mFailsafeTimerSeconds;
686 : Optional<uint16_t> mCASEFailsafeTimerSeconds;
687 : Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> mDeviceRegulatoryLocation;
688 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::TimeZoneStruct::Type>> mTimeZone;
689 : Optional<app::DataModel::List<app::Clusters::TimeSynchronization::Structs::DSTOffsetStruct::Type>> mDSTOffsets;
690 : Optional<app::DataModel::Nullable<CharSpan>> mDefaultNTP;
691 : Optional<app::DataModel::Nullable<app::Clusters::TimeSynchronization::Structs::FabricScopedTrustedTimeSourceStruct::Type>>
692 : mTrustedTimeSource;
693 : Optional<ByteSpan> mCSRNonce;
694 : Optional<ByteSpan> mAttestationNonce;
695 : Optional<WiFiCredentials> mWiFiCreds;
696 : Optional<CharSpan> mCountryCode;
697 : Optional<TermsAndConditionsAcknowledgement> mTermsAndConditionsAcknowledgement;
698 : Optional<ByteSpan> mThreadOperationalDataset;
699 : Optional<NOCChainGenerationParameters> mNOCChainGenerationParameters;
700 : Optional<ByteSpan> mRootCert;
701 : Optional<ByteSpan> mNoc;
702 : Optional<ByteSpan> mIcac;
703 : Optional<Crypto::IdentityProtectionKey> mIpk;
704 : Optional<NodeId> mAdminSubject;
705 : // Items that come from the device in commissioning steps
706 : Optional<ByteSpan> mAttestationElements;
707 : Optional<ByteSpan> mAttestationSignature;
708 : Optional<ByteSpan> mPAI;
709 : Optional<ByteSpan> mDAC;
710 : Optional<NodeId> mRemoteNodeId;
711 : Optional<VendorId> mRemoteVendorId;
712 : Optional<uint16_t> mRemoteProductId;
713 : Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> mDefaultRegulatoryLocation;
714 : Optional<app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum> mLocationCapability;
715 : Optional<bool> mSupportsConcurrentConnection;
716 : CompletionStatus completionStatus;
717 : Credentials::DeviceAttestationDelegate * mDeviceAttestationDelegate =
718 : nullptr; // Delegate to handle device attestation failures during commissioning
719 : Optional<bool> mAttemptWiFiNetworkScan;
720 : Optional<bool> mAttemptThreadNetworkScan; // This automatically gets set to false when a ThreadOperationalDataset is set
721 : Optional<bool> mSkipCommissioningComplete;
722 :
723 : Optional<NodeId> mICDCheckInNodeId;
724 : Optional<uint64_t> mICDMonitoredSubject;
725 : Optional<ByteSpan> mICDSymmetricKey;
726 : Optional<app::Clusters::IcdManagement::ClientTypeEnum> mICDClientType;
727 : Optional<uint32_t> mICDStayActiveDurationMsec;
728 : ICDRegistrationStrategy mICDRegistrationStrategy = ICDRegistrationStrategy::kIgnore;
729 : bool mCheckForMatchingFabric = false;
730 : Span<const app::AttributePathParams> mExtraReadPaths;
731 :
732 : Optional<bool> mUseJCM;
733 : };
734 :
735 : struct RequestedCertificate
736 : {
737 1 : RequestedCertificate(ByteSpan newCertificate) : certificate(newCertificate) {}
738 : ByteSpan certificate;
739 : };
740 :
741 : struct AttestationResponse
742 : {
743 1 : AttestationResponse(ByteSpan newAttestationElements, ByteSpan newSignature) :
744 1 : attestationElements(newAttestationElements), signature(newSignature)
745 1 : {}
746 : ByteSpan attestationElements;
747 : ByteSpan signature;
748 : };
749 :
750 : struct CSRResponse
751 : {
752 1 : CSRResponse(ByteSpan elements, ByteSpan newSignature) : nocsrElements(elements), signature(newSignature) {}
753 : ByteSpan nocsrElements;
754 : ByteSpan signature;
755 : };
756 :
757 : struct NocChain
758 : {
759 0 : NocChain(ByteSpan newNoc, ByteSpan newIcac, ByteSpan newRcac, Crypto::IdentityProtectionKeySpan newIpk,
760 0 : NodeId newAdminSubject) :
761 0 : noc(newNoc),
762 0 : icac(newIcac), rcac(newRcac), ipk(newIpk), adminSubject(newAdminSubject)
763 0 : {}
764 : ByteSpan noc;
765 : ByteSpan icac;
766 : ByteSpan rcac;
767 : Crypto::IdentityProtectionKeySpan ipk;
768 : NodeId adminSubject;
769 : };
770 :
771 : struct OperationalNodeFoundData
772 : {
773 0 : OperationalNodeFoundData(OperationalDeviceProxy proxy) : operationalProxy(proxy) {}
774 : OperationalDeviceProxy operationalProxy;
775 : };
776 :
777 : struct NetworkClusterInfo
778 : {
779 : EndpointId endpoint = kInvalidEndpointId;
780 : app::Clusters::NetworkCommissioning::Attributes::ConnectMaxTimeSeconds::TypeInfo::DecodableType minConnectionTime = 0;
781 : // maxScanTime == 0 means we don't know; normal commissioning step timeouts
782 : // will apply in that case.
783 : app::Clusters::NetworkCommissioning::Attributes::ScanMaxTimeSeconds::TypeInfo::DecodableType maxScanTime = 0;
784 : };
785 : struct NetworkClusters
786 : {
787 : NetworkClusterInfo wifi;
788 : NetworkClusterInfo thread;
789 : NetworkClusterInfo eth;
790 : };
791 : struct BasicClusterInfo
792 : {
793 : VendorId vendorId = VendorId::Common;
794 : uint16_t productId = 0;
795 : };
796 : struct GeneralCommissioningInfo
797 : {
798 : uint64_t breadcrumb = 0;
799 : uint16_t recommendedFailsafe = 0;
800 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum currentRegulatoryLocation =
801 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum::kIndoorOutdoor;
802 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum locationCapability =
803 : app::Clusters::GeneralCommissioning::RegulatoryLocationTypeEnum::kIndoorOutdoor;
804 : bool isCommissioningWithoutPower = false;
805 : };
806 :
807 : // ICDManagementClusterInfo is populated when the controller reads information from
808 : // the ICD Management cluster, and is used to communicate that information.
809 : struct ICDManagementClusterInfo
810 : {
811 : // Whether the ICD is capable of functioning as a LIT device. If false, the ICD can only be a SIT device.
812 : bool isLIT = false;
813 : // Whether the ICD supports the check-in protocol. LIT devices have to support it, but SIT devices
814 : // might or might not.
815 : bool checkInProtocolSupport = false;
816 : // Indicate the maximum interval in seconds the server can stay in idle mode.
817 : uint32_t idleModeDuration = 0;
818 : // Indicate the minimum interval in milliseconds the server typically will stay in active mode after initial transition out of
819 : // idle mode.
820 : uint32_t activeModeDuration = 0;
821 : // Indicate the minimum amount of time in milliseconds the server typically will stay active after network activity when in
822 : // active mode.
823 : uint16_t activeModeThreshold = 0;
824 : // userActiveModeTriggerHint indicates which user action(s) will trigger the ICD to switch to Active mode.
825 : // For a LIT: The device is required to provide a value for the bitmap.
826 : // For a SIT: The device may not provide a value. In that case, none of the bits will be set.
827 : //
828 : // userActiveModeTriggerInstruction may provide additional information for users for some specific
829 : // userActiveModeTriggerHint values.
830 : BitMask<app::Clusters::IcdManagement::UserActiveModeTriggerBitmap> userActiveModeTriggerHint;
831 : CharSpan userActiveModeTriggerInstruction;
832 : };
833 :
834 : struct ReadCommissioningInfo
835 : {
836 : #if CHIP_CONFIG_ENABLE_READ_CLIENT
837 : app::ClusterStateCache const * attributes = nullptr;
838 : #endif
839 : NetworkClusters network;
840 : BasicClusterInfo basic;
841 : GeneralCommissioningInfo general;
842 : bool requiresUTC = false;
843 : bool requiresTimeZone = false;
844 : bool requiresDefaultNTP = false;
845 : bool requiresTrustedTimeSource = false;
846 : uint8_t maxTimeZoneSize = 1;
847 : uint8_t maxDSTSize = 1;
848 : NodeId remoteNodeId = kUndefinedNodeId;
849 : bool supportsConcurrentConnection = true;
850 : ICDManagementClusterInfo icd;
851 : };
852 :
853 : struct TimeZoneResponseInfo
854 : {
855 : bool requiresDSTOffsets;
856 : };
857 :
858 : struct AttestationErrorInfo
859 : {
860 0 : AttestationErrorInfo(Credentials::AttestationVerificationResult result) : attestationResult(result) {}
861 : Credentials::AttestationVerificationResult attestationResult;
862 : };
863 :
864 : struct CommissioningErrorInfo
865 : {
866 1 : CommissioningErrorInfo(app::Clusters::GeneralCommissioning::CommissioningErrorEnum result) : commissioningError(result) {}
867 2 : CommissioningErrorInfo(app::Clusters::GeneralCommissioning::CommissioningErrorEnum result, CharSpan text) :
868 2 : commissioningError(result), debugText(CharSpanToStdString(text))
869 2 : {}
870 : app::Clusters::GeneralCommissioning::CommissioningErrorEnum commissioningError;
871 : /// Owned copy of the device-supplied `debugText` from
872 : /// ArmFailSafeResponse / SetRegulatoryConfigResponse / CommissioningCompleteResponse.
873 : /// Empty when the device did not provide debug text.
874 : std::string debugText;
875 : };
876 :
877 : struct OperationalCertErrorInfo
878 : {
879 1 : OperationalCertErrorInfo(app::Clusters::OperationalCredentials::NodeOperationalCertStatusEnum result) :
880 1 : operationalCertStatus(result)
881 1 : {}
882 : app::Clusters::OperationalCredentials::NodeOperationalCertStatusEnum operationalCertStatus;
883 : };
884 :
885 : struct NetworkCommissioningStatusInfo
886 : {
887 1 : NetworkCommissioningStatusInfo(app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum result) :
888 1 : networkCommissioningStatus(result)
889 1 : {}
890 2 : NetworkCommissioningStatusInfo(app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum result, CharSpan text) :
891 2 : networkCommissioningStatus(result), debugText(CharSpanToStdString(text))
892 2 : {}
893 2 : NetworkCommissioningStatusInfo(app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum result, CharSpan text,
894 2 : Optional<int32_t> errorValue) :
895 2 : networkCommissioningStatus(result),
896 2 : debugText(CharSpanToStdString(text)), connectNetworkErrorValue(errorValue)
897 2 : {}
898 : app::Clusters::NetworkCommissioning::NetworkCommissioningStatusEnum networkCommissioningStatus;
899 : /// Owned copy of the device-supplied `debugText` from
900 : /// `NetworkConfigResponse` / `ConnectNetworkResponse`. Empty when the device did not
901 : /// provide debug text.
902 : std::string debugText;
903 : /// Optional device-specific connect failure code from ConnectNetworkResponse.errorValue.
904 : /// Only populated for ConnectNetwork failures; null for NetworkConfig failures (which
905 : /// don't carry an errorValue field).
906 : Optional<int32_t> connectNetworkErrorValue;
907 : };
908 :
909 : class CommissioningDelegate
910 : {
911 : public:
912 43 : virtual ~CommissioningDelegate(){};
913 : /* CommissioningReport is returned after each commissioning step is completed. The reports for each step are:
914 : * kReadCommissioningInfo: ReadCommissioningInfo
915 : * kArmFailsafe: CommissioningErrorInfo if there is an error
916 : * kConfigRegulatory: CommissioningErrorInfo if there is an error
917 : * kConfigureUTCTime: None
918 : * kConfigureTimeZone: TimeZoneResponseInfo
919 : * kConfigureDSTOffset: None
920 : * kConfigureDefaultNTP: None
921 : * kSendPAICertificateRequest: RequestedCertificate
922 : * kSendDACCertificateRequest: RequestedCertificate
923 : * kSendAttestationRequest: AttestationResponse
924 : * kAttestationVerification: AttestationErrorInfo if there is an error
925 : * kAttestationRevocationCheck: AttestationErrorInfo if there is an error
926 : * kJCMTrustVerification: JCMTrustVerificationError if there is an error
927 : * kSendOpCertSigningRequest: CSRResponse
928 : * kGenerateNOCChain: NocChain
929 : * kSendTrustedRootCert: None
930 : * kSendNOC: OperationalCertErrorInfo if AddNOC returned a non-success NodeOperationalCertStatusEnum
931 : * kConfigureTrustedTimeSource: None
932 : * kWiFiNetworkSetup: NetworkCommissioningStatusInfo if there is an error
933 : * kThreadNetworkSetup: NetworkCommissioningStatusInfo if there is an error
934 : * kWiFiNetworkEnable: NetworkCommissioningStatusInfo if there is an error
935 : * kThreadNetworkEnable: NetworkCommissioningStatusInfo if there is an error
936 : * kEvictPreviousCaseSessions: None
937 : * kFindOperationalForStayActive OperationalNodeFoundData
938 : * kFindOperationalForCommissioningComplete: OperationalNodeFoundData
939 : * kICDSendStayActive: CommissioningErrorInfo if there is an error
940 : * kSendComplete: CommissioningErrorInfo if there is an error
941 : * kCleanup: None
942 : */
943 : struct CommissioningReport
944 : : Variant<RequestedCertificate, AttestationResponse, CSRResponse, NocChain, OperationalNodeFoundData, ReadCommissioningInfo,
945 : AttestationErrorInfo, CommissioningErrorInfo, OperationalCertErrorInfo, NetworkCommissioningStatusInfo,
946 : TimeZoneResponseInfo, Credentials::JCM::TrustVerificationError>
947 : {
948 1 : CommissioningReport() : stageCompleted(CommissioningStage::kError) {}
949 : CommissioningStage stageCompleted;
950 : };
951 : virtual CHIP_ERROR SetCommissioningParameters(const CommissioningParameters & params) = 0;
952 : virtual const CommissioningParameters & GetCommissioningParameters() const = 0;
953 : virtual void SetOperationalCredentialsDelegate(OperationalCredentialsDelegate * operationalCredentialsDelegate) = 0;
954 : virtual CHIP_ERROR StartCommissioning(DeviceCommissioner * commissioner, CommissioneeDeviceProxy * proxy) = 0;
955 : virtual CHIP_ERROR CommissioningStepFinished(CHIP_ERROR err, CommissioningReport report) = 0;
956 : };
957 :
958 : } // namespace Controller
959 : } // namespace chip
|
