Thread extension commission updates (ARMmbed#1835)

artokin · Sep 26, 2018 · 02af1a8 · 02af1a8
1 parent 927c329
commit 02af1a8
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 26 deletions.
diff --git a/source/6LoWPAN/Thread/thread_extension_bbr.c b/source/6LoWPAN/Thread/thread_extension_bbr.c
@@ -343,6 +343,22 @@ static int thread_pbbr_data_req_recv_cb(int8_t service_id, uint8_t source_addres
     return 0;
 }
 
+static int thread_pbbr_data_set_recv_cb(int8_t service_id, uint8_t source_address[static 16], uint16_t source_port, sn_coap_hdr_s *request_ptr)
+{
+    (void) source_address;
+    (void) source_port;
+
+    uint8_t response[3] = {0};
+    uint8_t *ptr = response;
+
+    // This is not yet supported, thus return state TLV rejected
+    ptr = thread_meshcop_tlv_data_write_uint8(response, MESHCOP_TLV_STATE, -1);
+
+    coap_service_response_send(service_id, COAP_REQUEST_OPTIONS_NONE, request_ptr, COAP_MSG_CODE_RESPONSE_CHANGED, COAP_CT_OCTET_STREAM, response, ptr - response);
+
+    return 0;
+}
+
 static int thread_pbbr_nmkp_relay_rx_recv_cb(int8_t service_id, uint8_t source_address[static 16], uint16_t source_port, sn_coap_hdr_s *request_ptr)
 {
     thread_pbbr_t *this = thread_border_router_find_by_service(service_id);
@@ -1143,6 +1159,7 @@ static int thread_extension_bbr_pbbr_start(thread_pbbr_t *this)
     coap_service_register_uri(this->coap_service_id, THREAD_URI_BBR_NMK_RX_NTF, COAP_SERVICE_ACCESS_POST_ALLOWED, thread_pbbr_nmkp_relay_rx_recv_cb);
     // Register BBR data request URI
     coap_service_register_uri(this->coap_service_id, THREAD_URI_BBR_DATA_REQ, COAP_SERVICE_ACCESS_GET_ALLOWED, thread_pbbr_data_req_recv_cb);
+    coap_service_register_uri(this->coap_service_id, THREAD_URI_BBR_DATA_SET, COAP_SERVICE_ACCESS_GET_ALLOWED, thread_pbbr_data_set_recv_cb);
 
     // create secure service for Network master key provisioning
     this->coap_nmkp_virtual_service_id = coap_service_initialize(this->interface_id, THREAD_MANAGEMENT_PORT, COAP_SERVICE_OPTIONS_SECURE | COAP_SERVICE_OPTIONS_VIRTUAL_SOCKET, thread_pbbr_pskd_security_start_cb, NULL);

diff --git a/source/6LoWPAN/Thread/thread_extension_bootstrap.c b/source/6LoWPAN/Thread/thread_extension_bootstrap.c
@@ -77,7 +77,7 @@ typedef struct thread_extension_credentials {
 
 #ifdef HAVE_THREAD_V2
 
-/* Hardcoded CSR request/privatekey pairs */
+/* Hardcoded CSR request */
 static const unsigned char csr_request[215] = {
     0x30,0x81,0xd4,0x30,0x7c,0x02,0x01,0x00,0x30,0x1a,0x31,0x18,0x30,0x16,0x06,0x03,
     0x55,0x04,0x03,0x0c,0x0f,0x54,0x68,0x72,0x65,0x61,0x64,0x44,0x65,0x76,0x69,0x63,
@@ -95,7 +95,9 @@ static const unsigned char csr_request[215] = {
     0x26,0xe3,0x5a,0x74,0x62,0x0f,0x70
 };
 
-/* Private key for certificate m_device_nxp_sn_and_8021ar.cert.pem -> test registrar will return this as default
+/*
+ * Private key for certificate m_device_nxp_sn_and_8021ar.cert.pem -> test registrar will return this as default
+ */
 static const unsigned char domain_private_key[138] = {
     0x30,0x81,0x87,0x02,0x01,0x00,0x30,0x13,0x06,0x07,0x2a,0x86,0x48,0xce,0x3d,0x02,
     0x01,0x06,0x08,0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07,0x04,0x6d,0x30,0x6b,0x02,
@@ -107,7 +109,7 @@ static const unsigned char domain_private_key[138] = {
     0xc2,0x43,0x69,0x0a,0x57,0xb5,0x54,0xeb,0x9b,0x06,0xad,0xed,0x7c,0x56,0x6e,0x0c,
     0x23,0xcb,0x1e,0x51,0x78,0xe4,0xae,0x41,0x58,0x15
 };
-*/
+
 const uint8_t meshcop_nmkp_resp_ignore[] = {
         MESHCOP_TLV_COMM_SIGNATURE,
         MESHCOP_TLV_COMM_TOKEN,
@@ -196,7 +198,7 @@ static int thread_joiner_application_simple_enroll_response_cb(int8_t service_id
 
     protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(thread_extension_bootstrap_find_id_by_service(service_id));
 
-    tr_debug("Simple enrollment received %s",trace_array(response_ptr->payload_ptr, response_ptr->payload_len));
+    tr_debug("Simple enrollment received len:%d - %s",response_ptr->payload_len,trace_array(response_ptr->payload_ptr, response_ptr->payload_len));
 
     if (!cur || !cur->thread_info || !response_ptr) {
         return -1;
@@ -217,11 +219,8 @@ static int thread_joiner_application_simple_enroll_response_cb(int8_t service_id
         flen = 0;
     }
 
-    /* Hack: registrar does not reply actual certificates, we need to use something... */
     if ( flen != len ||
-          0 > thread_extension_bootstrap_network_certificate_set(cur, thread_info(cur)->extension_credentials_ptr->device_certificate_ptr,
-                  thread_info(cur)->extension_credentials_ptr->device_certificate_len)) {
-//         0 > thread_extension_bootstrap_network_certificate_set(cur, ptr, len)) {
+         0 > thread_extension_bootstrap_network_certificate_set(cur, ptr, len)) {
         tr_warn("ae response parse failed, len %d != %d",len,flen);
     }
 
@@ -241,8 +240,7 @@ static int thread_joiner_application_csrattrs_response_cb(int8_t service_id, uin
     tr_info("Receiving csrattrs response sending simpleenroll");
 
     // TODO Create CSR and private key here... Now we use hardcoded stuff.
-    // HACK: use device certificate/private key untill registrar replys real certificates..
-    thread_extension_bootstrap_network_private_key_set(cur, thread_info(cur)->extension_credentials_ptr->device_pk_ptr, thread_info(cur)->extension_credentials_ptr->device_pk_len);
+    thread_extension_bootstrap_network_private_key_set(cur, domain_private_key, sizeof(domain_private_key));
 
     coap_service_request_send(service_id, COAP_REQUEST_OPTIONS_SECURE_BYPASS, source_address, source_port,
                               COAP_MSG_TYPE_CONFIRMABLE, COAP_MSG_CODE_REQUEST_POST, THREAD_URI_SIMPLEENROLL, THREAD_CONTENT_FORMAT_PKCS10,
@@ -296,18 +294,17 @@ static int thread_joiner_application_rat_response_cb(int8_t service_id, uint8_t
         ca_cert_len = common_read_16_bit((uint8_t *)ca_cert_ptr);   // read length
         ca_cert_ptr += 2;
         tr_debug("CA cert len %d", ca_cert_len);
-        /* Set domain certificate pointer and length */
-        // HACK: this is not needed, we use device certificate...
-
-//        if (thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
-//            ns_dyn_mem_free(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr);
-//        }
-//        thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr = ns_dyn_mem_alloc(ca_cert_len);
-//        if (!thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
-//            return -1;
-//        }
-//        memcpy(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr, ca_cert_ptr, ca_cert_len);
-//        thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_len = ca_cert_len;
+        /* Set domain CA certificate pointer and length */
+
+        if (thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
+            ns_dyn_mem_free(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr);
+        }
+        thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr = ns_dyn_mem_alloc(ca_cert_len);
+        if (!thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
+            return -1;
+        }
+        memcpy(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr, ca_cert_ptr, ca_cert_len);
+        thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_len = ca_cert_len;
     } else {
         tr_error("Response parse failed");
     }

diff --git a/source/6LoWPAN/Thread/thread_extension_constants.h b/source/6LoWPAN/Thread/thread_extension_constants.h
@@ -78,10 +78,10 @@ typedef struct discovery_additional_info {
 #define THREAD_URI_TRI_TX_NTF                   ".well-known/thread/c/txr"  //<* Registrar
 #define THREAD_URI_TRI_RX_NTF                   ".well-known/thread/c/rxr"  //<* Registrar
 
-#define THREAD_URI_SIMPLEENROLL                 ".well-known/est/simpleenroll"      //<* Registrar
-#define THREAD_URI_CSRATTRS                     ".well-known/est/csrattrs"          //<* Registrar
-#define THREAD_URI_RAT                          ".well-known/est/rat"               //<* Registrar
-#define THREAD_URI_SIMPLEREENROLL               ".well-known/est/simplereenroll"    //<* Registrar
+#define THREAD_URI_SIMPLEENROLL                 ".well-known/est/sen"       //<* Registrar
+#define THREAD_URI_CSRATTRS                     ".well-known/est/att"       //<* Registrar
+#define THREAD_URI_RAT                          ".well-known/est/rv"        //<* Registrar
+#define THREAD_URI_SIMPLEREENROLL               ".well-known/est/sren"      //<* Registrar
 
 /** @defgroup Thread 1.2 experimental */