Skip to content

Commit

Permalink
[joiner-router] enhance & fix appending TLVs to Joiner Entrust msg (#…
Browse files Browse the repository at this point in the history 
…9614)

This commit updates `JoinerRouter::PrepareJoinerEntrustMessage()` to
improve how TLVs from Active Operational Dataset are appended to the
message. The TLV types that should be included in Joiner Entrust are
now defined in an array `kTlvTypes`, and the code iterating over this
array will find the TLV in Dataset and append it to the message.

Previously, if a required TLV type was not present in the Dataset, the
code would have appended the TLV with an uninitialized and possibly
random value, which could lead to unexpected behavior. The new code
will fail if the required TLVs are not present in the Dataset
instead, ensuring that only valid TLVs are included in the Joiner
Entrust message.
  • Loading branch information
@abtink
abtink authored Nov 17, 2023
1 parent 02ccb9a commit b775735
Showing 1 changed file with 10 additions and 53 deletions.
63 changes: 10 additions & 53 deletions src/core/meshcop/joiner_router.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -290,72 +290,29 @@ Error JoinerRouter::SendJoinerEntrust(const Ip6::MessageInfo &aMessageInfo)

Coap::Message *JoinerRouter::PrepareJoinerEntrustMessage(void)
{
Error error;
static const Tlv::Type kTlvTypes[] = {
Tlv::kNetworkKey, Tlv::kMeshLocalPrefix, Tlv::kExtendedPanId, Tlv::kNetworkName,
Tlv::kActiveTimestamp, Tlv::kChannelMask, Tlv::kPskc, Tlv::kSecurityPolicy,
};

Error error = kErrorNone;
Coap::Message *message = nullptr;
Dataset dataset;
NetworkNameTlv networkName;
const Tlv *tlv;
NetworkKey networkKey;

message = Get<Tmf::Agent>().NewPriorityConfirmablePostMessage(kUriJoinerEntrust);
VerifyOrExit(message != nullptr, error = kErrorNoBufs);

message->SetSubType(Message::kSubTypeJoinerEntrust);

Get<KeyManager>().GetNetworkKey(networkKey);
SuccessOrExit(error = Tlv::Append<NetworkKeyTlv>(*message, networkKey));
SuccessOrExit(error = Tlv::Append<MeshLocalPrefixTlv>(*message, Get<Mle::MleRouter>().GetMeshLocalPrefix()));
SuccessOrExit(error = Tlv::Append<ExtendedPanIdTlv>(*message, Get<ExtendedPanIdManager>().GetExtPanId()));

networkName.Init();
networkName.SetNetworkName(Get<NetworkNameManager>().GetNetworkName().GetAsData());
SuccessOrExit(error = networkName.AppendTo(*message));

IgnoreError(Get<ActiveDatasetManager>().Read(dataset));

if ((tlv = dataset.GetTlv<ActiveTimestampTlv>()) != nullptr)
{
SuccessOrExit(error = tlv->AppendTo(*message));
}
else
{
ActiveTimestampTlv activeTimestamp;
activeTimestamp.Init();
SuccessOrExit(error = activeTimestamp.AppendTo(*message));
}

if ((tlv = dataset.GetTlv<ChannelMaskTlv>()) != nullptr)
{
SuccessOrExit(error = tlv->AppendTo(*message));
}
else
{
ChannelMaskBaseTlv channelMask;
channelMask.Init();
SuccessOrExit(error = channelMask.AppendTo(*message));
}
SuccessOrExit(error = Get<ActiveDatasetManager>().Read(dataset));

if ((tlv = dataset.GetTlv<PskcTlv>()) != nullptr)
for (Tlv::Type tlvType : kTlvTypes)
{
SuccessOrExit(error = tlv->AppendTo(*message));
}
else
{
PskcTlv pskc;
pskc.Init();
SuccessOrExit(error = pskc.AppendTo(*message));
}
const Tlv *tlv = dataset.GetTlv(tlvType);

if ((tlv = dataset.GetTlv<SecurityPolicyTlv>()) != nullptr)
{
VerifyOrExit(tlv != nullptr, error = kErrorInvalidState);
SuccessOrExit(error = tlv->AppendTo(*message));
}
else
{
SecurityPolicyTlv securityPolicy;
securityPolicy.Init();
SuccessOrExit(error = securityPolicy.AppendTo(*message));
}

SuccessOrExit(error = Tlv::Append<NetworkKeySequenceTlv>(*message, Get<KeyManager>().GetCurrentKeySequence()));

Expand Down

0 comments on commit b775735

Please sign in to comment.