update proto for DHCPv6 PD Telemetry

add hashed prefix

src/proto/thread_telemetry.proto

@@ -219,34 +219,36 @@ message TelemetryData {
     // The counters for inbound multicast packets
     optional PacketsAndBytes inbound_multicast = 16;
 
-    // The counter for inbound Internet when DHCPv6 PD enabled
-    optional PacketsAndBytes inbound_internet = 17;
-
     // The counters for outbound unicast packets
-    optional PacketsAndBytes outbound_unicast = 18;
+    optional PacketsAndBytes outbound_unicast = 17;
 
     // The counters for outbound multicast packets
-    optional PacketsAndBytes outbound_multicast = 19;
-
-    // The counter for outbound Internet when DHCPv6 PD enabled
-    optional PacketsAndBytes outbound_internet = 20;
+    optional PacketsAndBytes outbound_multicast = 18;
 
     // The inbound and outbound NAT64 traffic through the border router
-    optional Nat64ProtocolCounters nat64_protocol_counters = 21;
+    optional Nat64ProtocolCounters nat64_protocol_counters = 19;
 
     // Error counters for NAT64 translator on the border router
-    optional Nat64ErrorCounters nat64_error_counters = 22;
+    optional Nat64ErrorCounters nat64_error_counters = 20;
+
+    // The counter for inbound Internet when DHCPv6 PD enabled
+    optional PacketsAndBytes inbound_internet = 21;
+
+    // The counter for outbound Internet when DHCPv6 PD enabled
+    optional PacketsAndBytes outbound_internet = 22;
   }
 
   enum Dhcp6PdState {
+    DHCP6_PD_STATE_UNSPECIFIED = 0;
+
     // DHCPv6 PD is disabled on the border router.
-    DHCP6_PD_STATE_DISABLED = 0;
+    DHCP6_PD_STATE_DISABLED = 1;
 
     // DHCPv6 PD in enabled but won't try to request and publish a prefix.
-    DHCP6_PD_STATE_STOPPED = 1;
+    DHCP6_PD_STATE_STOPPED = 2;
 
     // DHCPv6 PD is enabled and will try to request and publish a prefix.
-    DHCP6_PD_STATE_RUNNING =2;
+    DHCP6_PD_STATE_RUNNING = 3;
   }
 
   message PdProcessedRaInfo {
@@ -464,7 +466,7 @@ message TelemetryData {
     optional Dhcp6PdState dhcp6_pd_state = 8;
 
     // DHCPv6 PD prefix
-    optional string pd_prefix = 9;
+    optional bytes hashed_pd_prefix = 9;
 
     // DHCPv6 PD processed RA Info
     optional PdProcessedRaInfo pd_processed_ra_info= 10;

src/utils/thread_helper.cpp

@@ -35,8 +35,6 @@
 #include <string.h>
 #include <time.h>
 
-#include <string>
-
 #include <openthread/border_router.h>
 #include <openthread/channel_manager.h>
 #include <openthread/dataset_ftd.h>
@@ -50,6 +48,10 @@
 #include <openthread/nat64.h>
 #include "utils/sha256.hpp"
 #endif
+#if OTBR_ENABLE_DHCP6_PD
+#include <vector>
+#include <openthread/ip6.h>
+#endif
 #if OTBR_ENABLE_LINK_METRICS_TELEMETRY
 #include <openthread/link_metrics.h>
 #endif
@@ -187,19 +189,26 @@ void CopyNat64TrafficCounters(const otNat64Counters &from, threadnetwork::Teleme
 #if OTBR_ENABLE_DHCP6_PD
 threadnetwork::TelemetryData_Dhcp6PdState Dhcp6PdStateFromOtDhcp6PdState(otBorderRoutingDhcp6PdState dhcp6PdState)
 {
+    threadnetwork::TelemetryData_Dhcp6PdState pdState = threadnetwork::TelemetryData::DHCP6_PD_STATE_UNSPECIFIED;
+
     switch (dhcp6PdState)
     {
     case OT_BORDER_ROUTING_DHCP6_PD_STATE_DISABLED:
-        return threadnetwork::TelemetryData::DHCP6_PD_STATE_DISABLED;
+        pdState = threadnetwork::TelemetryData::DHCP6_PD_STATE_DISABLED;
+        break;
     case OT_BORDER_ROUTING_DHCP6_PD_STATE_STOPPED:
-        return threadnetwork::TelemetryData::DHCP6_PD_STATE_STOPPED;
+        pdState = threadnetwork::TelemetryData::DHCP6_PD_STATE_STOPPED;
+        break;
     case OT_BORDER_ROUTING_DHCP6_PD_STATE_RUNNING:
-        return threadnetwork::TelemetryData::DHCP6_PD_STATE_RUNNING;
+        pdState = threadnetwork::TelemetryData::DHCP6_PD_STATE_RUNNING;
+        break;
     default:
-        return threadnetwork::TelemetryData::DHCP6_PD_STATE_DISABLED;
+        break;
     }
+
+    return pdState;
 }
-#endif  // OTBR_ENABLE_DHCP6_PD
+#endif // OTBR_ENABLE_DHCP6_PD
 
 void CopyMdnsResponseCounters(const MdnsResponseCounters &from, threadnetwork::TelemetryData_MdnsResponseCounters *to)
 {
@@ -219,10 +228,10 @@ ThreadHelper::ThreadHelper(otInstance *aInstance, otbr::Ncp::ControllerOpenThrea
     : mInstance(aInstance)
     , mNcp(aNcp)
 {
-#if OTBR_ENABLE_TELEMETRY_DATA_API && OTBR_ENABLE_NAT64
+#if OTBR_ENABLE_TELEMETRY_DATA_API && (OTBR_ENABLE_NAT64 || OTBR_ENABLE_DHCP6_PD)
     otError error;
 
-    SuccessOrExit(error = otPlatCryptoRandomGet(mNat64Ipv6AddressSalt, sizeof(mNat64Ipv6AddressSalt)));
+    SuccessOrExit(error = otPlatCryptoRandomGet(mNat64PdCommonSalt, sizeof(mNat64PdCommonSalt)));
 
 exit:
     if (error != OT_ERROR_NONE)
@@ -1162,10 +1171,6 @@ otError ThreadHelper::RetrieveTelemetryData(Mdns::Publisher *aPublisher, threadn
             otBorderRoutingCounters->mInboundMulticast.mPackets);
         borderRoutingCouters->mutable_inbound_multicast()->set_byte_count(
             otBorderRoutingCounters->mInboundMulticast.mBytes);
-        borderRoutingCouters->mutable_inbound_internet()->set_packet_count(
-            otBorderRoutingCounters->mInboundInternet.mPackets);
-        borderRoutingCouters->mutable_inbound_internet()->set_byte_count(
-            otBorderRoutingCounters->mInboundInternet.mBytes);
         borderRoutingCouters->mutable_outbound_unicast()->set_packet_count(
             otBorderRoutingCounters->mOutboundUnicast.mPackets);
         borderRoutingCouters->mutable_outbound_unicast()->set_byte_count(
@@ -1174,16 +1179,20 @@ otError ThreadHelper::RetrieveTelemetryData(Mdns::Publisher *aPublisher, threadn
             otBorderRoutingCounters->mOutboundMulticast.mPackets);
         borderRoutingCouters->mutable_outbound_multicast()->set_byte_count(
             otBorderRoutingCounters->mOutboundMulticast.mBytes);
-        borderRoutingCouters->mutable_outbound_internet()->set_packet_count(
-            otBorderRoutingCounters->mOutboundInternet.mPackets);
-        borderRoutingCouters->mutable_outbound_internet()->set_byte_count(
-            otBorderRoutingCounters->mOutboundInternet.mBytes);
         borderRoutingCouters->set_ra_rx(otBorderRoutingCounters->mRaRx);
         borderRoutingCouters->set_ra_tx_success(otBorderRoutingCounters->mRaTxSuccess);
         borderRoutingCouters->set_ra_tx_failure(otBorderRoutingCounters->mRaTxFailure);
         borderRoutingCouters->set_rs_rx(otBorderRoutingCounters->mRsRx);
         borderRoutingCouters->set_rs_tx_success(otBorderRoutingCounters->mRsTxSuccess);
         borderRoutingCouters->set_rs_tx_failure(otBorderRoutingCounters->mRsTxFailure);
+        borderRoutingCouters->mutable_inbound_internet()->set_packet_count(
+            otBorderRoutingCounters->mInboundInternet.mPackets);
+        borderRoutingCouters->mutable_inbound_internet()->set_byte_count(
+            otBorderRoutingCounters->mInboundInternet.mBytes);
+        borderRoutingCouters->mutable_outbound_internet()->set_packet_count(
+            otBorderRoutingCounters->mOutboundInternet.mPackets);
+        borderRoutingCouters->mutable_outbound_internet()->set_byte_count(
+            otBorderRoutingCounters->mOutboundInternet.mBytes);
 
 #if OTBR_ENABLE_NAT64
         {
@@ -1368,17 +1377,17 @@ otError ThreadHelper::RetrieveTelemetryData(Mdns::Publisher *aPublisher, threadn
                 CopyNat64TrafficCounters(otMapping.mCounters.mIcmp, nat64MappingCounters->mutable_icmp());
 
                 {
-                    uint8_t ipAddrShaInput[OT_IP6_ADDRESS_SIZE + kNat64SourceAddressHashSaltLength];
+                    uint8_t ipAddrShaInput[OT_IP6_ADDRESS_SIZE + kNat64PdCommonHashSaltLength];
                     memcpy(ipAddrShaInput, otMapping.mIp6.mFields.m8, sizeof(otMapping.mIp6.mFields.m8));
-                    memcpy(&ipAddrShaInput[sizeof(otMapping.mIp6.mFields.m8)], mNat64Ipv6AddressSalt,
-                           sizeof(mNat64Ipv6AddressSalt));
+                    memcpy(&ipAddrShaInput[sizeof(otMapping.mIp6.mFields.m8)], mNat64PdCommonSalt,
+                           sizeof(mNat64PdCommonSalt));
 
                     sha256.Start();
                     sha256.Update(ipAddrShaInput, sizeof(ipAddrShaInput));
                     sha256.Finish(hash);
 
                     nat64Mapping->mutable_hashed_ipv6_address()->append(reinterpret_cast<const char *>(hash.GetBytes()),
-                                                                        sizeof(hash.GetBytes()));
+                                                                        Sha256::Hash::kSize);
                     // Remaining time is not included in the telemetry
                 }
             }
@@ -1388,31 +1397,64 @@ otError ThreadHelper::RetrieveTelemetryData(Mdns::Publisher *aPublisher, threadn
 #if OTBR_ENABLE_DHCP6_PD
         // Start of Dhcp6PdState section.
         {
-            auto dhcp6PdState = wpanBorderRouter->mutable_dhcp6_pd_state();
-            dhcp6PdState->set_dhcp6_pd_state(Dhcp6PdStateFromOtDhcp6PdState(otBorderRoutingDhcp6PdGetState(mInstance)));
+            wpanBorderRouter->set_dhcp6_pd_state(
+                Dhcp6PdStateFromOtDhcp6PdState(otBorderRoutingDhcp6PdGetState(mInstance)));
         }
         // End of Dhcp6PdState section.
 
-        // Start of PD prefix
+        // Start of Hashed PD prefix
         {
-        char buffer[OT_IP6_PREFIX_STRING_SIZE];
-        otBorderRoutingGetPdOmrPrefix(mInstance, &aPrefixInfo);
-        otIp6PrefixToString(aPrefixInfo.mPrefix, buffer, sizeof(string));
-        wpanBorderRouter->set_pd_prefix(buffer);
+            otBorderRoutingPrefixTableEntry aPrefixInfo;
+            const uint8_t                  *prefixAddr          = nullptr;
+            const uint8_t                  *truncatedHash       = nullptr;
+            constexpr size_t                kHashPrefixLength   = 6;
+            constexpr size_t                kHashedPrefixLength = 2;
+            std::vector<uint8_t>            hashedPpdHeader     = {0x20, 0x01, 0x0d, 0xb8};
+            std::vector<uint8_t>            hashedPdTailer      = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
+            std::vector<uint8_t>            hashedPdPrefix;
+            hashedPdPrefix.reserve(16);
+            Sha256       sha256;
+            Sha256::Hash hash;
+
+            otBorderRoutingGetPdOmrPrefix(mInstance, &aPrefixInfo);
+            prefixAddr = aPrefixInfo.mPrefix.mPrefix.mFields.m8;
+
+            sha256.Start();
+            sha256.Update(prefixAddr, kHashPrefixLength);
+            sha256.Update(mNat64PdCommonSalt, kNat64PdCommonHashSaltLength);
+            sha256.Finish(hash);
+
+            // Append hashedPpdHeader
+            hashedPdPrefix.insert(hashedPdPrefix.end(), hashedPpdHeader.begin(), hashedPpdHeader.end());
+
+            // Append the first 2 bytes of the hashed prefix
+            truncatedHash = hash.GetBytes();
+            hashedPdPrefix.insert(hashedPdPrefix.end(), truncatedHash, truncatedHash + kHashedPrefixLength);
+
+            // Append ip[6] and ip[7]
+            hashedPdPrefix.push_back(prefixAddr[6]);
+            hashedPdPrefix.push_back(prefixAddr[7]);
+
+            // Append hashedPdTailer
+            hashedPdPrefix.insert(hashedPdPrefix.end(), hashedPdTailer.begin(), hashedPdTailer.end());
+
+            wpanBorderRouter->mutable_hashed_pd_prefix()->append(reinterpret_cast<const char *>(hashedPdPrefix.data()),
+                                                                 hashedPdPrefix.size());
         }
-        // End of PD prefix
+        // End of Hashed PD prefix
         // Start of DHCPv6 PD processed RA Info
         {
-            auto pdProcessedRaInfo    = wpanBorderRouter->mutable_pd_processed_ra_info();
+            auto                pdProcessedRaInfo = wpanBorderRouter->mutable_pd_processed_ra_info();
             otPdProcessedRaInfo raInfo;
+
             otBorderRoutingGetPdProcessedRaInfo(mInstance, &raInfo);
             pdProcessedRaInfo->set_num_platform_ra_received(raInfo.mNumPlatformRaReceived);
             pdProcessedRaInfo->set_num_platform_pio_processed(raInfo.mNumPlatformPioProcessed);
             pdProcessedRaInfo->set_last_platform_ra_msec(raInfo.mLastPlatformRaMsec);
         }
         // End of DHCPv6 PD processed RA Info
-#endif  // OTBR_ENABLE_DHCP6_PD
-        // End of WpanBorderRouter section.
+#endif // OTBR_ENABLE_DHCP6_PD
+       // End of WpanBorderRouter section.
 
         // Start of WpanRcp section.
         {

src/utils/thread_helper.hpp

@@ -332,9 +332,9 @@ class ThreadHelper
     UpdateMeshCopTxtHandler mUpdateMeshCopTxtHandler;
 #endif
 
-#if OTBR_ENABLE_TELEMETRY_DATA_API & OTBR_ENABLE_NAT64
-    static const uint8_t kNat64SourceAddressHashSaltLength = 16;
-    uint8_t              mNat64Ipv6AddressSalt[kNat64SourceAddressHashSaltLength];
+#if OTBR_ENABLE_TELEMETRY_DATA_API && (OTBR_ENABLE_NAT64 || OTBR_ENABLE_DHCP6_PD)
+    static constexpr uint8_t kNat64PdCommonHashSaltLength = 16;
+    uint8_t                  mNat64PdCommonSalt[kNat64PdCommonHashSaltLength];
 #endif
 };
 

tests/dbus/test_dbus_client.cpp

@@ -287,7 +287,7 @@ void CheckTelemetryData(ThreadApiDBus *aApi)
                 threadnetwork::TelemetryData::NAT64_STATE_NOT_RUNNING);
 #endif
 #if OTBR_ENABLE_DHCP6_PD
-    TEST_ASSERT(telemetryData.wpan_border_router().pd_prefix() != NULL);
+    TEST_ASSERT(!telemetryData.wpan_border_router().hashed_pd_prefix().empty());
 #endif
     TEST_ASSERT(telemetryData.wpan_rcp().rcp_interface_statistics().transferred_frames_count() > 0);
     TEST_ASSERT(telemetryData.coex_metrics().count_tx_request() > 0);