From 1c0b3117bb5ffdc91871b912da91c1dc82a5064e Mon Sep 17 00:00:00 2001 From: Evgeni Margolis Date: Sat, 5 Mar 2022 18:51:41 -0800 Subject: [PATCH] Updated PASE PasscodeId to Always be 0 to Match Spec -- Removed PasscodeId from all APIs. -- When opening an ECM window, the passcodeID to use in PASE PBKDFParamRequest is always 0. -- Non-zero values of passcodeID in PASE PBKDFParamRequest are forbidden. -- Removed PasscodeId field in OpenCommissioningWindow command needs. --- .../all-clusters-app.matter | 1 - .../bridge-common/bridge-app.matter | 1 - .../door-lock-common/door-lock-app.matter | 1 - .../light-switch-app.matter | 1 - .../lighting-common/lighting-app.matter | 1 - examples/lock-app/lock-common/lock-app.matter | 1 - .../ota-requestor-app.matter | 1 - examples/pump-app/pump-common/pump-app.matter | 1 - .../pump-controller-app.matter | 1 - .../esp32/main/temperature-measurement.matter | 1 - .../thermostat-common/thermostat.matter | 1 - examples/tv-app/tv-common/tv-app.matter | 1 - .../tv-casting-common/tv-casting-app.matter | 1 - examples/window-app/common/window-app.matter | 1 - .../administrator-commissioning-server.cpp | 3 +- src/app/server/CommissioningWindowManager.cpp | 14 +++--- src/app/server/CommissioningWindowManager.h | 4 +- src/app/tests/TestCommissionManager.cpp | 4 +- .../administrator-commissioning-cluster.xml | 1 - src/controller/CHIPDeviceController.cpp | 7 +-- src/controller/CHIPDeviceController.h | 6 +-- .../data_model/controller-clusters.matter | 1 - .../java/CHIPDeviceController-JNI.cpp | 12 ++--- .../ChipDeviceController.java | 2 +- .../devicecontroller/PaseVerifierParams.java | 21 ++------- .../chip/devicecontroller/ChipClusters.java | 3 -- .../devicecontroller/ClusterInfoMapping.java | 8 ---- .../python/chip/clusters/CHIPClusters.py | 1 - .../python/chip/clusters/Objects.py | 2 - .../CHIP/zap-generated/CHIPClustersObjc.mm | 1 - .../zap-generated/CHIPCommandPayloadsObjc.h | 1 - .../zap-generated/CHIPCommandPayloadsObjc.mm | 2 - src/protocols/secure_channel/PASESession.cpp | 25 +++++----- src/protocols/secure_channel/PASESession.h | 12 ++--- .../secure_channel/tests/TestPASESession.cpp | 47 +++++++++---------- .../zap-generated/cluster-objects.cpp | 4 -- .../zap-generated/cluster-objects.h | 3 -- .../zap-generated/cluster/Commands.h | 1 - 38 files changed, 58 insertions(+), 141 deletions(-) diff --git a/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter b/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter index 9b2755b6c30801..51c896eb30ba57 100644 --- a/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter +++ b/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter @@ -99,7 +99,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/bridge-app/bridge-common/bridge-app.matter b/examples/bridge-app/bridge-common/bridge-app.matter index f181f6b8f04a38..312e99cd554b5b 100644 --- a/examples/bridge-app/bridge-common/bridge-app.matter +++ b/examples/bridge-app/bridge-common/bridge-app.matter @@ -158,7 +158,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/door-lock-app/door-lock-common/door-lock-app.matter b/examples/door-lock-app/door-lock-common/door-lock-app.matter index 388266623cd4a3..cd3a9880e1b3cb 100644 --- a/examples/door-lock-app/door-lock-common/door-lock-app.matter +++ b/examples/door-lock-app/door-lock-common/door-lock-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/light-switch-app/light-switch-common/light-switch-app.matter b/examples/light-switch-app/light-switch-common/light-switch-app.matter index 6a3bb56e8b50f4..6dfb199c86a493 100644 --- a/examples/light-switch-app/light-switch-common/light-switch-app.matter +++ b/examples/light-switch-app/light-switch-common/light-switch-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/lighting-app/lighting-common/lighting-app.matter b/examples/lighting-app/lighting-common/lighting-app.matter index 5aabcaad49974e..2f7b48080c2e60 100644 --- a/examples/lighting-app/lighting-common/lighting-app.matter +++ b/examples/lighting-app/lighting-common/lighting-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/lock-app/lock-common/lock-app.matter b/examples/lock-app/lock-common/lock-app.matter index 4989ee7548dd82..209fd9de61d73d 100644 --- a/examples/lock-app/lock-common/lock-app.matter +++ b/examples/lock-app/lock-common/lock-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter b/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter index 4fca136829d232..d66db472b19f94 100644 --- a/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter +++ b/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/pump-app/pump-common/pump-app.matter b/examples/pump-app/pump-common/pump-app.matter index dcec916f5a3e3a..efb7faa268a6e9 100644 --- a/examples/pump-app/pump-common/pump-app.matter +++ b/examples/pump-app/pump-common/pump-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter b/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter index 9877dda276a130..6574e3a7abe716 100644 --- a/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter +++ b/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter b/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter index d8a7e2b2c8c86f..8f6a97fdf9993c 100644 --- a/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter +++ b/examples/temperature-measurement-app/esp32/main/temperature-measurement.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/thermostat/thermostat-common/thermostat.matter b/examples/thermostat/thermostat-common/thermostat.matter index 34af03792f3def..21e61114ca0084 100644 --- a/examples/thermostat/thermostat-common/thermostat.matter +++ b/examples/thermostat/thermostat-common/thermostat.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/tv-app/tv-common/tv-app.matter b/examples/tv-app/tv-common/tv-app.matter index 12a4f1428a4f29..b5af48262dbb83 100644 --- a/examples/tv-app/tv-common/tv-app.matter +++ b/examples/tv-app/tv-common/tv-app.matter @@ -117,7 +117,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter b/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter index 9aee7904ef9d0a..59b29c287f501d 100644 --- a/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter +++ b/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter @@ -113,7 +113,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/examples/window-app/common/window-app.matter b/examples/window-app/common/window-app.matter index e7aa5758c407ea..25a387ec364270 100644 --- a/examples/window-app/common/window-app.matter +++ b/examples/window-app/common/window-app.matter @@ -96,7 +96,6 @@ server cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/src/app/clusters/administrator-commissioning-server/administrator-commissioning-server.cpp b/src/app/clusters/administrator-commissioning-server/administrator-commissioning-server.cpp index 9a9bcaa32ef73d..5302609f0fa064 100644 --- a/src/app/clusters/administrator-commissioning-server/administrator-commissioning-server.cpp +++ b/src/app/clusters/administrator-commissioning-server/administrator-commissioning-server.cpp @@ -95,7 +95,6 @@ bool emberAfAdministratorCommissioningClusterOpenCommissioningWindowCallback( auto & discriminator = commandData.discriminator; auto & iterations = commandData.iterations; auto & salt = commandData.salt; - auto & passcodeID = commandData.passcodeID; Optional status = Optional::Missing(); Spake2pVerifier verifier; @@ -124,7 +123,7 @@ bool emberAfAdministratorCommissioningClusterOpenCommissioningWindowCallback( VerifyOrExit(verifier.Deserialize(pakeVerifier) == CHIP_NO_ERROR, status.Emplace(StatusCode::EMBER_ZCL_STATUS_CODE_PAKE_PARAMETER_ERROR)); VerifyOrExit(Server::GetInstance().GetCommissioningWindowManager().OpenEnhancedCommissioningWindow( - commissioningTimeout, discriminator, verifier, iterations, salt, passcodeID) == CHIP_NO_ERROR, + commissioningTimeout, discriminator, verifier, iterations, salt) == CHIP_NO_ERROR, status.Emplace(StatusCode::EMBER_ZCL_STATUS_CODE_PAKE_PARAMETER_ERROR)); ChipLogProgress(Zcl, "Commissioning window is now open"); diff --git a/src/app/server/CommissioningWindowManager.cpp b/src/app/server/CommissioningWindowManager.cpp index 2e608d501b116b..fa421f532138b0 100644 --- a/src/app/server/CommissioningWindowManager.cpp +++ b/src/app/server/CommissioningWindowManager.cpp @@ -85,7 +85,6 @@ void CommissioningWindowManager::ResetState() mUseECM = false; mECMDiscriminator = 0; - mECMPasscodeID = 0; mECMIterations = 0; mECMSaltLength = 0; mWindowStatus = app::Clusters::AdministratorCommissioning::CommissioningWindowStatus::kWindowNotOpen; @@ -183,8 +182,8 @@ CHIP_ERROR CommissioningWindowManager::OpenCommissioningWindow() { ReturnErrorOnFailure(SetTemporaryDiscriminator(mECMDiscriminator)); ReturnErrorOnFailure( - mPairingSession.WaitForPairing(mECMPASEVerifier, mECMIterations, ByteSpan(mECMSalt, mECMSaltLength), mECMPasscodeID, - keyID, Optional::Value(GetLocalMRPConfig()), this)); + mPairingSession.WaitForPairing(mECMPASEVerifier, mECMIterations, ByteSpan(mECMSalt, mECMSaltLength), keyID, + Optional::Value(GetLocalMRPConfig()), this)); } else { @@ -202,9 +201,9 @@ CHIP_ERROR CommissioningWindowManager::OpenCommissioningWindow() VerifyOrReturnError(kSpake2p_VerifierSerialized_Length == serializedVerifierLen, CHIP_ERROR_INVALID_ARGUMENT); ReturnErrorOnFailure(verifier.Deserialize(ByteSpan(serializedVerifier))); - ReturnErrorOnFailure( - mPairingSession.WaitForPairing(verifier, iterationCount, ByteSpan(salt, saltLen), kDefaultCommissioningPasscodeId, - keyID, Optional::Value(GetLocalMRPConfig()), this)); + ReturnErrorOnFailure(mPairingSession.WaitForPairing(verifier, iterationCount, ByteSpan(salt, saltLen), keyID, + Optional::Value(GetLocalMRPConfig()), + this)); } ReturnErrorOnFailure(StartAdvertisement()); @@ -241,7 +240,7 @@ CHIP_ERROR CommissioningWindowManager::OpenBasicCommissioningWindow(uint16_t com CHIP_ERROR CommissioningWindowManager::OpenEnhancedCommissioningWindow(uint16_t commissioningTimeoutSeconds, uint16_t discriminator, Spake2pVerifier & verifier, uint32_t iterations, - ByteSpan salt, PasscodeId passcodeID) + ByteSpan salt) { // Once a device is operational, it shall be commissioned into subsequent fabrics using // the operational network only. @@ -256,7 +255,6 @@ CHIP_ERROR CommissioningWindowManager::OpenEnhancedCommissioningWindow(uint16_t mCommissioningTimeoutSeconds = commissioningTimeoutSeconds; mECMDiscriminator = discriminator; - mECMPasscodeID = passcodeID; mECMIterations = iterations; memcpy(&mECMPASEVerifier, &verifier, sizeof(Spake2pVerifier)); diff --git a/src/app/server/CommissioningWindowManager.h b/src/app/server/CommissioningWindowManager.h index ec61eebe649c19..02dde6edeb77c9 100644 --- a/src/app/server/CommissioningWindowManager.h +++ b/src/app/server/CommissioningWindowManager.h @@ -56,8 +56,7 @@ class CommissioningWindowManager : public SessionEstablishmentDelegate, public a CommissioningWindowAdvertisement advertisementMode = chip::CommissioningWindowAdvertisement::kAllSupported); CHIP_ERROR OpenEnhancedCommissioningWindow(uint16_t commissioningTimeoutSeconds, uint16_t discriminator, - Spake2pVerifier & verifier, uint32_t iterations, chip::ByteSpan salt, - PasscodeId passcodeID); + Spake2pVerifier & verifier, uint32_t iterations, chip::ByteSpan salt); void CloseCommissioningWindow(); @@ -113,7 +112,6 @@ class CommissioningWindowManager : public SessionEstablishmentDelegate, public a bool mUseECM = false; Spake2pVerifier mECMPASEVerifier; uint16_t mECMDiscriminator = 0; - PasscodeId mECMPasscodeID = kDefaultCommissioningPasscodeId; // mListeningForPASE is true only when we are listening for // PBKDFParamRequest messages. bool mListeningForPASE = false; diff --git a/src/app/tests/TestCommissionManager.cpp b/src/app/tests/TestCommissionManager.cpp index e594fb54172e3a..e823d7f8eebe76 100644 --- a/src/app/tests/TestCommissionManager.cpp +++ b/src/app/tests/TestCommissionManager.cpp @@ -143,11 +143,9 @@ void CheckCommissioningWindowManagerEnhancedWindowTask(intptr_t context) constexpr uint32_t kIterations = chip::kSpake2p_Min_PBKDF_Iterations; uint8_t salt[chip::kSpake2p_Min_PBKDF_Salt_Length]; chip::ByteSpan saltData(salt); - constexpr chip::PasscodeId kPasscodeID = 1; uint16_t currentDiscriminator; - err = commissionMgr.OpenEnhancedCommissioningWindow(kNoCommissioningTimeout, newDiscriminator, verifier, kIterations, saltData, - kPasscodeID); + err = commissionMgr.OpenEnhancedCommissioningWindow(kNoCommissioningTimeout, newDiscriminator, verifier, kIterations, saltData); NL_TEST_ASSERT(suite, err == CHIP_NO_ERROR); NL_TEST_ASSERT(suite, commissionMgr.CommissioningWindowStatus() == diff --git a/src/app/zap-templates/zcl/data-model/chip/administrator-commissioning-cluster.xml b/src/app/zap-templates/zcl/data-model/chip/administrator-commissioning-cluster.xml index 2343df7f1b98ab..96608c0b9c8a65 100644 --- a/src/app/zap-templates/zcl/data-model/chip/administrator-commissioning-cluster.xml +++ b/src/app/zap-templates/zcl/data-model/chip/administrator-commissioning-cluster.xml @@ -49,7 +49,6 @@ limitations under the License. - diff --git a/src/controller/CHIPDeviceController.cpp b/src/controller/CHIPDeviceController.cpp index c4494192a92b71..6be94f41047b7b 100644 --- a/src/controller/CHIPDeviceController.cpp +++ b/src/controller/CHIPDeviceController.cpp @@ -442,11 +442,10 @@ void DeviceController::OnOpenPairingWindowFailureResponse(void * context, CHIP_E } CHIP_ERROR DeviceController::ComputePASEVerifier(uint32_t iterations, uint32_t setupPincode, const ByteSpan & salt, - Spake2pVerifier & outVerifier, PasscodeId & outPasscodeId) + Spake2pVerifier & outVerifier) { ReturnErrorOnFailure(PASESession::GeneratePASEVerifier(outVerifier, iterations, salt, /* useRandomPIN= */ false, setupPincode)); - outPasscodeId = mPAKEVerifierID++; return CHIP_NO_ERROR; } @@ -529,7 +528,6 @@ CHIP_ERROR DeviceController::OpenCommissioningWindowInternal() request.discriminator = mSetupPayload.discriminator; request.iterations = mCommissioningWindowIteration; request.salt = salt; - request.passcodeID = mPAKEVerifierID++; // TODO: What should the timed invoke timeout here be? uint16_t timedInvokeTimeoutMs = 10000; @@ -834,8 +832,7 @@ CHIP_ERROR DeviceCommissioner::EstablishPASEConnection(NodeId remoteDeviceId, Re exchangeCtxt = mSystemState->ExchangeMgr()->NewContext(session.Value(), &device->GetPairing()); VerifyOrExit(exchangeCtxt != nullptr, err = CHIP_ERROR_INTERNAL); - // TODO: Need to determine how PasscodeId is provided for a non-default case. i.e. ECM - err = device->GetPairing().Pair(params.GetPeerAddress(), params.GetSetupPINCode(), kDefaultCommissioningPasscodeId, keyID, + err = device->GetPairing().Pair(params.GetPeerAddress(), params.GetSetupPINCode(), keyID, Optional::Value(GetLocalMRPConfig()), exchangeCtxt, this); SuccessOrExit(err); diff --git a/src/controller/CHIPDeviceController.h b/src/controller/CHIPDeviceController.h index e4979b7b24e963..1d25476e49e7de 100644 --- a/src/controller/CHIPDeviceController.h +++ b/src/controller/CHIPDeviceController.h @@ -243,12 +243,11 @@ class DLL_EXPORT DeviceController : public SessionRecoveryDelegate, * @param[in] setupPincode The desired PIN code to use * @param[in] salt The 16-byte salt for verifier computation * @param[out] outVerifier The Spake2pVerifier to be populated on success - * @param[out] outPasscodeId The passcode ID to be populated on success * * @return CHIP_ERROR CHIP_NO_ERROR on success, or corresponding error */ - CHIP_ERROR ComputePASEVerifier(uint32_t iterations, uint32_t setupPincode, const ByteSpan & salt, Spake2pVerifier & outVerifier, - PasscodeId & outPasscodeId); + CHIP_ERROR ComputePASEVerifier(uint32_t iterations, uint32_t setupPincode, const ByteSpan & salt, + Spake2pVerifier & outVerifier); /** * @brief @@ -411,7 +410,6 @@ class DLL_EXPORT DeviceController : public SessionRecoveryDelegate, static void OnOpenPairingWindowFailureResponse(void * context, CHIP_ERROR error); CHIP_ERROR ProcessControllerNOCChain(const ControllerInitParams & params); - PasscodeId mPAKEVerifierID = 1; }; /** diff --git a/src/controller/data_model/controller-clusters.matter b/src/controller/data_model/controller-clusters.matter index d9402ed8ebb13f..3871e652484dc7 100644 --- a/src/controller/data_model/controller-clusters.matter +++ b/src/controller/data_model/controller-clusters.matter @@ -125,7 +125,6 @@ client cluster AdministratorCommissioning = 60 { INT16U discriminator = 2; INT32U iterations = 3; OCTET_STRING salt = 4; - INT16U passcodeID = 5; } timed command OpenBasicCommissioningWindow(OpenBasicCommissioningWindowRequest): DefaultSuccess = 1; diff --git a/src/controller/java/CHIPDeviceController-JNI.cpp b/src/controller/java/CHIPDeviceController-JNI.cpp index 1d5e1fcc080bed..f653f51765626a 100644 --- a/src/controller/java/CHIPDeviceController-JNI.cpp +++ b/src/controller/java/CHIPDeviceController-JNI.cpp @@ -66,8 +66,7 @@ using namespace chip::Controller; #define CDC_JNI_CALLBACK_LOCAL_REF_COUNT 256 static void * IOThreadMain(void * arg); -static CHIP_ERROR N2J_PaseVerifierParams(JNIEnv * env, jlong setupPincode, jint passcodeId, jbyteArray pakeVerifier, - jobject & outParams); +static CHIP_ERROR N2J_PaseVerifierParams(JNIEnv * env, jlong setupPincode, jbyteArray pakeVerifier, jobject & outParams); static CHIP_ERROR N2J_NetworkLocation(JNIEnv * env, jstring ipAddress, jint port, jobject & outLocation); static CHIP_ERROR GetChipPathIdValue(jobject chipPathId, uint32_t wildcardValue, uint32_t & outValue); static CHIP_ERROR ParseAttributePathList(jobject attributePathList, @@ -668,7 +667,6 @@ JNI_METHOD(jobject, computePaseVerifier) CHIP_ERROR err = CHIP_NO_ERROR; jobject params; jbyteArray verifierBytes; - PasscodeId passcodeId; Spake2pVerifier verifier; Spake2pVerifierSerialized serializedVerifier; MutableByteSpan serializedVerifierSpan(serializedVerifier); @@ -677,7 +675,7 @@ JNI_METHOD(jobject, computePaseVerifier) ChipLogProgress(Controller, "computePaseVerifier() called"); AndroidDeviceControllerWrapper * wrapper = AndroidDeviceControllerWrapper::FromJNIHandle(handle); - err = wrapper->Controller()->ComputePASEVerifier(iterations, setupPincode, jniSalt.byteSpan(), verifier, passcodeId); + err = wrapper->Controller()->ComputePASEVerifier(iterations, setupPincode, jniSalt.byteSpan(), verifier); SuccessOrExit(err); err = verifier.Serialize(serializedVerifierSpan); @@ -686,7 +684,7 @@ JNI_METHOD(jobject, computePaseVerifier) err = JniReferences::GetInstance().N2J_ByteArray(env, serializedVerifier, kSpake2p_VerifierSerialized_Length, verifierBytes); SuccessOrExit(err); - err = N2J_PaseVerifierParams(env, setupPincode, static_cast(passcodeId), verifierBytes, params); + err = N2J_PaseVerifierParams(env, setupPincode, verifierBytes, params); SuccessOrExit(err); return params; exit: @@ -908,7 +906,7 @@ void * IOThreadMain(void * arg) return NULL; } -CHIP_ERROR N2J_PaseVerifierParams(JNIEnv * env, jlong setupPincode, jint passcodeId, jbyteArray paseVerifier, jobject & outParams) +CHIP_ERROR N2J_PaseVerifierParams(JNIEnv * env, jlong setupPincode, jbyteArray paseVerifier, jobject & outParams) { CHIP_ERROR err = CHIP_NO_ERROR; jmethodID constructor; @@ -922,7 +920,7 @@ CHIP_ERROR N2J_PaseVerifierParams(JNIEnv * env, jlong setupPincode, jint passcod constructor = env->GetMethodID(paramsClass, "", "(JI[B)V"); VerifyOrExit(constructor != nullptr, err = CHIP_JNI_ERROR_METHOD_NOT_FOUND); - outParams = (jobject) env->NewObject(paramsClass, constructor, setupPincode, passcodeId, paseVerifier); + outParams = (jobject) env->NewObject(paramsClass, constructor, setupPincode, paseVerifier); VerifyOrExit(!env->ExceptionCheck(), err = CHIP_JNI_ERROR_EXCEPTION_THROWN); exit: diff --git a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java index 2ee00811bcc963..85af26649e4fd1 100644 --- a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java +++ b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java @@ -347,7 +347,7 @@ public void readPath( public native byte[] convertX509CertToMatterCert(byte[] x509Cert); /** - * Generates a new PASE verifier and passcode ID for the given setup PIN code. + * Generates a new PASE verifier for the given setup PIN code. * * @param devicePtr a pointer to the device object for which to generate the PASE verifier * @param setupPincode the PIN code to use diff --git a/src/controller/java/src/chip/devicecontroller/PaseVerifierParams.java b/src/controller/java/src/chip/devicecontroller/PaseVerifierParams.java index cc2ea0876ddc20..30ca681a3a093c 100644 --- a/src/controller/java/src/chip/devicecontroller/PaseVerifierParams.java +++ b/src/controller/java/src/chip/devicecontroller/PaseVerifierParams.java @@ -7,19 +7,16 @@ public final class PaseVerifierParams { private final long setupPincode; - private final int passcodeId; private final byte[] pakeVerifier; /** * Constructor * * @param setupPincode the PIN code associated with this verifier - * @param passcodeId the passcode ID for this generated verifier * @param pakeVerifier the encoded verifier (concatenation of w0 and L) */ - public PaseVerifierParams(long setupPincode, int passcodeId, byte[] pakeVerifier) { + public PaseVerifierParams(long setupPincode, byte[] pakeVerifier) { this.setupPincode = setupPincode; - this.passcodeId = passcodeId; this.pakeVerifier = pakeVerifier.clone(); } @@ -28,11 +25,6 @@ public long getSetupPincode() { return setupPincode; } - /** Returns the passcode ID for this generated verifier. */ - public int getPasscodeId() { - return passcodeId; - } - /** * Returns the encoded PAKE verifier (the concatenation of w0 and L, as described in section 3.10 * (PAKE) of the Matter specification). @@ -49,21 +41,14 @@ public boolean equals(Object other) { return false; } else { PaseVerifierParams that = (PaseVerifierParams) other; - return setupPincode == that.setupPincode - && passcodeId == that.passcodeId - && Arrays.equals(pakeVerifier, that.pakeVerifier); + return setupPincode == that.setupPincode && Arrays.equals(pakeVerifier, that.pakeVerifier); } } @Override public int hashCode() { - int result = Objects.hash(setupPincode, passcodeId); + int result = Objects.hash(setupPincode); result = 31 * result + Arrays.hashCode(pakeVerifier); return result; } - - @Override - public String toString() { - return "PaseVerifierParams{ passcodeId=" + passcodeId + " }"; - } } diff --git a/src/controller/java/zap-generated/chip/devicecontroller/ChipClusters.java b/src/controller/java/zap-generated/chip/devicecontroller/ChipClusters.java index 4dccdbf9cbde37..31fc6c2c19cd69 100644 --- a/src/controller/java/zap-generated/chip/devicecontroller/ChipClusters.java +++ b/src/controller/java/zap-generated/chip/devicecontroller/ChipClusters.java @@ -478,7 +478,6 @@ public void openCommissioningWindow( Integer discriminator, Long iterations, byte[] salt, - Integer passcodeID, int timedInvokeTimeoutMs) { openCommissioningWindow( chipClusterPtr, @@ -488,7 +487,6 @@ public void openCommissioningWindow( discriminator, iterations, salt, - passcodeID, timedInvokeTimeoutMs); } @@ -511,7 +509,6 @@ private native void openCommissioningWindow( Integer discriminator, Long iterations, byte[] salt, - Integer passcodeID, @Nullable Integer timedInvokeTimeoutMs); private native void revokeCommissioning( diff --git a/src/controller/java/zap-generated/chip/devicecontroller/ClusterInfoMapping.java b/src/controller/java/zap-generated/chip/devicecontroller/ClusterInfoMapping.java index 87923ab2843bf3..645892841fe67a 100644 --- a/src/controller/java/zap-generated/chip/devicecontroller/ClusterInfoMapping.java +++ b/src/controller/java/zap-generated/chip/devicecontroller/ClusterInfoMapping.java @@ -7683,13 +7683,6 @@ public Map> getCommandMap() { administratorCommissioningopenCommissioningWindowCommandParams.put( "salt", administratorCommissioningopenCommissioningWindowsaltCommandParameterInfo); - CommandParameterInfo - administratorCommissioningopenCommissioningWindowpasscodeIDCommandParameterInfo = - new CommandParameterInfo("passcodeID", Integer.class); - administratorCommissioningopenCommissioningWindowCommandParams.put( - "passcodeID", - administratorCommissioningopenCommissioningWindowpasscodeIDCommandParameterInfo); - InteractionInfo administratorCommissioningopenCommissioningWindowInteractionInfo = new InteractionInfo( (cluster, callback, commandArguments) -> { @@ -7701,7 +7694,6 @@ public Map> getCommandMap() { (Integer) commandArguments.get("discriminator"), (Long) commandArguments.get("iterations"), (byte[]) commandArguments.get("salt"), - (Integer) commandArguments.get("passcodeID"), 10000); }, () -> new DelegatedDefaultClusterCallback(), diff --git a/src/controller/python/chip/clusters/CHIPClusters.py b/src/controller/python/chip/clusters/CHIPClusters.py index 975ed8b8bcd82a..c04e11f4a01da9 100644 --- a/src/controller/python/chip/clusters/CHIPClusters.py +++ b/src/controller/python/chip/clusters/CHIPClusters.py @@ -148,7 +148,6 @@ class ChipClusters: "discriminator": "int", "iterations": "int", "salt": "bytes", - "passcodeID": "int", }, }, 0x00000002: { diff --git a/src/controller/python/chip/clusters/Objects.py b/src/controller/python/chip/clusters/Objects.py index 0b51ee35c4b3dd..81ef8395dc9063 100644 --- a/src/controller/python/chip/clusters/Objects.py +++ b/src/controller/python/chip/clusters/Objects.py @@ -13853,7 +13853,6 @@ def descriptor(cls) -> ClusterObjectDescriptor: ClusterObjectFieldDescriptor(Label="discriminator", Tag=2, Type=uint), ClusterObjectFieldDescriptor(Label="iterations", Tag=3, Type=uint), ClusterObjectFieldDescriptor(Label="salt", Tag=4, Type=bytes), - ClusterObjectFieldDescriptor(Label="passcodeID", Tag=5, Type=uint), ]) @ChipUtility.classproperty @@ -13865,7 +13864,6 @@ def must_use_timed_invoke(cls) -> bool: discriminator: 'uint' = 0 iterations: 'uint' = 0 salt: 'bytes' = b"" - passcodeID: 'uint' = 0 @dataclass class OpenBasicCommissioningWindow(ClusterCommand): diff --git a/src/darwin/Framework/CHIP/zap-generated/CHIPClustersObjc.mm b/src/darwin/Framework/CHIP/zap-generated/CHIPClustersObjc.mm index 24c0eb8f998b97..af887a9677acd4 100644 --- a/src/darwin/Framework/CHIP/zap-generated/CHIPClustersObjc.mm +++ b/src/darwin/Framework/CHIP/zap-generated/CHIPClustersObjc.mm @@ -892,7 +892,6 @@ - (void)openCommissioningWindowWithParams:(CHIPAdministratorCommissioningCluster request.discriminator = params.discriminator.unsignedShortValue; request.iterations = params.iterations.unsignedIntValue; request.salt = [self asByteSpan:params.salt]; - request.passcodeID = params.passcodeID.unsignedShortValue; new CHIPCommandSuccessCallbackBridge( self.callbackQueue, diff --git a/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.h b/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.h index 213f9cda4d836c..c26dc1428dcd4c 100644 --- a/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.h +++ b/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.h @@ -727,7 +727,6 @@ NS_ASSUME_NONNULL_BEGIN @property (strong, nonatomic) NSNumber * _Nonnull discriminator; @property (strong, nonatomic) NSNumber * _Nonnull iterations; @property (strong, nonatomic) NSData * _Nonnull salt; -@property (strong, nonatomic) NSNumber * _Nonnull passcodeID; - (instancetype)init; @end diff --git a/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.mm b/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.mm index 0f8365fe6bd088..008a1b12fcf19c 100644 --- a/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.mm +++ b/src/darwin/Framework/CHIP/zap-generated/CHIPCommandPayloadsObjc.mm @@ -1531,8 +1531,6 @@ - (instancetype)init _iterations = @(0); _salt = [NSData data]; - - _passcodeID = @(0); } return self; } diff --git a/src/protocols/secure_channel/PASESession.cpp b/src/protocols/secure_channel/PASESession.cpp index c951e17f54a375..e13a14b7d508d3 100644 --- a/src/protocols/secure_channel/PASESession.cpp +++ b/src/protocols/secure_channel/PASESession.cpp @@ -63,7 +63,10 @@ const char * kSpake2pR2ISessionInfo = "Commissioning R2I Key"; // The session establishment fails if the response is not received with in timeout window. static constexpr ExchangeContext::Timeout kSpake2p_Response_Timeout = System::Clock::Seconds16(30); -PASESession::PASESession() : PairingSession(Transport::SecureSession::Type::kPASE) {} +PASESession::PASESession() : PairingSession(Transport::SecureSession::Type::kPASE) +{ + SetPeerNodeId(NodeIdFromPAKEKeyId(kDefaultCommissioningPasscodeId)); +} PASESession::~PASESession() { @@ -233,8 +236,8 @@ CHIP_ERROR PASESession::SetupSpake2p() } CHIP_ERROR PASESession::WaitForPairing(const Spake2pVerifier & verifier, uint32_t pbkdf2IterCount, const ByteSpan & salt, - PasscodeId passcodeID, uint16_t mySessionId, - Optional mrpConfig, SessionEstablishmentDelegate * delegate) + uint16_t mySessionId, Optional mrpConfig, + SessionEstablishmentDelegate * delegate) { // Return early on error here, as we have not initialized any state yet ReturnErrorCodeIf(salt.empty(), CHIP_ERROR_INVALID_ARGUMENT); @@ -265,11 +268,8 @@ CHIP_ERROR PASESession::WaitForPairing(const Spake2pVerifier & verifier, uint32_ mIterationCount = pbkdf2IterCount; mNextExpectedMsg = MsgType::PBKDFParamRequest; mPairingComplete = false; - mPasscodeID = passcodeID; mLocalMRPConfig = mrpConfig; - SetPeerNodeId(NodeIdFromPAKEKeyId(mPasscodeID)); - ChipLogDetail(SecureChannel, "Waiting for PBKDF param request"); exit: @@ -280,9 +280,9 @@ CHIP_ERROR PASESession::WaitForPairing(const Spake2pVerifier & verifier, uint32_ return err; } -CHIP_ERROR PASESession::Pair(const Transport::PeerAddress peerAddress, uint32_t peerSetUpPINCode, PasscodeId passcodeID, - uint16_t mySessionId, Optional mrpConfig, - Messaging::ExchangeContext * exchangeCtxt, SessionEstablishmentDelegate * delegate) +CHIP_ERROR PASESession::Pair(const Transport::PeerAddress peerAddress, uint32_t peerSetUpPINCode, uint16_t mySessionId, + Optional mrpConfig, Messaging::ExchangeContext * exchangeCtxt, + SessionEstablishmentDelegate * delegate) { TRACE_EVENT_SCOPE("Pair", "PASESession"); ReturnErrorCodeIf(exchangeCtxt == nullptr, CHIP_ERROR_INVALID_ARGUMENT); @@ -295,8 +295,6 @@ CHIP_ERROR PASESession::Pair(const Transport::PeerAddress peerAddress, uint32_t SetPeerAddress(peerAddress); mLocalMRPConfig = mrpConfig; - mPasscodeID = passcodeID; - SetPeerNodeId(NodeIdFromPAKEKeyId(mPasscodeID)); err = SendPBKDFParamRequest(); SuccessOrExit(err); @@ -356,7 +354,7 @@ CHIP_ERROR PASESession::SendPBKDFParamRequest() ReturnErrorOnFailure(tlvWriter.StartContainer(TLV::AnonymousTag(), TLV::kTLVType_Structure, outerContainerType)); ReturnErrorOnFailure(tlvWriter.PutBytes(TLV::ContextTag(1), mPBKDFLocalRandomData, sizeof(mPBKDFLocalRandomData))); ReturnErrorOnFailure(tlvWriter.Put(TLV::ContextTag(2), GetLocalSessionId())); - ReturnErrorOnFailure(tlvWriter.Put(TLV::ContextTag(3), mPasscodeID)); + ReturnErrorOnFailure(tlvWriter.Put(TLV::ContextTag(3), kDefaultCommissioningPasscodeId)); ReturnErrorOnFailure(tlvWriter.PutBoolean(TLV::ContextTag(4), mHavePBKDFParameters)); if (mLocalMRPConfig.HasValue()) { @@ -416,8 +414,7 @@ CHIP_ERROR PASESession::HandlePBKDFParamRequest(System::PacketBufferHandle && ms SuccessOrExit(err = tlvReader.Next()); VerifyOrExit(TLV::TagNumFromTag(tlvReader.GetTag()) == ++decodeTagIdSeq, err = CHIP_ERROR_INVALID_TLV_TAG); SuccessOrExit(err = tlvReader.Get(passcodeId)); - // TODO: uncomment once proper fix for #15362 is implemented - // VerifyOrExit(passcodeId == mPasscodeID, err = CHIP_ERROR_INVALID_PASE_PARAMETER); + VerifyOrExit(passcodeId == kDefaultCommissioningPasscodeId, err = CHIP_ERROR_INVALID_PASE_PARAMETER); SuccessOrExit(err = tlvReader.Next()); VerifyOrExit(TLV::TagNumFromTag(tlvReader.GetTag()) == ++decodeTagIdSeq, err = CHIP_ERROR_INVALID_TLV_TAG); diff --git a/src/protocols/secure_channel/PASESession.h b/src/protocols/secure_channel/PASESession.h index bf18c95524ed9c..98bbc6c2d72914 100644 --- a/src/protocols/secure_channel/PASESession.h +++ b/src/protocols/secure_channel/PASESession.h @@ -86,14 +86,13 @@ class DLL_EXPORT PASESession : public Messaging::ExchangeDelegate, public Pairin * @param verifier PASE verifier to be used for SPAKE2P pairing * @param pbkdf2IterCount Iteration count for PBKDF2 function * @param salt Salt to be used for SPAKE2P operation - * @param passcodeID Passcode ID assigned by the administrator to this PASE verifier * @param mySessionId Session ID to be assigned to the secure session on the peer node * @param delegate Callback object * * @return CHIP_ERROR The result of initialization */ CHIP_ERROR WaitForPairing(const Spake2pVerifier & verifier, uint32_t pbkdf2IterCount, const ByteSpan & salt, - PasscodeId passcodeID, uint16_t mySessionId, Optional mrpConfig, + uint16_t mySessionId, Optional mrpConfig, SessionEstablishmentDelegate * delegate); /** @@ -102,7 +101,6 @@ class DLL_EXPORT PASESession : public Messaging::ExchangeDelegate, public Pairin * * @param peerAddress Address of peer to pair * @param peerSetUpPINCode Setup PIN code of the peer device - * @param passcodeID Passcode ID assigned by the administrator to this PASE verifier * @param mySessionId Session ID to be assigned to the secure session on the peer node * @param exchangeCtxt The exchange context to send and receive messages with the peer * Note: It's expected that the caller of this API hands over the @@ -112,9 +110,9 @@ class DLL_EXPORT PASESession : public Messaging::ExchangeDelegate, public Pairin * * @return CHIP_ERROR The result of initialization */ - CHIP_ERROR Pair(const Transport::PeerAddress peerAddress, uint32_t peerSetUpPINCode, PasscodeId passcodeID, - uint16_t mySessionId, Optional mrpConfig, - Messaging::ExchangeContext * exchangeCtxt, SessionEstablishmentDelegate * delegate); + CHIP_ERROR Pair(const Transport::PeerAddress peerAddress, uint32_t peerSetUpPINCode, uint16_t mySessionId, + Optional mrpConfig, Messaging::ExchangeContext * exchangeCtxt, + SessionEstablishmentDelegate * delegate); /** * @brief @@ -249,8 +247,6 @@ class DLL_EXPORT PASESession : public Messaging::ExchangeDelegate, public Pairin Spake2pVerifier mPASEVerifier; - PasscodeId mPasscodeID = kDefaultCommissioningPasscodeId; - uint32_t mSetupPINCode; bool mHavePBKDFParameters = false; diff --git a/src/protocols/secure_channel/tests/TestPASESession.cpp b/src/protocols/secure_channel/tests/TestPASESession.cpp index 6bfa5373d7f6b0..2dfffa2453d0cd 100644 --- a/src/protocols/secure_channel/tests/TestPASESession.cpp +++ b/src/protocols/secure_channel/tests/TestPASESession.cpp @@ -123,29 +123,28 @@ void SecurePairingWaitTest(nlTestSuite * inSuite, void * inContext) gLoopback.Reset(); NL_TEST_ASSERT(inSuite, - pairing.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, ByteSpan(nullptr, 0), - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), + pairing.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, ByteSpan(nullptr, 0), 0, + Optional::Missing(), &delegate) == CHIP_ERROR_INVALID_ARGUMENT); ctx.DrainAndServiceIO(); NL_TEST_ASSERT(inSuite, pairing.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, - ByteSpan(reinterpret_cast("saltSalt"), 8), - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), + ByteSpan(reinterpret_cast("saltSalt"), 8), 0, + Optional::Missing(), nullptr) == CHIP_ERROR_INVALID_ARGUMENT); ctx.DrainAndServiceIO(); NL_TEST_ASSERT(inSuite, pairing.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, - ByteSpan(reinterpret_cast("saltSalt"), 8), - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), + ByteSpan(reinterpret_cast("saltSalt"), 8), 0, + Optional::Missing(), &delegate) == CHIP_ERROR_INVALID_ARGUMENT); ctx.DrainAndServiceIO(); NL_TEST_ASSERT(inSuite, pairing.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, ByteSpan(sTestSpake2p01_Salt), - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), - &delegate) == CHIP_NO_ERROR); + 0, Optional::Missing(), &delegate) == CHIP_NO_ERROR); ctx.DrainAndServiceIO(); } @@ -163,15 +162,13 @@ void SecurePairingStartTest(nlTestSuite * inSuite, void * inContext) ExchangeContext * context = ctx.NewUnauthenticatedExchangeToBob(&pairing); NL_TEST_ASSERT(inSuite, - pairing.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), nullptr, - nullptr) != CHIP_NO_ERROR); + pairing.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, 0, + Optional::Missing(), nullptr, nullptr) != CHIP_NO_ERROR); gLoopback.Reset(); NL_TEST_ASSERT(inSuite, - pairing.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), context, - &delegate) == CHIP_NO_ERROR); + pairing.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, 0, + Optional::Missing(), context, &delegate) == CHIP_NO_ERROR); ctx.DrainAndServiceIO(); NL_TEST_ASSERT(inSuite, gLoopback.mSentMessageCount == 1); @@ -188,8 +185,8 @@ void SecurePairingStartTest(nlTestSuite * inSuite, void * inContext) PASESession pairing1; ExchangeContext * context1 = ctx.NewUnauthenticatedExchangeToBob(&pairing1); NL_TEST_ASSERT(inSuite, - pairing1.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, - kDefaultCommissioningPasscodeId, 0, Optional::Missing(), context1, + pairing1.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, 0, + Optional::Missing(), context1, &delegate) == CHIP_ERROR_BAD_REQUEST); ctx.DrainAndServiceIO(); @@ -229,14 +226,13 @@ void SecurePairingHandshakeTestCommon(nlTestSuite * inSuite, void * inContext, P NL_TEST_ASSERT(inSuite, pairingAccessory.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, - ByteSpan(sTestSpake2p01_Salt), kDefaultCommissioningPasscodeId, 0, - mrpAccessoryConfig, &delegateAccessory) == CHIP_NO_ERROR); + ByteSpan(sTestSpake2p01_Salt), 0, mrpAccessoryConfig, + &delegateAccessory) == CHIP_NO_ERROR); ctx.DrainAndServiceIO(); NL_TEST_ASSERT(inSuite, - pairingCommissioner.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, - kDefaultCommissioningPasscodeId, 0, mrpCommissionerConfig, contextCommissioner, - &delegateCommissioner) == CHIP_NO_ERROR); + pairingCommissioner.Pair(Transport::PeerAddress(Transport::Type::kBle), sTestSpake2p01_PinCode, 0, + mrpCommissionerConfig, contextCommissioner, &delegateCommissioner) == CHIP_NO_ERROR); ctx.DrainAndServiceIO(); while (gLoopback.mMessageDropped) @@ -356,14 +352,13 @@ void SecurePairingFailedHandshake(nlTestSuite * inSuite, void * inContext) Protocols::SecureChannel::MsgType::PBKDFParamRequest, &pairingAccessory) == CHIP_NO_ERROR); NL_TEST_ASSERT(inSuite, - pairingAccessory.WaitForPairing(sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, - ByteSpan(sTestSpake2p01_Salt), kDefaultCommissioningPasscodeId, 0, - Optional::Missing(), - &delegateAccessory) == CHIP_NO_ERROR); + pairingAccessory.WaitForPairing( + sTestSpake2p01_PASEVerifier, sTestSpake2p01_IterationCount, ByteSpan(sTestSpake2p01_Salt), 0, + Optional::Missing(), &delegateAccessory) == CHIP_NO_ERROR); ctx.DrainAndServiceIO(); NL_TEST_ASSERT(inSuite, - pairingCommissioner.Pair(Transport::PeerAddress(Transport::Type::kBle), 4321, kDefaultCommissioningPasscodeId, 0, + pairingCommissioner.Pair(Transport::PeerAddress(Transport::Type::kBle), 4321, 0, Optional::Missing(), contextCommissioner, &delegateCommissioner) == CHIP_NO_ERROR); ctx.DrainAndServiceIO(); diff --git a/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp b/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp index c279b60e01a115..c32353bbd1d684 100644 --- a/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp +++ b/zzz_generated/app-common/app-common/zap-generated/cluster-objects.cpp @@ -10033,7 +10033,6 @@ CHIP_ERROR Type::Encode(TLV::TLVWriter & writer, TLV::Tag tag) const ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kDiscriminator)), discriminator)); ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kIterations)), iterations)); ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kSalt)), salt)); - ReturnErrorOnFailure(DataModel::Encode(writer, TLV::ContextTag(to_underlying(Fields::kPasscodeID)), passcodeID)); ReturnErrorOnFailure(writer.EndContainer(outer)); return CHIP_NO_ERROR; } @@ -10064,9 +10063,6 @@ CHIP_ERROR DecodableType::Decode(TLV::TLVReader & reader) case to_underlying(Fields::kSalt): ReturnErrorOnFailure(DataModel::Decode(reader, salt)); break; - case to_underlying(Fields::kPasscodeID): - ReturnErrorOnFailure(DataModel::Decode(reader, passcodeID)); - break; default: break; } diff --git a/zzz_generated/app-common/app-common/zap-generated/cluster-objects.h b/zzz_generated/app-common/app-common/zap-generated/cluster-objects.h index 538f052bbddb03..6a46339b4d3a23 100644 --- a/zzz_generated/app-common/app-common/zap-generated/cluster-objects.h +++ b/zzz_generated/app-common/app-common/zap-generated/cluster-objects.h @@ -14828,7 +14828,6 @@ enum class Fields kDiscriminator = 2, kIterations = 3, kSalt = 4, - kPasscodeID = 5, }; struct Type @@ -14843,7 +14842,6 @@ struct Type uint16_t discriminator = static_cast(0); uint32_t iterations = static_cast(0); chip::ByteSpan salt; - uint16_t passcodeID = static_cast(0); CHIP_ERROR Encode(TLV::TLVWriter & writer, TLV::Tag tag) const; @@ -14863,7 +14861,6 @@ struct DecodableType uint16_t discriminator = static_cast(0); uint32_t iterations = static_cast(0); chip::ByteSpan salt; - uint16_t passcodeID = static_cast(0); CHIP_ERROR Decode(TLV::TLVReader & reader); }; }; // namespace OpenCommissioningWindow diff --git a/zzz_generated/chip-tool/zap-generated/cluster/Commands.h b/zzz_generated/chip-tool/zap-generated/cluster/Commands.h index 081cf702a8c999..8b350488ecd5be 100644 --- a/zzz_generated/chip-tool/zap-generated/cluster/Commands.h +++ b/zzz_generated/chip-tool/zap-generated/cluster/Commands.h @@ -6453,7 +6453,6 @@ class AdministratorCommissioningOpenCommissioningWindow : public ClusterCommand AddArgument("Discriminator", 0, UINT16_MAX, &mRequest.discriminator); AddArgument("Iterations", 0, UINT32_MAX, &mRequest.iterations); AddArgument("Salt", &mRequest.salt); - AddArgument("PasscodeID", 0, UINT16_MAX, &mRequest.passcodeID); ClusterCommand::AddArguments(); }