[Android] Add CSR Element validate API (#31852)

* Add CSR Element validate API * Restyled by clang-format --------- Co-authored-by: Restyled.io <[email protected]>
project-chip · Feb 2, 2024 · 69f96f7 · 69f96f7
1 parent 691efa5
commit 69f96f7
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 0 deletions.
diff --git a/src/controller/java/CHIPDeviceController-JNI.cpp b/src/controller/java/CHIPDeviceController-JNI.cpp
@@ -2164,6 +2164,33 @@ JNI_METHOD(jobject, computePaseVerifier)
     return nullptr;
 }
 
+JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteArray jCsrElements, jbyteArray jCsrNonce)
+{
+
+    chip::JniByteArray csrElements(env, jCsrElements);
+    chip::JniByteArray csrNonce(env, jCsrNonce);
+
+    chip::ByteSpan csrSpan;
+    chip::ByteSpan csrNonceSpan;
+    chip::ByteSpan vendor_reserved1, vendor_reserved2, vendor_reserved3;
+    CHIP_ERROR err = chip::Credentials::DeconstructNOCSRElements(csrElements.byteSpan(), csrSpan, csrNonceSpan, vendor_reserved1,
+                                                                 vendor_reserved2, vendor_reserved3);
+
+    VerifyOrReturnValue(err == CHIP_NO_ERROR, nullptr,
+                        ChipLogError(Controller, "CsrElement decoding error: %" CHIP_ERROR_FORMAT, err.Format()));
+    VerifyOrReturnValue(csrNonceSpan.size() == Controller::kCSRNonceLength, nullptr,
+                        ChipLogError(Controller, "csrNonce size is invalid"));
+
+    // Verify that Nonce matches with what we sent
+    VerifyOrReturnValue(csrNonceSpan.data_equal(csrNonce.byteSpan()), nullptr,
+                        ChipLogError(Controller, "csrNonce is not matched!"));
+
+    jbyteArray javaCsr;
+    chip::JniReferences::GetInstance().N2J_ByteArray(chip::JniReferences::GetInstance().GetEnvForCurrentThread(), csrSpan.data(),
+                                                     static_cast<jsize>(csrSpan.size()), javaCsr);
+    return javaCsr;
+}
+
 JNI_METHOD(jobject, getICDClientInfo)(JNIEnv * env, jobject self, jlong handle, jint jFabricIndex)
 {
     chip::DeviceLayer::StackLock lock;

diff --git a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java
@@ -1326,6 +1326,8 @@ public void shutdownCommissioning() {
     shutdownCommissioning(deviceControllerPtr);
   }
 
+  public static native byte[] validateAndExtractCSR(byte[] csrElements, byte[] csrNonce);
+
   private native PaseVerifierParams computePaseVerifier(
       long deviceControllerPtr, long devicePtr, long setupPincode, long iterations, byte[] salt);