diff --git a/src/controller/java/CHIPDeviceController-JNI.cpp b/src/controller/java/CHIPDeviceController-JNI.cpp index 10d98089d5d9f4..1d3cd938c16ca0 100644 --- a/src/controller/java/CHIPDeviceController-JNI.cpp +++ b/src/controller/java/CHIPDeviceController-JNI.cpp @@ -2164,6 +2164,33 @@ JNI_METHOD(jobject, computePaseVerifier) return nullptr; } +JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteArray jCsrElements, jbyteArray jCsrNonce) +{ + + chip::JniByteArray csrElements(env, jCsrElements); + chip::JniByteArray csrNonce(env, jCsrNonce); + + chip::ByteSpan csrSpan; + chip::ByteSpan csrNonceSpan; + chip::ByteSpan vendor_reserved1, vendor_reserved2, vendor_reserved3; + CHIP_ERROR err = chip::Credentials::DeconstructNOCSRElements(csrElements.byteSpan(), csrSpan, csrNonceSpan, vendor_reserved1, + vendor_reserved2, vendor_reserved3); + + VerifyOrReturnValue(err == CHIP_NO_ERROR, nullptr, + ChipLogError(Controller, "CsrElement decoding error: %" CHIP_ERROR_FORMAT, err.Format())); + VerifyOrReturnValue(csrNonceSpan.size() == Controller::kCSRNonceLength, nullptr, + ChipLogError(Controller, "csrNonce size is invalid")); + + // Verify that Nonce matches with what we sent + VerifyOrReturnValue(csrNonceSpan.data_equal(csrNonce.byteSpan()), nullptr, + ChipLogError(Controller, "csrNonce is not matched!")); + + jbyteArray javaCsr; + chip::JniReferences::GetInstance().N2J_ByteArray(chip::JniReferences::GetInstance().GetEnvForCurrentThread(), csrSpan.data(), + static_cast(csrSpan.size()), javaCsr); + return javaCsr; +} + JNI_METHOD(jobject, getICDClientInfo)(JNIEnv * env, jobject self, jlong handle, jint jFabricIndex) { chip::DeviceLayer::StackLock lock; diff --git a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java index 6f70ad885ec9b7..bbf247b09e5a9d 100644 --- a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java +++ b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java @@ -1326,6 +1326,8 @@ public void shutdownCommissioning() { shutdownCommissioning(deviceControllerPtr); } + public static native byte[] validateAndExtractCSR(byte[] csrElements, byte[] csrNonce); + private native PaseVerifierParams computePaseVerifier( long deviceControllerPtr, long devicePtr, long setupPincode, long iterations, byte[] salt);