From 69f96f74d83883f6f22a19d777777b2cae74bf79 Mon Sep 17 00:00:00 2001 From: joonhaengHeo <85541460+joonhaengHeo@users.noreply.github.com> Date: Sat, 3 Feb 2024 02:40:09 +0900 Subject: [PATCH] [Android] Add CSR Element validate API (#31852) * Add CSR Element validate API * Restyled by clang-format --------- Co-authored-by: Restyled.io --- .../java/CHIPDeviceController-JNI.cpp | 27 +++++++++++++++++++ .../ChipDeviceController.java | 2 ++ 2 files changed, 29 insertions(+) diff --git a/src/controller/java/CHIPDeviceController-JNI.cpp b/src/controller/java/CHIPDeviceController-JNI.cpp index 10d98089d5d9f4..1d3cd938c16ca0 100644 --- a/src/controller/java/CHIPDeviceController-JNI.cpp +++ b/src/controller/java/CHIPDeviceController-JNI.cpp @@ -2164,6 +2164,33 @@ JNI_METHOD(jobject, computePaseVerifier) return nullptr; } +JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteArray jCsrElements, jbyteArray jCsrNonce) +{ + + chip::JniByteArray csrElements(env, jCsrElements); + chip::JniByteArray csrNonce(env, jCsrNonce); + + chip::ByteSpan csrSpan; + chip::ByteSpan csrNonceSpan; + chip::ByteSpan vendor_reserved1, vendor_reserved2, vendor_reserved3; + CHIP_ERROR err = chip::Credentials::DeconstructNOCSRElements(csrElements.byteSpan(), csrSpan, csrNonceSpan, vendor_reserved1, + vendor_reserved2, vendor_reserved3); + + VerifyOrReturnValue(err == CHIP_NO_ERROR, nullptr, + ChipLogError(Controller, "CsrElement decoding error: %" CHIP_ERROR_FORMAT, err.Format())); + VerifyOrReturnValue(csrNonceSpan.size() == Controller::kCSRNonceLength, nullptr, + ChipLogError(Controller, "csrNonce size is invalid")); + + // Verify that Nonce matches with what we sent + VerifyOrReturnValue(csrNonceSpan.data_equal(csrNonce.byteSpan()), nullptr, + ChipLogError(Controller, "csrNonce is not matched!")); + + jbyteArray javaCsr; + chip::JniReferences::GetInstance().N2J_ByteArray(chip::JniReferences::GetInstance().GetEnvForCurrentThread(), csrSpan.data(), + static_cast(csrSpan.size()), javaCsr); + return javaCsr; +} + JNI_METHOD(jobject, getICDClientInfo)(JNIEnv * env, jobject self, jlong handle, jint jFabricIndex) { chip::DeviceLayer::StackLock lock; diff --git a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java index 6f70ad885ec9b7..bbf247b09e5a9d 100644 --- a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java +++ b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java @@ -1326,6 +1326,8 @@ public void shutdownCommissioning() { shutdownCommissioning(deviceControllerPtr); } + public static native byte[] validateAndExtractCSR(byte[] csrElements, byte[] csrNonce); + private native PaseVerifierParams computePaseVerifier( long deviceControllerPtr, long devicePtr, long setupPincode, long iterations, byte[] salt);