From a122f03a3a9810cc4004338fb591ed48529eecef Mon Sep 17 00:00:00 2001 From: Joonhaeng Heo Date: Fri, 2 Feb 2024 12:51:25 +0900 Subject: [PATCH 1/2] Add CSR Element validate API --- .../java/CHIPDeviceController-JNI.cpp | 23 +++++++++++++++++++ .../ChipDeviceController.java | 2 ++ 2 files changed, 25 insertions(+) diff --git a/src/controller/java/CHIPDeviceController-JNI.cpp b/src/controller/java/CHIPDeviceController-JNI.cpp index 48e2192c1d5281..e6fdc47c108b50 100644 --- a/src/controller/java/CHIPDeviceController-JNI.cpp +++ b/src/controller/java/CHIPDeviceController-JNI.cpp @@ -2157,6 +2157,29 @@ JNI_METHOD(jobject, computePaseVerifier) return nullptr; } +JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteArray jCsrElements, jbyteArray jCsrNonce) { + + chip::JniByteArray csrElements(env, jCsrElements); + chip::JniByteArray csrNonce(env, jCsrNonce); + + chip::ByteSpan csrSpan; + chip::ByteSpan csrNonceSpan; + chip::ByteSpan vendor_reserved1, vendor_reserved2, vendor_reserved3; + CHIP_ERROR err = chip::Credentials::DeconstructNOCSRElements( + csrElements.byteSpan(), csrSpan, csrNonceSpan, vendor_reserved1, vendor_reserved2, vendor_reserved3); + + VerifyOrReturnValue(err == CHIP_NO_ERROR, nullptr, ChipLogError(Controller, "CsrElement decoding error: %" CHIP_ERROR_FORMAT, err.Format())); + VerifyOrReturnValue(csrNonceSpan.size() == Controller::kCSRNonceLength, nullptr, ChipLogError(Controller, "csrNonce size is invalid")); + + // Verify that Nonce matches with what we sent + VerifyOrReturnValue(csrNonceSpan.data_equal(csrNonce.byteSpan()), nullptr, ChipLogError(Controller, "csrNonce is not matched!")); + + jbyteArray javaCsr; + chip::JniReferences::GetInstance().N2J_ByteArray(chip::JniReferences::GetInstance().GetEnvForCurrentThread(), csrSpan.data(), + static_cast(csrSpan.size()), javaCsr); + return javaCsr; +} + JNI_METHOD(jobject, getICDClientInfo)(JNIEnv * env, jobject self, jlong handle, jint jFabricIndex) { chip::DeviceLayer::StackLock lock; diff --git a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java index e4b59ac387429e..e897353a381ac5 100644 --- a/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java +++ b/src/controller/java/src/chip/devicecontroller/ChipDeviceController.java @@ -1317,6 +1317,8 @@ public void shutdownCommissioning() { shutdownCommissioning(deviceControllerPtr); } + public static native byte[] validateAndExtractCSR(byte[] csrElements, byte[] csrNonce); + private native PaseVerifierParams computePaseVerifier( long deviceControllerPtr, long devicePtr, long setupPincode, long iterations, byte[] salt); From 61b32252920232b3cef8532fea2d39a399f1c8ff Mon Sep 17 00:00:00 2001 From: "Restyled.io" Date: Fri, 2 Feb 2024 03:54:22 +0000 Subject: [PATCH 2/2] Restyled by clang-format --- .../java/CHIPDeviceController-JNI.cpp | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/src/controller/java/CHIPDeviceController-JNI.cpp b/src/controller/java/CHIPDeviceController-JNI.cpp index e6fdc47c108b50..86d96e7e8ad756 100644 --- a/src/controller/java/CHIPDeviceController-JNI.cpp +++ b/src/controller/java/CHIPDeviceController-JNI.cpp @@ -2157,7 +2157,8 @@ JNI_METHOD(jobject, computePaseVerifier) return nullptr; } -JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteArray jCsrElements, jbyteArray jCsrNonce) { +JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteArray jCsrElements, jbyteArray jCsrNonce) +{ chip::JniByteArray csrElements(env, jCsrElements); chip::JniByteArray csrNonce(env, jCsrNonce); @@ -2165,18 +2166,21 @@ JNI_METHOD(jbyteArray, validateAndExtractCSR)(JNIEnv * env, jclass clazz, jbyteA chip::ByteSpan csrSpan; chip::ByteSpan csrNonceSpan; chip::ByteSpan vendor_reserved1, vendor_reserved2, vendor_reserved3; - CHIP_ERROR err = chip::Credentials::DeconstructNOCSRElements( - csrElements.byteSpan(), csrSpan, csrNonceSpan, vendor_reserved1, vendor_reserved2, vendor_reserved3); + CHIP_ERROR err = chip::Credentials::DeconstructNOCSRElements(csrElements.byteSpan(), csrSpan, csrNonceSpan, vendor_reserved1, + vendor_reserved2, vendor_reserved3); - VerifyOrReturnValue(err == CHIP_NO_ERROR, nullptr, ChipLogError(Controller, "CsrElement decoding error: %" CHIP_ERROR_FORMAT, err.Format())); - VerifyOrReturnValue(csrNonceSpan.size() == Controller::kCSRNonceLength, nullptr, ChipLogError(Controller, "csrNonce size is invalid")); + VerifyOrReturnValue(err == CHIP_NO_ERROR, nullptr, + ChipLogError(Controller, "CsrElement decoding error: %" CHIP_ERROR_FORMAT, err.Format())); + VerifyOrReturnValue(csrNonceSpan.size() == Controller::kCSRNonceLength, nullptr, + ChipLogError(Controller, "csrNonce size is invalid")); // Verify that Nonce matches with what we sent - VerifyOrReturnValue(csrNonceSpan.data_equal(csrNonce.byteSpan()), nullptr, ChipLogError(Controller, "csrNonce is not matched!")); + VerifyOrReturnValue(csrNonceSpan.data_equal(csrNonce.byteSpan()), nullptr, + ChipLogError(Controller, "csrNonce is not matched!")); jbyteArray javaCsr; chip::JniReferences::GetInstance().N2J_ByteArray(chip::JniReferences::GetInstance().GetEnvForCurrentThread(), csrSpan.data(), - static_cast(csrSpan.size()), javaCsr); + static_cast(csrSpan.size()), javaCsr); return javaCsr; }