Skip to content

Commit

Permalink
Add an API to create session for tests instead of NewPairing (#17411)
Browse files Browse the repository at this point in the history
  • Loading branch information
kghost authored and pull[bot] committed Oct 23, 2023
1 parent 8a1d757 commit 1070100
Show file tree
Hide file tree
Showing 14 changed files with 145 additions and 195 deletions.
14 changes: 2 additions & 12 deletions examples/shell/shell_common/cmd_ping.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -238,19 +238,9 @@ CHIP_ERROR SendEchoRequest(streamer_t * stream)

CHIP_ERROR EstablishSecureSession(streamer_t * stream, const Transport::PeerAddress & peerAddress)
{
CHIP_ERROR err = CHIP_NO_ERROR;

Optional<Transport::PeerAddress> peerAddr;
SecurePairingUsingTestSecret * testSecurePairingSecret = chip::Platform::New<SecurePairingUsingTestSecret>();
VerifyOrExit(testSecurePairingSecret != nullptr, err = CHIP_ERROR_NO_MEMORY);

peerAddr = Optional<Transport::PeerAddress>::Value(peerAddress);

// Attempt to connect to the peer.
err = gSessionManager.NewPairing(gSession, peerAddr, kTestDeviceNodeId, testSecurePairingSecret,
CryptoContext::SessionRole::kInitiator, gFabricIndex);

exit:
CHIP_ERROR err = gSessionManager.InjectPaseSessionWithTestKey(gSession, 1, kTestDeviceNodeId, 1, gFabricIndex, peerAddress,
CryptoContext::SessionRole::kInitiator);
if (err != CHIP_NO_ERROR)
{
streamer_printf(stream, "Establish secure session failed, err: %s\n", ErrorStr(err));
Expand Down
14 changes: 2 additions & 12 deletions examples/shell/shell_common/cmd_send.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -172,19 +172,9 @@ CHIP_ERROR SendMessage(streamer_t * stream)

CHIP_ERROR EstablishSecureSession(streamer_t * stream, Transport::PeerAddress & peerAddress)
{
CHIP_ERROR err = CHIP_NO_ERROR;

Optional<Transport::PeerAddress> peerAddr;
SecurePairingUsingTestSecret * testSecurePairingSecret = chip::Platform::New<SecurePairingUsingTestSecret>();
VerifyOrExit(testSecurePairingSecret != nullptr, err = CHIP_ERROR_NO_MEMORY);

peerAddr = Optional<Transport::PeerAddress>::Value(peerAddress);

// Attempt to connect to the peer.
err = gSessionManager.NewPairing(gSession, peerAddr, kTestDeviceNodeId, testSecurePairingSecret,
CryptoContext::SessionRole::kInitiator, gFabricIndex);

exit:
CHIP_ERROR err = gSessionManager.InjectPaseSessionWithTestKey(gSession, 1, kTestDeviceNodeId, 1, gFabricIndex, peerAddress,
CryptoContext::SessionRole::kInitiator);
if (err != CHIP_NO_ERROR)
{
streamer_printf(stream, "Establish secure session failed, err: %s\n", ErrorStr(err));
Expand Down
20 changes: 3 additions & 17 deletions src/app/tests/integration/chip_im_initiator.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -429,20 +429,10 @@ CHIP_ERROR SendSubscribeRequest()

CHIP_ERROR EstablishSecureSession()
{
CHIP_ERROR err = CHIP_NO_ERROR;

chip::SecurePairingUsingTestSecret * testSecurePairingSecret = chip::Platform::New<chip::SecurePairingUsingTestSecret>();
VerifyOrExit(testSecurePairingSecret != nullptr, err = CHIP_ERROR_NO_MEMORY);
testSecurePairingSecret->Init(gSessionManager);

// Attempt to connect to the peer.
err = gSessionManager.NewPairing(gSession,
chip::Optional<chip::Transport::PeerAddress>::Value(
chip::Transport::PeerAddress::UDP(gDestAddr, CHIP_PORT, chip::Inet::InterfaceId::Null())),
chip::kTestDeviceNodeId, testSecurePairingSecret, chip::CryptoContext::SessionRole::kInitiator,
gFabricIndex);

exit:
chip::Transport::PeerAddress peer = chip::Transport::PeerAddress::UDP(gDestAddr, CHIP_PORT, chip::Inet::InterfaceId::Null());
CHIP_ERROR err = gSessionManager.InjectPaseSessionWithTestKey(gSession, 1, chip::kTestDeviceNodeId, 1, gFabricIndex, peer,
chip::CryptoContext::SessionRole::kInitiator);
if (err != CHIP_NO_ERROR)
{
printf("Establish secure session failed, err: %s\n", chip::ErrorStr(err));
Expand All @@ -452,10 +442,6 @@ CHIP_ERROR EstablishSecureSession()
{
printf("Establish secure session succeeded\n");
}
if (testSecurePairingSecret)
{
chip::Platform::Delete(testSecurePairingSecret);
}

return err;
}
Expand Down
8 changes: 3 additions & 5 deletions src/app/tests/integration/chip_im_responder.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,6 @@ bool IsDeviceTypeOnEndpoint(DeviceTypeId deviceType, EndpointId endpoint)

namespace {
chip::TransportMgr<chip::Transport::UDP> gTransportManager;
chip::SecurePairingUsingTestSecret gTestPairing;
LivenessEventGenerator gLivenessGenerator;

uint8_t gDebugEventBuffer[2048];
Expand Down Expand Up @@ -183,7 +182,7 @@ CHIP_ERROR InitializeEventLogging(chip::Messaging::ExchangeManager * apMgr)
int main(int argc, char * argv[])
{
CHIP_ERROR err = CHIP_NO_ERROR;
chip::Optional<chip::Transport::PeerAddress> peer(chip::Transport::Type::kUndefined);
chip::Transport::PeerAddress peer(chip::Transport::Type::kUndefined);
const chip::FabricIndex gFabricIndex = 0;

InitializeChip();
Expand Down Expand Up @@ -211,9 +210,8 @@ int main(int argc, char * argv[])
err = InitializeEventLogging(&gExchangeManager);
SuccessOrExit(err);

gTestPairing.Init(gSessionManager);
err = gSessionManager.NewPairing(gSession, peer, chip::kTestControllerNodeId, &gTestPairing,
chip::CryptoContext::SessionRole::kResponder, gFabricIndex);
err = gSessionManager.InjectPaseSessionWithTestKey(gSession, 1, chip::kTestControllerNodeId, 1, gFabricIndex, peer,
chip::CryptoContext::SessionRole::kResponder);
SuccessOrExit(err);

printf("Listening for IM requests...\n");
Expand Down
18 changes: 4 additions & 14 deletions src/messaging/tests/MessagingContext.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -95,24 +95,14 @@ CHIP_ERROR MessagingContext::ShutdownAndRestoreExisting(MessagingContext & exist

CHIP_ERROR MessagingContext::CreateSessionBobToAlice()
{
if (!mPairingBobToAlice.GetSecureSessionHandle().HasValue())
{
mPairingBobToAlice.Init(mSessionManager);
}
return mSessionManager.NewPairing(mSessionBobToAlice, Optional<Transport::PeerAddress>::Value(mAliceAddress),
GetAliceFabric()->GetNodeId(), &mPairingBobToAlice, CryptoContext::SessionRole::kInitiator,
mBobFabricIndex);
return mSessionManager.InjectPaseSessionWithTestKey(mSessionBobToAlice, kBobKeyId, GetAliceFabric()->GetNodeId(), kAliceKeyId,
mBobFabricIndex, mAliceAddress, CryptoContext::SessionRole::kInitiator);
}

CHIP_ERROR MessagingContext::CreateSessionAliceToBob()
{
if (!mPairingAliceToBob.GetSecureSessionHandle().HasValue())
{
mPairingAliceToBob.Init(mSessionManager);
}
return mSessionManager.NewPairing(mSessionAliceToBob, Optional<Transport::PeerAddress>::Value(mBobAddress),
GetBobFabric()->GetNodeId(), &mPairingAliceToBob, CryptoContext::SessionRole::kResponder,
mAliceFabricIndex);
return mSessionManager.InjectPaseSessionWithTestKey(mSessionAliceToBob, kAliceKeyId, GetBobFabric()->GetNodeId(), kBobKeyId,
mAliceFabricIndex, mBobAddress, CryptoContext::SessionRole::kResponder);
}

CHIP_ERROR MessagingContext::CreateSessionBobToFriends()
Expand Down
6 changes: 1 addition & 5 deletions src/messaging/tests/MessagingContext.h
Original file line number Diff line number Diff line change
Expand Up @@ -71,9 +71,7 @@ class MessagingContext : public PlatformMemoryUser
public:
MessagingContext() :
mInitialized(false), mAliceAddress(Transport::PeerAddress::UDP(GetAddress(), CHIP_PORT + 1)),
mBobAddress(Transport::PeerAddress::UDP(GetAddress(), CHIP_PORT)),
mPairingAliceToBob(kBobKeyId, kAliceKeyId, GetSecureSessionManager()),
mPairingBobToAlice(kAliceKeyId, kBobKeyId, GetSecureSessionManager())
mBobAddress(Transport::PeerAddress::UDP(GetAddress(), CHIP_PORT))
{}
~MessagingContext() { VerifyOrDie(mInitialized == false); }

Expand Down Expand Up @@ -152,8 +150,6 @@ class MessagingContext : public PlatformMemoryUser
GroupId mFriendsGroupId = 0x0101;
Transport::PeerAddress mAliceAddress;
Transport::PeerAddress mBobAddress;
SecurePairingUsingTestSecret mPairingAliceToBob;
SecurePairingUsingTestSecret mPairingBobToAlice;
SessionHolder mSessionAliceToBob;
SessionHolder mSessionBobToAlice;
Optional<Transport::OutgoingGroupSession> mSessionBobToFriends;
Expand Down
23 changes: 5 additions & 18 deletions src/messaging/tests/echo/echo_requester.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -150,28 +150,19 @@ CHIP_ERROR SendEchoRequest()

CHIP_ERROR EstablishSecureSession()
{
CHIP_ERROR err = CHIP_NO_ERROR;

chip::Optional<chip::Transport::PeerAddress> peerAddr;
chip::SecurePairingUsingTestSecret * testSecurePairingSecret = chip::Platform::New<chip::SecurePairingUsingTestSecret>();
VerifyOrExit(testSecurePairingSecret != nullptr, err = CHIP_ERROR_NO_MEMORY);
testSecurePairingSecret->Init(gSessionManager);

chip::Transport::PeerAddress peerAddr;
if (gUseTCP)
{
peerAddr = chip::Optional<chip::Transport::PeerAddress>::Value(chip::Transport::PeerAddress::TCP(gDestAddr, CHIP_PORT));
peerAddr = chip::Transport::PeerAddress::TCP(gDestAddr, CHIP_PORT);
}
else
{
peerAddr = chip::Optional<chip::Transport::PeerAddress>::Value(
chip::Transport::PeerAddress::UDP(gDestAddr, CHIP_PORT, chip::Inet::InterfaceId::Null()));
peerAddr = chip::Transport::PeerAddress::UDP(gDestAddr, CHIP_PORT, chip::Inet::InterfaceId::Null());
}

// Attempt to connect to the peer.
err = gSessionManager.NewPairing(gSession, peerAddr, chip::kTestDeviceNodeId, testSecurePairingSecret,
chip::CryptoContext::SessionRole::kInitiator, gFabricIndex);

exit:
CHIP_ERROR err = gSessionManager.InjectPaseSessionWithTestKey(gSession, 1, chip::kTestDeviceNodeId, 1, gFabricIndex, peerAddr,
chip::CryptoContext::SessionRole::kInitiator);
if (err != CHIP_NO_ERROR)
{
printf("Establish secure session failed, err: %s\n", chip::ErrorStr(err));
Expand All @@ -181,10 +172,6 @@ CHIP_ERROR EstablishSecureSession()
{
printf("Establish secure session succeeded\n");
}
if (testSecurePairingSecret)
{
chip::Platform::Delete(testSecurePairingSecret);
}

return err;
}
Expand Down
8 changes: 3 additions & 5 deletions src/messaging/tests/echo/echo_responder.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ namespace {
chip::Protocols::Echo::EchoServer gEchoServer;
chip::TransportMgr<chip::Transport::UDP> gUDPManager;
chip::TransportMgr<chip::Transport::TCP<kMaxTcpActiveConnectionCount, kMaxTcpPendingPackets>> gTCPManager;
chip::SecurePairingUsingTestSecret gTestPairing;
chip::SessionHolder gSession;

// Callback handler when a CHIP EchoRequest is received.
Expand All @@ -58,7 +57,7 @@ void HandleEchoRequestReceived(chip::Messaging::ExchangeContext * ec, chip::Syst
int main(int argc, char * argv[])
{
CHIP_ERROR err = CHIP_NO_ERROR;
chip::Optional<chip::Transport::PeerAddress> peer(chip::Transport::Type::kUndefined);
chip::Transport::PeerAddress peer(chip::Transport::Type::kUndefined);
bool useTCP = false;
bool disableEcho = false;

Expand Down Expand Up @@ -123,9 +122,8 @@ int main(int argc, char * argv[])
SuccessOrExit(err);
}

gTestPairing.Init(gSessionManager);
err = gSessionManager.NewPairing(gSession, peer, chip::kTestControllerNodeId, &gTestPairing,
chip::CryptoContext::SessionRole::kResponder, gFabricIndex);
err = gSessionManager.InjectPaseSessionWithTestKey(gSession, 1, chip::kTestControllerNodeId, 1, gFabricIndex, peer,
chip::CryptoContext::SessionRole::kResponder);
SuccessOrExit(err);

if (!disableEcho)
Expand Down
50 changes: 1 addition & 49 deletions src/protocols/secure_channel/PASESession.h
Original file line number Diff line number Diff line change
Expand Up @@ -255,56 +255,8 @@ class DLL_EXPORT PASESession : public Messaging::UnsolicitedMessageHandler,
bool mPairingComplete = false;
};

/*
* The following constants are node IDs that test devices and test
* controllers use while using the SecurePairingUsingTestSecret to
* establish secure channel
*/
// The following constants are node IDs that test devices and test controllers use.
constexpr chip::NodeId kTestControllerNodeId = 112233;
constexpr chip::NodeId kTestDeviceNodeId = 12344321;

/*
* The following class should only be used for test usecases.
* The class is currently also used for devices that do no yet support
* rendezvous. Once all the non-test usecases start supporting
* rendezvous, this class will be moved to the test code.
*/
class SecurePairingUsingTestSecret : public PairingSession
{
public:
SecurePairingUsingTestSecret() : PairingSession(Transport::SecureSession::Type::kPASE)
{
// Do not set to 0 to prevent an unwanted unsecured session
// since the session type is unknown.
SetPeerSessionId(1);
}

void Init(SessionManager & sessionManager)
{
// Do not set to 0 to prevent an unwanted unsecured session
// since the session type is unknown.
AllocateSecureSession(sessionManager, mLocalSessionId);
}

SecurePairingUsingTestSecret(uint16_t peerSessionId, uint16_t localSessionId, SessionManager & sessionManager) :
PairingSession(Transport::SecureSession::Type::kPASE), mLocalSessionId(localSessionId)
{
AllocateSecureSession(sessionManager, localSessionId);
SetPeerSessionId(peerSessionId);
}

CHIP_ERROR DeriveSecureSession(CryptoContext & session, CryptoContext::SessionRole role) override
{
size_t secretLen = strlen(kTestSecret);
return session.InitFromSecret(ByteSpan(reinterpret_cast<const uint8_t *>(kTestSecret), secretLen), ByteSpan(nullptr, 0),
CryptoContext::SessionInfoType::kSessionEstablishment, role);
}

private:
// Do not set to 0 to prevent an unwanted unsecured session
// since the session type is unknown.
uint16_t mLocalSessionId = 1;
const char * kTestSecret = CHIP_CONFIG_TEST_SHARED_SECRET_VALUE;
};

} // namespace chip
6 changes: 3 additions & 3 deletions src/transport/SecureSessionTable.h
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,9 @@ class SecureSessionTable
* has been reached (with CHIP_ERROR_NO_MEMORY).
*/
CHECK_RETURN_VALUE
Optional<SessionHandle> CreateNewSecureSession(SecureSession::Type secureSessionType, uint16_t localSessionId,
NodeId peerNodeId, CATValues peerCATs, uint16_t peerSessionId,
FabricIndex fabric, const ReliableMessageProtocolConfig & config)
Optional<SessionHandle> CreateNewSecureSessionForTest(SecureSession::Type secureSessionType, uint16_t localSessionId,
NodeId peerNodeId, CATValues peerCATs, uint16_t peerSessionId,
FabricIndex fabric, const ReliableMessageProtocolConfig & config)
{
SecureSession * result =
mEntries.CreateObject(secureSessionType, localSessionId, peerNodeId, peerCATs, peerSessionId, fabric, config);
Expand Down
20 changes: 20 additions & 0 deletions src/transport/SessionManager.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -401,6 +401,26 @@ Optional<SessionHandle> SessionManager::AllocateSession(uint16_t sessionId)
return mSecureSessions.CreateNewSecureSession(sessionId);
}

CHIP_ERROR SessionManager::InjectPaseSessionWithTestKey(SessionHolder & sessionHolder, uint16_t localSessionId, NodeId peerNodeId,
uint16_t peerSessionId, FabricIndex fabric,
const Transport::PeerAddress & peerAddress, CryptoContext::SessionRole role)
{
Optional<SessionHandle> session =
mSecureSessions.CreateNewSecureSessionForTest(chip::Transport::SecureSession::Type::kPASE, localSessionId, peerNodeId,
CATValues{}, peerSessionId, fabric, GetLocalMRPConfig());
VerifyOrReturnError(session.HasValue(), CHIP_ERROR_NO_MEMORY);
SecureSession * secureSession = session.Value()->AsSecureSession();
secureSession->SetPeerAddress(peerAddress);

size_t secretLen = strlen(CHIP_CONFIG_TEST_SHARED_SECRET_VALUE);
ByteSpan secret(reinterpret_cast<const uint8_t *>(CHIP_CONFIG_TEST_SHARED_SECRET_VALUE), secretLen);
ReturnErrorOnFailure(secureSession->GetCryptoContext().InitFromSecret(
secret, ByteSpan(nullptr, 0), CryptoContext::SessionInfoType::kSessionEstablishment, role));
secureSession->GetSessionMessageCounter().GetPeerMessageCounter().SetCounter(LocalSessionMessageCounter::kInitialSyncValue);
sessionHolder.Grab(session.Value());
return CHIP_NO_ERROR;
}

CHIP_ERROR SessionManager::NewPairing(SessionHolder & sessionHolder, const Optional<Transport::PeerAddress> & peerAddr,
NodeId peerNodeId, PairingSession * pairing, CryptoContext::SessionRole direction,
FabricIndex fabric)
Expand Down
5 changes: 5 additions & 0 deletions src/transport/SessionManager.h
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,11 @@ class DLL_EXPORT SessionManager : public TransportMgrDelegate
void UnregisterRecoveryDelegate(SessionRecoveryDelegate & cb);
void RefreshSessionOperationalData(const SessionHandle & sessionHandle);

// Test-only: create a session on the fly.
CHIP_ERROR InjectPaseSessionWithTestKey(SessionHolder & sessionHolder, uint16_t localSessionId, NodeId peerNodeId,
uint16_t peerSessionId, FabricIndex fabric, const Transport::PeerAddress & peerAddress,
CryptoContext::SessionRole role);

/**
* @brief
* Establish a new pairing with a peer node
Expand Down
Loading

0 comments on commit 1070100

Please sign in to comment.