Skip to content

Commit 02af1a8

Browse files
author
Tero Heinonen
authored
Thread extension commission updates (ARMmbed#1835)
1 parent 927c329 commit 02af1a8

File tree

3 files changed

+40
-26
lines changed

3 files changed

+40
-26
lines changed

source/6LoWPAN/Thread/thread_extension_bbr.c

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -343,6 +343,22 @@ static int thread_pbbr_data_req_recv_cb(int8_t service_id, uint8_t source_addres
343343
return 0;
344344
}
345345

346+
static int thread_pbbr_data_set_recv_cb(int8_t service_id, uint8_t source_address[static 16], uint16_t source_port, sn_coap_hdr_s *request_ptr)
347+
{
348+
(void) source_address;
349+
(void) source_port;
350+
351+
uint8_t response[3] = {0};
352+
uint8_t *ptr = response;
353+
354+
// This is not yet supported, thus return state TLV rejected
355+
ptr = thread_meshcop_tlv_data_write_uint8(response, MESHCOP_TLV_STATE, -1);
356+
357+
coap_service_response_send(service_id, COAP_REQUEST_OPTIONS_NONE, request_ptr, COAP_MSG_CODE_RESPONSE_CHANGED, COAP_CT_OCTET_STREAM, response, ptr - response);
358+
359+
return 0;
360+
}
361+
346362
static int thread_pbbr_nmkp_relay_rx_recv_cb(int8_t service_id, uint8_t source_address[static 16], uint16_t source_port, sn_coap_hdr_s *request_ptr)
347363
{
348364
thread_pbbr_t *this = thread_border_router_find_by_service(service_id);
@@ -1143,6 +1159,7 @@ static int thread_extension_bbr_pbbr_start(thread_pbbr_t *this)
11431159
coap_service_register_uri(this->coap_service_id, THREAD_URI_BBR_NMK_RX_NTF, COAP_SERVICE_ACCESS_POST_ALLOWED, thread_pbbr_nmkp_relay_rx_recv_cb);
11441160
// Register BBR data request URI
11451161
coap_service_register_uri(this->coap_service_id, THREAD_URI_BBR_DATA_REQ, COAP_SERVICE_ACCESS_GET_ALLOWED, thread_pbbr_data_req_recv_cb);
1162+
coap_service_register_uri(this->coap_service_id, THREAD_URI_BBR_DATA_SET, COAP_SERVICE_ACCESS_GET_ALLOWED, thread_pbbr_data_set_recv_cb);
11461163

11471164
// create secure service for Network master key provisioning
11481165
this->coap_nmkp_virtual_service_id = coap_service_initialize(this->interface_id, THREAD_MANAGEMENT_PORT, COAP_SERVICE_OPTIONS_SECURE | COAP_SERVICE_OPTIONS_VIRTUAL_SOCKET, thread_pbbr_pskd_security_start_cb, NULL);

source/6LoWPAN/Thread/thread_extension_bootstrap.c

Lines changed: 19 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,7 @@ typedef struct thread_extension_credentials {
7777

7878
#ifdef HAVE_THREAD_V2
7979

80-
/* Hardcoded CSR request/privatekey pairs */
80+
/* Hardcoded CSR request */
8181
static const unsigned char csr_request[215] = {
8282
0x30,0x81,0xd4,0x30,0x7c,0x02,0x01,0x00,0x30,0x1a,0x31,0x18,0x30,0x16,0x06,0x03,
8383
0x55,0x04,0x03,0x0c,0x0f,0x54,0x68,0x72,0x65,0x61,0x64,0x44,0x65,0x76,0x69,0x63,
@@ -95,7 +95,9 @@ static const unsigned char csr_request[215] = {
9595
0x26,0xe3,0x5a,0x74,0x62,0x0f,0x70
9696
};
9797

98-
/* Private key for certificate m_device_nxp_sn_and_8021ar.cert.pem -> test registrar will return this as default
98+
/*
99+
* Private key for certificate m_device_nxp_sn_and_8021ar.cert.pem -> test registrar will return this as default
100+
*/
99101
static const unsigned char domain_private_key[138] = {
100102
0x30,0x81,0x87,0x02,0x01,0x00,0x30,0x13,0x06,0x07,0x2a,0x86,0x48,0xce,0x3d,0x02,
101103
0x01,0x06,0x08,0x2a,0x86,0x48,0xce,0x3d,0x03,0x01,0x07,0x04,0x6d,0x30,0x6b,0x02,
@@ -107,7 +109,7 @@ static const unsigned char domain_private_key[138] = {
107109
0xc2,0x43,0x69,0x0a,0x57,0xb5,0x54,0xeb,0x9b,0x06,0xad,0xed,0x7c,0x56,0x6e,0x0c,
108110
0x23,0xcb,0x1e,0x51,0x78,0xe4,0xae,0x41,0x58,0x15
109111
};
110-
*/
112+
111113
const uint8_t meshcop_nmkp_resp_ignore[] = {
112114
MESHCOP_TLV_COMM_SIGNATURE,
113115
MESHCOP_TLV_COMM_TOKEN,
@@ -196,7 +198,7 @@ static int thread_joiner_application_simple_enroll_response_cb(int8_t service_id
196198

197199
protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(thread_extension_bootstrap_find_id_by_service(service_id));
198200

199-
tr_debug("Simple enrollment received %s",trace_array(response_ptr->payload_ptr, response_ptr->payload_len));
201+
tr_debug("Simple enrollment received len:%d - %s",response_ptr->payload_len,trace_array(response_ptr->payload_ptr, response_ptr->payload_len));
200202

201203
if (!cur || !cur->thread_info || !response_ptr) {
202204
return -1;
@@ -217,11 +219,8 @@ static int thread_joiner_application_simple_enroll_response_cb(int8_t service_id
217219
flen = 0;
218220
}
219221

220-
/* Hack: registrar does not reply actual certificates, we need to use something... */
221222
if ( flen != len ||
222-
0 > thread_extension_bootstrap_network_certificate_set(cur, thread_info(cur)->extension_credentials_ptr->device_certificate_ptr,
223-
thread_info(cur)->extension_credentials_ptr->device_certificate_len)) {
224-
// 0 > thread_extension_bootstrap_network_certificate_set(cur, ptr, len)) {
223+
0 > thread_extension_bootstrap_network_certificate_set(cur, ptr, len)) {
225224
tr_warn("ae response parse failed, len %d != %d",len,flen);
226225
}
227226

@@ -241,8 +240,7 @@ static int thread_joiner_application_csrattrs_response_cb(int8_t service_id, uin
241240
tr_info("Receiving csrattrs response sending simpleenroll");
242241

243242
// TODO Create CSR and private key here... Now we use hardcoded stuff.
244-
// HACK: use device certificate/private key untill registrar replys real certificates..
245-
thread_extension_bootstrap_network_private_key_set(cur, thread_info(cur)->extension_credentials_ptr->device_pk_ptr, thread_info(cur)->extension_credentials_ptr->device_pk_len);
243+
thread_extension_bootstrap_network_private_key_set(cur, domain_private_key, sizeof(domain_private_key));
246244

247245
coap_service_request_send(service_id, COAP_REQUEST_OPTIONS_SECURE_BYPASS, source_address, source_port,
248246
COAP_MSG_TYPE_CONFIRMABLE, COAP_MSG_CODE_REQUEST_POST, THREAD_URI_SIMPLEENROLL, THREAD_CONTENT_FORMAT_PKCS10,
@@ -296,18 +294,17 @@ static int thread_joiner_application_rat_response_cb(int8_t service_id, uint8_t
296294
ca_cert_len = common_read_16_bit((uint8_t *)ca_cert_ptr); // read length
297295
ca_cert_ptr += 2;
298296
tr_debug("CA cert len %d", ca_cert_len);
299-
/* Set domain certificate pointer and length */
300-
// HACK: this is not needed, we use device certificate...
301-
302-
// if (thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
303-
// ns_dyn_mem_free(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr);
304-
// }
305-
// thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr = ns_dyn_mem_alloc(ca_cert_len);
306-
// if (!thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
307-
// return -1;
308-
// }
309-
// memcpy(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr, ca_cert_ptr, ca_cert_len);
310-
// thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_len = ca_cert_len;
297+
/* Set domain CA certificate pointer and length */
298+
299+
if (thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
300+
ns_dyn_mem_free(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr);
301+
}
302+
thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr = ns_dyn_mem_alloc(ca_cert_len);
303+
if (!thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr) {
304+
return -1;
305+
}
306+
memcpy(thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_ptr, ca_cert_ptr, ca_cert_len);
307+
thread_info(cur)->extension_credentials_ptr->domain_ca_certificate_len = ca_cert_len;
311308
} else {
312309
tr_error("Response parse failed");
313310
}

source/6LoWPAN/Thread/thread_extension_constants.h

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -78,10 +78,10 @@ typedef struct discovery_additional_info {
7878
#define THREAD_URI_TRI_TX_NTF ".well-known/thread/c/txr" //<* Registrar
7979
#define THREAD_URI_TRI_RX_NTF ".well-known/thread/c/rxr" //<* Registrar
8080

81-
#define THREAD_URI_SIMPLEENROLL ".well-known/est/simpleenroll" //<* Registrar
82-
#define THREAD_URI_CSRATTRS ".well-known/est/csrattrs" //<* Registrar
83-
#define THREAD_URI_RAT ".well-known/est/rat" //<* Registrar
84-
#define THREAD_URI_SIMPLEREENROLL ".well-known/est/simplereenroll" //<* Registrar
81+
#define THREAD_URI_SIMPLEENROLL ".well-known/est/sen" //<* Registrar
82+
#define THREAD_URI_CSRATTRS ".well-known/est/att" //<* Registrar
83+
#define THREAD_URI_RAT ".well-known/est/rv" //<* Registrar
84+
#define THREAD_URI_SIMPLEREENROLL ".well-known/est/sren" //<* Registrar
8585

8686
/** @defgroup Thread 1.2 experimental */
8787

0 commit comments

Comments
 (0)