Merge pull request #22 from kedars/bugfix/misc_data_model_changes
Miscellaneous data model changes
This commit is contained in:
Kedar Sovani
GitHub
commit
78586f3a7e
4 changed files with 37 additions and 49 deletions
|
|
@ -26,7 +26,8 @@ use crate::{
|
||||||
use log::error;
|
use log::error;
|
||||||
use num_derive::FromPrimitive;
|
use num_derive::FromPrimitive;
|
||||||
|
|
||||||
use self::{asn1_writer::ASN1Writer, printer::CertPrinter};
|
pub use self::asn1_writer::ASN1Writer;
|
||||||
|
use self::printer::CertPrinter;
|
||||||
|
|
||||||
// As per https://datatracker.ietf.org/doc/html/rfc5280
|
// As per https://datatracker.ietf.org/doc/html/rfc5280
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,12 @@ use mbedtls::{
|
||||||
};
|
};
|
||||||
|
|
||||||
use super::CryptoKeyPair;
|
use super::CryptoKeyPair;
|
||||||
use crate::error::Error;
|
use crate::{
|
||||||
|
// TODO: We should move ASN1Writer out of Cert,
|
||||||
|
// so Crypto doesn't have to depend on Cert
|
||||||
|
cert::{ASN1Writer, CertConsumer},
|
||||||
|
error::Error,
|
||||||
|
};
|
||||||
|
|
||||||
pub struct HmacSha256 {
|
pub struct HmacSha256 {
|
||||||
inner: Hmac,
|
inner: Hmac,
|
||||||
|
|
@ -183,7 +188,7 @@ impl CryptoKeyPair for KeyPair {
|
||||||
|
|
||||||
// current rust-mbedTLS APIs the signature to be in DER format
|
// current rust-mbedTLS APIs the signature to be in DER format
|
||||||
let mut mbedtls_sign = [0u8; super::EC_SIGNATURE_LEN_BYTES * 3];
|
let mut mbedtls_sign = [0u8; super::EC_SIGNATURE_LEN_BYTES * 3];
|
||||||
let len = convert_r_s_to_asn1_sign(signature, &mut mbedtls_sign);
|
let len = convert_r_s_to_asn1_sign(signature, &mut mbedtls_sign)?;
|
||||||
let mbedtls_sign = &mbedtls_sign[..len];
|
let mbedtls_sign = &mbedtls_sign[..len];
|
||||||
|
|
||||||
if let Err(e) = tmp_key.verify(hash::Type::Sha256, &msg_hash, mbedtls_sign) {
|
if let Err(e) = tmp_key.verify(hash::Type::Sha256, &msg_hash, mbedtls_sign) {
|
||||||
|
|
@ -195,51 +200,16 @@ impl CryptoKeyPair for KeyPair {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn convert_r_s_to_asn1_sign(signature: &[u8], mbedtls_sign: &mut [u8]) -> usize {
|
fn convert_r_s_to_asn1_sign(signature: &[u8], mbedtls_sign: &mut [u8]) -> Result<usize, Error> {
|
||||||
let mut offset = 0;
|
let r = &signature[0..32];
|
||||||
mbedtls_sign[offset] = 0x30;
|
let s = &signature[32..64];
|
||||||
offset += 1;
|
|
||||||
let mut len = 68;
|
|
||||||
if (signature[0] & 0x80) == 0x80 {
|
|
||||||
len += 1;
|
|
||||||
}
|
|
||||||
if (signature[32] & 0x80) == 0x80 {
|
|
||||||
len += 1;
|
|
||||||
}
|
|
||||||
mbedtls_sign[offset] = len;
|
|
||||||
offset += 1;
|
|
||||||
mbedtls_sign[offset] = 0x02;
|
|
||||||
offset += 1;
|
|
||||||
if (signature[0] & 0x80) == 0x80 {
|
|
||||||
// It seems if topmost bit is 1, there is an extra 0
|
|
||||||
mbedtls_sign[offset] = 33;
|
|
||||||
offset += 1;
|
|
||||||
mbedtls_sign[offset] = 0;
|
|
||||||
offset += 1;
|
|
||||||
} else {
|
|
||||||
mbedtls_sign[offset] = 32;
|
|
||||||
offset += 1;
|
|
||||||
}
|
|
||||||
mbedtls_sign[offset..(offset + 32)].copy_from_slice(&signature[..32]);
|
|
||||||
offset += 32;
|
|
||||||
|
|
||||||
mbedtls_sign[offset] = 0x02;
|
let mut wr = ASN1Writer::new(mbedtls_sign);
|
||||||
offset += 1;
|
wr.start_seq("")?;
|
||||||
if (signature[32] & 0x80) == 0x80 {
|
wr.integer("r", r)?;
|
||||||
// It seems if topmost bit is 1, there is an extra 0
|
wr.integer("s", s)?;
|
||||||
mbedtls_sign[offset] = 33;
|
wr.end_seq()?;
|
||||||
offset += 1;
|
Ok(wr.as_slice().len())
|
||||||
mbedtls_sign[offset] = 0;
|
|
||||||
offset += 1;
|
|
||||||
} else {
|
|
||||||
mbedtls_sign[offset] = 32;
|
|
||||||
offset += 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
mbedtls_sign[offset..(offset + 32)].copy_from_slice(&signature[32..64]);
|
|
||||||
offset += 32;
|
|
||||||
|
|
||||||
offset
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// mbedTLS sign() function directly encodes the signature in ASN1. The lower level function
|
// mbedTLS sign() function directly encodes the signature in ASN1. The lower level function
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,7 @@ enum CommissioningError {
|
||||||
ErrValueOutsideRange = 1,
|
ErrValueOutsideRange = 1,
|
||||||
ErrInvalidAuth = 2,
|
ErrInvalidAuth = 2,
|
||||||
ErrNotCommissioning = 3,
|
ErrNotCommissioning = 3,
|
||||||
|
ErrBusyWithOtherAdmin = 4,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub const ID: u32 = 0x0030;
|
pub const ID: u32 = 0x0030;
|
||||||
|
|
@ -180,17 +181,18 @@ impl GenCommCluster {
|
||||||
cmd_enter!("ARM Fail Safe");
|
cmd_enter!("ARM Fail Safe");
|
||||||
|
|
||||||
let p = FailSafeParams::from_tlv(&cmd_req.data)?;
|
let p = FailSafeParams::from_tlv(&cmd_req.data)?;
|
||||||
|
let mut status = CommissioningError::Ok as u8;
|
||||||
|
|
||||||
if self
|
if self
|
||||||
.failsafe
|
.failsafe
|
||||||
.arm(p.expiry_len, cmd_req.trans.session.get_session_mode())
|
.arm(p.expiry_len, cmd_req.trans.session.get_session_mode())
|
||||||
.is_err()
|
.is_err()
|
||||||
{
|
{
|
||||||
return Err(IMStatusCode::Busy);
|
status = CommissioningError::ErrBusyWithOtherAdmin as u8;
|
||||||
}
|
}
|
||||||
|
|
||||||
let cmd_data = CommonResponse {
|
let cmd_data = CommonResponse {
|
||||||
error_code: CommissioningError::Ok as u8,
|
error_code: status,
|
||||||
debug_txt: "".to_owned(),
|
debug_txt: "".to_owned(),
|
||||||
};
|
};
|
||||||
let resp = ib::InvResp::cmd_new(
|
let resp = ib::InvResp::cmd_new(
|
||||||
|
|
|
||||||
|
|
@ -67,6 +67,12 @@ impl DescriptorCluster {
|
||||||
Access::RV,
|
Access::RV,
|
||||||
Quality::NONE,
|
Quality::NONE,
|
||||||
)?,
|
)?,
|
||||||
|
Attribute::new(
|
||||||
|
Attributes::ClientList as u16,
|
||||||
|
AttrValue::Custom,
|
||||||
|
Access::RV,
|
||||||
|
Quality::NONE,
|
||||||
|
)?,
|
||||||
];
|
];
|
||||||
c.base.add_attributes(&attrs[..])?;
|
c.base.add_attributes(&attrs[..])?;
|
||||||
Ok(c)
|
Ok(c)
|
||||||
|
|
@ -124,6 +130,12 @@ impl DescriptorCluster {
|
||||||
}
|
}
|
||||||
let _ = tw.end_container();
|
let _ = tw.end_container();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn encode_client_list(&self, tag: TagType, tw: &mut TLVWriter) {
|
||||||
|
// No Clients supported
|
||||||
|
let _ = tw.start_array(tag);
|
||||||
|
let _ = tw.end_container();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl ClusterType for DescriptorCluster {
|
impl ClusterType for DescriptorCluster {
|
||||||
|
|
@ -145,6 +157,9 @@ impl ClusterType for DescriptorCluster {
|
||||||
Some(Attributes::PartsList) => encoder.encode(EncodeValue::Closure(&|tag, tw| {
|
Some(Attributes::PartsList) => encoder.encode(EncodeValue::Closure(&|tag, tw| {
|
||||||
self.encode_parts_list(tag, tw)
|
self.encode_parts_list(tag, tw)
|
||||||
})),
|
})),
|
||||||
|
Some(Attributes::ClientList) => encoder.encode(EncodeValue::Closure(&|tag, tw| {
|
||||||
|
self.encode_client_list(tag, tw)
|
||||||
|
})),
|
||||||
_ => {
|
_ => {
|
||||||
error!("Attribute not supported: this shouldn't happen");
|
error!("Attribute not supported: this shouldn't happen");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue