diff --git a/source/6LoWPAN/Thread/thread_extension.c b/source/6LoWPAN/Thread/thread_extension.c index 3a462514aaa..7afca303c49 100644 --- a/source/6LoWPAN/Thread/thread_extension.c +++ b/source/6LoWPAN/Thread/thread_extension.c @@ -789,7 +789,9 @@ static int thread_extension_relay_tx_cb(int8_t service_id, uint8_t source_addres uint8_t *udp_data_ptr; uint16_t udp_data_len; uint8_t *iid_ptr; + uint8_t iid_len; uint16_t port; + uint8_t port_len; int8_t socket_id; (void)source_address; (void)source_port; @@ -798,12 +800,12 @@ static int thread_extension_relay_tx_cb(int8_t service_id, uint8_t source_addres if (!cur) { return -1; } + iid_len = thread_meshcop_tlv_find(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_JOINER_IID, &iid_ptr); + port_len = thread_meshcop_tlv_data_get_uint16(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_JOINER_UDP_PORT, &port); + udp_data_len = thread_meshcop_tlv_find(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_JOINER_ENCAPSULATION, &udp_data_ptr); // unwrap message and send to joiner socket. - if (8 > thread_meshcop_tlv_find(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_JOINER_IID, &iid_ptr) || - 2 > thread_meshcop_tlv_data_get_uint16(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_JOINER_UDP_PORT, &port) || - 0 == (udp_data_len = thread_meshcop_tlv_find(request_ptr->payload_ptr, request_ptr->payload_len, MESHCOP_TLV_JOINER_ENCAPSULATION, &udp_data_ptr)) - ) { - tr_err("Relay TX invalid message"); + if (8 > iid_len || 2 > port_len || 0 == udp_data_len ) { + tr_err("Relay TX invalid message iid:%d, port:%d data_len:%d", iid_len,port_len, udp_data_len); return -1; } if (strncmp(THREAD_URI_BBR_NMK_TX_NTF, (const char *)request_ptr->uri_path_ptr, request_ptr->uri_path_len) == 0) { diff --git a/source/6LoWPAN/Thread/thread_extension_bootstrap.c b/source/6LoWPAN/Thread/thread_extension_bootstrap.c index 2c2ac78e7ec..f9f1ec4a33d 100644 --- a/source/6LoWPAN/Thread/thread_extension_bootstrap.c +++ b/source/6LoWPAN/Thread/thread_extension_bootstrap.c @@ -185,6 +185,8 @@ static int thread_joiner_application_simple_enroll_response_cb(int8_t service_id { (void) source_address; (void) source_port; + uint8_t *ptr; + uint16_t len, flen; // re-attach in any case and close the secure connection thread_extension_bootstrap_network_reattach(service_id, 1000); @@ -192,14 +194,30 @@ static int thread_joiner_application_simple_enroll_response_cb(int8_t service_id protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(thread_extension_bootstrap_find_id_by_service(service_id)); - tr_debug("Simple enrollment received"); + tr_debug("Simple enrollment received %s",trace_array(response_ptr->payload_ptr, response_ptr->payload_len)); if (!cur || !cur->thread_info || !response_ptr) { return -1; } + ptr = response_ptr->payload_ptr; + len = response_ptr->payload_len; + // CBOR format check + if (*ptr == 0x58) { + flen = *(ptr + 1); + ptr += 2; + len -= 2; + } else if (*ptr == 0x59) { + flen = common_read_16_bit(ptr + 1); + ptr += 3; + len -= 3; + } else { + // no shorter than 23 byte certificates supported + flen = 0; + } - if (0 > thread_extension_bootstrap_network_certificate_set(cur, response_ptr->payload_ptr, response_ptr->payload_len)) { - tr_warn("ae response parse failed"); + if ( flen != len || + 0 > thread_extension_bootstrap_network_certificate_set(cur, ptr, len)) { + tr_warn("ae response parse failed, len %d != %d",len,flen); } return 0; @@ -269,16 +287,26 @@ static int thread_joiner_application_rat_response_cb(int8_t service_id, uint8_t // TODO Verify nonce coap_service_request_send(service_id, COAP_REQUEST_OPTIONS_SECURE_BYPASS, source_address, source_port, - COAP_MSG_TYPE_CONFIRMABLE, COAP_MSG_CODE_REQUEST_GET, ".well-known/est/csrattrs", COAP_CT_NONE, NULL, 0, thread_joiner_application_csrattrs_response_cb); + COAP_MSG_TYPE_CONFIRMABLE, COAP_MSG_CODE_REQUEST_GET, ".well-known/est/csrattrs", THREAD_CONTENT_FORMAT_CSRATTRS, NULL, 0, thread_joiner_application_csrattrs_response_cb); return 0; } - +/*A2 # map(2) + 67 # text(7) + 76657273696F6E # "version" + 61 # text(1) + 31 # "1" + 65 # text(5) + 6E6F6E6365 # "nonce" + 48 # bytes(8) + 13ADD904605D973E # "\x13\xAD\xD9\x04`]\x97>" + * + */ static int thread_joiner_application_rat_request_build(uint8_t *rat_payload, int length) { uint8_t *ptr = rat_payload; - if (length < 25) { + if (length < 30) { return 0; } @@ -288,7 +316,8 @@ static int thread_joiner_application_rat_request_build(uint8_t *rat_payload, int *rat_payload++ = 0x67; memcpy(rat_payload, "version", 7); rat_payload += 7; - *rat_payload++ = 0x01; + *rat_payload++ = 0x61; + *rat_payload++ = 0x31; // text (5) "nonce" + bytes (8) random nonce // todo: save nonce to verify response against reply. @@ -306,7 +335,7 @@ static int thread_joiner_application_rat_request_build(uint8_t *rat_payload, int static int thread_joiner_application_ae_commission_start(int8_t interface_id, uint8_t parent_address[16], uint16_t port, thread_joiner_application_commission_done_cb *done_cb) { protocol_interface_info_entry_t *cur = protocol_stack_interface_info_get_by_id(interface_id); - uint8_t rat_payload[25]; + uint8_t rat_payload[30]; int rat_len; if (!done_cb || !cur) { diff --git a/source/6LoWPAN/Thread/thread_extension_constants.h b/source/6LoWPAN/Thread/thread_extension_constants.h index 64f8ab2aacb..01ad43b33f7 100644 --- a/source/6LoWPAN/Thread/thread_extension_constants.h +++ b/source/6LoWPAN/Thread/thread_extension_constants.h @@ -109,6 +109,7 @@ typedef struct discovery_additional_info { #define TMFCOP_TLV_COMMISSIONER_SESSION_ID 15 #define THREAD_CONTENT_FORMAT_AUDITNONCE (sn_coap_content_format_e)65000 +#define THREAD_CONTENT_FORMAT_CSRATTRS (sn_coap_content_format_e)65002 #define THREAD_CONTENT_FORMAT_PKCS10 (sn_coap_content_format_e)65003 #define THREAD_VERSION_1_2 3