From 1fbf5e787f3ce7fda85c9d4582f0ffe5f6a80677 Mon Sep 17 00:00:00 2001 From: Pankaj Garg Date: Tue, 11 Jan 2022 14:56:28 -0800 Subject: [PATCH] Use current time during CASE session handshake (#13462) --- src/protocols/secure_channel/CASESession.cpp | 29 ++++++++++++++++---- src/protocols/secure_channel/CASESession.h | 5 ++-- 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/src/protocols/secure_channel/CASESession.cpp b/src/protocols/secure_channel/CASESession.cpp index a069263f371b50..23fc70aed7d565 100644 --- a/src/protocols/secure_channel/CASESession.cpp +++ b/src/protocols/secure_channel/CASESession.cpp @@ -1298,15 +1298,14 @@ CHIP_ERROR CASESession::RetrieveIPK(FabricId fabricId, MutableByteSpan & ipk) return CHIP_NO_ERROR; } -// TODO: Remove this and replace with system method to retrieve current time -CHIP_ERROR CASESession::SetEffectiveTime(void) +CHIP_ERROR CASESession::GetHardcodedTime() { using namespace ASN1; ASN1UniversalTime effectiveTime; - effectiveTime.Year = 2021; - effectiveTime.Month = 2; - effectiveTime.Day = 12; + effectiveTime.Year = 2022; + effectiveTime.Month = 1; + effectiveTime.Day = 1; effectiveTime.Hour = 10; effectiveTime.Minute = 10; effectiveTime.Second = 10; @@ -1314,6 +1313,26 @@ CHIP_ERROR CASESession::SetEffectiveTime(void) return ASN1ToChipEpochTime(effectiveTime, mValidContext.mEffectiveTime); } +CHIP_ERROR CASESession::SetEffectiveTime() +{ + System::Clock::Milliseconds64 currentTimeMS; + CHIP_ERROR err = System::SystemClock().GetClock_RealTimeMS(currentTimeMS); + if (err == CHIP_ERROR_UNSUPPORTED_CHIP_FEATURE) + { + ChipLogError( + SecureChannel, + "The device does not support GetClock_RealTimeMS() API. This will eventually result in CASE session setup failures."); + // TODO: Remove use of hardcoded time during CASE setup + return GetHardcodedTime(); + } + ReturnErrorOnFailure(err); + + System::Clock::Seconds32 currentTime = std::chrono::duration_cast(currentTimeMS); + VerifyOrReturnError(UnixEpochToChipEpochTime(currentTime.count(), mValidContext.mEffectiveTime), CHIP_ERROR_INVALID_TIME); + + return CHIP_NO_ERROR; +} + void CASESession::OnSuccessStatusReport() { ChipLogProgress(SecureChannel, "Success status report received. Session was established"); diff --git a/src/protocols/secure_channel/CASESession.h b/src/protocols/secure_channel/CASESession.h index a780c298a6dd9a..ef1309790b5b48 100644 --- a/src/protocols/secure_channel/CASESession.h +++ b/src/protocols/secure_channel/CASESession.h @@ -226,8 +226,9 @@ class DLL_EXPORT CASESession : public Messaging::ExchangeDelegate, public Pairin */ void DiscardExchange(); - // TODO: Remove this and replace with system method to retrieve current time - CHIP_ERROR SetEffectiveTime(void); + CHIP_ERROR GetHardcodedTime(); + + CHIP_ERROR SetEffectiveTime(); CHIP_ERROR ValidateReceivedMessage(Messaging::ExchangeContext * ec, const PayloadHeader & payloadHeader, System::PacketBufferHandle & msg);