From 28990d6ed674c32f5bf2dc878eb64056912105b7 Mon Sep 17 00:00:00 2001 From: Gregg Date: Sat, 13 Apr 2024 22:00:37 -0500 Subject: [PATCH] Revert "Changed TLV:add() so it returns TLV8 instead of iterator." This reverts commit 7a50479bacd97483f22799b06c6206fcd0bba05b. --- src/HAP.cpp | 32 +++++++++++++++++--------------- src/TLV8.cpp | 15 ++++++++------- src/TLV8.h | 10 +++++----- 3 files changed, 30 insertions(+), 27 deletions(-) diff --git a/src/HAP.cpp b/src/HAP.cpp index a4aa4c0..69720de 100644 --- a/src/HAP.cpp +++ b/src/HAP.cpp @@ -370,6 +370,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ return(0); }; + auto itPublicKey=responseTLV.add(kTLVType_PublicKey,384,NULL); // create blank PublicKey TLV with space for 384 bytes if(srp==NULL) // create instance of SRP (if not already created) to persist until Pairing-Setup M5 completes srp=new SRP6A; @@ -380,8 +381,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ responseTLV.add(kTLVType_Salt,16,verifyData.get()->salt); // write Salt from verification data into TLV - responseTLV.add(kTLVType_PublicKey,384,NULL); // create blank PublicKey TLV with space for 384 bytes - srp->createPublicKey(verifyData,responseTLV.back()); // create accessory Public Key from stored verification data and write result into PublicKey TLV + srp->createPublicKey(verifyData,*itPublicKey); // create accessory Public Key from stored verification data and write result into PublicKey TLV tlvRespond(responseTLV); // send response to client pairStatus=pairState_M3; // set next expected pair-state request from client @@ -414,8 +414,9 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ return(0); }; - responseTLV.add(kTLVType_Proof,64,NULL); // create blank accessory Proof TLV with space for 64 bytes - srp->createAccProof(responseTLV.back()); // M1 has been successully verified; now create accessory Proof M2 + auto itAccProof=responseTLV.add(kTLVType_Proof,64,NULL); // create blank accessory Proof TLV with space for 64 bytes + + srp->createAccProof(*itAccProof); // M1 has been successully verified; now create accessory Proof M2 tlvRespond(responseTLV); // send response to client pairStatus=pairState_M5; // set next expected pair-state request from client @@ -512,13 +513,14 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ TempBuffer accessoryInfo(accessoryX,accessoryX.len(),accessory.ID,hap_accessory_IDBYTES,accessory.LTPK,crypto_sign_PUBLICKEYBYTES,NULL); - subTLV.clear(); // clear existing SUBTLV records + subTLV.clear(); // clear existing SUBTLV records - subTLV.add(kTLVType_Signature,64,NULL); // create blank Signature TLV with space for 64 bytes - crypto_sign_detached(subTLV.back(),NULL,accessoryInfo,accessoryInfo.len(),accessory.LTSK); // produce signature of accessoryInfo using AccessoryLTSK (Ed25519 long-term secret key) + itSignature=subTLV.add(kTLVType_Signature,64,NULL); // create blank Signature TLV with space for 64 bytes - subTLV.add(kTLVType_Identifier,hap_accessory_IDBYTES,accessory.ID); // set Identifier TLV record as accessoryPairingID - subTLV.add(kTLVType_PublicKey,crypto_sign_PUBLICKEYBYTES,accessory.LTPK); // set PublicKey TLV record as accessoryLTPK + crypto_sign_detached(*itSignature,NULL,accessoryInfo,accessoryInfo.len(),accessory.LTSK); // produce signature of accessoryInfo using AccessoryLTSK (Ed25519 long-term secret key) + + subTLV.add(kTLVType_Identifier,hap_accessory_IDBYTES,accessory.ID); // set Identifier TLV record as accessoryPairingID + subTLV.add(kTLVType_PublicKey,crypto_sign_PUBLICKEYBYTES,accessory.LTPK); // set PublicKey TLV record as accessoryLTPK LOG2("------- ENCRYPTING SUB-TLVS -------\n"); @@ -530,9 +532,9 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ // Encrypt the subTLV data using the same SRP Session Key as above with ChaCha20-Poly1305 - responseTLV.add(kTLVType_EncryptedData,subPack.len()+crypto_aead_chacha20poly1305_IETF_ABYTES,NULL); //create blank EncryptedData TLV with space for subTLV + Authentication Tag + itEncryptedData=responseTLV.add(kTLVType_EncryptedData,subPack.len()+crypto_aead_chacha20poly1305_IETF_ABYTES,NULL); //create blank EncryptedData TLV with space for subTLV + Authentication Tag - crypto_aead_chacha20poly1305_ietf_encrypt(responseTLV.back(),NULL,subPack,subPack.len(),NULL,0,NULL,(unsigned char *)"\x00\x00\x00\x00PS-Msg06",sessionKey); + crypto_aead_chacha20poly1305_ietf_encrypt(*itEncryptedData,NULL,subPack,subPack.len(),NULL,0,NULL,(unsigned char *)"\x00\x00\x00\x00PS-Msg06",sessionKey); LOG2("---------- END SUB-TLVS! ----------\n"); @@ -621,8 +623,8 @@ int HAPClient::postPairVerifyURL(uint8_t *content, size_t len){ TempBuffer accessoryInfo(publicCurveKey,crypto_box_PUBLICKEYBYTES,accessory.ID,hap_accessory_IDBYTES,iosCurveKey,crypto_box_PUBLICKEYBYTES,NULL); subTLV.add(kTLVType_Identifier,hap_accessory_IDBYTES,accessory.ID); // set Identifier subTLV record as Accessory's Pairing ID - subTLV.add(kTLVType_Signature,crypto_sign_BYTES,NULL); // create blank Signature subTLV - crypto_sign_detached(subTLV.back(),NULL,accessoryInfo,accessoryInfo.len(),accessory.LTSK); // produce Signature of accessoryInfo using Accessory's LTSK + auto itSignature=subTLV.add(kTLVType_Signature,crypto_sign_BYTES,NULL); // create blank Signature subTLV + crypto_sign_detached(*itSignature,NULL,accessoryInfo,accessoryInfo.len(),accessory.LTSK); // produce Signature of accessoryInfo using Accessory's LTSK LOG2("------- ENCRYPTING SUB-TLVS -------\n"); @@ -638,8 +640,8 @@ int HAPClient::postPairVerifyURL(uint8_t *content, size_t len){ sessionKey=(uint8_t *)HS_MALLOC(crypto_box_PUBLICKEYBYTES); // temporary space - will be deleted at end of verification process HKDF::create(sessionKey,sharedCurveKey,crypto_box_PUBLICKEYBYTES,"Pair-Verify-Encrypt-Salt","Pair-Verify-Encrypt-Info"); // create Session Curve25519 Key from Shared-Secret Curve25519 Key using HKDF-SHA-512 - responseTLV.add(kTLVType_EncryptedData,subPack.len()+crypto_aead_chacha20poly1305_IETF_ABYTES,NULL); // create blank EncryptedData subTLV - crypto_aead_chacha20poly1305_ietf_encrypt(responseTLV.back(),NULL,subPack,subPack.len(),NULL,0,NULL,(unsigned char *)"\x00\x00\x00\x00PV-Msg02",sessionKey); // encrypt data with Session Curve25519 Key and padded nonce="PV-Msg02" + auto itEncryptedData=responseTLV.add(kTLVType_EncryptedData,subPack.len()+crypto_aead_chacha20poly1305_IETF_ABYTES,NULL); // create blank EncryptedData subTLV + crypto_aead_chacha20poly1305_ietf_encrypt(*itEncryptedData,NULL,subPack,subPack.len(),NULL,0,NULL,(unsigned char *)"\x00\x00\x00\x00PV-Msg02",sessionKey); // encrypt data with Session Curve25519 Key and padded nonce="PV-Msg02" LOG2("---------- END SUB-TLVS! ----------\n"); diff --git a/src/TLV8.cpp b/src/TLV8.cpp index 7020af0..51689f8 100644 --- a/src/TLV8.cpp +++ b/src/TLV8.cpp @@ -68,27 +68,28 @@ void tlv8_t::osprint(std::ostream& os){ ///////////////////////////////////// -TLV8 &TLV8::add(uint8_t tag, size_t len, const uint8_t* val){ +TLV8_it TLV8::add(uint8_t tag, size_t len, const uint8_t* val){ if(!empty() && back().tag==tag) back().update(len,val); else emplace_back(tag,len,val); - return(*this); + return(--end()); } ///////////////////////////////////// -TLV8 &TLV8::add(uint8_t tag, TLV8 &subTLV){ +TLV8_it TLV8::add(uint8_t tag, TLV8 &subTLV){ - subTLV.pack(add(tag,subTLV.pack_size(),NULL).back()); // add new blank element of sufficient size and pack subTLV into this new element - return(*this); + auto it=add(tag,subTLV.pack_size(),NULL); // create space for inserting sub TLV and store iterator to new element + subTLV.pack(*it); // pack subTLV into new element + return(--end()); } ///////////////////////////////////// -TLV8 &TLV8::add(uint8_t tag, uint64_t val){ +TLV8_it TLV8::add(uint8_t tag, uint64_t val){ uint8_t *p=reinterpret_cast(&val); size_t nBytes=sizeof(uint64_t); @@ -104,7 +105,7 @@ TLV8_it TLV8::find(uint8_t tag, TLV8_it it1, TLV8_it it2){ auto it=it1; while(it!=it2 && (*it).tag!=tag) it++; - return(it); + return(it==it2?end():it); } ///////////////////////////////////// diff --git a/src/TLV8.h b/src/TLV8.h index 93b3e34..aca36c4 100644 --- a/src/TLV8.h +++ b/src/TLV8.h @@ -84,11 +84,11 @@ class TLV8 : public std::list> { TLV8(){}; TLV8(const TLV8_names *names, int nNames) : names{names}, nNames{nNames} {}; - TLV8 & add(uint8_t tag, size_t len, const uint8_t *val); - TLV8 & add(uint8_t tag, uint64_t val); - TLV8 & add(uint8_t tag, TLV8 &subTLV); - TLV8 & add(uint8_t tag){return(add(tag, 0, NULL));} - TLV8 & add(uint8_t tag, const char *val){return(add(tag, strlen(val), reinterpret_cast(val)));} + TLV8_it add(uint8_t tag, size_t len, const uint8_t *val); + TLV8_it add(uint8_t tag, uint64_t val); + TLV8_it add(uint8_t tag, TLV8 &subTLV); + TLV8_it add(uint8_t tag){return(add(tag, 0, NULL));} + TLV8_it add(uint8_t tag, const char *val){return(add(tag, strlen(val), reinterpret_cast(val)));} TLV8_it find(uint8_t tag, TLV8_it it1, TLV8_it it2); TLV8_it find(uint8_t tag, TLV8_it it1){return(find(tag, it1, end()));}