Seich
/
HomeSpan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

small tweaks to the TLV8 library for ease of use

This commit is contained in:
Gregg 2024-04-20 10:14:31 -05:00
parent 173ba036f0
commit b4bfac54e7
3 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/HAP.cpp
View File

@ -334,7 +334,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){
return(0);
}
int tlvState=(*itState).getVal();
int tlvState=itState->getVal();
if(nAdminControllers()){ // error: Device already paired (i.e. there is at least one admin Controller). We should not be receiving any requests for Pair-Setup!
LOG0("\n*** ERROR: Device already paired!\n\n");
@ -363,7 +363,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){
auto itMethod=iosTLV.find(kTLVType_Method);
if(iosTLV.len(itMethod)!=1 || (*itMethod).getVal()!=0){ // error: "Pair Setup" method must always be 0 to indicate setup without MiFi Authentification (HAP Table 5-3)
if(iosTLV.len(itMethod)!=1 || itMethod->getVal()!=0){ // error: "Pair Setup" method must always be 0 to indicate setup without MiFi Authentification (HAP Table 5-3)
LOG0("\n*** ERROR: Pair 'Method' missing or not set to 0\n\n");
responseTLV.add(kTLVType_Error,tagError_Unavailable); // set Error=Unavailable
tlvRespond(responseTLV); // send response to client
@ -404,7 +404,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){
return(0);
};
srp->createSessionKey(*itPublicKey,(*itPublicKey).getLen()); // create session key, K, from client Public Key, A
srp->createSessionKey(*itPublicKey,itPublicKey->getLen()); // create session key, K, from client Public Key, A
if(!srp->verifyClientProof(*itClientProof)){ // verify client Proof, M1
LOG0("\n*** ERROR: SRP Proof Verification Failed\n\n");
@ -454,9 +454,9 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){
// use SessionKey to decrypt encryptedData TLV with padded nonce="PS-Msg05"
TempBuffer<uint8_t> decrypted((*itEncryptedData).getLen()-crypto_aead_chacha20poly1305_IETF_ABYTES); // temporary storage for decrypted data
TempBuffer<uint8_t> decrypted(itEncryptedData->getLen()-crypto_aead_chacha20poly1305_IETF_ABYTES); // temporary storage for decrypted data
if(crypto_aead_chacha20poly1305_ietf_decrypt(decrypted, NULL, NULL, *itEncryptedData, (*itEncryptedData).getLen(), NULL, 0, (unsigned char *)"\x00\x00\x00\x00PS-Msg05", sessionKey)==-1){
if(crypto_aead_chacha20poly1305_ietf_decrypt(decrypted, NULL, NULL, *itEncryptedData, itEncryptedData->getLen(), NULL, 0, (unsigned char *)"\x00\x00\x00\x00PS-Msg05", sessionKey)==-1){
LOG0("\n*** ERROR: Exchange-Request Authentication Failed\n\n");
responseTLV.add(kTLVType_Error,tagError_Authentication); // set Error=Authentication
tlvRespond(responseTLV); // send response to client
@ -492,7 +492,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){
// Concatenate iosDeviceX, IOS ID, and IOS PublicKey into iosDeviceInfo
TempBuffer<uint8_t> iosDeviceInfo(iosDeviceX,iosDeviceX.len(),(uint8_t *)(*itIdentifier),(*itIdentifier).getLen(),(uint8_t *)(*itPublicKey),(*itPublicKey).getLen(),NULL);
TempBuffer<uint8_t> iosDeviceInfo(iosDeviceX,iosDeviceX.len(),(uint8_t *)(*itIdentifier),itIdentifier->getLen(),(uint8_t *)(*itPublicKey),itPublicKey->getLen(),NULL);
if(crypto_sign_verify_detached(*itSignature, iosDeviceInfo, iosDeviceInfo.len(), *itPublicKey) != 0){ // verify signature of iosDeviceInfo using iosDeviceLTPK
LOG0("\n*** ERROR: LPTK Signature Verification Failed\n\n");
@ -585,7 +585,7 @@ int HAPClient::postPairVerifyURL(uint8_t *content, size_t len){
return(0);
}
int tlvState=(*itState).getVal();
int tlvState=itState->getVal();
if(!nAdminControllers()){ // error: Device not yet paired - we should not be receiving any requests for Pair-Verify!
LOG0("\n*** ERROR: Device not yet paired!\n\n");
@ -670,7 +670,7 @@ int HAPClient::postPairVerifyURL(uint8_t *content, size_t len){
TempBuffer<uint8_t> decrypted((*itEncryptedData).getLen()-crypto_aead_chacha20poly1305_IETF_ABYTES); // temporary storage for decrypted data
if(crypto_aead_chacha20poly1305_ietf_decrypt(decrypted, NULL, NULL, *itEncryptedData, (*itEncryptedData).getLen(), NULL, 0, (unsigned char *)"\x00\x00\x00\x00PV-Msg03", sessionKey)==-1){
if(crypto_aead_chacha20poly1305_ietf_decrypt(decrypted, NULL, NULL, *itEncryptedData, itEncryptedData->getLen(), NULL, 0, (unsigned char *)"\x00\x00\x00\x00PV-Msg03", sessionKey)==-1){
LOG0("\n*** ERROR: Verify Authentication Failed\n\n");
responseTLV.add(kTLVType_State,pairState_M4); // set State=<M4>
responseTLV.add(kTLVType_Error,tagError_Authentication); // set Error=Authentication
@ -771,7 +771,7 @@ int HAPClient::postPairingsURL(uint8_t *content, size_t len){
auto itState=iosTLV.find(kTLVType_State);
auto itMethod=iosTLV.find(kTLVType_Method);
if(iosTLV.len(itState)!=1 || (*itState).getVal()!=1){ // missing STATE TLV
if(iosTLV.len(itState)!=1 || itState->getVal()!=1){ // missing STATE TLV
LOG0("\n*** ERROR: Parirings 'State' is either missing or not set to <M1>\n\n");
badRequestError(); // return with 400 error, which closes connection
return(0);
@ -783,7 +783,7 @@ int HAPClient::postPairingsURL(uint8_t *content, size_t len){
return(0);
}
int tlvMethod=(*itMethod).getVal();
int tlvMethod=itMethod->getVal();
responseTLV.add(kTLVType_State,pairState_M2); // all responses include State=M2
@ -810,7 +810,7 @@ int HAPClient::postPairingsURL(uint8_t *content, size_t len){
return(0);
}
tagError err=addController(*itIdentifier,*itPublicKey,(*itPermissions).getVal());
tagError err=addController(*itIdentifier,*itPublicKey,itPermissions->getVal());
if(err!=tagError_None)
responseTLV.add(kTLVType_Error,err);

26
src/TLV8.cpp
View File

@ -107,7 +107,7 @@ TLV8_it TLV8::add(uint8_t tag, uint64_t val){
TLV8_it TLV8::find(uint8_t tag, TLV8_it it1, TLV8_it it2){
auto it=it1;
while(it!=it2 && (*it).getTag()!=tag)
while(it!=it2 && it->getTag()!=tag)
it++;
return(it);
}
@ -139,12 +139,12 @@ size_t TLV8::pack(uint8_t *buf, size_t bufSize){
case 0:
currentPackBuf=*currentPackIt;
endPackBuf=(*currentPackIt)+(*currentPackIt).getLen();
endPackBuf=(*currentPackIt)+currentPackIt->getLen();
currentPackPhase=1;
break;
case 1:
*buf++=(*currentPackIt).getTag();
*buf++=currentPackIt->getTag();
nBytes++;
currentPackPhase=2;
break;
@ -232,7 +232,7 @@ int TLV8::unpack(TLV8_it it){
if(it==end())
return(0);
return(unpack(*it,(*it).getLen()));
return(unpack(*it,it->getLen()));
}
/////////////////////////////////////
@ -255,20 +255,20 @@ const char *TLV8::getName(uint8_t tag){
void TLV8::print(TLV8_it it1, TLV8_it it2){
while(it1!=it2){
const char *name=getName((*it1).getTag());
const char *name=getName(it1->getTag());
if(name)
Serial.printf("%s",name);
else
Serial.printf("%d",(*it1).getTag());
Serial.printf("(%d) ",(*it1).getLen());
for(int i=0;i<(*it1).getLen();i++)
Serial.printf("%d",it1->getTag());
Serial.printf("(%d) ",it1->getLen());
for(int i=0;i<it1->getLen();i++)
Serial.printf("%02X",(*it1)[i]);
if((*it1).getLen()==0)
if(it1->getLen()==0)
Serial.printf(" [null]");
else if((*it1).getLen()<=4)
Serial.printf(" [%u]",(*it1).getVal());
else if((*it1).getLen()<=8)
Serial.printf(" [%llu]",(*it1).getVal<uint64_t>());
else if(it1->getLen()<=4)
Serial.printf(" [%u]",it1->getVal());
else if(it1->getLen()<=8)
Serial.printf(" [%llu]",it1->getVal<uint64_t>());
Serial.printf("\n");
it1++;
}

4
src/TLV8.h
View File

@ -56,6 +56,10 @@ class tlv8_t {
return(val.get()[index]);
}
uint8_t *get(){
return(val.get());
}
size_t getLen(){
return(len);
}