OpenDeviceCommissioningWindow verifies fabric index is what we expect (#36179)
* OpenDeviceCommissioningWindow verifies fabric index is what we expect
* Restyled by clang-format
---------
Co-authored-by: Restyled.io <commits@restyled.io>
diff --git a/examples/fabric-admin/device_manager/DeviceManager.cpp b/examples/fabric-admin/device_manager/DeviceManager.cpp
index 0d7d656..e52027c 100644
--- a/examples/fabric-admin/device_manager/DeviceManager.cpp
+++ b/examples/fabric-admin/device_manager/DeviceManager.cpp
@@ -117,14 +117,19 @@
ChipLogValueX64(device->GetNodeId()), device->GetEndpointId());
}
-void DeviceManager::OpenDeviceCommissioningWindow(NodeId nodeId, uint32_t iterations, uint16_t commissioningTimeoutSec,
+void DeviceManager::OpenDeviceCommissioningWindow(ScopedNodeId scopedNodeId, uint32_t iterations, uint16_t commissioningTimeoutSec,
uint16_t discriminator, const ByteSpan & salt, const ByteSpan & verifier)
{
- ChipLogProgress(NotSpecified, "Opening commissioning window for Node ID: " ChipLogFormatX64, ChipLogValueX64(nodeId));
+ // PairingManager isn't currently capable of OpenCommissioningWindow on a device of a fabric that it doesn't have
+ // the controller for. Currently no implementation need this functionality, but should they need it they will hit
+ // the verify or die below and it will be the responsiblity of whoever requires that functionality to implement.
+ VerifyOrDie(PairingManager::Instance().CurrentCommissioner().GetFabricIndex() == scopedNodeId.GetFabricIndex());
+ ChipLogProgress(NotSpecified, "Opening commissioning window for Node ID: " ChipLogFormatX64,
+ ChipLogValueX64(scopedNodeId.GetNodeId()));
// Open the commissioning window of a device within its own fabric.
- CHIP_ERROR err = PairingManager::Instance().OpenCommissioningWindow(nodeId, kRootEndpointId, commissioningTimeoutSec,
- iterations, discriminator, salt, verifier);
+ CHIP_ERROR err = PairingManager::Instance().OpenCommissioningWindow(
+ scopedNodeId.GetNodeId(), kRootEndpointId, commissioningTimeoutSec, iterations, discriminator, salt, verifier);
if (err != CHIP_NO_ERROR)
{
ChipLogError(NotSpecified, "Failed to open commissioning window: %s", ErrorStr(err));
@@ -412,7 +417,8 @@
ChipLogProgress(NotSpecified, " PAKEPasscodeVerifier size: %lu", value.PAKEPasscodeVerifier.size());
ChipLogProgress(NotSpecified, " salt size: %lu", value.salt.size());
- OpenDeviceCommissioningWindow(mLocalBridgeNodeId, value.iterations, value.commissioningTimeout, value.discriminator,
+ ScopedNodeId scopedNodeId(mLocalBridgeNodeId, PairingManager::Instance().CurrentCommissioner().GetFabricIndex());
+ OpenDeviceCommissioningWindow(scopedNodeId, value.iterations, value.commissioningTimeout, value.discriminator,
ByteSpan(value.salt.data(), value.salt.size()),
ByteSpan(value.PAKEPasscodeVerifier.data(), value.PAKEPasscodeVerifier.size()));
}
diff --git a/examples/fabric-admin/device_manager/DeviceManager.h b/examples/fabric-admin/device_manager/DeviceManager.h
index d405bd3..6adc8f2 100644
--- a/examples/fabric-admin/device_manager/DeviceManager.h
+++ b/examples/fabric-admin/device_manager/DeviceManager.h
@@ -91,7 +91,7 @@
*
* This function initiates the process to open the commissioning window for a device identified by the given node ID.
*
- * @param nodeId The ID of the node that should open the commissioning window.
+ * @param scopedNodeId The scoped node ID of the device that should open the commissioning window.
* @param iterations The number of PBKDF (Password-Based Key Derivation Function) iterations to use
* for deriving the PAKE (Password Authenticated Key Exchange) verifier.
* @param commissioningTimeoutSec The time in seconds before the commissioning window closes. This value determines
@@ -102,7 +102,7 @@
* @param verifier The PAKE verifier used to authenticate the commissioning process.
*
*/
- void OpenDeviceCommissioningWindow(chip::NodeId nodeId, uint32_t iterations, uint16_t commissioningTimeoutSec,
+ void OpenDeviceCommissioningWindow(chip::ScopedNodeId scopedNodeId, uint32_t iterations, uint16_t commissioningTimeoutSec,
uint16_t discriminator, const chip::ByteSpan & salt, const chip::ByteSpan & verifier);
/**
diff --git a/examples/fabric-admin/rpc/RpcServer.cpp b/examples/fabric-admin/rpc/RpcServer.cpp
index 8613d06..e10bb64 100644
--- a/examples/fabric-admin/rpc/RpcServer.cpp
+++ b/examples/fabric-admin/rpc/RpcServer.cpp
@@ -98,20 +98,19 @@
chip_rpc_OperationStatus & response) override
{
VerifyOrReturnValue(request.has_id, pw::Status::InvalidArgument());
- // TODO(#35875): OpenDeviceCommissioningWindow uses the same controller every time and doesn't currently accept
- // FabricIndex. For now we are dropping fabric index from the scoped node id.
- NodeId nodeId = request.id.node_id;
+ ScopedNodeId scopedNodeId(request.id.node_id, request.id.fabric_index);
uint32_t iterations = request.iterations;
uint16_t discriminator = request.discriminator;
uint16_t commissioningTimeoutSec = static_cast<uint16_t>(request.commissioning_timeout);
// Log the request details for debugging
ChipLogProgress(NotSpecified,
- "Received OpenCommissioningWindow request: NodeId 0x%lx, Timeout: %u, Iterations: %u, Discriminator: %u",
- static_cast<unsigned long>(nodeId), commissioningTimeoutSec, iterations, discriminator);
+ "Received OpenCommissioningWindow request: NodeId " ChipLogFormatX64
+ ", Timeout: %u, Iterations: %u, Discriminator: %u",
+ ChipLogValueX64(scopedNodeId.GetNodeId()), commissioningTimeoutSec, iterations, discriminator);
// Open the device commissioning window using raw binary data for salt and verifier
- DeviceMgr().OpenDeviceCommissioningWindow(nodeId, iterations, commissioningTimeoutSec, discriminator,
+ DeviceMgr().OpenDeviceCommissioningWindow(scopedNodeId, iterations, commissioningTimeoutSec, discriminator,
ByteSpan(request.salt.bytes, request.salt.size),
ByteSpan(request.verifier.bytes, request.verifier.size));
