Giter Club home page Giter Club logo

Comments (4)

ssnover avatar ssnover commented on June 19, 2024

Hmm, went hunting through the C++ SDK and this seems relevant: https://github.com/project-chip/connectedhomeip/blob/f47ce538dcbb37b3bda40f15cca587f0c01cbe0b/src/credentials/CHIPCert.cpp#L191

Looks like the SKID is not optional in this instance. I wonder what's going on there.

Given that this is a certified Matter controller, I can only assume that the data is not being parsed correctly somewhere along the way. Is there anything I can do to debug further?

This is the CaseSigma3 TLV message, from the logs:

[2023-09-14T00:56:18Z INFO  rs_matter::transport::packet] Got packet SC:CASESigma3: 
[2023-09-14T00:56:18Z INFO  rs_matter::tlv::parser] TLV list:
[2023-09-14T00:56:18Z INFO  rs_matter::tlv::parser] {
[2023-09-14T00:56:18Z INFO  rs_matter::tlv::parser]     1: len[637][e7, 69, 8b, 3e, e9, c5, e5, ee, 70, a2, 4f, aa, 7e, e2, e1, ed,
 51, 2a, 43, 25, fc, 6e, 41, ee, d4, ab, d4, e9, 75, 96, 64, d7, 77, 23, 83, 28, 48, f9, a2, 20, b, 4e, 8d, e6, 79, bc, 3d, 56, 2f, 74, 
be, 3a, 43, 84, fa, ce, 2, 3b, 11, 98, 8f, 3, 93, b1, fc, 50, 50, 96, 6b, 66, 64, 28, c8, be, 15, 6a, 58, 41, 36, 8e, 2b, bd, 34, 56, 45, 
8d, 18, 8c, a8, 3e, 9d, 4f, a, 83, dd, af, b0, ef, c9, d6, a8, a9, 39, 16, fa, f2, d7, 40, d2, 98, ff, 54, db, f9, de, bb, b2, c3, 1b, 83, 
da, 61, b5, b0, c8, 6c, a7, 37, e5, 78, b3, 59, 55, 63, 95, 69, 63, d7, cd, 40, 1f, ad, 2d, d0, 83, 29, 68, 26, 3a, 69, f5, 48, 5d, 12,
 a7, 5e, 27, b2, c8, b9, 75, 12, 9c, ae, 19, 9f, b8, c8, a, 7d, 70, 30, 73, 87, b4, 51, f7, b4, 68, ed, b8, 25, 4a, 6b, 86, b5, 91, f5, 
5c, d5, c0, 1e, 2c, 12, c2, 35, c, c6, 9e, b3, 45, 75, 93, bc, ab, 62, 67, aa, cd, b, fd, b7, d8, ed, 89, 6e, 7e, 14, 6d, 18, f4, 59, 21, 
6f, f8, 23, 38, 77, f6, af, e3, fd, 97, 28, 15, 36, f6, a9, 79, cd, dc, 43, d3, 50, 74, e5, 18, 4f, c3, 8e, 9, a2, c8, 16, 13, 66, 7f, 33, bc,
b8, 65, 47, f4, ba, 5b, a5, 13, 92, d1, 91, dd, 2f, 15, 1b, b3, 62, 53, fe, 9b, 19, a5, 44, bc, f4, 4a, c8, 7d, c8, 1c, 32, a4, b, 73, 2a, 
1d, a7, a1, a3, 1e, e9, 9, e5, 41, d3, 9b, be, f, d9, b6, 58, 59, 54, 38, 6b, ec, 3f, 87, f3, 55, c0, 90, 19, 3, 39, 1b, ab, 4, a1, 84, 1f, 
2e, 28, f8, 25, a3, 39, 59, 23, f, d6, c3, 7b, a9, 72, de, 91, d0, 8d, 95, 95, a7, 20, 28, eb, a5, 8d, ad, fc, ae, c5, 93, c1, 1, 55, f4, 
c1, 89, f1, 13, 8b, 18, 2e, b5, 9e, 9a, fd, 92, ad, 31, 2, 68, 4e, c0, d4, 29, ce, c7, 40, db, e, da, a2, c8, a, ec, 89, bb, 1b, 7e, a2, b, 
c0, c0, 4c, c7, 57, a7, ed, 38, 9b, 7c, 8f, a9, 67, d2, 89, 50, c9, 48, ca, e9, c0, bb, e6, a6, c0, 4, 7c, 70, 86, a1, fd, 6e, ed, 9a, 5e, 
78, c1, 2f, ee, c0, 9, ba, 21, 5c, 34, 81, 10, bd, 40, 5e, 87, 24, 1a, b7, 21, 9a, 76, 92, 99, 24, 6f, 32, b5, 7, 6a, 88, dc, 9d, f3, b5, 
c0, 81, f6, d9, da, 48, 92, 8, cb, f4, f7, 94, 20, 84, 30, 91, a3, 9b, 6b, 3b, f, 99, f7, 68, ae, cb, 27, aa, 59, de, 3, bd, 7c, cb, ad, 45, 
c0, a7, f7, 78, 1e, be, ec, 4b, cd, 88, 6, 31, a0, c, 84, a6, 81, 6f, 3f, c3, 6b, c, 4, ad, 9d, 7e, 7a, d3, df, 72, ad, e6, a6, 90, 34, b7, 
b0, a1, 28, 8b, 65, bb, 44, 45, b4, cd, 38, 6a, 49, 63, d6, 8b, 92, 48, 72, 33, 51, 2f, 43, d0, e3, e6, e5, f8, 8f, d1, 25, 84, 4b, ff, 4e, 
2a, ee, 5b, 1c, 35, ce, da, 2, 5e, 23, 9b, b9, d5, 6c, 46, 4d, 6d, 2b, 9f, c3, b7, 42, 17, dc, 99, d, d8, 97, 40, c2, d3, 72, 6a, 8f, 74, 
f7, 49, 14, 77, 67, e6, e3, 11, 3a, 5d, 2e, 1f, a7, 21, 94, 3b, 28, 61, b5, 7e, cd, 2a, 24, 9b]
[2023-09-14T00:56:18Z INFO  rs_matter::tlv::parser] }
[2023-09-14T00:56:18Z INFO  rs_matter::tlv::parser] ---------

from rs-matter.

ssnover avatar ssnover commented on June 19, 2024

I wrote a small little program that re-parsed the decrypted sigma3 packet above using the functions in this crate and then also parsed the sample ICAC cert in the Matter spec. The parsed sample ICAC matched what was indicated there so I can't see a way that the parsing is incorrect in that area.

I'm puzzled, but inclined to close this for now until I can determine more information that might indicate it's an issue on the device-side (rs-matter implementation). For now I'll be suspicious of the hub.

from rs-matter.

ssnover avatar ssnover commented on June 19, 2024

Ah, one of my colleagues discovered the source of the issue. If you serialize the TLV as JSON, it reveals that the ordering of the keys is not consecutive:

{
  "1": [
    9,
    // snipped
    211,
    13
  ],
  "2": 1,
  "3": [
    {
      "20": 4391063660776288360
    }
  ],
  "4": 719224012,
  "5": 875388955,
  "6": [
    {
      "19": 17264913082623729068
    }
  ],
  "7": 1,
  "8": 1,
  "9": [
    4,
    // snipped
    210,
    137
  ],
  "10": [
    {
      "1": {
        "1": true,
        "2": 0
      }
    },
    {
      "5": [
        250,
       // snipped
        252,
        46
      ]
    },
    {
      "4": [
        115,
        // snipped
        188,
        230
      ]
    },
    {
      "2": 96
    }
  ],
  "11": [
    186,
   // snipped
    223,
    99
  ]
}

In particular, the SKID is contained in 10/5 which comes before 10/4, so it's dropped during the parsing. For lists, the TLV formatting section of the spec simply says:

The meanings of member elements in a list are denoted by their position within the list in conjunction with any associated tag value they may have.

So it seems that TLV lists should be able to be encoded validly in this way, and it seems the C++ SDK agrees since it is able to parse it without issue.

from rs-matter.

gharveymn avatar gharveymn commented on June 19, 2024

Sorry I didn't get time to do the write-up @ssnover. Agreed on what you said, and further, the spec also says (A.5.1)

The encoded ordering of members in a structure may or may not be important depending on the intent of the sender or the expectations of the receiver. For example, in some situations, senders and receivers may agree on a particular ordering of elements to make encoding and decoding easier.

Where a distinguished ordering of members is required (for example, for the purposes of generating a hash or cryptographic signature of the structure), the members of the structure SHALL be encoded as specified in Canonical Ordering of Tags.

which I think strongly implies that tags should be assumed to be unordered by default.

from rs-matter.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.