1 /*
2 * Copyright (c) 2017, The OpenThread Authors.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. Neither the name of the copyright holder nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 /**
30 * @file
31 * This file implements common MeshCoP utility functions.
32 */
33
34 #include "meshcop.hpp"
35
36 #include "common/crc16.hpp"
37 #include "common/debug.hpp"
38 #include "common/locator_getters.hpp"
39 #include "common/string.hpp"
40 #include "crypto/pbkdf2_cmac.hpp"
41 #include "crypto/sha256.hpp"
42 #include "mac/mac_types.hpp"
43 #include "thread/thread_netif.hpp"
44
45 namespace ot {
46
47 RegisterLogModule("MeshCoP");
48
49 namespace MeshCoP {
50
SetFrom(const char * aPskdString)51 Error JoinerPskd::SetFrom(const char *aPskdString)
52 {
53 Error error = kErrorNone;
54
55 VerifyOrExit(IsPskdValid(aPskdString), error = kErrorInvalidArgs);
56
57 Clear();
58 memcpy(m8, aPskdString, StringLength(aPskdString, sizeof(m8)));
59
60 exit:
61 return error;
62 }
63
operator ==(const JoinerPskd & aOther) const64 bool JoinerPskd::operator==(const JoinerPskd &aOther) const
65 {
66 bool isEqual = true;
67
68 for (uint8_t i = 0; i < sizeof(m8); i++)
69 {
70 if (m8[i] != aOther.m8[i])
71 {
72 isEqual = false;
73 ExitNow();
74 }
75
76 if (m8[i] == '\0')
77 {
78 break;
79 }
80 }
81
82 exit:
83 return isEqual;
84 }
85
IsPskdValid(const char * aPskdString)86 bool JoinerPskd::IsPskdValid(const char *aPskdString)
87 {
88 bool valid = false;
89 uint16_t pskdLength = StringLength(aPskdString, kMaxLength + 1);
90
91 VerifyOrExit(pskdLength >= kMinLength && pskdLength <= kMaxLength);
92
93 for (uint16_t i = 0; i < pskdLength; i++)
94 {
95 char c = aPskdString[i];
96
97 VerifyOrExit(isdigit(c) || isupper(c));
98 VerifyOrExit(c != 'I' && c != 'O' && c != 'Q' && c != 'Z');
99 }
100
101 valid = true;
102
103 exit:
104 return valid;
105 }
106
GenerateJoinerId(Mac::ExtAddress & aJoinerId) const107 void JoinerDiscerner::GenerateJoinerId(Mac::ExtAddress &aJoinerId) const
108 {
109 aJoinerId.GenerateRandom();
110 CopyTo(aJoinerId);
111 aJoinerId.SetLocal(true);
112 }
113
Matches(const Mac::ExtAddress & aJoinerId) const114 bool JoinerDiscerner::Matches(const Mac::ExtAddress &aJoinerId) const
115 {
116 uint64_t mask;
117
118 OT_ASSERT(IsValid());
119
120 mask = GetMask();
121
122 return (Encoding::BigEndian::ReadUint64(aJoinerId.m8) & mask) == (mValue & mask);
123 }
124
CopyTo(Mac::ExtAddress & aExtAddress) const125 void JoinerDiscerner::CopyTo(Mac::ExtAddress &aExtAddress) const
126 {
127 // Copies the discerner value up to its bit length to `aExtAddress`
128 // array, assuming big-endian encoding (i.e., the discerner lowest bits
129 // are copied at end of `aExtAddress.m8[]` array). Any initial/remaining
130 // bits of `aExtAddress` array remain unchanged.
131
132 uint8_t *cur = &aExtAddress.m8[sizeof(Mac::ExtAddress) - 1];
133 uint8_t remaining = mLength;
134 uint64_t value = mValue;
135
136 OT_ASSERT(IsValid());
137
138 // Write full bytes
139 while (remaining >= CHAR_BIT)
140 {
141 *cur = static_cast<uint8_t>(value & 0xff);
142 value >>= CHAR_BIT;
143 cur--;
144 remaining -= CHAR_BIT;
145 }
146
147 // Write any remaining bits (not a full byte)
148 if (remaining != 0)
149 {
150 uint8_t mask = static_cast<uint8_t>((1U << remaining) - 1);
151
152 // `mask` has it lower (lsb) `remaining` bits as `1` and rest as `0`.
153 // Example with `remaining = 3` -> (1 << 3) - 1 = 0b1000 - 1 = 0b0111.
154
155 *cur &= ~mask;
156 *cur |= static_cast<uint8_t>(value & mask);
157 }
158 }
159
operator ==(const JoinerDiscerner & aOther) const160 bool JoinerDiscerner::operator==(const JoinerDiscerner &aOther) const
161 {
162 uint64_t mask = GetMask();
163
164 return IsValid() && (mLength == aOther.mLength) && ((mValue & mask) == (aOther.mValue & mask));
165 }
166
ToString(void) const167 JoinerDiscerner::InfoString JoinerDiscerner::ToString(void) const
168 {
169 InfoString string;
170
171 if (mLength <= sizeof(uint16_t) * CHAR_BIT)
172 {
173 string.Append("0x%04x", static_cast<uint16_t>(mValue));
174 }
175 else if (mLength <= sizeof(uint32_t) * CHAR_BIT)
176 {
177 string.Append("0x%08x", static_cast<uint32_t>(mValue));
178 }
179 else
180 {
181 string.Append("0x%x-%08x", static_cast<uint32_t>(mValue >> 32), static_cast<uint32_t>(mValue));
182 }
183
184 string.Append("/len:%d", mLength);
185
186 return string;
187 }
188
Init(uint8_t aLength)189 void SteeringData::Init(uint8_t aLength)
190 {
191 OT_ASSERT(aLength <= kMaxLength);
192 mLength = aLength;
193 memset(m8, 0, sizeof(m8));
194 }
195
SetToPermitAllJoiners(void)196 void SteeringData::SetToPermitAllJoiners(void)
197 {
198 Init(1);
199 m8[0] = kPermitAll;
200 }
201
UpdateBloomFilter(const Mac::ExtAddress & aJoinerId)202 void SteeringData::UpdateBloomFilter(const Mac::ExtAddress &aJoinerId)
203 {
204 HashBitIndexes indexes;
205
206 CalculateHashBitIndexes(aJoinerId, indexes);
207 UpdateBloomFilter(indexes);
208 }
209
UpdateBloomFilter(const JoinerDiscerner & aDiscerner)210 void SteeringData::UpdateBloomFilter(const JoinerDiscerner &aDiscerner)
211 {
212 HashBitIndexes indexes;
213
214 CalculateHashBitIndexes(aDiscerner, indexes);
215 UpdateBloomFilter(indexes);
216 }
217
UpdateBloomFilter(const HashBitIndexes & aIndexes)218 void SteeringData::UpdateBloomFilter(const HashBitIndexes &aIndexes)
219 {
220 OT_ASSERT((mLength > 0) && (mLength <= kMaxLength));
221
222 SetBit(aIndexes.mIndex[0] % GetNumBits());
223 SetBit(aIndexes.mIndex[1] % GetNumBits());
224 }
225
Contains(const Mac::ExtAddress & aJoinerId) const226 bool SteeringData::Contains(const Mac::ExtAddress &aJoinerId) const
227 {
228 HashBitIndexes indexes;
229
230 CalculateHashBitIndexes(aJoinerId, indexes);
231
232 return Contains(indexes);
233 }
234
Contains(const JoinerDiscerner & aDiscerner) const235 bool SteeringData::Contains(const JoinerDiscerner &aDiscerner) const
236 {
237 HashBitIndexes indexes;
238
239 CalculateHashBitIndexes(aDiscerner, indexes);
240
241 return Contains(indexes);
242 }
243
Contains(const HashBitIndexes & aIndexes) const244 bool SteeringData::Contains(const HashBitIndexes &aIndexes) const
245 {
246 return (mLength > 0) && GetBit(aIndexes.mIndex[0] % GetNumBits()) && GetBit(aIndexes.mIndex[1] % GetNumBits());
247 }
248
CalculateHashBitIndexes(const Mac::ExtAddress & aJoinerId,HashBitIndexes & aIndexes)249 void SteeringData::CalculateHashBitIndexes(const Mac::ExtAddress &aJoinerId, HashBitIndexes &aIndexes)
250 {
251 Crc16 ccitt(Crc16::kCcitt);
252 Crc16 ansi(Crc16::kAnsi);
253
254 for (uint8_t b : aJoinerId.m8)
255 {
256 ccitt.Update(b);
257 ansi.Update(b);
258 }
259
260 aIndexes.mIndex[0] = ccitt.Get();
261 aIndexes.mIndex[1] = ansi.Get();
262 }
263
CalculateHashBitIndexes(const JoinerDiscerner & aDiscerner,HashBitIndexes & aIndexes)264 void SteeringData::CalculateHashBitIndexes(const JoinerDiscerner &aDiscerner, HashBitIndexes &aIndexes)
265 {
266 Mac::ExtAddress address;
267
268 address.Clear();
269 aDiscerner.CopyTo(address);
270
271 CalculateHashBitIndexes(address, aIndexes);
272 }
273
DoesAllMatch(uint8_t aMatch) const274 bool SteeringData::DoesAllMatch(uint8_t aMatch) const
275 {
276 bool matches = true;
277
278 for (uint8_t i = 0; i < mLength; i++)
279 {
280 if (m8[i] != aMatch)
281 {
282 matches = false;
283 break;
284 }
285 }
286
287 return matches;
288 }
289
ComputeJoinerId(const Mac::ExtAddress & aEui64,Mac::ExtAddress & aJoinerId)290 void ComputeJoinerId(const Mac::ExtAddress &aEui64, Mac::ExtAddress &aJoinerId)
291 {
292 Crypto::Sha256 sha256;
293 Crypto::Sha256::Hash hash;
294
295 sha256.Start();
296 sha256.Update(aEui64);
297 sha256.Finish(hash);
298
299 memcpy(&aJoinerId, hash.GetBytes(), sizeof(aJoinerId));
300 aJoinerId.SetLocal(true);
301 }
302
GetBorderAgentRloc(ThreadNetif & aNetif,uint16_t & aRloc)303 Error GetBorderAgentRloc(ThreadNetif &aNetif, uint16_t &aRloc)
304 {
305 Error error = kErrorNone;
306 const BorderAgentLocatorTlv *borderAgentLocator;
307
308 borderAgentLocator = As<BorderAgentLocatorTlv>(
309 aNetif.Get<NetworkData::Leader>().GetCommissioningDataSubTlv(Tlv::kBorderAgentLocator));
310 VerifyOrExit(borderAgentLocator != nullptr, error = kErrorNotFound);
311
312 aRloc = borderAgentLocator->GetBorderAgentLocator();
313
314 exit:
315 return error;
316 }
317
318 #if OPENTHREAD_FTD
GeneratePskc(const char * aPassPhrase,const NetworkName & aNetworkName,const ExtendedPanId & aExtPanId,Pskc & aPskc)319 Error GeneratePskc(const char * aPassPhrase,
320 const NetworkName & aNetworkName,
321 const ExtendedPanId &aExtPanId,
322 Pskc & aPskc)
323 {
324 Error error = kErrorNone;
325 const char saltPrefix[] = "Thread";
326 uint8_t salt[Crypto::Pbkdf2::kMaxSaltLength];
327 uint16_t saltLen = 0;
328 uint16_t passphraseLen;
329 uint8_t networkNameLen;
330
331 VerifyOrExit(IsValidUtf8String(aPassPhrase), error = kErrorInvalidArgs);
332
333 passphraseLen = static_cast<uint16_t>(StringLength(aPassPhrase, OT_COMMISSIONING_PASSPHRASE_MAX_SIZE + 1));
334 networkNameLen = static_cast<uint8_t>(StringLength(aNetworkName.GetAsCString(), OT_NETWORK_NAME_MAX_SIZE + 1));
335
336 VerifyOrExit((passphraseLen >= OT_COMMISSIONING_PASSPHRASE_MIN_SIZE) &&
337 (passphraseLen <= OT_COMMISSIONING_PASSPHRASE_MAX_SIZE) &&
338 (networkNameLen <= OT_NETWORK_NAME_MAX_SIZE),
339 error = kErrorInvalidArgs);
340
341 memset(salt, 0, sizeof(salt));
342 memcpy(salt, saltPrefix, sizeof(saltPrefix) - 1);
343 saltLen += static_cast<uint16_t>(sizeof(saltPrefix) - 1);
344
345 memcpy(salt + saltLen, aExtPanId.m8, sizeof(aExtPanId));
346 saltLen += OT_EXT_PAN_ID_SIZE;
347
348 memcpy(salt + saltLen, aNetworkName.GetAsCString(), networkNameLen);
349 saltLen += networkNameLen;
350
351 Crypto::Pbkdf2::GenerateKey(reinterpret_cast<const uint8_t *>(aPassPhrase), passphraseLen, salt, saltLen, 16384,
352 OT_PSKC_MAX_SIZE, aPskc.m8);
353
354 exit:
355 return error;
356 }
357 #endif // OPENTHREAD_FTD
358
359 #if OT_SHOULD_LOG_AT(OT_LOG_LEVEL_WARN)
LogError(const char * aActionText,Error aError)360 void LogError(const char *aActionText, Error aError)
361 {
362 if (aError != kErrorNone && aError != kErrorAlready)
363 {
364 LogWarn("Failed to %s: %s", aActionText, ErrorToString(aError));
365 }
366 }
367 #endif
368
369 } // namespace MeshCoP
370 } // namespace ot
371