Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disallow CASE and PASE establishment attempts over existing secure sessions. #25349

Merged
merged 1 commit into from
Feb 27, 2023
Merged

Disallow CASE and PASE establishment attempts over existing secure sessions. #25349

merged 1 commit into from
Feb 27, 2023

Conversation

bzbarsky-apple
Copy link
Contributor

@bzbarsky-apple bzbarsky-apple commented Feb 27, 2023
edited
Loading

Per spec, CASE and PASE establishment needs to happen via unauthenticated messages. We should ignore Sigma1 or PBKDFParamsRequest received over a CASE or PASE (or group) session.

@bzbarsky-apple
Disallow CASE and PASE establishment attempts over existing secure se…
1533386 
…ssions.

Per spec, CASE and PASE establishment needs to happen via unauthenticated
messages.  We should ignore Sigma1 or PBKDFParamsRequest received over a CASE or
PASE (or group) session.
@bzbarsky-apple bzbarsky-apple force-pushed the disallow-case-over-encrypted branch from 689e525 to 1533386 Compare February 27, 2023 20:07
@bzbarsky-apple bzbarsky-apple changed the title Disallow CASE establishment attempts over existing secure sessions. Disallow CASE and PASE establishment attempts over existing secure sessions. Feb 27, 2023
@github-actions
Copy link

PR #25349: Size comparison from af511d7 to 1533386

Increases (1 build for cc32xx)
platform target config section af511d7 1533386 change % change
cc32xx lock CC3235SF_LAUNCHXL (read only) 642601 643001 400 0.1
.debug_abbrev 930126 930155 29 0.0
.debug_frame 299812 299824 12 0.0
.debug_info 20256131 20261951 5820 0.0
.debug_line 2656120 2657102 982 0.0
.debug_loc 2797440 2799620 2180 0.1
.debug_ranges 281768 282184 416 0.1
.debug_str 3023104 3023185 81 0.0
.rodata 105761 105881 120 0.1
.symtab 256224 256240 16 0.0
.text 534716 534996 280 0.1
Full report (1 build for cc32xx)
platform target config section af511d7 1533386 change % change
cc32xx lock CC3235SF_LAUNCHXL 0 0 0 0.0
(read only) 642601 643001 400 0.1
(read/write) 203688 203688 0 0.0
.ARM.attributes 44 44 0 0.0
.ARM.exidx 8 8 0 0.0
.bss 197088 197088 0 0.0
.comment 194 194 0 0.0
.data 1480 1480 0 0.0
.debug_abbrev 930126 930155 29 0.0
.debug_aranges 87280 87280 0 0.0
.debug_frame 299812 299824 12 0.0
.debug_info 20256131 20261951 5820 0.0
.debug_line 2656120 2657102 982 0.0
.debug_loc 2797440 2799620 2180 0.1
.debug_ranges 281768 282184 416 0.1
.debug_str 3023104 3023185 81 0.0
.ramVecs 780 780 0 0.0
.resetVecs 64 64 0 0.0
.rodata 105761 105881 120 0.1
.shstrtab 232 232 0 0.0
.stab 204 204 0 0.0
.stabstr 441 441 0 0.0
.stack 2048 2048 0 0.0
.strtab 377825 377825 0 0.0
.symtab 256224 256240 16 0.0
.text 534716 534996 280 0.1

@andy31415 andy31415 merged commit 11c2f5b into project-chip:master Feb 27, 2023
@bzbarsky-apple bzbarsky-apple deleted the disallow-case-over-encrypted branch February 28, 2023 01:43
lecndav pushed a commit to lecndav/connectedhomeip that referenced this pull request Mar 22, 2023
@bzbarsky-apple
Disallow CASE and PASE establishment attempts over existing secure se…
4392707 
…ssions. (project-chip#25349)

Per spec, CASE and PASE establishment needs to happen via unauthenticated
messages.  We should ignore Sigma1 or PBKDFParamsRequest received over a CASE or
PASE (or group) session.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tcarmelveilleux tcarmelveilleux tcarmelveilleux approved these changes

@msandstedt msandstedt msandstedt approved these changes

@amitnj amitnj Awaiting requested review from amitnj

@andy31415 andy31415 Awaiting requested review from andy31415

@anush-apple anush-apple Awaiting requested review from anush-apple

@arkq arkq Awaiting requested review from arkq

@Byungjoo-Lee Byungjoo-Lee Awaiting requested review from Byungjoo-Lee

@carol-apple carol-apple Awaiting requested review from carol-apple

@chrisdecenzo chrisdecenzo Awaiting requested review from chrisdecenzo

@chshu chshu Awaiting requested review from chshu

@chulspro chulspro Awaiting requested review from chulspro

@CodeChronos928 CodeChronos928 Awaiting requested review from CodeChronos928

@Damian-Nordic Damian-Nordic Awaiting requested review from Damian-Nordic

@dhrishi dhrishi Awaiting requested review from dhrishi

@electrocucaracha electrocucaracha Awaiting requested review from electrocucaracha

@emargolis emargolis Awaiting requested review from emargolis

@franck-apple franck-apple Awaiting requested review from franck-apple

@gjc13 gjc13 Awaiting requested review from gjc13

@harimau-qirex harimau-qirex Awaiting requested review from harimau-qirex

@harsha-rajendran harsha-rajendran Awaiting requested review from harsha-rajendran

@hawk248 hawk248 Awaiting requested review from hawk248

@jelderton jelderton Awaiting requested review from jelderton

@jepenven-silabs jepenven-silabs Awaiting requested review from jepenven-silabs

@jmartinez-silabs jmartinez-silabs Awaiting requested review from jmartinez-silabs

@jmeg-sfy jmeg-sfy Awaiting requested review from jmeg-sfy

@jtung-apple jtung-apple Awaiting requested review from jtung-apple

@kcoppock kcoppock Awaiting requested review from kcoppock

@kkasperczyk-no kkasperczyk-no Awaiting requested review from kkasperczyk-no

@ksperling-apple ksperling-apple Awaiting requested review from ksperling-apple

@lazarkov lazarkov Awaiting requested review from lazarkov

@lpbeliveau-silabs lpbeliveau-silabs Awaiting requested review from lpbeliveau-silabs

@LuDuda LuDuda Awaiting requested review from LuDuda

@mspang mspang Awaiting requested review from mspang

@nivi-apple nivi-apple Awaiting requested review from nivi-apple

@pjzander-signify pjzander-signify Awaiting requested review from pjzander-signify

@robszewczyk robszewczyk Awaiting requested review from robszewczyk

@saurabhst saurabhst Awaiting requested review from saurabhst

@selissia selissia Awaiting requested review from selissia

@tecimovic tecimovic Awaiting requested review from tecimovic

@turon turon Awaiting requested review from turon

@vijs vijs Awaiting requested review from vijs

@vivien-apple vivien-apple Awaiting requested review from vivien-apple

@woody-apple woody-apple Awaiting requested review from woody-apple

@xylophone21 xylophone21 Awaiting requested review from xylophone21

@yunhanw-google yunhanw-google Awaiting requested review from yunhanw-google

Assignees
No one assigned
Labels
review - approved transport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bzbarsky-apple @tcarmelveilleux @msandstedt @andy31415