Improve secure session logic, teardown exchanges after each action (validated against a certified matter device)

Author: jdomnitz

Generator/ClusterGenerator.cs

@@ -25,11 +25,14 @@ public static void Generate()
             IEnumerable<string> clusterxmls = Directory.EnumerateFiles("..\\..\\..\\Clusters");
             foreach (string clusterxml in clusterxmls)
             {
-                Console.WriteLine("Generating " + clusterxml + "...");
-                Cluster? cluster = deserializer.Deserialize(File.OpenRead(clusterxml)) as Cluster;
-                if (cluster == null)
-                    throw new IOException("Failed to parse cluster " + clusterxml);
-                WriteClass(cluster);
+                if (clusterxml.EndsWith(".xml"))
+                {
+                    Console.WriteLine("Generating " + clusterxml + "...");
+                    Cluster? cluster = deserializer.Deserialize(File.OpenRead(clusterxml)) as Cluster;
+                    if (cluster == null)
+                        throw new IOException("Failed to parse cluster " + clusterxml);
+                    WriteClass(cluster);
+                }
             }
         }
 
@@ -266,7 +269,7 @@ private static void WriteCommands(Cluster cluster, StreamWriter writer)
                         writer.Write("<bool> ");
                     else
                         writer.Write("<" + GeneratorUtil.SanitizeName(response.name) + "?> ");
-                    writer.Write(GeneratorUtil.SanitizeName(cmd.name) + " (Exchange exchange");
+                    writer.Write(GeneratorUtil.SanitizeName(cmd.name) + " (SecureSession session");
                     if (cmd.field != null)
                     {
                         foreach (var field in cmd.field)
@@ -283,14 +286,14 @@ private static void WriteCommands(Cluster cluster, StreamWriter writer)
                         foreach (var field in cmd.field)
                             writer.WriteLine($"                {field.name} = {field.name},");
                         writer.WriteLine("            };");
-                        writer.WriteLine("            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, " + cmd.id + ", requestFields);");
+                        writer.WriteLine("            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, " + cmd.id + ", requestFields);");
                     }
                     else
                     {
                         if (cmd.response != "N")
-                            writer.WriteLine("            await InteractionManager.SendCommand(exchange, endPoint, CLUSTER_ID, " + cmd.id + ");");
+                            writer.WriteLine("            await InteractionManager.SendCommand(session, endPoint, CLUSTER_ID, " + cmd.id + ");");
                         else
-                            writer.WriteLine("            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, " + cmd.id + ");");
+                            writer.WriteLine("            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, " + cmd.id + ");");
                     }
                     if (response == null)
                     {

MatterDotNet/Clusters/ClusterBase.cs

@@ -37,7 +37,7 @@ public ClusterBase(ushort endPoint)
         }
         protected object GetField(InvokeResponseIB resp, int fieldNumber)
         {
-            object?[] fields = (object?[])resp.Command!.CommandFields!;
+            object[] fields = (object[])resp.Command!.CommandFields!;
             if (fieldNumber >= fields.Length)
                 throw new DataException("Field " + fieldNumber + " is missing");
             return fields[fieldNumber]!;

MatterDotNet/Clusters/GeneralCommissioningCluster.cs

@@ -0,0 +1,166 @@
+// MatterDotNet Copyright (C) 2024 
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or any later version.
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY, without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+// See the GNU Affero General Public License for more details.
+// You should have received a copy of the GNU Affero General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+//
+// WARNING: This file was auto-generated. Do not edit.
+
+
+using MatterDotNet.Messages.InteractionModel;
+using MatterDotNet.Protocol;
+using MatterDotNet.Protocol.Parsers;
+using MatterDotNet.Protocol.Payloads;
+using MatterDotNet.Protocol.Sessions;
+
+namespace MatterDotNet.Clusters
+{
+    public class GeneralCommissioningCluster : ClusterBase
+    {
+        private const uint CLUSTER_ID = 0x0030;
+
+        public GeneralCommissioningCluster(ushort endPoint) : base(endPoint) { }
+
+        public enum CommissioningErrorEnum {
+            /// <summary>
+            /// No error
+            /// </summary>
+            OK = 0,
+            /// <summary>
+            /// <see cref="ValueOutsideRange"/> Attempting to set regulatory configuration to a region or indoor/outdoor mode for which the server does not have proper configuration.
+            /// </summary>
+            ValueOutsideRange = 1,
+            /// <summary>
+            /// <see cref="InvalidAuthentication"/> Executed CommissioningComplete outside CASE session.
+            /// </summary>
+            InvalidAuthentication = 2,
+            /// <summary>
+            /// <see cref="NoFailSafe"/> Executed CommissioningComplete when there was no active ArmFailSafe Command.
+            /// </summary>
+            NoFailSafe = 3,
+            /// <summary>
+            /// <see cref="BusyWithOtherAdmin"/> Attempting to arm fail-safe or execute CommissioningComplete from a fabric different than the one associated with the current fail-safe context.
+            /// </summary>
+            BusyWithOtherAdmin = 4,
+        }
+
+        public enum RegulatoryLocationTypeEnum {
+            /// <summary>
+            /// Indoor only
+            /// </summary>
+            Indoor = 0,
+            /// <summary>
+            /// Outdoor only
+            /// </summary>
+            Outdoor = 1,
+            /// <summary>
+            /// Indoor/Outdoor
+            /// </summary>
+            IndoorOutdoor = 2,
+        }
+
+        public record BasicCommissioningInfoStruct : TLVPayload {
+            public required ushort FailSafeExpiryLengthSeconds { get; set; }
+            public required ushort MaxCumulativeFailsafeSeconds { get; set; }
+            public override void Serialize(TLVWriter writer, long structNumber = -1) {
+                writer.StartStructure(structNumber);
+                writer.WriteUShort(0, FailSafeExpiryLengthSeconds);
+                writer.WriteUShort(1, MaxCumulativeFailsafeSeconds);
+                writer.EndContainer();
+            }
+        }
+
+        private record ArmFailSafePayload : TLVPayload {
+            public required ushort ExpiryLengthSeconds { get; set; } = 900;
+            public required ulong Breadcrumb { get; set; }
+            public override void Serialize(TLVWriter writer, long structNumber = -1) {
+                writer.StartStructure(structNumber);
+                writer.WriteUShort(0, ExpiryLengthSeconds);
+                writer.WriteULong(1, Breadcrumb);
+                writer.EndContainer();
+            }
+        }
+
+        public struct ArmFailSafeResponse {
+            public CommissioningErrorEnum ErrorCode { get; set; }
+            public string DebugText { get; set; }
+        }
+
+        private record SetRegulatoryConfigPayload : TLVPayload {
+            public required RegulatoryLocationTypeEnum NewRegulatoryConfig { get; set; }
+            public required string CountryCode { get; set; }
+            public required ulong Breadcrumb { get; set; }
+            public override void Serialize(TLVWriter writer, long structNumber = -1) {
+                writer.StartStructure(structNumber);
+                writer.WriteUShort(0, (ushort)NewRegulatoryConfig);
+                writer.WriteString(1, CountryCode);
+                writer.WriteULong(2, Breadcrumb);
+                writer.EndContainer();
+            }
+        }
+
+        public struct SetRegulatoryConfigResponse {
+            public required CommissioningErrorEnum ErrorCode { get; set; }
+            public required String DebugText { get; set; }
+        }
+
+        public struct CommissioningCompleteResponse {
+            public required CommissioningErrorEnum ErrorCode { get; set; }
+            public required string DebugText { get; set; }
+        }
+
+        // Commands
+        public async Task<ArmFailSafeResponse?> ArmFailSafe (SecureSession session, ushort ExpiryLengthSeconds, ulong Breadcrumb) {
+            ArmFailSafePayload requestFields = new ArmFailSafePayload() {
+                ExpiryLengthSeconds = ExpiryLengthSeconds,
+                Breadcrumb = Breadcrumb,
+            };
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x00, requestFields);
+            if (!validateResponse(resp))
+                return null;
+            return new ArmFailSafeResponse() {
+                
+                ErrorCode = (CommissioningErrorEnum)(byte)GetField(resp, 0),
+                DebugText = (string)GetField(resp, 1),
+            };
+        }
+
+        public async Task<SetRegulatoryConfigResponse?> SetRegulatoryConfig (SecureSession session, RegulatoryLocationTypeEnum NewRegulatoryConfig, string CountryCode, ulong Breadcrumb) {
+            SetRegulatoryConfigPayload requestFields = new SetRegulatoryConfigPayload() {
+                NewRegulatoryConfig = NewRegulatoryConfig,
+                CountryCode = CountryCode,
+                Breadcrumb = Breadcrumb,
+            };
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x02, requestFields);
+            if (!validateResponse(resp))
+                return null;
+            return new SetRegulatoryConfigResponse() {
+                ErrorCode = (CommissioningErrorEnum)GetField(resp, 0),
+                DebugText = (string)GetField(resp, 1),
+            };
+        }
+
+        public async Task<CommissioningCompleteResponse?> CommissioningComplete (SecureSession session) {
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x04);
+            if (!validateResponse(resp))
+                return null;
+            return new CommissioningCompleteResponse() {
+                ErrorCode = (CommissioningErrorEnum)GetField(resp, 0),
+                DebugText = (string)GetField(resp, 1),
+            };
+        }
+
+        // Attributes
+        public ulong Breadcrumb { get; set; } = 0;
+        public BasicCommissioningInfoStruct BasicCommissioningInfo { get; }
+        public RegulatoryLocationTypeEnum RegulatoryConfig { get; } = RegulatoryLocationTypeEnum.IndoorOutdoor;
+        public RegulatoryLocationTypeEnum LocationCapability { get; } = RegulatoryLocationTypeEnum.IndoorOutdoor;
+        public bool SupportsConcurrentConnection { get; } = true;
+    }
+}

MatterDotNet/Clusters/NodeOperationalCredentialsCluster.cs

@@ -225,11 +225,11 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
         }
 
         // Commands
-        public async Task<AttestationResponse?> AttestationRequest (Exchange exchange, byte[] AttestationNonce) {
+        public async Task<AttestationResponse?> AttestationRequest (SecureSession session, byte[] AttestationNonce) {
             AttestationRequestPayload requestFields = new AttestationRequestPayload() {
                 AttestationNonce = AttestationNonce,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x00, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x00, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new AttestationResponse() {
@@ -238,24 +238,24 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
             };
         }
 
-        public async Task<CertificateChainResponse?> CertificateChainRequest (Exchange exchange, CertificateChainTypeEnum CertificateType) {
+        public async Task<CertificateChainResponse?> CertificateChainRequest (SecureSession session, CertificateChainTypeEnum CertificateType) {
             CertificateChainRequestPayload requestFields = new CertificateChainRequestPayload() {
                 CertificateType = CertificateType,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x02, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x02, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new CertificateChainResponse() {
                 Certificate = (byte[])GetField(resp, 0),
             };
         }
 
-        public async Task<CSRResponse?> CSRRequest (Exchange exchange, byte[] CSRNonce, bool IsForUpdateNOC) {
+        public async Task<CSRResponse?> CSRRequest (SecureSession session, byte[] CSRNonce, bool IsForUpdateNOC) {
             CSRRequestPayload requestFields = new CSRRequestPayload() {
                 CSRNonce = CSRNonce,
                 IsForUpdateNOC = IsForUpdateNOC,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x04, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x04, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new CSRResponse() {
@@ -264,15 +264,15 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
             };
         }
 
-        public async Task<NOCResponse?> AddNOC (Exchange exchange, byte[] NOCValue, byte[] ICACValue, byte[] IPKValue, ulong CaseAdminSubject, ushort AdminVendorId) {
+        public async Task<NOCResponse?> AddNOC (SecureSession session, byte[] NOCValue, byte[] ICACValue, byte[] IPKValue, ulong CaseAdminSubject, ushort AdminVendorId) {
             AddNOCPayload requestFields = new AddNOCPayload() {
                 NOCValue = NOCValue,
                 ICACValue = ICACValue,
                 IPKValue = IPKValue,
                 CaseAdminSubject = CaseAdminSubject,
                 AdminVendorId = AdminVendorId,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x06, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x06, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new NOCResponse() {
@@ -282,12 +282,12 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
             };
         }
 
-        public async Task<NOCResponse?> UpdateNOC (Exchange exchange, byte[] NOCValue, byte[] ICACValue) {
+        public async Task<NOCResponse?> UpdateNOC (SecureSession session, byte[] NOCValue, byte[] ICACValue) {
             UpdateNOCPayload requestFields = new UpdateNOCPayload() {
                 NOCValue = NOCValue,
                 ICACValue = ICACValue,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x07, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x07, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new NOCResponse() {
@@ -297,11 +297,11 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
             };
         }
 
-        public async Task<NOCResponse?> UpdateFabricLabel (Exchange exchange, string Label) {
+        public async Task<NOCResponse?> UpdateFabricLabel (SecureSession session, string Label) {
             UpdateFabricLabelPayload requestFields = new UpdateFabricLabelPayload() {
                 Label = Label,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x09, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x09, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new NOCResponse() {
@@ -311,11 +311,11 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
             };
         }
 
-        public async Task<NOCResponse?> RemoveFabric (Exchange exchange, byte FabricIndex) {
+        public async Task<NOCResponse?> RemoveFabric (SecureSession session, byte FabricIndex) {
             RemoveFabricPayload requestFields = new RemoveFabricPayload() {
                 FabricIndex = FabricIndex,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x0A, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x0A, requestFields);
             if (!validateResponse(resp))
                 return null;
             return new NOCResponse() {
@@ -325,11 +325,11 @@ public override void Serialize(TLVWriter writer, long structNumber = -1) {
             };
         }
 
-        public async Task<bool> AddTrustedRootCertificate (Exchange exchange, byte[] RootCACertificate) {
+        public async Task<bool> AddTrustedRootCertificate (SecureSession session, byte[] RootCACertificate) {
             AddTrustedRootCertificatePayload requestFields = new AddTrustedRootCertificatePayload() {
                 RootCACertificate = RootCACertificate,
             };
-            InvokeResponseIB resp = await InteractionManager.ExecCommand(exchange, endPoint, CLUSTER_ID, 0x0B, requestFields);
+            InvokeResponseIB resp = await InteractionManager.ExecCommand(session, endPoint, CLUSTER_ID, 0x0B, requestFields);
             return validateResponse(resp);
         }