This commit implements rate limitation for the TCAT commands Present
PSKd Hash TLV (0x10), Present PSKc Hash TLV (0x11) and Present
Install-code Hash TLV (0x12) to prevent password guessing attacks.
It also removes the TCAT command Request PSKd Hash TLV (0x14), to
prevent offline password guessing attacks with a single Hash value
retrieved from the device.
Note: The commit does not remove the Request PSKd Hash TLV
implementation in the Python commissioner such that the non-existence
of the command TLV can still be tested.
Now signed by the correct 'Thread Certification DeviceCA'. A 'test'
target is added in the Makefile to test chaining. The Thread
certification CA certificate is also added in the 'CA' directory,
which was missing. Documentation is updated to clarify that the
'TcatCertCa' private key is not included in this repo; and other
clarifications.
Updates the TCAT class public methods for doing Commissioner
authorization checks and clarifies the code, with minor updates to
PSKc cases handling.
Unit tests are added for checking Commissioner authorization. To do
these checks, a new test class UnitTester is added which has access to
private members of the TcatAgent class. Validation/mock functions are
added in the test code to keep the unit tests readable.
Also reverts the CommCert4 fix that was made in #12151.
For more background information see JIRA BHC-766.
This enables the TCAT Commissioner to receive data such as TLS Alerts,
or asynchronously sent 'event' TLVs, over TLS. Processing TLS Alert
is required to detect the sending of Alert by the TCAT Device, which
is a requirement to be verified in cert tests. An async background
process is started to receive and log the received events.
Also some minor improvements in connection state management: when
certain commands are given after the TCAT link is disconnected, or
when a TCAT link could not be established, a message will be printed
to clearly say it's disconnected, instead of a cryptic error. Error
messages are now clearly prefixed with 'Error:'.
The CA certificate store for CommCert3 is extended with an additional
CA certificate, so that it can be verified in cert tests that a TCAT
Device rejects a wrong Commissioner with a TLS Alert (previously this
couldn't be tested).
Also includes a fix of the pyproject.toml such that Poetry does not
display the long warning on installation.
Also includes an improvement of TLV displaying to the user with a
STRING field, if the value is a string.
Also includes some syntax fixes that were flagged by the IDE, such as
missing return types for methods, or member variables that were not
initialized in the __init__().
This fixes the issue that some required Python modules were missing in
pyproject.toml. To avoid Python version conflicts with the
cryptography module, the minimum Python version is raised to
3.10. Also, the name, version and description of the project are
updated. Module versions are updated to recent (2025) versions.
For Windows, a platform-specific import of pyreadline3 is added. Due
to this conditional dependency, the poetry.lock file is removed from
the repository: it is now necessarily specific to each platform and
has to be locally generated.
This commit provides more structured logging for ssl.py errors, and
displays the OpenSSL verify error code. This is used for certification
to validate reasons of handshake failure.
This improves debuggability of TCAT client and server, by using one
unified format (hex + ASCII) to show transmitted and received TCAT
data within the TLS session, as well as showing size of the encrypted
(TLS) data. For encrypted data, only size is now shown to avoid
clutter. Showing the hex + ASCII dump allows devs/testers to visually
read TCAT TLVs from screen and identify how all TCAT commands are
processed by the Thread device.
Commit adds check if commissioning is possible and if the tcat device is already commissioned.
Adds advertisement update on disconnected and role change.
Fixes key handling for key references.
Fixes the authorization processing.
Implements recent changes of the application TLVs.
Commit adds implementation of:
- 0x40 Tcat tlv extraction of active dataset,
- 0x25 Tcat tlv extraction of commissioner certificate.
Includes also refactoring of `BleCommand` adds new method `process_response`.
This simplifies:
- `GetPskdHash`
- `GetRandomNumberChallenge`
This commit adds 'tlv' command tree to the BBTC CLI.
The 'tlv' command has two subcommands: 'list' and 'send'.
The 'tlv list' prints available TLVs types that can be used in the 'send' subcommand.
The 'tlv send <TLV_TYPE> <TLV_PAYLOAD>' allows sending specific TLV with arbitrary payloads.
Example:
`tlv send a 1234`
Send ping TLV(0x0a) with payload '1234'
The 'tlv' command tree is to gain the ability to send the TLV with any payload at any time.
This feature allows to check the behavior of TCAT device against:
- receiving of unexpected TLV
- receiving of TLV with corrupted payload
- receiving of TLVs sent in custom order
This commit extends the 'dataset hex' command in the bbtc.py script by
allowing dataset TLVs to be set using a hex-encoded format.
Till now the 'dataset hex' command was only printing the
'ThreadDataset' object values in hex-encoded format, there was no
functionality to set the TLVs using hex-encoded format.
The 'dataset hex' command has been modified so the user can pass
dataset TLVs in hex-encoded format as an argument to this
command. This enables the script to set desired dataset TLVs in one
command, instead of calling dataset commands individually.
Example usage: 'dataset hex <hex-encoded TLVs>'
Added 'clear' command to the 'dataset' command tree. This allows to
remove all entries in the 'ThreadDataset' object used by the script to
store the dataset values.
The reason behind this feature is that in the current implementation
of the script, the 'ThreadDataset' object entries are always
initialized by 'initial_dataset' when running the script.
No command allows to clear/remove the particular entry, which makes
this script unable to send an active dataset to the target device
without specific dataset values(custom dataset).
To make this possible, the 'clear' command has been added to the
'dataset' command tree, which removes all entries from the
'ThreadDataset' object and, by using existing commands, sets the
desired entries in the 'ThreadDataset' object from scratch.
This enables the script to send custom active dataset values to the
target device.
Added '-a', '--adapter' arguments to the bbtc.py arguments
parser. This allows the selection of the HCI adapter for the scanning
procedure.
According to 'Bleak' documentation of the 'BleakClient'
class(https://bleak.readthedocs.io/en/latest/api/client.html#bleakclient-class),
it's better to use the 'BLEDevice' object in 'BleakClient' during the
object instantiation, therefore it has been changed for the scanning
Commit introduces implementation of missing general class commands:
- PresentPskdHash
- PresentPskcHash
- PresentInstallCodeHash
- RequestRandomNumChallenge
- RequestPskdHash
Also include minor fixes in Tcat python client and refactoring of expect
tests for tcat.
- Fixes to connection state management and handling of Disconnect
command TLV
- specifically, this now ensures that TCAT remains on (started)
after a commissioner disconnects. Earlier, there was the problem
that the 2nd commissioner couldn't connect anymore.
- specifically, in ble_secure.cpp the check for if
(mTcatAgent.IsEnabled()) is removed, since the err =
mTcatAgent.Connected(mTls) will already check this and raise an
error if not enabled. If not enabled, the Device is in a wrong
state to handle TCAT Commissioner commands so now it closes the
connection right away. That's better than to leave the
Commissioner in limbo on the TLS connection. The Commissioner can
now retry again and all will be well again.
- timeout of at most 10 seconds on UDP write operation in simulation
mode (if longer, the TCAT device isn't reachable and the
Commissioner now shows the error to the user.) Earlier, it got stuck
forever.
- Corrects some copy/paste errors in API definitions in comments; adds
comments where needed to explain.
- adds whitespace at some places to align format with rest of code
- improved some of the --debug output for the UDP simulation mode of
the TCAT Commissioner.
arnulfrupp