search

Bouke / HAP

Swift implementation of the Homekit Accessory Protocol
https://boukehaarsma.nl/HAP/
MIT License
364 stars 50 forks source link

New HomeKit architecture compatibility in iOS 16.2 #153

Closed gbrooker closed 1 year ago

gbrooker commented 1 year ago

For compatibility with the new HomeKit architecture introduced in iOS 16.2, Pair Verify step M4 "Finish Response" must correctly adhere to the spec and return an authentication error for certain issues. The new architecture on a HomeHub (HomePod or AppleTV) uses this error to determine which version of keys the accessory uses.

The current response is to return an HTTP error 400, however this cause HomeKit under iOS 16.2 to mark the accessory as unaccessible.

Bouke commented 1 year ago

The current response is to return an HTTP error 400, however this cause HomeKit under iOS 16.2 to mark the accessory as unaccessible.

"Pair Verify" is performed to establish a connection. If there's an authentication error, what would happen with this change merged? And how's that different from iOS prior 16.2?

gbrooker commented 1 year ago

The current response is to return an HTTP error 400, however this cause HomeKit under iOS 16.2 to mark the accessory as unaccessible.

"Pair Verify" is performed to establish a connection. If there's an authentication error, what would happen with this change merged? And how's that different from iOS prior 16.2?

The change does not impact earlier versions of iOS/tvOS/homepodOS. Either the current behavior of reporting an HTTP error, or the revised behavior of reporting an authentication error (in line with spec) resulted in a failed connection and Home reported that the device was unresponsive.

Under iOS16.2, the Home app proposes to users to upgrade to a home to a new HomeKit architecture including Matter devices with the following message:

Upgrade All Homes
Complete the steps to upgrade your homes and take advantage of improved 
performance and reliability of the accessories in your homes.

Under the new HomeKit implementation, there are now two sets of pairing keys, the ones used for the legacy HomeKit architecture (HH1) and the new architecture (HH2). When the user migrates, iOS rolls the keys to new HH2 keys and attempt to tear down pairings using the old HH1 keys but it will still fall back to them if an accessory is not responding for whatever reason.

A HomeHub will attempt to verify using the one set of keys, and if that fails (as the keys have been rolled over), it will retry using the other keys. This is not working under iOS 16.2 (and related tvOS/HomePod s/w) because it expects HAP to reply with a TLV8 error code on the first attempt so the Home Hub knows to try the other key instead. Under the current implementation, HAP doesn't send any payload in response to the pair-very so the HomeHub never falls back to the other keys. Without the change, HAP devices are marked as unresponsive under Home after Upgrading. With the implementation returning a TLV8 error message when HAP rejects pair-verify, the issue is resolved.

Bouke commented 1 year ago

Thank you for the in-depth reply. Looks like a good change to incorporate. 👍