From bdded4925564a1cf646e726f5cd15aaddfb6e17b Mon Sep 17 00:00:00 2001 From: Jean-Francois Penven <67962328+jepenven-silabs@users.noreply.github.com> Date: Wed, 6 Dec 2023 15:56:58 -0500 Subject: [PATCH] [nrf fromtree][Crypto] Add HMAC function using KeyHandle (#30751) * Add new API for HMAC with key handle * Rename Aes128BitsKeyHandle to Aes128KeyHandle * Rename Hmac128BitsKeyHandle to Hmac128KeyHandle * Replace virtual destructor with a protected one * key algo creation --------- Co-authored-by: Mathieu Kardous --- src/app/icd/ICDMonitoringTable.h | 2 +- src/credentials/GroupDataProviderImpl.h | 4 +- src/crypto/CHIPCryptoPAL.cpp | 7 +- src/crypto/CHIPCryptoPAL.h | 67 +++++++++++++------ src/crypto/CHIPCryptoPALOpenSSL.cpp | 11 ++- src/crypto/CHIPCryptoPALPSA.cpp | 19 +++++- src/crypto/CHIPCryptoPALmbedTLS.cpp | 11 ++- src/crypto/PSASessionKeystore.cpp | 10 +-- src/crypto/PSASessionKeystore.h | 11 ++- src/crypto/RawKeySessionKeystore.cpp | 8 +-- src/crypto/RawKeySessionKeystore.h | 11 ++- src/crypto/SessionKeystore.h | 12 ++-- src/crypto/tests/CHIPCryptoPALTest.cpp | 44 ++++++++++-- src/crypto/tests/HMAC_SHA256_test_vectors.h | 44 ++++++++---- src/crypto/tests/TestSessionKeystore.cpp | 8 +-- .../common/crypto/CHIPCryptoPALTinyCrypt.cpp | 11 ++- .../nxp/crypto/se05x/CHIPCryptoPALHost.cpp | 4 +- .../se05x/CHIPCryptoPALHsm_se05x_hmac.cpp | 7 ++ .../crypto/CHIPCryptoPALNXPUltrafastP256.cpp | 11 ++- .../nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp | 11 ++- .../silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp | 11 ++- .../silabs/efr32/CHIPCryptoPALPsaEfr32.cpp | 11 ++- .../secure_channel/CheckinMessage.cpp | 4 +- src/protocols/secure_channel/CheckinMessage.h | 6 +- .../secure_channel/tests/TestCheckinMsg.cpp | 10 +-- src/transport/CryptoContext.h | 4 +- 26 files changed, 248 insertions(+), 111 deletions(-) diff --git a/src/app/icd/ICDMonitoringTable.h b/src/app/icd/ICDMonitoringTable.h index 2e072981984f2a..cf5fa28b4f1138 100644 --- a/src/app/icd/ICDMonitoringTable.h +++ b/src/app/icd/ICDMonitoringTable.h @@ -98,7 +98,7 @@ struct ICDMonitoringEntry : public PersistentData chip::FabricIndex fabricIndex = kUndefinedFabricIndex; chip::NodeId checkInNodeID = kUndefinedNodeId; uint64_t monitoredSubject = static_cast(0); - Crypto::Aes128BitsKeyHandle key = Crypto::Aes128BitsKeyHandle(); + Crypto::Aes128KeyHandle key = Crypto::Aes128KeyHandle(); bool keyHandleValid = false; uint16_t index = 0; Crypto::SymmetricKeystore * symmetricKeystore = nullptr; diff --git a/src/credentials/GroupDataProviderImpl.h b/src/credentials/GroupDataProviderImpl.h index 500e63b8fcda45..c06165b59ea6a3 100644 --- a/src/credentials/GroupDataProviderImpl.h +++ b/src/credentials/GroupDataProviderImpl.h @@ -201,8 +201,8 @@ class GroupDataProviderImpl : public GroupDataProvider protected: GroupDataProviderImpl & mProvider; uint16_t mKeyHash = 0; - Crypto::Aes128BitsKeyHandle mEncryptionKey; - Crypto::Aes128BitsKeyHandle mPrivacyKey; + Crypto::Aes128KeyHandle mEncryptionKey; + Crypto::Aes128KeyHandle mPrivacyKey; }; class KeySetIteratorImpl : public KeySetIterator diff --git a/src/crypto/CHIPCryptoPAL.cpp b/src/crypto/CHIPCryptoPAL.cpp index ae0943ce7c120b..1154d25a6b5d2a 100644 --- a/src/crypto/CHIPCryptoPAL.cpp +++ b/src/crypto/CHIPCryptoPAL.cpp @@ -233,11 +233,6 @@ CHIP_ERROR Find16BitUpperCaseHexAfterPrefix(const ByteSpan & buffer, const char } // namespace -Symmetric128BitsKeyHandle::~Symmetric128BitsKeyHandle() -{ - ClearSecretData(mContext.mOpaque); -} - using HKDF_sha_crypto = HKDF_sha; CHIP_ERROR Spake2p::InternalHash(const uint8_t * in, size_t in_len) @@ -784,7 +779,7 @@ CHIP_ERROR EcdsaAsn1SignatureToRaw(size_t fe_length_bytes, const ByteSpan & asn1 return CHIP_NO_ERROR; } -CHIP_ERROR AES_CTR_crypt(const uint8_t * input, size_t input_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, +CHIP_ERROR AES_CTR_crypt(const uint8_t * input, size_t input_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * output) { // Discard tag portion of CCM to apply only CTR mode encryption/decryption. diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h index 5bac2b54377788..924b1f768d7ef0 100644 --- a/src/crypto/CHIPCryptoPAL.h +++ b/src/crypto/CHIPCryptoPAL.h @@ -574,15 +574,11 @@ using Symmetric128BitsKeyByteArray = uint8_t[CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BY * * @note Symmetric128BitsKeyHandle is an abstract class to force child classes for each key handle type. * Symmetric128BitsKeyHandle class implements all the necessary components for handles. - * Child classes only need to implement a constructor, implement a destructor and delete all the copy operators. + * Child classes only need to implement a constructor and delete all the copy operators. */ class Symmetric128BitsKeyHandle { public: - Symmetric128BitsKeyHandle() = default; - // Destructor is implemented in the .cpp. It is pure virtual only to force the class to be abstract. - virtual ~Symmetric128BitsKeyHandle() = 0; - Symmetric128BitsKeyHandle(const Symmetric128BitsKeyHandle &) = delete; Symmetric128BitsKeyHandle(Symmetric128BitsKeyHandle &&) = delete; void operator=(const Symmetric128BitsKeyHandle &) = delete; @@ -606,6 +602,10 @@ class Symmetric128BitsKeyHandle return *SafePointerCast(&mContext); } +protected: + Symmetric128BitsKeyHandle() = default; + ~Symmetric128BitsKeyHandle() { ClearSecretData(mContext.mOpaque); } + private: static constexpr size_t kContextSize = CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BYTES; @@ -618,31 +618,29 @@ class Symmetric128BitsKeyHandle /** * @brief Platform-specific AES key handle */ -class Aes128BitsKeyHandle : public Symmetric128BitsKeyHandle +class Aes128KeyHandle final : public Symmetric128BitsKeyHandle { public: - Aes128BitsKeyHandle() = default; - virtual ~Aes128BitsKeyHandle() {} + Aes128KeyHandle() = default; - Aes128BitsKeyHandle(const Aes128BitsKeyHandle &) = delete; - Aes128BitsKeyHandle(Aes128BitsKeyHandle &&) = delete; - void operator=(const Aes128BitsKeyHandle &) = delete; - void operator=(Aes128BitsKeyHandle &&) = delete; + Aes128KeyHandle(const Aes128KeyHandle &) = delete; + Aes128KeyHandle(Aes128KeyHandle &&) = delete; + void operator=(const Aes128KeyHandle &) = delete; + void operator=(Aes128KeyHandle &&) = delete; }; /** * @brief Platform-specific HMAC key handle */ -class Hmac128BitsKeyHandle : public Symmetric128BitsKeyHandle +class Hmac128KeyHandle final : public Symmetric128BitsKeyHandle { public: - Hmac128BitsKeyHandle() = default; - virtual ~Hmac128BitsKeyHandle() {} + Hmac128KeyHandle() = default; - Hmac128BitsKeyHandle(const Hmac128BitsKeyHandle &) = delete; - Hmac128BitsKeyHandle(Hmac128BitsKeyHandle &&) = delete; - void operator=(const Hmac128BitsKeyHandle &) = delete; - void operator=(Hmac128BitsKeyHandle &&) = delete; + Hmac128KeyHandle(const Hmac128KeyHandle &) = delete; + Hmac128KeyHandle(Hmac128KeyHandle &&) = delete; + void operator=(const Hmac128KeyHandle &) = delete; + void operator=(Hmac128KeyHandle &&) = delete; }; /** @@ -732,7 +730,7 @@ CHIP_ERROR ConvertIntegerRawToDerWithoutTag(const ByteSpan & raw_integer, Mutabl * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise * */ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length); /** @@ -756,7 +754,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise **/ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length, const uint8_t * aad, size_t aad_length, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext); /** @@ -775,7 +773,7 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length, * @param output Buffer to write output into * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise **/ -CHIP_ERROR AES_CTR_crypt(const uint8_t * input, size_t input_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, +CHIP_ERROR AES_CTR_crypt(const uint8_t * input, size_t input_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * output); /** @@ -982,6 +980,31 @@ class HMAC_sha virtual CHIP_ERROR HMAC_SHA256(const uint8_t * key, size_t key_length, const uint8_t * message, size_t message_length, uint8_t * out_buffer, size_t out_length); + + /** + * @brief A function that implements SHA-256 based HMAC per FIPS1981. + * + * This implements the CHIP_Crypto_HMAC() cryptographic primitive + * in the the specification. + * + * The `out_length` must be at least kSHA256_Hash_Length, and only + * kSHA256_Hash_Length bytes are written to out_buffer. + * + * Error values are: + * - CHIP_ERROR_INVALID_ARGUMENT: for any bad arguments or nullptr input on + * any pointer. + * - CHIP_ERROR_INTERNAL: for any unexpected error arising in the underlying + * cryptographic layers. + * + * @param key The HMAC Key handle to use for the HMAC operation + * @param message Message over which to compute the HMAC + * @param message_length Length of the message over which to compute the HMAC + * @param out_buffer Pointer to buffer into which to write the output. + * @param out_length Underlying size of the `out_buffer`. + * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise + **/ + virtual CHIP_ERROR HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, + uint8_t * out_buffer, size_t out_length); }; /** diff --git a/src/crypto/CHIPCryptoPALOpenSSL.cpp b/src/crypto/CHIPCryptoPALOpenSSL.cpp index 51e2f0ddb8eec3..f9751d5cd2f24b 100644 --- a/src/crypto/CHIPCryptoPALOpenSSL.cpp +++ b/src/crypto/CHIPCryptoPALOpenSSL.cpp @@ -147,7 +147,7 @@ static int _compareDaysAndSeconds(const int days, const int seconds) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { #if CHIP_CRYPTO_BORINGSSL @@ -282,7 +282,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length, const uint8_t * aad, size_t aad_length, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { #if CHIP_CRYPTO_BORINGSSL @@ -598,6 +598,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return error; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/crypto/CHIPCryptoPALPSA.cpp b/src/crypto/CHIPCryptoPALPSA.cpp index 04d8d248935d8b..8a72e4ba356eb1 100644 --- a/src/crypto/CHIPCryptoPALPSA.cpp +++ b/src/crypto/CHIPCryptoPALPSA.cpp @@ -69,7 +69,7 @@ bool isValidTag(const uint8_t * tag, size_t tag_length) } // namespace CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { VerifyOrReturnError(isBufferNonEmpty(nonce, nonce_length), CHIP_ERROR_INVALID_ARGUMENT); @@ -123,7 +123,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length, const uint8_t * aad, size_t aad_length, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { VerifyOrReturnError(isBufferNonEmpty(nonce, nonce_length), CHIP_ERROR_INVALID_ARGUMENT); @@ -364,6 +364,21 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return CHIP_NO_ERROR; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + VerifyOrReturnError(isBufferNonEmpty(message, message_length), CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(out_buffer != nullptr && out_length == PSA_HASH_LENGTH(PSA_ALG_SHA_256), CHIP_ERROR_INVALID_ARGUMENT); + + const psa_algorithm_t algorithm = PSA_ALG_HMAC(PSA_ALG_SHA_256); + psa_status_t status = PSA_SUCCESS; + + status = psa_mac_compute(key.As(), algorithm, message, message_length, out_buffer, out_length, &out_length); + VerifyOrReturnError(status == PSA_SUCCESS, CHIP_ERROR_INTERNAL); + + return CHIP_NO_ERROR; +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * pass, size_t pass_length, const uint8_t * salt, size_t salt_length, unsigned int iteration_count, uint32_t key_length, uint8_t * key) { diff --git a/src/crypto/CHIPCryptoPALmbedTLS.cpp b/src/crypto/CHIPCryptoPALmbedTLS.cpp index f325995384fd5d..ede17ac208a97a 100644 --- a/src/crypto/CHIPCryptoPALmbedTLS.cpp +++ b/src/crypto/CHIPCryptoPALmbedTLS.cpp @@ -75,7 +75,7 @@ static bool _isValidTagLength(size_t tag_length) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -113,7 +113,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -325,6 +325,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return CHIP_NO_ERROR; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/crypto/PSASessionKeystore.cpp b/src/crypto/PSASessionKeystore.cpp index 515ef83bf1ffd9..28f8f002e16a1c 100644 --- a/src/crypto/PSASessionKeystore.cpp +++ b/src/crypto/PSASessionKeystore.cpp @@ -53,7 +53,7 @@ class HmacKeyAttributes HmacKeyAttributes() { psa_set_key_type(&mAttrs, PSA_KEY_TYPE_HMAC); - psa_set_key_algorithm(&mAttrs, PSA_ALG_HMAC(PSA_ALG_ANY_HASH)); + psa_set_key_algorithm(&mAttrs, PSA_ALG_HMAC(PSA_ALG_SHA_256)); psa_set_key_usage_flags(&mAttrs, PSA_KEY_USAGE_SIGN_MESSAGE); psa_set_key_bits(&mAttrs, CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BYTES * 8); } @@ -68,7 +68,7 @@ class HmacKeyAttributes } // namespace -CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128BitsKeyHandle & key) +CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) { // Destroy the old key if already allocated psa_destroy_key(key.As()); @@ -81,7 +81,7 @@ CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & ke return CHIP_NO_ERROR; } -CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128BitsKeyHandle & key) +CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key) { // Destroy the old key if already allocated psa_destroy_key(key.As()); @@ -96,7 +96,7 @@ CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & ke } CHIP_ERROR PSASessionKeystore::DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & key) + Aes128KeyHandle & key) { PsaKdf kdf; ReturnErrorOnFailure(kdf.Init(PSA_ALG_HKDF(PSA_ALG_SHA_256), secret.Span(), salt, info)); @@ -107,7 +107,7 @@ CHIP_ERROR PSASessionKeystore::DeriveKey(const P256ECDHDerivedSecret & secret, c } CHIP_ERROR PSASessionKeystore::DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & i2rKey, Aes128BitsKeyHandle & r2iKey, + Aes128KeyHandle & i2rKey, Aes128KeyHandle & r2iKey, AttestationChallenge & attestationChallenge) { PsaKdf kdf; diff --git a/src/crypto/PSASessionKeystore.h b/src/crypto/PSASessionKeystore.h index 92190b2e4a883c..690194fcd4314d 100644 --- a/src/crypto/PSASessionKeystore.h +++ b/src/crypto/PSASessionKeystore.h @@ -25,13 +25,12 @@ namespace Crypto { class PSASessionKeystore : public SessionKeystore { public: - CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128BitsKeyHandle & key) override; - CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128BitsKeyHandle & key) override; + CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) override; + CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key) override; CHIP_ERROR DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & key) override; - CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & i2rKey, Aes128BitsKeyHandle & r2iKey, - AttestationChallenge & attestationChallenge) override; + Aes128KeyHandle & key) override; + CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, Aes128KeyHandle & i2rKey, + Aes128KeyHandle & r2iKey, AttestationChallenge & attestationChallenge) override; void DestroyKey(Symmetric128BitsKeyHandle & key) override; }; diff --git a/src/crypto/RawKeySessionKeystore.cpp b/src/crypto/RawKeySessionKeystore.cpp index 266a6e63c00559..949d30a857ee53 100644 --- a/src/crypto/RawKeySessionKeystore.cpp +++ b/src/crypto/RawKeySessionKeystore.cpp @@ -24,20 +24,20 @@ namespace Crypto { using HKDF_sha_crypto = HKDF_sha; -CHIP_ERROR RawKeySessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128BitsKeyHandle & key) +CHIP_ERROR RawKeySessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) { memcpy(key.AsMutable(), keyMaterial, sizeof(Symmetric128BitsKeyByteArray)); return CHIP_NO_ERROR; } -CHIP_ERROR RawKeySessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128BitsKeyHandle & key) +CHIP_ERROR RawKeySessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key) { memcpy(key.AsMutable(), keyMaterial, sizeof(Symmetric128BitsKeyByteArray)); return CHIP_NO_ERROR; } CHIP_ERROR RawKeySessionKeystore::DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & key) + Aes128KeyHandle & key) { HKDF_sha_crypto hkdf; @@ -46,7 +46,7 @@ CHIP_ERROR RawKeySessionKeystore::DeriveKey(const P256ECDHDerivedSecret & secret } CHIP_ERROR RawKeySessionKeystore::DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & i2rKey, Aes128BitsKeyHandle & r2iKey, + Aes128KeyHandle & i2rKey, Aes128KeyHandle & r2iKey, AttestationChallenge & attestationChallenge) { HKDF_sha_crypto hkdf; diff --git a/src/crypto/RawKeySessionKeystore.h b/src/crypto/RawKeySessionKeystore.h index 4e7930bed4b233..51f6c927500b7c 100644 --- a/src/crypto/RawKeySessionKeystore.h +++ b/src/crypto/RawKeySessionKeystore.h @@ -25,13 +25,12 @@ namespace Crypto { class RawKeySessionKeystore : public SessionKeystore { public: - CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128BitsKeyHandle & key) override; - CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128BitsKeyHandle & key) override; + CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) override; + CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key) override; CHIP_ERROR DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & key) override; - CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & i2rKey, Aes128BitsKeyHandle & r2iKey, - AttestationChallenge & attestationChallenge) override; + Aes128KeyHandle & key) override; + CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, Aes128KeyHandle & i2rKey, + Aes128KeyHandle & r2iKey, AttestationChallenge & attestationChallenge) override; void DestroyKey(Symmetric128BitsKeyHandle & key) override; }; diff --git a/src/crypto/SessionKeystore.h b/src/crypto/SessionKeystore.h index 425db857a39149..dbf0ea3996bfe2 100644 --- a/src/crypto/SessionKeystore.h +++ b/src/crypto/SessionKeystore.h @@ -45,7 +45,7 @@ class SessionKeystore * If the method returns no error, the application is responsible for destroying the handle * using the DestroyKey() method when the key is no longer needed. */ - virtual CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128BitsKeyHandle & key) = 0; + virtual CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) = 0; /** * @brief Import raw key material and return a key handle for a key that can be used to do 128-bit HMAC. @@ -57,7 +57,7 @@ class SessionKeystore * If the method returns no error, the application is responsible for destroying the handle * using the DestroyKey() method when the key is no longer needed. */ - virtual CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128BitsKeyHandle & key) = 0; + virtual CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Hmac128KeyHandle & key) = 0; /** * @brief Derive key from a shared secret. @@ -68,7 +68,7 @@ class SessionKeystore * using DestroyKey() method when the key is no longer needed. */ virtual CHIP_ERROR DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & key) = 0; + Aes128KeyHandle & key) = 0; /** * @brief Derive session keys from a shared secret. @@ -81,7 +81,7 @@ class SessionKeystore * release all handles that it allocated so far. */ virtual CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, - Aes128BitsKeyHandle & i2rKey, Aes128BitsKeyHandle & r2iKey, + Aes128KeyHandle & i2rKey, Aes128KeyHandle & r2iKey, AttestationChallenge & attestationChallenge) = 0; /** @@ -102,11 +102,11 @@ class AutoReleaseSessionKey explicit AutoReleaseSessionKey(SessionKeystore & keystore) : mKeystore(keystore) {} ~AutoReleaseSessionKey() { mKeystore.DestroyKey(mKeyHandle); } - Aes128BitsKeyHandle & KeyHandle() { return mKeyHandle; } + Aes128KeyHandle & KeyHandle() { return mKeyHandle; } private: SessionKeystore & mKeystore; - Aes128BitsKeyHandle mKeyHandle; + Aes128KeyHandle mKeyHandle; }; } // namespace Crypto diff --git a/src/crypto/tests/CHIPCryptoPALTest.cpp b/src/crypto/tests/CHIPCryptoPALTest.cpp index 6c7537e3820e4f..59ce99ad6dac84 100644 --- a/src/crypto/tests/CHIPCryptoPALTest.cpp +++ b/src/crypto/tests/CHIPCryptoPALTest.cpp @@ -193,7 +193,7 @@ struct TestAesKey ~TestAesKey() { keystore.DestroyKey(key); } DefaultSessionKeystore keystore; - Aes128BitsKeyHandle key; + Aes128KeyHandle key; }; struct TestHmacKey @@ -211,7 +211,7 @@ struct TestHmacKey ~TestHmacKey() { keystore.DestroyKey(key); } DefaultSessionKeystore keystore; - Hmac128BitsKeyHandle key; + Hmac128KeyHandle key; }; static void TestAES_CTR_128_Encrypt(nlTestSuite * inSuite, const AesCtrTestEntry * vector) @@ -899,16 +899,16 @@ static void TestHash_SHA256_Stream(nlTestSuite * inSuite, void * inContext) } } -static void TestHMAC_SHA256(nlTestSuite * inSuite, void * inContext) +static void TestHMAC_SHA256_RawKey(nlTestSuite * inSuite, void * inContext) { HeapChecker heapChecker(inSuite); - int numOfTestCases = ArraySize(hmac_sha256_test_vectors); + int numOfTestCases = ArraySize(hmac_sha256_test_vectors_raw_key); int numOfTestsExecuted = 0; TestHMAC_sha mHMAC; for (numOfTestsExecuted = 0; numOfTestsExecuted < numOfTestCases; numOfTestsExecuted++) { - hmac_sha256_vector v = hmac_sha256_test_vectors[numOfTestsExecuted]; + hmac_sha256_vector v = hmac_sha256_test_vectors_raw_key[numOfTestsExecuted]; size_t out_length = v.output_hash_length; chip::Platform::ScopedMemoryBuffer out_buffer; out_buffer.Alloc(out_length); @@ -920,6 +920,37 @@ static void TestHMAC_SHA256(nlTestSuite * inSuite, void * inContext) NL_TEST_ASSERT(inSuite, numOfTestsExecuted == numOfTestCases); } +static void TestHMAC_SHA256_KeyHandle(nlTestSuite * inSuite, void * inContext) +{ + HeapChecker heapChecker(inSuite); + int numOfTestCases = ArraySize(hmac_sha256_test_vectors_key_handle); + int numOfTestsExecuted = 0; + TestHMAC_sha mHMAC; + + for (numOfTestsExecuted = 0; numOfTestsExecuted < numOfTestCases; numOfTestsExecuted++) + { + hmac_sha256_vector v = hmac_sha256_test_vectors_key_handle[numOfTestsExecuted]; + size_t out_length = v.output_hash_length; + chip::Platform::ScopedMemoryBuffer out_buffer; + out_buffer.Alloc(out_length); + NL_TEST_ASSERT(inSuite, out_buffer); + Crypto::DefaultSessionKeystore keystore; + + Symmetric128BitsKeyByteArray keyMaterial; + memcpy(keyMaterial, v.key, v.key_length); + + Hmac128KeyHandle keyHandle; + NL_TEST_ASSERT_SUCCESS(inSuite, keystore.CreateKey(keyMaterial, keyHandle)); + + mHMAC.HMAC_SHA256(keyHandle, v.message, v.message_length, out_buffer.Get(), v.output_hash_length); + bool success = memcmp(v.output_hash, out_buffer.Get(), out_length) == 0; + NL_TEST_ASSERT(inSuite, success); + + keystore.DestroyKey(keyHandle); + } + NL_TEST_ASSERT(inSuite, numOfTestsExecuted == numOfTestCases); +} + static void TestHKDF_SHA256(nlTestSuite * inSuite, void * inContext) { HeapChecker heapChecker(inSuite); @@ -2956,7 +2987,8 @@ static const nlTest sTests[] = { NL_TEST_DEF("Test Hash SHA 256", TestHash_SHA256), NL_TEST_DEF("Test Hash SHA 256 Stream", TestHash_SHA256_Stream), NL_TEST_DEF("Test HKDF SHA 256", TestHKDF_SHA256), - NL_TEST_DEF("Test HMAC SHA 256", TestHMAC_SHA256), + NL_TEST_DEF("Test HMAC SHA 256 - Raw Key", TestHMAC_SHA256_RawKey), + NL_TEST_DEF("Test HMAC SHA 256 - Key Handle", TestHMAC_SHA256_KeyHandle), NL_TEST_DEF("Test DRBG invalid inputs", TestDRBG_InvalidInputs), NL_TEST_DEF("Test DRBG output", TestDRBG_Output), NL_TEST_DEF("Test ECDH derive shared secret", TestECDH_EstablishSecret), diff --git a/src/crypto/tests/HMAC_SHA256_test_vectors.h b/src/crypto/tests/HMAC_SHA256_test_vectors.h index ae6005ccf66cc9..c6aee729a8bfbc 100644 --- a/src/crypto/tests/HMAC_SHA256_test_vectors.h +++ b/src/crypto/tests/HMAC_SHA256_test_vectors.h @@ -36,8 +36,15 @@ typedef struct hmac_sha256_vector const size_t output_hash_length; } hmac_sha256_vector; +// Common Test case messages +const uint8_t kHmacTestCase1Message[] = { + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, + 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, + 0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x46, 0x69, 0x72, 0x73, 0x74, +}; + // Basic test case -const uint8_t kHmacTestCase1Key[] = { +const uint8_t kHmacRawKeyTestCase1Key[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, @@ -47,22 +54,33 @@ const uint8_t kHmacTestCase1Key[] = { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, }; -const uint8_t kHmacTestCase1Message[] = { - 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, - 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, 0x65, 0x20, 0x4b, 0x65, - 0x79, 0x20, 0x2d, 0x20, 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x46, 0x69, 0x72, 0x73, 0x74, -}; - -const uint8_t kHmacTestCase1Expected[] = { +const uint8_t kHmacRawKeyTestCase1Expected[] = { 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26, 0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54, }; -hmac_sha256_vector kHmacSha256TestCase1 = { .key = kHmacTestCase1Key, - .key_length = sizeof(kHmacTestCase1Key), +hmac_sha256_vector kHmacSha256TestCase1 = { .key = kHmacRawKeyTestCase1Key, + .key_length = sizeof(kHmacRawKeyTestCase1Key), .message = kHmacTestCase1Message, .message_length = sizeof(kHmacTestCase1Message), - .output_hash = kHmacTestCase1Expected, - .output_hash_length = sizeof(kHmacTestCase1Expected) }; + .output_hash = kHmacRawKeyTestCase1Expected, + .output_hash_length = sizeof(kHmacRawKeyTestCase1Expected) }; + +hmac_sha256_vector hmac_sha256_test_vectors_raw_key[] = { kHmacSha256TestCase1 }; + +// KeyHandle Test Case - Symmetric 128 Bits key +const uint8_t kHmacKeyHandleTestCase1Key[] = { 0xba, 0xba, 0xba, 0xba, 0xba, 0xba, 0xba, 0xba, + 0xba, 0xba, 0xba, 0xba, 0xba, 0xba, 0xba, 0xba }; + +const uint8_t kHmacKeyHandleTestCase1Expected[] = { 0xc0, 0xcd, 0x77, 0x23, 0xdc, 0xf1, 0x57, 0xa5, 0xfe, 0x53, 0xc5, + 0x6b, 0x2d, 0x86, 0xd4, 0x1c, 0x78, 0x61, 0xb4, 0x20, 0x67, 0xca, + 0x7c, 0xae, 0x44, 0x13, 0x57, 0x4d, 0x25, 0xda, 0x84, 0x1e }; + +hmac_sha256_vector kHmacKeyHandleSha256TestCase1 = { .key = kHmacKeyHandleTestCase1Key, + .key_length = sizeof(kHmacKeyHandleTestCase1Key), + .message = kHmacTestCase1Message, + .message_length = sizeof(kHmacTestCase1Message), + .output_hash = kHmacKeyHandleTestCase1Expected, + .output_hash_length = sizeof(kHmacKeyHandleTestCase1Expected) }; -hmac_sha256_vector hmac_sha256_test_vectors[] = { kHmacSha256TestCase1 }; +hmac_sha256_vector hmac_sha256_test_vectors_key_handle[] = { kHmacKeyHandleSha256TestCase1 }; diff --git a/src/crypto/tests/TestSessionKeystore.cpp b/src/crypto/tests/TestSessionKeystore.cpp index 01a506382302a8..025cd5c9233cbe 100644 --- a/src/crypto/tests/TestSessionKeystore.cpp +++ b/src/crypto/tests/TestSessionKeystore.cpp @@ -113,7 +113,7 @@ void TestBasicImport(nlTestSuite * inSuite, void * inContext) Symmetric128BitsKeyByteArray keyMaterial; memcpy(keyMaterial, test.key, test.key_len); - Aes128BitsKeyHandle keyHandle; + Aes128KeyHandle keyHandle; NL_TEST_ASSERT_SUCCESS(inSuite, keystore.CreateKey(keyMaterial, keyHandle)); Platform::ScopedMemoryBuffer ciphertext; @@ -140,7 +140,7 @@ void TestDeriveKey(nlTestSuite * inSuite, void * inContext) memcpy(secret.Bytes(), test.secret, strlen(test.secret)); secret.SetLength(strlen(test.secret)); - Aes128BitsKeyHandle keyHandle; + Aes128KeyHandle keyHandle; NL_TEST_ASSERT_SUCCESS(inSuite, keystore.DeriveKey(secret, ToSpan(test.salt), ToSpan(test.info), keyHandle)); uint8_t ciphertext[sizeof(test.ciphertext)]; @@ -162,8 +162,8 @@ void TestDeriveSessionKeys(nlTestSuite * inSuite, void * inContext) memcpy(secret.Bytes(), test.secret, strlen(test.secret)); secret.SetLength(strlen(test.secret)); - Aes128BitsKeyHandle i2r; - Aes128BitsKeyHandle r2i; + Aes128KeyHandle i2r; + Aes128KeyHandle r2i; AttestationChallenge challenge; NL_TEST_ASSERT_SUCCESS( inSuite, keystore.DeriveSessionKeys(ToSpan(test.secret), ToSpan(test.salt), ToSpan(test.info), i2r, r2i, challenge)); diff --git a/src/platform/nxp/common/crypto/CHIPCryptoPALTinyCrypt.cpp b/src/platform/nxp/common/crypto/CHIPCryptoPALTinyCrypt.cpp index ae434d990bcc60..fbb462381975f3 100644 --- a/src/platform/nxp/common/crypto/CHIPCryptoPALTinyCrypt.cpp +++ b/src/platform/nxp/common/crypto/CHIPCryptoPALTinyCrypt.cpp @@ -124,7 +124,7 @@ static bool _isValidTagLength(size_t tag_length) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -162,7 +162,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -380,6 +380,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return CHIP_NO_ERROR; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/platform/nxp/crypto/se05x/CHIPCryptoPALHost.cpp b/src/platform/nxp/crypto/se05x/CHIPCryptoPALHost.cpp index f69696229ad493..ffc626c201d373 100644 --- a/src/platform/nxp/crypto/se05x/CHIPCryptoPALHost.cpp +++ b/src/platform/nxp/crypto/se05x/CHIPCryptoPALHost.cpp @@ -109,7 +109,7 @@ static bool _isValidTagLength(size_t tag_length) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -147,7 +147,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; diff --git a/src/platform/nxp/crypto/se05x/CHIPCryptoPALHsm_se05x_hmac.cpp b/src/platform/nxp/crypto/se05x/CHIPCryptoPALHsm_se05x_hmac.cpp index ca1fb0111e4a9a..6590915ebcf98f 100644 --- a/src/platform/nxp/crypto/se05x/CHIPCryptoPALHsm_se05x_hmac.cpp +++ b/src/platform/nxp/crypto/se05x/CHIPCryptoPALHsm_se05x_hmac.cpp @@ -120,5 +120,12 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u #endif } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + } // namespace Crypto } // namespace chip diff --git a/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp b/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp index cc8fd2f389f88f..f5237ee5211a4b 100644 --- a/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp +++ b/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp @@ -115,7 +115,7 @@ static bool _isValidTagLength(size_t tag_length) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -153,7 +153,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -371,6 +371,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return CHIP_NO_ERROR; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp b/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp index af478c34f1c598..fd998f36522eca 100644 --- a/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp +++ b/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp @@ -122,7 +122,7 @@ static bool _isValidKeyLength(size_t length) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -160,7 +160,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -372,6 +372,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return CHIP_NO_ERROR; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/platform/silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp b/src/platform/silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp index 324978f9e1dcd8..2b8664d2f44efd 100644 --- a/src/platform/silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp +++ b/src/platform/silabs/SiWx917/CHIPCryptoPALTinyCrypt.cpp @@ -114,7 +114,7 @@ static bool _isValidTagLength(size_t tag_length) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -152,7 +152,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -364,6 +364,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return CHIP_NO_ERROR; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/platform/silabs/efr32/CHIPCryptoPALPsaEfr32.cpp b/src/platform/silabs/efr32/CHIPCryptoPALPsaEfr32.cpp index 2ee09be0cc132d..d541fc17da517a 100644 --- a/src/platform/silabs/efr32/CHIPCryptoPALPsaEfr32.cpp +++ b/src/platform/silabs/efr32/CHIPCryptoPALPsaEfr32.cpp @@ -158,7 +158,7 @@ static int timeCompare(mbedtls_x509_time * t1, mbedtls_x509_time * t2) } CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, const uint8_t * aad, size_t aad_length, - const Aes128BitsKeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, + const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * ciphertext, uint8_t * tag, size_t tag_length) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -215,7 +215,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c } CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, const uint8_t * aad, size_t aad_len, - const uint8_t * tag, size_t tag_length, const Aes128BitsKeyHandle & key, const uint8_t * nonce, + const uint8_t * tag, size_t tag_length, const Aes128KeyHandle & key, const uint8_t * nonce, size_t nonce_length, uint8_t * plaintext) { CHIP_ERROR error = CHIP_NO_ERROR; @@ -476,6 +476,13 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u return error; } +CHIP_ERROR HMAC_sha::HMAC_SHA256(const Hmac128KeyHandle & key, const uint8_t * message, size_t message_length, uint8_t * out_buffer, + size_t out_length) +{ + return HMAC_SHA256(key.As(), sizeof(Symmetric128BitsKeyByteArray), message, message_length, + out_buffer, out_length); +} + CHIP_ERROR PBKDF2_sha256::pbkdf2_sha256(const uint8_t * password, size_t plen, const uint8_t * salt, size_t slen, unsigned int iteration_count, uint32_t key_length, uint8_t * output) { diff --git a/src/protocols/secure_channel/CheckinMessage.cpp b/src/protocols/secure_channel/CheckinMessage.cpp index 43351de492113a..5e63feb3428aa0 100644 --- a/src/protocols/secure_channel/CheckinMessage.cpp +++ b/src/protocols/secure_channel/CheckinMessage.cpp @@ -30,7 +30,7 @@ namespace chip { namespace Protocols { namespace SecureChannel { -CHIP_ERROR CheckinMessage::GenerateCheckinMessagePayload(Crypto::Aes128BitsKeyHandle & key, CounterType counter, +CHIP_ERROR CheckinMessage::GenerateCheckinMessagePayload(Crypto::Aes128KeyHandle & key, CounterType counter, const ByteSpan & appData, MutableByteSpan & output) { VerifyOrReturnError(appData.size() <= sMaxAppDataSize, CHIP_ERROR_INVALID_ARGUMENT); @@ -62,7 +62,7 @@ CHIP_ERROR CheckinMessage::GenerateCheckinMessagePayload(Crypto::Aes128BitsKeyHa return err; } -CHIP_ERROR CheckinMessage::ParseCheckinMessagePayload(Crypto::Aes128BitsKeyHandle & key, ByteSpan & payload, CounterType & counter, +CHIP_ERROR CheckinMessage::ParseCheckinMessagePayload(Crypto::Aes128KeyHandle & key, ByteSpan & payload, CounterType & counter, MutableByteSpan & appData) { VerifyOrReturnError(payload.size() >= sMinPayloadSize, CHIP_ERROR_INVALID_ARGUMENT); diff --git a/src/protocols/secure_channel/CheckinMessage.h b/src/protocols/secure_channel/CheckinMessage.h index 534e66f52ca6b5..aa494c3689b5c8 100644 --- a/src/protocols/secure_channel/CheckinMessage.h +++ b/src/protocols/secure_channel/CheckinMessage.h @@ -52,8 +52,8 @@ class DLL_EXPORT CheckinMessage * Required Buffer Size is : GetCheckinPayloadSize(appData.size()) * @return CHIP_ERROR */ - static CHIP_ERROR GenerateCheckinMessagePayload(Crypto::Aes128BitsKeyHandle & key, CounterType counter, - const ByteSpan & appData, MutableByteSpan & output); + static CHIP_ERROR GenerateCheckinMessagePayload(Crypto::Aes128KeyHandle & key, CounterType counter, const ByteSpan & appData, + MutableByteSpan & output); /** * @brief Parse Check-in Message payload @@ -65,7 +65,7 @@ class DLL_EXPORT CheckinMessage * GetAppDataSize(payload) + sizeof(CounterType) * @return CHIP_ERROR */ - static CHIP_ERROR ParseCheckinMessagePayload(Crypto::Aes128BitsKeyHandle & key, ByteSpan & payload, CounterType & counter, + static CHIP_ERROR ParseCheckinMessagePayload(Crypto::Aes128KeyHandle & key, ByteSpan & payload, CounterType & counter, MutableByteSpan & appData); static inline size_t GetCheckinPayloadSize(size_t appDataSize) { return appDataSize + sMinPayloadSize; } diff --git a/src/protocols/secure_channel/tests/TestCheckinMsg.cpp b/src/protocols/secure_channel/tests/TestCheckinMsg.cpp index 730f6c7184f6fb..6310cf38c05494 100644 --- a/src/protocols/secure_channel/tests/TestCheckinMsg.cpp +++ b/src/protocols/secure_channel/tests/TestCheckinMsg.cpp @@ -59,7 +59,7 @@ void TestCheckin_Generate(nlTestSuite * inSuite, void * inContext) Symmetric128BitsKeyByteArray keyMaterial; memcpy(keyMaterial, test.key, test.key_len); - Aes128BitsKeyHandle keyHandle; + Aes128KeyHandle keyHandle; NL_TEST_ASSERT_SUCCESS(inSuite, keystore.CreateKey(keyMaterial, keyHandle)); // Validate that counter change, indeed changes the output buffer content @@ -90,14 +90,14 @@ void TestCheckin_Generate(nlTestSuite * inSuite, void * inContext) Symmetric128BitsKeyByteArray keyMaterial; memcpy(keyMaterial, test.key, test.key_len); - Aes128BitsKeyHandle keyHandle; + Aes128KeyHandle keyHandle; NL_TEST_ASSERT_SUCCESS(inSuite, keystore.CreateKey(keyMaterial, keyHandle)); // As of now passing an empty key handle while using PSA crypto will result in a failure. // However when using OpenSSL this same test result in a success. // Issue #28986 - // Aes128BitsKeyHandle emptyKeyHandle; + // Aes128KeyHandle emptyKeyHandle; // err = CheckinMessage::GenerateCheckinMessagePayload(emptyKeyHandle, counter, userData, outputBuffer); // ChipLogError(Inet, "%s", err.AsString()); // NL_TEST_ASSERT(inSuite, (CHIP_NO_ERROR == err)); @@ -140,7 +140,7 @@ void TestCheckin_Parse(nlTestSuite * inSuite, void * inContext) Symmetric128BitsKeyByteArray keyMaterial; memcpy(keyMaterial, test.key, test.key_len); - Aes128BitsKeyHandle keyHandle; + Aes128KeyHandle keyHandle; NL_TEST_ASSERT_SUCCESS(inSuite, keystore.CreateKey(keyMaterial, keyHandle)); //=================Encrypt======================= @@ -183,7 +183,7 @@ void TestCheckin_GenerateParse(nlTestSuite * inSuite, void * inContext) Symmetric128BitsKeyByteArray keyMaterial; memcpy(keyMaterial, test.key, test.key_len); - Aes128BitsKeyHandle keyHandle; + Aes128KeyHandle keyHandle; NL_TEST_ASSERT_SUCCESS(inSuite, keystore.CreateKey(keyMaterial, keyHandle)); //=================Encrypt======================= diff --git a/src/transport/CryptoContext.h b/src/transport/CryptoContext.h index f5717a3abf7926..b08efdabbc9dcd 100644 --- a/src/transport/CryptoContext.h +++ b/src/transport/CryptoContext.h @@ -160,8 +160,8 @@ class DLL_EXPORT CryptoContext SessionRole mSessionRole; bool mKeyAvailable; - Crypto::Aes128BitsKeyHandle mEncryptionKey; - Crypto::Aes128BitsKeyHandle mDecryptionKey; + Crypto::Aes128KeyHandle mEncryptionKey; + Crypto::Aes128KeyHandle mDecryptionKey; Crypto::AttestationChallenge mAttestationChallenge; Crypto::SessionKeystore * mKeystore = nullptr; Crypto::SymmetricKeyContext * mKeyContext = nullptr;