[nrf noup] Move DAC priv key from Factory Data to PSA ITS #372
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ArekBalysNordic
requested review from
LuDuda,
kkasperczyk-no,
Damian-Nordic and
markaj-nordic
ArekBalysNordic
force-pushed
the
dac_removal
branch
3 times, most recently
from
4246904 to
c46074b
Compare
ArekBalysNordic
force-pushed
the
dac_removal
branch
from
c46074b to
0621b40
Compare
ArekBalysNordic
force-pushed
the
dac_removal
branch
2 times, most recently
from
0ec83d8 to
134c1d6
Compare
|
@Damian-Nordic @markaj-nordic @kkasperczyk-no I've removed serialization from the factory data parser and overwritten the dac private key directly from the factory data set. Please look at it once again :) |
ArekBalysNordic
requested review from
kkasperczyk-no,
Damian-Nordic and
markaj-nordic
ArekBalysNordic
force-pushed
the
dac_removal
branch
3 times, most recently
from
91b00dd to
eeb097f
Compare
Damian-Nordic
approved these changes
Jan 2, 2024
ArekBalysNordic
force-pushed
the
dac_removal
branch
from
eeb097f to
36fee9b
Compare
markaj-nordic
approved these changes
Jan 3, 2024
kkasperczyk-no
approved these changes
Jan 3, 2024
ArekBalysNordic
force-pushed
the
dac_removal
branch
from
36fee9b to
571792b
Compare
|
@Damian-Nordic @LuDuda I've provided the changes that were discussed F2F, now we have the config CHIP_CRYPTO_PSA_MIGRATE_DAC_PRIV_KEY to decide if we want to clear DAC or not, and I've changed a way of removing dac. Could you please verify the recent changes? |
ArekBalysNordic
force-pushed
the
dac_removal
branch
from
5ff3dc7 to
3a0fe84
Compare
Damian-Nordic
approved these changes
Jan 3, 2024
LuDuda
requested changes
Jan 3, 2024
LuDuda
approved these changes
Jan 3, 2024
ArekBalysNordic
force-pushed
the
dac_removal
branch
2 times, most recently
from
bf59f66 to
90cb1e8
Compare
We need a mechanism to move the DAC private key from the factory data set to PSA ITS NVM storage during the first boot of the device. Then the DAC private key must be removed from the factory data set and protected by overwriting. In this commit: - Added a method to FactoryDataProvider for moving and removing DAC from the factory data set. - Aligned the SignWithDeviceAttestationKey method to work with stored DAC priv key in ITS NVM instead of raw data. - Added a Matter config to determine base address of ITS storage for Matter purposes. - x509 MBedTLS support seems to be not needed anymore we can disable it and save ~20kB of FLASH. - Prevent the DAC private key from removal during the factory reset - for now, disable the CHIP_FACTORY_RESET_ERASE_NVS config by default. - Remove the DAC private key from the factory data set only if the CONFIG_CHIP_CRYPTO_PSA_MIGRATE_DAC_PRIV_KEY config is set to 'y'.
ArekBalysNordic
force-pushed
the
dac_removal
branch
from
90cb1e8 to
7bed931
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We need a mechanism to move the DAC private key from the factory data set to PSA ITS NVM storage during the first boot of the device.
Then the DAC private key must be removed from the factory data set and protected by overwriting.
In this commit:
Added a method to FactoryDataProvider for moving and removing DAC from the factory data set.
Aligned the SignWithDeviceAttestationKey method to work with stored DAC private key in ITS NVM instead of raw data.
Extended the FactoryDataParser module by the Serialize method that is responsible for creating CBOR-formated factory data from the FactoryData struct.
Added a Kconfig to define the PSA ITS NVM offset for Matter keys.
x509 MBedTLS support seems to be not needed anymore - we can disable it and save ~20kB of FLASH.
Prevent the DAC private key from removal during the factory reset - for now, disable the CHIP_FACTORY_RESET_ERASE_NVS config by default.