Implement Message Counter Synchronization Protocol (MCSP) part

src/messaging/BUILD.gn

@@ -31,6 +31,8 @@ static_library("messaging") {
     "ReliableMessageMgr.cpp",
     "ReliableMessageMgr.h",
     "ReliableMessageProtocolConfig.h",
+    "SecureChannelMgr.cpp",
+    "SecureChannelMgr.h",
   ]
 
   cflags = [ "-Wconversion" ]

src/messaging/ExchangeContext.h

@@ -33,6 +33,9 @@
 #include <transport/SecureSessionMgr.h>
 
 namespace chip {
+
+constexpr uint16_t kMsgCounterChallengeSize = 8; // The size of the message counter synchronization request message.
+
 namespace Messaging {
 
 class ExchangeManager;
@@ -149,6 +152,12 @@ class DLL_EXPORT ExchangeContext : public ReferenceCounted<ExchangeContext, Exch
 
     uint16_t GetExchangeId() const { return mExchangeId; }
 
+    void SetChallenge(const uint8_t * value) { memcpy(&mChallenage[0], value, kMsgCounterChallengeSize); }
+
+    const uint8_t * GetChallenge() const { return mChallenage; }
+
+    SecureSessionHandle GetSecureSessionHandle() const { return mSecureSession; }
+
     /*
      * In order to use reference counting (see refCount below) we use a hold/free paradigm where users of the exchange
      * can hold onto it while it's out of their direct control to make sure it isn't closed before everyone's ready.
@@ -179,6 +188,10 @@ class DLL_EXPORT ExchangeContext : public ReferenceCounted<ExchangeContext, Exch
     SecureSessionHandle mSecureSession; // The connection state
     uint16_t mExchangeId;               // Assigned exchange ID.
 
+    // [TODO: #4711]: this field need to be moved to appState object which implement 'exchange-specific' contextual
+    // actions with a delegate pattern.
+    uint8_t mChallenage[kMsgCounterChallengeSize]; // Challenge number to identify the sychronization request cryptographically.
+
     BitFlags<uint16_t, ExFlagValues> mFlags; // Internal state flags
 
     /**

src/messaging/ExchangeMgr.cpp

@@ -66,8 +66,9 @@ ExchangeManager::ExchangeManager() : mReliableMessageMgr(mContextPool)
 
 CHIP_ERROR ExchangeManager::Init(SecureSessionMgr * sessionMgr)
 {
-    if (mState != State::kState_NotInitialized)
-        return CHIP_ERROR_INCORRECT_STATE;
+    CHIP_ERROR err = CHIP_NO_ERROR;
+
+    VerifyOrExit(mState == State::kState_NotInitialized, err = CHIP_ERROR_INCORRECT_STATE);
 
     mSessionMgr = sessionMgr;
 
@@ -82,13 +83,19 @@ CHIP_ERROR ExchangeManager::Init(SecureSessionMgr * sessionMgr)
 
     mReliableMessageMgr.Init(sessionMgr->SystemLayer(), sessionMgr);
 
+    err = mSecureChannelMgr.Init(this);
+    SuccessOrExit(err);
+
     mState = State::kState_Initialized;
 
-    return CHIP_NO_ERROR;
+exit:
+    return err;
 }
 
 CHIP_ERROR ExchangeManager::Shutdown()
 {
+    mSecureChannelMgr.Shutdown();
+
     if (mSessionMgr != nullptr)
     {
         mSessionMgr->SetDelegate(nullptr);

src/messaging/ExchangeMgr.h

@@ -28,6 +28,7 @@
 
 #include <messaging/ExchangeContext.h>
 #include <messaging/ReliableMessageMgr.h>
+#include <messaging/SecureChannelMgr.h>
 #include <support/DLLUtil.h>
 #include <transport/SecureSessionMgr.h>
 
@@ -177,6 +178,8 @@ class DLL_EXPORT ExchangeManager : public SecureSessionMgrDelegate
 
     ReliableMessageMgr * GetReliableMessageMgr() { return &mReliableMessageMgr; };
 
+    SecureChannel::SecureChannelMgr * GetSecureChannelMgr() { return &mSecureChannelMgr; };
+
     size_t GetContextsInUse() const { return mContextsInUse; }
 
 private:
@@ -197,6 +200,7 @@ class DLL_EXPORT ExchangeManager : public SecureSessionMgrDelegate
     State mState;
     SecureSessionMgr * mSessionMgr;
     ReliableMessageMgr mReliableMessageMgr;
+    SecureChannel::SecureChannelMgr mSecureChannelMgr;
 
     std::array<ExchangeContext, CHIP_CONFIG_MAX_EXCHANGE_CONTEXTS> mContextPool;
     size_t mContextsInUse;

src/messaging/ReliableMessageMgr.cpp

@@ -25,6 +25,7 @@
 
 #include <messaging/ReliableMessageMgr.h>
 
+#include <core/CHIPKeyIds.h>
 #include <messaging/ErrorCategory.h>
 #include <messaging/Flags.h>
 #include <messaging/ReliableMessageContext.h>
@@ -386,7 +387,7 @@ bool ReliableMessageMgr::CheckAndRemRetransTable(ReliableMessageContext * rc, ui
 /**
  *  Send the specified entry from the retransmission table.
  *
- *  @param[in]    entry                A pointer to a retransmission table entry object that needs to be sent.
+ *  @param[in]    entry   A pointer to a retransmission table entry object that needs to be sent.
  *
  *  @return  #CHIP_NO_ERROR On success, else corresponding CHIP_ERROR returned from SendMessage.
  *
@@ -490,6 +491,29 @@ void ReliableMessageMgr::FailRetransTableEntries(ReliableMessageContext * rc, CH
     }
 }
 
+/**
+ *  Retransmit all pending messages that were encrypted with application
+ *  group key and were addressed to the specified node.
+ *
+ *  @param[in] peerNodeId    Node ID of the destination node.
+ *
+ */
+void ReliableMessageMgr::RetransPendingAppGroupMsgs(uint64_t peerNodeId)
+{
+    // Find all retransmit entries (re) matching peerNodeId and using application group key.
+    for (RetransTableEntry & entry : mRetransTable)
+    {
+        ReliableMessageContext * rc = entry.rc;
+
+        if (rc && rc->mExchange->GetSecureSessionHandle().GetPeerNodeId() == peerNodeId &&
+            ChipKeyId::IsAppGroupKey(rc->mExchange->GetSecureSessionHandle().GetPeerKeyId()))
+        {
+            // Retramsmit message.
+            SendFromRetransTable(&entry);
+        }
+    }
+}
+
 /**
  * Iterate through active exchange contexts and retrans table entries.
  * Determine how many ReliableMessageProtocol ticks we need to sleep before we

src/messaging/ReliableMessageMgr.h

@@ -87,6 +87,7 @@ class ReliableMessageMgr
     void ClearRetransTable(ReliableMessageContext * rc);
     void ClearRetransTable(RetransTableEntry & rEntry);
     void FailRetransTableEntries(ReliableMessageContext * rc, CHIP_ERROR err);
+    void RetransPendingAppGroupMsgs(NodeId peerNodeId);
 
     void StartTimer();
     void StopTimer();