Skip to content

Commit

Permalink
Implement setting key persitence for ICD server
Browse files Browse the repository at this point in the history
  • Loading branch information
@maciejbaczmanski
maciejbaczmanski committed Sep 4, 2024
1 parent 32d4cda commit e3687d9
Showing 1 changed file with 14 additions and 5 deletions.
19 changes: 14 additions & 5 deletions src/app/icd/server/ICDMonitoringTable.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,6 @@ CHIP_ERROR ICDMonitoringEntry::SetKey(ByteSpan keyData)
Crypto::Symmetric128BitsKeyByteArray keyMaterial;
memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

// TODO - Add function to set PSA key lifetime
ReturnErrorOnFailure(symmetricKeystore->CreateKey(keyMaterial, aesKeyHandle));
CHIP_ERROR error = symmetricKeystore->CreateKey(keyMaterial, hmacKeyHandle);

Expand Down Expand Up @@ -269,16 +268,26 @@ CHIP_ERROR ICDMonitoringTable::Set(uint16_t index, const ICDMonitoringEntry & en
VerifyOrReturnError(entry.keyHandleValid, CHIP_ERROR_INVALID_ARGUMENT);

ICDMonitoringEntry e(this->mFabric, index);
e.checkInNodeID = entry.checkInNodeID;
e.monitoredSubject = entry.monitoredSubject;
e.clientType = entry.clientType;
e.index = index;
e.checkInNodeID = entry.checkInNodeID;
e.monitoredSubject = entry.monitoredSubject;
e.clientType = entry.clientType;
e.index = index;
e.symmetricKeystore = entry.symmetricKeystore;

memcpy(e.aesKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
entry.aesKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(), sizeof(Crypto::Symmetric128BitsKeyByteArray));
memcpy(e.hmacKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

ReturnErrorOnFailure(e.symmetricKeystore->PersistICDKey(e.aesKeyHandle));
CHIP_ERROR error = e.symmetricKeystore->PersistICDKey(e.hmacKeyHandle);
if (error != CHIP_NO_ERROR)
{
// If setting the persistence of the HmacKeyHandle failed, we need to delete the AesKeyHandle to avoid a key leak
e.symmetricKeystore->DestroyKey(e.aesKeyHandle);
return error;
}

return e.Save(this->mStorage);
}

Expand Down

0 comments on commit e3687d9

Please sign in to comment.