Restyle Crypto refactoring and ECKey usage distinction.

examples/tv-app/android/java/JNIDACProvider.cpp

@@ -135,14 +135,13 @@ CHIP_ERROR JNIDACProvider::GetProductAttestationIntermediateCert(MutableByteSpan
     return GetJavaByteByMethod(mGetProductAttestationIntermediateCertMethod, out_pai_buffer);
 }
 
-// TODO: This should be moved to a method of P256Keypair
 CHIP_ERROR LoadKeypairFromRaw(ByteSpan private_key, ByteSpan public_key, Crypto::P256Keypair & keypair)
 {
-    Crypto::P256SerializedKeypair serialized_keypair;
-    ReturnErrorOnFailure(serialized_keypair.SetLength(private_key.size() + public_key.size()));
-    memcpy(serialized_keypair.Bytes(), public_key.data(), public_key.size());
-    memcpy(serialized_keypair.Bytes() + public_key.size(), private_key.data(), private_key.size());
-    return keypair.Deserialize(serialized_keypair);
+    Crypto::P256PlaintextKeypair key_pair;
+    ReturnErrorOnFailure(key_pair.SetLength(private_key.size() + public_key.size()));
+    memcpy(key_pair.Bytes(), public_key.data(), public_key.size());
+    memcpy(key_pair.Bytes() + public_key.size(), private_key.data(), private_key.size());
+    return keypair.Initialize(key_pair);
 }
 
 CHIP_ERROR JNIDACProvider::SignWithDeviceAttestationKey(const ByteSpan & message_to_sign, MutableByteSpan & out_signature_buffer)

examples/tv-casting-app/android/App/app/src/main/jni/cpp/JNIDACProvider.cpp

@@ -135,14 +135,13 @@ CHIP_ERROR JNIDACProvider::GetProductAttestationIntermediateCert(MutableByteSpan
     return GetJavaByteByMethod(mGetProductAttestationIntermediateCertMethod, out_pai_buffer);
 }
 
-// TODO: This should be moved to a method of P256Keypair
 CHIP_ERROR LoadKeypairFromRaw(ByteSpan private_key, ByteSpan public_key, Crypto::P256Keypair & keypair)
 {
-    Crypto::P256SerializedKeypair serialized_keypair;
-    ReturnErrorOnFailure(serialized_keypair.SetLength(private_key.size() + public_key.size()));
-    memcpy(serialized_keypair.Bytes(), public_key.data(), public_key.size());
-    memcpy(serialized_keypair.Bytes() + public_key.size(), private_key.data(), private_key.size());
-    return keypair.Deserialize(serialized_keypair);
+    Crypto::P256PlaintextKeypair key_pair;
+    ReturnErrorOnFailure(key_pair.SetLength(private_key.size() + public_key.size()));
+    memcpy(key_pair.Bytes(), public_key.data(), public_key.size());
+    memcpy(key_pair.Bytes() + public_key.size(), private_key.data(), private_key.size());
+    return keypair.Initialize(key_pair);
 }
 
 CHIP_ERROR JNIDACProvider::SignWithDeviceAttestationKey(const ByteSpan & message_to_sign, MutableByteSpan & out_signature_buffer)

src/app/tests/suites/credentials/TestHarnessDACProvider.cpp

@@ -92,14 +92,13 @@ ByteSpan ReadValue(Json::Value jsonValue, uint8_t * buffer, size_t bufferLen)
     return ByteSpan(buffer, bytesLen);
 }
 
-// TODO: This should be moved to a method of P256Keypair
 CHIP_ERROR LoadKeypairFromRaw(ByteSpan private_key, ByteSpan public_key, Crypto::P256Keypair & keypair)
 {
-    Crypto::P256SerializedKeypair serialized_keypair;
-    ReturnErrorOnFailure(serialized_keypair.SetLength(private_key.size() + public_key.size()));
-    memcpy(serialized_keypair.Bytes(), public_key.data(), public_key.size());
-    memcpy(serialized_keypair.Bytes() + public_key.size(), private_key.data(), private_key.size());
-    return keypair.Deserialize(serialized_keypair);
+    Crypto::P256PlaintextKeypair key_pair;
+    ReturnErrorOnFailure(key_pair.SetLength(private_key.size() + public_key.size()));
+    memcpy(key_pair.Bytes(), public_key.data(), public_key.size());
+    memcpy(key_pair.Bytes() + public_key.size(), private_key.data(), private_key.size());
+    return keypair.Deserialize(key_pair);
 }
 
 } // namespace

src/credentials/FabricTable.cpp

@@ -677,16 +677,16 @@ CHIP_ERROR FabricTable::AddNewFabricForTest(const ByteSpan & rootCert, const Byt
     CHIP_ERROR err = CHIP_ERROR_INTERNAL;
 
     Crypto::P256Keypair injectedOpKey;
-    Crypto::P256SerializedKeypair injectedOpKeysSerialized;
+    Crypto::P256PlaintextKeypair injectedOpKeysPlaintext;
 
     Crypto::P256Keypair * opKey = nullptr;
     if (!opKeySpan.empty())
     {
-        VerifyOrReturnError(opKeySpan.size() == injectedOpKeysSerialized.Capacity(), CHIP_ERROR_INVALID_ARGUMENT);
+        VerifyOrReturnError(opKeySpan.size() == injectedOpKeysPlaintext.Capacity(), CHIP_ERROR_INVALID_ARGUMENT);
 
-        memcpy(injectedOpKeysSerialized.Bytes(), opKeySpan.data(), opKeySpan.size());
-        SuccessOrExit(err = injectedOpKeysSerialized.SetLength(opKeySpan.size()));
-        SuccessOrExit(err = injectedOpKey.Deserialize(injectedOpKeysSerialized));
+        memcpy(injectedOpKeysPlaintext.Bytes(), opKeySpan.data(), opKeySpan.size());
+        SuccessOrExit(err = injectedOpKeysPlaintext.SetLength(opKeySpan.size()));
+        SuccessOrExit(err = injectedOpKey.Initialize(injectedOpKeysPlaintext));
         opKey = &injectedOpKey;
     }
 

src/credentials/TestOnlyLocalCertificateAuthority.h

@@ -56,11 +56,11 @@ class TestOnlyLocalCertificateAuthority
 
     TestOnlyLocalCertificateAuthority & Init()
     {
-        Crypto::P256SerializedKeypair emptyKeypair;
+        Crypto::P256PlaintextKeypair emptyKeypair;
         return Init(emptyKeypair);
     }
 
-    TestOnlyLocalCertificateAuthority & Init(Crypto::P256SerializedKeypair & rootKeyPair)
+    TestOnlyLocalCertificateAuthority & Init(Crypto::P256PlaintextKeypair & rootKeyPair)
     {
         SuccessOrExit(mCurrentStatus);
 
@@ -69,13 +69,14 @@ class TestOnlyLocalCertificateAuthority
 
         if (rootKeyPair.Length() != 0)
         {
-            mCurrentStatus = mRootKeypair->Deserialize(rootKeyPair);
-            SuccessOrExit(mCurrentStatus);
+            mCurrentStatus = mRootKeypair->Initialize(rootKeyPair);
         }
         else
         {
-            mRootKeypair->Initialize();
+            mCurrentStatus = mRootKeypair->Initialize();
         }
+        SuccessOrExit(mCurrentStatus);
+
         mCurrentStatus = GenerateRootCert(*mRootKeypair.get());
         SuccessOrExit(mCurrentStatus);
     exit:

src/credentials/examples/DeviceAttestationCredsExample.cpp

@@ -30,14 +30,13 @@ namespace Examples {
 
 namespace {
 
-// TODO: This should be moved to a method of P256Keypair
 CHIP_ERROR LoadKeypairFromRaw(ByteSpan private_key, ByteSpan public_key, Crypto::P256Keypair & keypair)
 {
-    Crypto::P256SerializedKeypair serialized_keypair;
-    ReturnErrorOnFailure(serialized_keypair.SetLength(private_key.size() + public_key.size()));
-    memcpy(serialized_keypair.Bytes(), public_key.data(), public_key.size());
-    memcpy(serialized_keypair.Bytes() + public_key.size(), private_key.data(), private_key.size());
-    return keypair.Deserialize(serialized_keypair);
+    Crypto::P256PlaintextKeypair key_pair;
+    ReturnErrorOnFailure(key_pair.SetLength(private_key.size() + public_key.size()));
+    memcpy(key_pair.Bytes(), public_key.data(), public_key.size());
+    memcpy(key_pair.Bytes() + public_key.size(), private_key.data(), private_key.size());
+    return keypair.Initialize(key_pair);
 }
 
 class ExampleDACProvider : public DeviceAttestationCredentialsProvider

src/credentials/tests/TestCertificationDeclaration.cpp

@@ -270,12 +270,12 @@ static void TestCD_CMSSignAndVerify(nlTestSuite * inSuite, void * inContext)
 
     // Test with known key
     P256Keypair keypair2;
-    P256SerializedKeypair serializedKeypair;
-    memcpy(serializedKeypair, sTestCMS_SignerSerializedKeypair, sizeof(sTestCMS_SignerSerializedKeypair));
-    serializedKeypair.SetLength(sizeof(sTestCMS_SignerSerializedKeypair));
+    P256PlaintextKeypair plaintextKeypair;
+    memcpy(plaintextKeypair, sTestCMS_SignerSerializedKeypair, sizeof(sTestCMS_SignerSerializedKeypair));
+    plaintextKeypair.SetLength(sizeof(sTestCMS_SignerSerializedKeypair));
     cdContentIn   = ByteSpan(sTestCMS_CDContent02);
     signedMessage = MutableByteSpan(signedMessageBuf);
-    NL_TEST_ASSERT(inSuite, keypair2.Deserialize(serializedKeypair) == CHIP_NO_ERROR);
+    NL_TEST_ASSERT(inSuite, keypair2.Initialize(plaintextKeypair) == CHIP_NO_ERROR);
     NL_TEST_ASSERT(inSuite, CMS_Sign(cdContentIn, signerKeyId, keypair2, signedMessage) == CHIP_NO_ERROR);
     NL_TEST_ASSERT(inSuite, CMS_Verify(signedMessage, keypair2.Pubkey(), cdContentOut) == CHIP_NO_ERROR);
     NL_TEST_ASSERT(inSuite, cdContentIn.data_equal(cdContentOut));

src/credentials/tests/TestFabricTable.cpp

@@ -88,20 +88,20 @@ class ScopedFabricTable
  */
 static CHIP_ERROR LoadTestFabric_Node01_01(nlTestSuite * inSuite, FabricTable & fabricTable, bool doCommit)
 {
-    Crypto::P256SerializedKeypair opKeysSerialized;
+    Crypto::P256PlaintextKeypair opKeys;
     FabricIndex fabricIndex;
-    memcpy((uint8_t *) (opKeysSerialized), TestCerts::sTestCert_Node01_01_PublicKey, TestCerts::sTestCert_Node01_01_PublicKey_Len);
-    memcpy((uint8_t *) (opKeysSerialized) + TestCerts::sTestCert_Node01_01_PublicKey_Len, TestCerts::sTestCert_Node01_01_PrivateKey,
+    memcpy((uint8_t *) (opKeys), TestCerts::sTestCert_Node01_01_PublicKey, TestCerts::sTestCert_Node01_01_PublicKey_Len);
+    memcpy((uint8_t *) (opKeys) + TestCerts::sTestCert_Node01_01_PublicKey_Len, TestCerts::sTestCert_Node01_01_PrivateKey,
            TestCerts::sTestCert_Node01_01_PrivateKey_Len);
 
     ByteSpan rcacSpan(TestCerts::sTestCert_Root01_Chip, TestCerts::sTestCert_Root01_Chip_Len);
     ByteSpan icacSpan(TestCerts::sTestCert_ICA01_Chip, TestCerts::sTestCert_ICA01_Chip_Len);
     ByteSpan nocSpan(TestCerts::sTestCert_Node01_01_Chip, TestCerts::sTestCert_Node01_01_Chip_Len);
 
     NL_TEST_ASSERT(inSuite,
-                   opKeysSerialized.SetLength(TestCerts::sTestCert_Node01_01_PublicKey_Len +
-                                              TestCerts::sTestCert_Node01_01_PrivateKey_Len) == CHIP_NO_ERROR);
-    NL_TEST_ASSERT(inSuite, gFabric1OpKey.Deserialize(opKeysSerialized) == CHIP_NO_ERROR);
+                   opKeys.SetLength(TestCerts::sTestCert_Node01_01_PublicKey_Len + TestCerts::sTestCert_Node01_01_PrivateKey_Len) ==
+                       CHIP_NO_ERROR);
+    NL_TEST_ASSERT(inSuite, gFabric1OpKey.Initialize(opKeys) == CHIP_NO_ERROR);
 
     NL_TEST_ASSERT(inSuite, fabricTable.AddNewPendingTrustedRootCert(rcacSpan) == CHIP_NO_ERROR);
 
@@ -123,20 +123,20 @@ static CHIP_ERROR LoadTestFabric_Node01_01(nlTestSuite * inSuite, FabricTable &
  */
 static CHIP_ERROR LoadTestFabric_Node02_01(nlTestSuite * inSuite, FabricTable & fabricTable, bool doCommit)
 {
-    Crypto::P256SerializedKeypair opKeysSerialized;
+    Crypto::P256PlaintextKeypair opKeys;
     FabricIndex fabricIndex;
-    memcpy((uint8_t *) (opKeysSerialized), TestCerts::sTestCert_Node02_01_PublicKey, TestCerts::sTestCert_Node02_01_PublicKey_Len);
-    memcpy((uint8_t *) (opKeysSerialized) + TestCerts::sTestCert_Node02_01_PublicKey_Len, TestCerts::sTestCert_Node02_01_PrivateKey,
+    memcpy((uint8_t *) (opKeys), TestCerts::sTestCert_Node02_01_PublicKey, TestCerts::sTestCert_Node02_01_PublicKey_Len);
+    memcpy((uint8_t *) (opKeys) + TestCerts::sTestCert_Node02_01_PublicKey_Len, TestCerts::sTestCert_Node02_01_PrivateKey,
            TestCerts::sTestCert_Node02_01_PrivateKey_Len);
 
     ByteSpan rcacSpan(TestCerts::sTestCert_Root02_Chip, TestCerts::sTestCert_Root02_Chip_Len);
     ByteSpan icacSpan(TestCerts::sTestCert_ICA02_Chip, TestCerts::sTestCert_ICA02_Chip_Len);
     ByteSpan nocSpan(TestCerts::sTestCert_Node02_01_Chip, TestCerts::sTestCert_Node02_01_Chip_Len);
 
     NL_TEST_ASSERT(inSuite,
-                   opKeysSerialized.SetLength(TestCerts::sTestCert_Node02_01_PublicKey_Len +
-                                              TestCerts::sTestCert_Node02_01_PrivateKey_Len) == CHIP_NO_ERROR);
-    NL_TEST_ASSERT(inSuite, gFabric2OpKey.Deserialize(opKeysSerialized) == CHIP_NO_ERROR);
+                   opKeys.SetLength(TestCerts::sTestCert_Node02_01_PublicKey_Len + TestCerts::sTestCert_Node02_01_PrivateKey_Len) ==
+                       CHIP_NO_ERROR);
+    NL_TEST_ASSERT(inSuite, gFabric2OpKey.Initialize(opKeys) == CHIP_NO_ERROR);
 
     NL_TEST_ASSERT(inSuite, fabricTable.AddNewPendingTrustedRootCert(rcacSpan) == CHIP_NO_ERROR);