diff --git a/src/include/platform/CHIPDeviceLayer.h b/src/include/platform/CHIPDeviceLayer.h index 9f712cfd171fab..7afea5fafa8676 100644 --- a/src/include/platform/CHIPDeviceLayer.h +++ b/src/include/platform/CHIPDeviceLayer.h @@ -33,7 +33,6 @@ #if CHIP_DEVICE_CONFIG_ENABLE_SOFTWARE_UPDATE_MANAGER #include #endif // CHIP_DEVICE_CONFIG_ENABLE_SOFTWARE_UPDATE_MANAGER -#include #if CHIP_DEVICE_CONFIG_ENABLE_THREAD #include #endif // CHIP_DEVICE_CONFIG_ENABLE_THREAD diff --git a/src/include/platform/TimeSyncManager.h b/src/include/platform/TimeSyncManager.h deleted file mode 100644 index 00e43fef24e6ef..00000000000000 --- a/src/include/platform/TimeSyncManager.h +++ /dev/null @@ -1,139 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2018 Nest Labs, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Defines the chip Device Layer TimeSyncManager object. - * - */ - -#pragma once - -namespace chip { -namespace Profiles { -namespace StatusReporting { -class StatusReport; -} -} // namespace Profiles -} // namespace chip - -namespace chip { -namespace DeviceLayer { - -class PlatformManagerImpl; -namespace Internal { -template -class GenericPlatformManagerImpl; -template -class GenericPlatformManagerImpl_FreeRTOS; -} // namespace Internal - -/** - * Manages time synchronization for chip Devices. - */ -class TimeSyncManager final -{ -public: - // ===== Members that define the public interface of the TimeSyncManager - - enum TimeSyncMode - { - kTimeSyncMode_NotSupported = 0, - kTimeSyncMode_Disabled = 1, - kTimeSyncMode_Service = 2, - - kTimeSyncMode_Max, - }; - - TimeSyncMode GetMode(); - CHIP_ERROR SetMode(TimeSyncMode newMode); - - uint32_t GetSyncInterval(); - void SetSyncInterval(uint32_t intervalSec); - - bool IsTimeSynchronized(); - -private: - // ===== Members for internal use by the following friends. - - friend class PlatformManagerImpl; - template - friend class Internal::GenericPlatformManagerImpl; - template - friend class Internal::GenericPlatformManagerImpl_FreeRTOS; - friend TimeSyncManager & TimeSyncMgr(); - - static TimeSyncManager sInstance; - - CHIP_ERROR Init(); - void OnPlatformEvent(const ChipDeviceEvent * event); - - // ===== Private members for use by this class only. - - uint64_t mLastSyncTimeMS; // in monotonic time -#if CHIP_DEVICE_CONFIG_ENABLE_CHIP_TIME_SERVICE_TIME_SYNC - ::chip::Binding * mTimeSyncBinding; -#endif - uint32_t mSyncIntervalSec; - TimeSyncMode mMode; - - void DriveTimeSync(); - void CancelTimeSync(); - void ApplySynchronizedTime(uint64_t syncedRealTimeUS); - void TimeSyncFailed(CHIP_ERROR reason, chip::Profiles::StatusReporting::StatusReport * statusReport); - -#if CHIP_DEVICE_CONFIG_ENABLE_CHIP_TIME_SERVICE_TIME_SYNC - static void TimeServiceSync_HandleBindingEvent(void * appState, ::chip::Binding::EventType event, - const ::chip::Binding::InEventParam & inParam, - ::chip::Binding::OutEventParam & outParam); - static void TimeServiceSync_HandleSyncComplete(void * context, CHIP_ERROR result, int64_t syncedRealTimeUS); -#endif - - static void DriveTimeSync(::chip::System::Layer * layer, void * appState, ::CHIP_ERROR err); - -protected: - // Construction/destruction limited to subclasses. - TimeSyncManager() = default; - ~TimeSyncManager() = default; - - // No copy, move or assignment. - TimeSyncManager(const TimeSyncManager &) = delete; - TimeSyncManager(const TimeSyncManager &&) = delete; - TimeSyncManager & operator=(const TimeSyncManager &) = delete; -}; - -inline TimeSyncManager::TimeSyncMode TimeSyncManager::GetMode() -{ - return mMode; -} - -inline uint32_t TimeSyncManager::GetSyncInterval() -{ - return mSyncIntervalSec; -} - -/** - * Returns a reference to the TimeSyncManager singleton object. - */ -inline TimeSyncManager & TimeSyncMgr() -{ - return TimeSyncManager::sInstance; -} - -} // namespace DeviceLayer -} // namespace chip diff --git a/src/lib/core/CHIPConfig.h b/src/lib/core/CHIPConfig.h index e6d72b7e9c262b..727b700610d477 100644 --- a/src/lib/core/CHIPConfig.h +++ b/src/lib/core/CHIPConfig.h @@ -1462,17 +1462,6 @@ #define CHIP_CONFIG_DEBUG_CERT_VALIDATION 1 #endif // CHIP_CONFIG_DEBUG_CERT_VALIDATION -/** - * @def CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID - * - * @brief - * EC curve to be used to generate chip operational device certificate. - * - */ -#ifndef CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID -#define CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID (chip::Profiles::Security::kChipCurveId_prime256v1) -#endif // CHIP_CONFIG_OPERATIONAL_DEVICE_CERT_CURVE_ID - /** * @def CHIP_CONFIG_OP_DEVICE_CERT_VALID_DATE_NOT_BEFORE * @@ -1575,42 +1564,6 @@ #define CHIP_CONFIG_PERSISTED_STORAGE_KEY_GLOBAL_MESSAGE_COUNTER "GlobalMCTR" #endif // CHIP_CONFIG_PERSISTED_STORAGE_KEY_GLOBAL_MESSAGE_COUNTER -/** - * @def CHIP_CONFIG_DEFAULT_CASE_CURVE_ID - * - * @brief - * Default ECDH curve to be used when initiating a CASE session, if not overridden by the application. - * - */ -#ifndef CHIP_CONFIG_DEFAULT_CASE_CURVE_ID -#if CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1 -#define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_secp224r1) -#elif CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1 -#define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_prime256v1) -#elif CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP192R1 -#define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_prime192v1) -#else -#define CHIP_CONFIG_DEFAULT_CASE_CURVE_ID (chip::Profiles::Security::kChipCurveId_secp160r1) -#endif -#endif // CHIP_CONFIG_DEFAULT_CASE_CURVE_ID - -/** - * @def CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES - * - * @brief - * Default set of ECDH curves allowed to be used in a CASE session (initiating or responding), if not overridden by the - * application. - * - */ -#ifndef CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES -#if CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP224R1 || CHIP_CONFIG_SUPPORT_ELLIPTIC_CURVE_SECP256R1 -#define CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES \ - (chip::Profiles::Security::kChipCurveSet_secp224r1 | chip::Profiles::Security::kChipCurveSet_prime256v1) -#else -#define CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES (chip::Profiles::Security::kChipCurveSet_All) -#endif -#endif // CHIP_CONFIG_DEFAULT_CASE_ALLOWED_CURVES - /** * @def CHIP_CONFIG_LEGACY_CASE_AUTH_DELEGATE * diff --git a/src/lib/core/CHIPEventLoggingConfig.h b/src/lib/core/CHIPEventLoggingConfig.h index 7356acfc1bced3..006b92f5b77cfb 100644 --- a/src/lib/core/CHIPEventLoggingConfig.h +++ b/src/lib/core/CHIPEventLoggingConfig.h @@ -59,17 +59,6 @@ #define CHIP_CONFIG_EVENT_LOGGING_MAXIMUM_UPLOAD_SECONDS 86400 #endif -/** - * @def CHIP_CONFIG_EVENT_LOGGING_DEFAULT_IMPORTANCE - * - * @brief - * The default importance of events to be logged. It is used - * to initialize the chip LoggingConfiguration. - */ -#ifndef CHIP_CONFIG_EVENT_LOGGING_DEFAULT_IMPORTANCE -#define CHIP_CONFIG_EVENT_LOGGING_DEFAULT_IMPORTANCE chip::Profiles::DataManagement::Production -#endif - /** * @def CHIP_CONFIG_EVENT_LOGGING_UTC_TIMESTAMPS * diff --git a/src/platform/BUILD.gn b/src/platform/BUILD.gn index aaafe34a5772cb..56ee6d79d3cd6c 100644 --- a/src/platform/BUILD.gn +++ b/src/platform/BUILD.gn @@ -236,7 +236,6 @@ if (chip_device_platform != "none") { "../include/platform/PlatformManager.h", "../include/platform/SoftwareUpdateManagerImpl.h", "../include/platform/ThreadStackManager.h", - "../include/platform/TimeSyncManager.h", "../include/platform/internal/BLEManager.h", "../include/platform/internal/CHIPDeviceLayerInternal.h", "../include/platform/internal/DeviceControlServer.h", diff --git a/src/platform/EFR32/GroupKeyStoreImpl.cpp b/src/platform/EFR32/GroupKeyStoreImpl.cpp deleted file mode 100644 index df5b88db7e8193..00000000000000 --- a/src/platform/EFR32/GroupKeyStoreImpl.cpp +++ /dev/null @@ -1,386 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2019 Nest Labs, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the CHIP GroupKeyStore interface - * for platforms based on the Silicon Labs SDK. - */ -/* this file behaves like a config.h, comes first */ -#include - -#include - -using namespace ::chip; -using namespace ::chip::Profiles::Security::AppKeys; - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -CHIP_ERROR GroupKeyStoreImpl::RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey nvm3 records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyId, &key](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the nvm3 obj binary data data into the buffer. - err2 = ReadConfigValueBin(nvm3Key, buf, sizeof(buf), keyLen); - - // Decode the CHIP key id for the current key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If it matches the key we're looking for... - if (curKeyId == keyId) - { - // Decode the associated key data. - err2 = DecodeGroupKey(buf, keyLen, key); - SuccessOrExit(err2); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - } - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Match found. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Match not found. - break; - default: - break; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreGroupKey(const ChipGroupKey & key) -{ - CHIP_ERROR err; - - // Delete any existing group key with the same id (this may or may not exit). - DeleteGroupKey(key.KeyId); // no error checking here. - - // Iterate over all the GroupKey nvm3 records looking for the first - // empty nvm3 key where we can store the data. (Note- use arg addNewrecord=true) - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, true, - [&key](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - - // Encode the key for storage in an nvm3 record. - err2 = EncodeGroupKey(key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Write the encoded binary data into the nvm3 object. - err2 = WriteConfigValueBin(nvm3Key, buf, keyLen); - SuccessOrExit(err2); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Key entry was stored. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Key entry was not stored. - break; - default: - break; - } - - if (err == CHIP_NO_ERROR) - { -#if CHIP_PROGRESS_LOGGING - { - char extraKeyInfo[32]; - if (ChipKeyId::IsAppEpochKey(key.KeyId)) - { - snprintf(extraKeyInfo, sizeof(extraKeyInfo), ", start time %" PRId32, key.StartTime); - } - else if (ChipKeyId::IsAppGroupMasterKey(key.KeyId)) - { - snprintf(extraKeyInfo, sizeof(extraKeyInfo), ", global id 0x%08" PRIX32, key.GlobalId); - } - else - { - extraKeyInfo[0] = 0; - } - -#if CHIP_CONFIG_SECURITY_TEST_MODE - ChipLogProgress(SecurityManager, - "GroupKeyStore: storing key 0x%08" PRIX32 " (%s), len %" PRId8 ", data 0x%02" PRIX8 "...%s", key.KeyId, - ChipKeyId::DescribeKey(key.KeyId), key.KeyLen, key.Key[0], extraKeyInfo); -#else - ChipLogProgress(SecurityManager, "GroupKeyStore: storing key 0x%08" PRIX32 " (%s), len %" PRId8 "%s", key.KeyId, - ChipKeyId::DescribeKey(key.KeyId), key.KeyLen, extraKeyInfo); -#endif - } - -#endif // CHIP_PROGRESS_LOGGING - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKey(uint32_t keyId) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey nvm3 records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyId](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the nvm3 obj binary data data into the buffer. - err2 = ReadConfigValueBin(nvm3Key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If it matches the key we are looking for, delete the nvm3 record. - if (curKeyId == keyId) - { - err2 = ClearConfigValue(nvm3Key); - ChipLogProgress(DeviceLayer, "GroupKeyStore: deleting key 0x%08" PRIX32, curKeyId); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - } - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Key entry was deleted. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Key entry was not deleted. - break; - default: - break; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKeysOfAType(uint32_t keyType) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey nvm3 records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyType](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the nvm3 obj binary data data into the buffer. - err2 = ReadConfigValueBin(nvm3Key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If the current key matches the type we are looking for, delete the nvm3 record. - if (ChipKeyId::GetType(curKeyId) == keyType) - { - err2 = ClearConfigValue(nvm3Key); - ChipLogProgress(DeviceLayer, "GroupKeyStore: deleting key 0x%08" PRIX32, curKeyId); - } - - exit: - return err2; - }); - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) -{ - CHIP_ERROR err; - - keyCount = 0; - - // Iterate over all the GroupKey records looking for keys of the specified type... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyType, keyIds, keyIdsArraySize, &keyCount](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the nvm3 obj binary data data into the buffer. - err2 = ReadConfigValueBin(nvm3Key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If the current key matches the type we're looking for, add it to the keyIds array. - if ((keyType == ChipKeyId::kType_None) || (ChipKeyId::GetType(curKeyId) == keyType)) - { - keyIds[keyCount++] = curKeyId; - - // Stop iterating if there's no more room in the keyIds array. - VerifyOrExit(keyCount < keyIdsArraySize, err2 = CHIP_ERROR_BUFFER_TOO_SMALL); - } - - exit: - return err2; - }); - - // Simply return a truncated list if there are more matching keys than will fit in the array. - if (err == CHIP_ERROR_BUFFER_TOO_SMALL) - { - err = CHIP_NO_ERROR; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::Clear(void) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey nvm3 records deleting each one... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - - err2 = ClearConfigValue(nvm3Key); - SuccessOrExit(err2); - - exit: - return err2; - }); - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::RetrieveLastUsedEpochKeyId(void) -{ - CHIP_ERROR err; - - err = ReadConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); - if (err == CHIP_DEVICE_ERROR_CONFIG_NOT_FOUND) - { - LastUsedEpochKeyId = ChipKeyId::kNone; - err = CHIP_NO_ERROR; - } - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreLastUsedEpochKeyId(void) -{ - return WriteConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); -} - -CHIP_ERROR GroupKeyStoreImpl::Init() -{ - // Nothing to do - return CHIP_NO_ERROR; -} - -CHIP_ERROR GroupKeyStoreImpl::EncodeGroupKey(const ChipGroupKey & key, uint8_t * buf, size_t bufSize, size_t & encodedKeyLen) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - uint8_t * p = buf; - - VerifyOrExit(bufSize >= kFixedEncodedKeySize + key.KeyLen, err = CHIP_ERROR_BUFFER_TOO_SMALL); - - Encoding::LittleEndian::Write32(p, key.KeyId); - Encoding::LittleEndian::Write32(p, key.StartTime); - Encoding::Write8(p, key.KeyLen); - memcpy(p, key.Key, key.KeyLen); - p += key.KeyLen; - - encodedKeyLen = p - buf; - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DecodeGroupKeyId(const uint8_t * encodedKey, size_t encodedKeyLen, uint32_t & keyId) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize, err = CHIP_ERROR_INVALID_ARGUMENT); - - keyId = Encoding::LittleEndian::Get32(encodedKey); - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DecodeGroupKey(const uint8_t * encodedKey, size_t encodedKeyLen, ChipGroupKey & key) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - const uint8_t * p = encodedKey; - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize, err = CHIP_ERROR_INVALID_ARGUMENT); - - key.KeyId = Encoding::LittleEndian::Read32(p); - key.StartTime = Encoding::LittleEndian::Read32(p); - key.KeyLen = Encoding::Read8(p); - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize + key.KeyLen, err = CHIP_ERROR_INVALID_ARGUMENT); - - memcpy(key.Key, p, key.KeyLen); - -exit: - return err; -} - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip diff --git a/src/platform/EFR32/GroupKeyStoreImpl.h b/src/platform/EFR32/GroupKeyStoreImpl.h deleted file mode 100644 index 1f8ecc11aea58e..00000000000000 --- a/src/platform/EFR32/GroupKeyStoreImpl.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2019 Nest Labs, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the Chip Group Key Store interface - * for platforms based on the Silicon Labs SDK. - */ - -#include -#include -#include -#include - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -/** - * An implementation of the Chip GroupKeyStoreBase API for platforms based - * on the Silicon Labs SDK. - */ -class GroupKeyStoreImpl final : public ::chip::Profiles::Security::AppKeys::GroupKeyStoreBase, private EFR32Config -{ - using ChipGroupKey = ::chip::Profiles::Security::AppKeys::ChipGroupKey; - -public: - CHIP_ERROR Init(); - - CHIP_ERROR RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) override; - CHIP_ERROR StoreGroupKey(const ChipGroupKey & key) override; - CHIP_ERROR DeleteGroupKey(uint32_t keyId) override; - CHIP_ERROR DeleteGroupKeysOfAType(uint32_t keyType) override; - CHIP_ERROR EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) override; - CHIP_ERROR Clear(void) override; - CHIP_ERROR RetrieveLastUsedEpochKeyId(void) override; - CHIP_ERROR StoreLastUsedEpochKeyId(void) override; - -private: - static constexpr size_t kFixedEncodedKeySize = 4U + // key id - 4U + // start time / global id - 1U; // key data length - - static constexpr size_t kMaxEncodedKeySize = kFixedEncodedKeySize + ChipGroupKey::MaxKeySize; - - /* Not used - static constexpr uint16_t kGroupKeyFileId = GetFileId(kConfigKey_GroupKey); - static constexpr uint16_t kGroupKeyRecordKey = GetRecordKey(kConfigKey_GroupKey); - */ - - static CHIP_ERROR EncodeGroupKey(const ChipGroupKey & key, uint8_t * buf, size_t bufSize, size_t & encodedKeyLen); - static CHIP_ERROR DecodeGroupKey(const uint8_t * encodedKey, size_t encodedKeyLen, ChipGroupKey & key); - static CHIP_ERROR DecodeGroupKeyId(const uint8_t * encodedKey, size_t encodedKeyLen, uint32_t & keyId); -}; - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip diff --git a/src/platform/ESP32/GroupKeyStoreImpl.cpp b/src/platform/ESP32/GroupKeyStoreImpl.cpp deleted file mode 100644 index 30cb3d424a6046..00000000000000 --- a/src/platform/ESP32/GroupKeyStoreImpl.cpp +++ /dev/null @@ -1,318 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2018 Nest Labs, Inc. - * All rights reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the Chip GroupKeyStore interface - * for the ESP32 platform. - */ -/* this file behaves like a config.h, comes first */ -#include - -#include -#include - -#include "nvs.h" -#include "nvs_flash.h" - -using namespace ::chip; -using namespace ::nl::Weave::Profiles::Security::AppKeys; - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -CHIP_ERROR GroupKeyStoreImpl::RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) -{ - CHIP_ERROR err; - size_t keyLen; - char keyName[kMaxConfigKeyNameLength + 1]; - ESP32Config::Key configKey{ kConfigNamespace_ChipConfig, keyName }; - - err = FormKeyName(keyId, keyName, sizeof(keyName)); - SuccessOrExit(err); - - err = ReadConfigValueBin(configKey, key.Key, sizeof(key.Key), keyLen); - if (err == CHIP_DEVICE_ERROR_CONFIG_NOT_FOUND) - { - err = CHIP_ERROR_KEY_NOT_FOUND; - } - SuccessOrExit(err); - - if (keyId != ChipKeyId::kFabricSecret) - { - memcpy(&key.StartTime, key.Key + kChipAppGroupKeySize, sizeof(uint32_t)); - keyLen -= sizeof(uint32_t); - } - - key.KeyId = keyId; - key.KeyLen = keyLen; - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreGroupKey(const ChipGroupKey & key) -{ - char keyName[kMaxConfigKeyNameLength + 1]; - uint8_t keyData[ChipGroupKey::MaxKeySize]; - bool indexUpdated = false; - ScopedNvsHandle handle; - CHIP_ERROR error = CHIP_NO_ERROR; - esp_err_t err = ESP_OK; - - error = FormKeyName(key.KeyId, keyName, sizeof(keyName)); - SuccessOrExit(error); - - error = AddKeyToIndex(key.KeyId, indexUpdated); - SuccessOrExit(error); - - error = handle.Open(kConfigNamespace_ChipConfig, NVS_READWRITE); - SuccessOrExit(error); - - memcpy(keyData, key.Key, ChipGroupKey::MaxKeySize); - if (key.KeyId != ChipKeyId::kFabricSecret) - { - memcpy(keyData + kChipAppGroupKeySize, (const void *) &key.StartTime, sizeof(uint32_t)); - } - -#if CHIP_PROGRESS_LOGGING - if (ChipKeyId::IsAppEpochKey(key.KeyId)) - { - ChipLogProgress(DeviceLayer, "GroupKeyStore: storing epoch key %s/%s (key len %" PRId8 ", start time %" PRIu32 ")", - kConfigNamespace_ChipConfig, keyName, key.KeyLen, key.StartTime); - } - else if (ChipKeyId::IsAppGroupMasterKey(key.KeyId)) - { - ChipLogProgress(DeviceLayer, "GroupKeyStore: storing app master key %s/%s (key len %" PRId8 ", global id 0x%" PRIX32 ")", - kConfigNamespace_ChipConfig, keyName, key.KeyLen, key.GlobalId); - } - else - { - const char * keyType = (ChipKeyId::IsAppRootKey(key.KeyId)) ? "root" : "general"; - ChipLogProgress(DeviceLayer, "GroupKeyStore: storing %s key %s/%s (key len %" PRId8 ")", keyType, - kConfigNamespace_ChipConfig, keyName, key.KeyLen); - } -#endif // CHIP_PROGRESS_LOGGING - - err = nvs_set_blob(handle, keyName, keyData, ChipGroupKey::MaxKeySize); - VerifyOrExit(err == ESP_OK, error = ESP32Utils::MapError(err)); - - if (indexUpdated) - { - error = WriteKeyIndex(handle); - SuccessOrExit(error); - } - - // Commit the value to the persistent store. - err = nvs_commit(handle); - VerifyOrExit(err == ESP_OK, error = ESP32Utils::MapError(err)); - -exit: - if (error != CHIP_NO_ERROR && indexUpdated) - { - mNumKeys--; - } - ClearSecretData(keyData, sizeof(keyData)); - return error; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKey(uint32_t keyId) -{ - return DeleteKeyOrKeys(keyId, ChipKeyId::kType_None); -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKeysOfAType(uint32_t keyType) -{ - return DeleteKeyOrKeys(ChipKeyId::kNone, keyType); -} - -CHIP_ERROR GroupKeyStoreImpl::EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) -{ - keyCount = 0; - - for (uint8_t i = 0; i < mNumKeys && keyCount < keyIdsArraySize; i++) - { - if (keyType == ChipKeyId::kType_None || ChipKeyId::GetType(mKeyIndex[i]) == keyType) - { - keyIds[keyCount++] = mKeyIndex[i]; - } - } - - return CHIP_NO_ERROR; -} - -CHIP_ERROR GroupKeyStoreImpl::Clear(void) -{ - return DeleteKeyOrKeys(ChipKeyId::kNone, ChipKeyId::kType_None); -} - -CHIP_ERROR GroupKeyStoreImpl::RetrieveLastUsedEpochKeyId(void) -{ - CHIP_ERROR err; - - err = ReadConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); - if (err == CHIP_DEVICE_ERROR_CONFIG_NOT_FOUND) - { - LastUsedEpochKeyId = ChipKeyId::kNone; - err = CHIP_NO_ERROR; - } - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreLastUsedEpochKeyId(void) -{ - return WriteConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); -} - -CHIP_ERROR GroupKeyStoreImpl::Init() -{ - CHIP_ERROR err; - size_t indexSizeBytes; - - err = ReadConfigValueBin(kConfigKey_GroupKeyIndex, (uint8_t *) mKeyIndex, sizeof(mKeyIndex), indexSizeBytes); - if (err == CHIP_DEVICE_ERROR_CONFIG_NOT_FOUND) - { - err = CHIP_NO_ERROR; - indexSizeBytes = 0; - } - SuccessOrExit(err); - - mNumKeys = indexSizeBytes / sizeof(uint32_t); - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::AddKeyToIndex(uint32_t keyId, bool & indexUpdated) -{ - indexUpdated = false; - - for (uint8_t i = 0; i < mNumKeys; i++) - { - if (mKeyIndex[i] == keyId) - { - return CHIP_NO_ERROR; - } - } - - VerifyOrReturnError(mNumKeys < kMaxGroupKeys, CHIP_ERROR_TOO_MANY_KEYS); - - mKeyIndex[mNumKeys++] = keyId; - indexUpdated = true; - - return CHIP_NO_ERROR; -} - -CHIP_ERROR GroupKeyStoreImpl::WriteKeyIndex(nvs_handle handle) -{ - ChipLogProgress(DeviceLayer, "GroupKeyStore: writing key index %s/%s (num keys %" PRIu8 ")", kConfigKey_GroupKeyIndex.Namespace, - kConfigKey_GroupKeyIndex.Name, mNumKeys); - return nvs_set_blob(handle, kConfigKey_GroupKeyIndex.Name, mKeyIndex, mNumKeys * sizeof(uint32_t)); -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteKeyOrKeys(uint32_t targetKeyId, uint32_t targetKeyType) -{ - char keyName[kMaxConfigKeyNameLength + 1]; - ScopedNvsHandle handle; - - for (uint8_t i = 0; i < mNumKeys;) - { - uint32_t curKeyId = mKeyIndex[i]; - - if ((targetKeyId == ChipKeyId::kNone && targetKeyType == ChipKeyId::kType_None) || curKeyId == targetKeyId || - ChipKeyId::GetType(curKeyId) == targetKeyType) - { - if (!handle.IsOpen()) - { - ReturnErrorOnFailure(handle.Open(kConfigNamespace_ChipConfig, NVS_READWRITE)); - } - - ReturnErrorOnFailure(FormKeyName(curKeyId, keyName, sizeof(keyName))); - - esp_err_t err = nvs_erase_key(handle, keyName); -#if CHIP_PROGRESS_LOGGING - if (err == ESP_OK) - { - const char * keyType; - if (ChipKeyId::IsAppRootKey(curKeyId)) - { - keyType = "root"; - } - else if (ChipKeyId::IsAppGroupMasterKey(curKeyId)) - { - keyType = "app master"; - } - else if (ChipKeyId::IsAppEpochKey(curKeyId)) - { - keyType = "epoch"; - } - else - { - keyType = "general"; - } - ChipLogProgress(DeviceLayer, "GroupKeyStore: erasing %s key %s/%s", keyType, kConfigNamespace_ChipConfig, keyName); - } -#endif // CHIP_PROGRESS_LOGGING - if (err == ESP_ERR_NVS_NOT_FOUND) - { - err = ESP_OK; - } - ReturnMappedErrorOnFailure(err); - - mNumKeys--; - - memmove(&mKeyIndex[i], &mKeyIndex[i + 1], (mNumKeys - i) * sizeof(uint32_t)); - } - else - { - i++; - } - } - - if (handle.IsOpen()) - { - ReturnErrorOnFailure(WriteKeyIndex(handle)); - - // Commit to the persistent store. - ReturnMappedErrorOnFailure(nvs_commit(handle)); - } - - return CHIP_NO_ERROR; -} - -CHIP_ERROR GroupKeyStoreImpl::FormKeyName(uint32_t keyId, char * buf, size_t bufSize) -{ - VerifyOrReturnError(bufSize >= kMaxConfigKeyNameLength, CHIP_ERROR_BUFFER_TOO_SMALL); - - if (keyId == ChipKeyId::kFabricSecret) - { - strcpy(buf, kConfigKey_FabricSecret.Name); - } - else - { - snprintf(buf, bufSize, "%s%08" PRIX32, kGroupKeyNamePrefix, keyId); - } - - return CHIP_NO_ERROR; -} - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip diff --git a/src/platform/ESP32/GroupKeyStoreImpl.h b/src/platform/ESP32/GroupKeyStoreImpl.h deleted file mode 100644 index 53076ec3e68f95..00000000000000 --- a/src/platform/ESP32/GroupKeyStoreImpl.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2018 Nest Labs, Inc. - * All rights reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/** - * @file - * Provides an implementation of the Chip Group Key Store interface - * for the ESP32 platform. - */ - -#include -#include -#include - -#include "nvs.h" - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -/** - * An implementation of the Chip GroupKeyStoreBase API for the ESP32. - */ -class GroupKeyStoreImpl final : public ::chip::Profiles::Security::AppKeys::GroupKeyStoreBase, private ESP32Config -{ - using ChipGroupKey = ::chip::Profiles::Security::AppKeys::ChipGroupKey; - -public: - enum - { - kMaxGroupKeys = CHIP_CONFIG_MAX_APPLICATION_EPOCH_KEYS + // Maximum number of Epoch keys - CHIP_CONFIG_MAX_APPLICATION_GROUPS + // Maximum number of Application Group Master keys - 1 + // Maximum number of Root keys (1 for Service root key) - 1 // Fabric secret - }; - - CHIP_ERROR Init(); - - CHIP_ERROR RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) override; - CHIP_ERROR StoreGroupKey(const ChipGroupKey & key) override; - CHIP_ERROR DeleteGroupKey(uint32_t keyId) override; - CHIP_ERROR DeleteGroupKeysOfAType(uint32_t keyType) override; - CHIP_ERROR EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) override; - CHIP_ERROR Clear(void) override; - CHIP_ERROR RetrieveLastUsedEpochKeyId(void) override; - CHIP_ERROR StoreLastUsedEpochKeyId(void) override; - -private: - uint32_t mKeyIndex[kMaxGroupKeys]; - uint8_t mNumKeys; - - CHIP_ERROR AddKeyToIndex(uint32_t keyId, bool & indexUpdated); - CHIP_ERROR WriteKeyIndex(nvs_handle handle); - CHIP_ERROR DeleteKeyOrKeys(uint32_t targetKeyId, uint32_t targetKeyType); - - static CHIP_ERROR FormKeyName(uint32_t keyId, char * buf, size_t bufSize); -}; - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip diff --git a/src/platform/K32W/GroupKeyStoreImpl.cpp b/src/platform/K32W/GroupKeyStoreImpl.cpp deleted file mode 100644 index 014d173d2ff91c..00000000000000 --- a/src/platform/K32W/GroupKeyStoreImpl.cpp +++ /dev/null @@ -1,384 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2020 Nest Labs, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the Chip GroupKeyStore interface - * for platforms based on the NXP SDK. - */ -/* this file behaves like a config.h, comes first */ -#include - -#include - -using namespace ::chip; -using namespace ::chip::Profiles::Security::AppKeys; - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -CHIP_ERROR GroupKeyStoreImpl::RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey PDM records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyId, &key](const Key & nvmIdKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the PDM obj binary data data into the buffer. - err2 = ReadConfigValueBin(nvmIdKey, buf, sizeof(buf), keyLen); - - // Decode the CHIP key id for the current key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If it matches the key we're looking for... - if (curKeyId == keyId) - { - // Decode the associated key data. - err2 = DecodeGroupKey(buf, keyLen, key); - SuccessOrExit(err2); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - } - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Match found. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Match not found. - break; - default: - break; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreGroupKey(const ChipGroupKey & key) -{ - CHIP_ERROR err; - - // Delete any existing group key with the same id (this may or may not exit). - DeleteGroupKey(key.KeyId); // no error checking here. - - // Iterate over all the GroupKey PDM records looking for the first - // empty PDM key where we can store the data. (Note- use arg addNewrecord=true) - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, true, - [&key](const Key & pdmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - - // Encode the key for storage in an PDM record. - err2 = EncodeGroupKey(key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Write the encoded binary data into the PDM object. - err2 = WriteConfigValueBin(pdmKey, buf, keyLen); - SuccessOrExit(err2); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Key entry was stored. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Key entry was not stored. - break; - default: - break; - } - - if (err == CHIP_NO_ERROR) - { -#if CHIP_PROGRESS_LOGGING - { - char extraKeyInfo[32]; - if (ChipKeyId::IsAppEpochKey(key.KeyId)) - { - snprintf(extraKeyInfo, sizeof(extraKeyInfo), ", start time %" PRId32, key.StartTime); - } - else if (ChipKeyId::IsAppGroupMasterKey(key.KeyId)) - { - snprintf(extraKeyInfo, sizeof(extraKeyInfo), ", global id 0x%08" PRIX32, key.GlobalId); - } - else - { - extraKeyInfo[0] = 0; - } - -#if CHIP_CONFIG_SECURITY_TEST_MODE - ChipLogProgress(SecurityManager, - "GroupKeyStore: storing key 0x%08" PRIX32 " (%s), len %" PRId8 ", data 0x%02" PRIX8 "...%s", key.KeyId, - ChipKeyId::DescribeKey(key.KeyId), key.KeyLen, key.Key[0], extraKeyInfo); -#else - ChipLogProgress(SecurityManager, "GroupKeyStore: storing key 0x%08" PRIX32 " (%s), len %" PRId8 "%s", key.KeyId, - ChipKeyId::DescribeKey(key.KeyId), key.KeyLen, extraKeyInfo); -#endif - } - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKey(uint32_t keyId) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey PDM records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyId](const Key & pdmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the PDM obj binary data data into the buffer. - err2 = ReadConfigValueBin(pdmKey, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the Chip key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If it matches the key we are looking for, delete the PDM record. - if (curKeyId == keyId) - { - err2 = ClearConfigValue(pdmKey); - ChipLogProgress(DeviceLayer, "GroupKeyStore: deleting key 0x%08" PRIX32, curKeyId); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - } - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Key entry was deleted. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Key entry was not deleted. - break; - default: - break; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKeysOfAType(uint32_t keyType) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey PDM records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyType](const Key & pdmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the PDM obj binary data data into the buffer. - err2 = ReadConfigValueBin(pdmKey, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If the current key matches the type we are looking for, delete the PDM record. - if (ChipKeyId::GetType(curKeyId) == keyType) - { - err2 = ClearConfigValue(pdmKey); - ChipLogProgress(DeviceLayer, "GroupKeyStore: deleting key 0x%08" PRIX32, curKeyId); - } - - exit: - return err2; - }); - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) -{ - CHIP_ERROR err; - - keyCount = 0; - - // Iterate over all the GroupKey records looking for keys of the specified type... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyType, keyIds, keyIdsArraySize, &keyCount](const Key & pdmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the PDM obj binary data data into the buffer. - err2 = ReadConfigValueBin(pdmKey, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If the current key matches the type we're looking for, add it to the keyIds array. - if ((keyType == ChipKeyId::kType_None) || (ChipKeyId::GetType(curKeyId) == keyType)) - { - keyIds[keyCount++] = curKeyId; - - // Stop iterating if there's no more room in the keyIds array. - VerifyOrExit(keyCount < keyIdsArraySize, err2 = CHIP_ERROR_BUFFER_TOO_SMALL); - } - - exit: - return err2; - }); - - // Simply return a truncated list if there are more matching keys than will fit in the array. - if (err == CHIP_ERROR_BUFFER_TOO_SMALL) - { - err = CHIP_NO_ERROR; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::Clear(void) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey PDM records deleting each one... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [](const Key & pdmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - - err2 = ClearConfigValue(pdmKey); - SuccessOrExit(err2); - - exit: - return err2; - }); - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::RetrieveLastUsedEpochKeyId(void) -{ - CHIP_ERROR err; - - err = ReadConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); - if (err == CHIP_DEVICE_ERROR_CONFIG_NOT_FOUND) - { - LastUsedEpochKeyId = ChipKeyId::kNone; - err = CHIP_NO_ERROR; - } - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreLastUsedEpochKeyId(void) -{ - return WriteConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); -} - -CHIP_ERROR GroupKeyStoreImpl::Init() -{ - // Nothing to do - return CHIP_NO_ERROR; -} - -CHIP_ERROR GroupKeyStoreImpl::EncodeGroupKey(const ChipGroupKey & key, uint8_t * buf, size_t bufSize, size_t & encodedKeyLen) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - uint8_t * p = buf; - - VerifyOrExit(bufSize >= kFixedEncodedKeySize + key.KeyLen, err = CHIP_ERROR_BUFFER_TOO_SMALL); - - Encoding::LittleEndian::Write32(p, key.KeyId); - Encoding::LittleEndian::Write32(p, key.StartTime); - Encoding::Write8(p, key.KeyLen); - memcpy(p, key.Key, key.KeyLen); - p += key.KeyLen; - - encodedKeyLen = p - buf; - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DecodeGroupKeyId(const uint8_t * encodedKey, size_t encodedKeyLen, uint32_t & keyId) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize, err = CHIP_ERROR_INVALID_ARGUMENT); - - keyId = Encoding::LittleEndian::Get32(encodedKey); - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DecodeGroupKey(const uint8_t * encodedKey, size_t encodedKeyLen, ChipGroupKey & key) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - const uint8_t * p = encodedKey; - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize, err = CHIP_ERROR_INVALID_ARGUMENT); - - key.KeyId = Encoding::LittleEndian::Read32(p); - key.StartTime = Encoding::LittleEndian::Read32(p); - key.KeyLen = Encoding::Read8(p); - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize + key.KeyLen, err = CHIP_ERROR_INVALID_ARGUMENT); - - memcpy(key.Key, p, key.KeyLen); - -exit: - return err; -} - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip diff --git a/src/platform/K32W/GroupKeyStoreImpl.h b/src/platform/K32W/GroupKeyStoreImpl.h deleted file mode 100644 index 3610b3cd46eae1..00000000000000 --- a/src/platform/K32W/GroupKeyStoreImpl.h +++ /dev/null @@ -1,90 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * Copyright (c) 2020 Nest Labs, Inc. - * All rights reserved. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the Chip Group Key Store interface - * for platforms based on the NXP SDK. - */ - -#include -#include -#include - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -class ChipGroupKey -{ -public: - enum - { - MaxKeySize = 36 - }; - uint32_t KeyId; /**< The key ID. */ - uint8_t KeyLen; /**< The key length. */ - uint8_t Key[MaxKeySize]; /**< The secret key material. */ - union - { - uint32_t StartTime; /**< The epoch key start time. */ - uint32_t GlobalId; /**< The application group key global ID. */ - }; -}; - -/** - * An implementation of the Chip GroupKeyStoreBase API for platforms based - * on the NXP SDK. - */ -class GroupKeyStoreImpl final : public ::chip::Profiles::Security::AppKeys::GroupKeyStoreBase, private K32WConfig -{ - using ChipGroupKey = ::chip::Profiles::Security::AppKeys::ChipGroupKey; - -public: - CHIP_ERROR Init(); - - CHIP_ERROR RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) override; - CHIP_ERROR StoreGroupKey(const ChipGroupKey & key) override; - CHIP_ERROR DeleteGroupKey(uint32_t keyId) override; - CHIP_ERROR DeleteGroupKeysOfAType(uint32_t keyType) override; - CHIP_ERROR EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) override; - CHIP_ERROR Clear(void) override; - CHIP_ERROR RetrieveLastUsedEpochKeyId(void) override; - CHIP_ERROR StoreLastUsedEpochKeyId(void) override; - -private: - static constexpr size_t kFixedEncodedKeySize = 4U + // key id - 4U + // start time / global id - 1U; // key data length - - static constexpr size_t kMaxEncodedKeySize = kFixedEncodedKeySize + ChipGroupKey::MaxKeySize; - - /* Not used - static constexpr uint16_t kGroupKeyFileId = GetFileId(kConfigKey_GroupKey); - static constexpr uint16_t kGroupKeyRecordKey = GetRecordKey(kConfigKey_GroupKey); - */ - - static CHIP_ERROR EncodeGroupKey(const ChipGroupKey & key, uint8_t * buf, size_t bufSize, size_t & encodedKeyLen); - static CHIP_ERROR DecodeGroupKey(const uint8_t * encodedKey, size_t encodedKeyLen, ChipGroupKey & key); - static CHIP_ERROR DecodeGroupKeyId(const uint8_t * encodedKey, size_t encodedKeyLen, uint32_t & keyId); -}; - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip diff --git a/src/platform/qpg/GroupKeyStoreImpl.cpp b/src/platform/qpg/GroupKeyStoreImpl.cpp deleted file mode 100644 index 79be589f96e4c8..00000000000000 --- a/src/platform/qpg/GroupKeyStoreImpl.cpp +++ /dev/null @@ -1,386 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the CHIP GroupKeyStore interface - * for Qorvo QPG platforms. - */ - -#include - -#include - -using namespace ::chip; -using namespace ::chip::Profiles::Security::AppKeys; - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -CHIP_ERROR GroupKeyStoreImpl::RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey NVM records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyId, &key](const Key & nvmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the NVM element data into the buffer. - err2 = ReadConfigValueBin(nvmKey, buf, sizeof(buf), keyLen); - - // Decode the CHIP key id for the current key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If it matches the key we're looking for... - if (curKeyId == keyId) - { - // Decode the associated key data. - err2 = DecodeGroupKey(buf, keyLen, key); - SuccessOrExit(err2); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - } - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Match found. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Match not found. - break; - default: - break; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreGroupKey(const ChipGroupKey & key) -{ - CHIP_ERROR err; - - // Delete any existing group key with the same id (this may or may not exit). - DeleteGroupKey(key.KeyId); // no error checking here. - - // Iterate over all the GroupKey nvm3 records looking for the first - // empty NVM key where we can store the data. (Note- use arg addNewrecord=true) - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, true, - [&key](const Key & nvmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - - // Encode the key for storage in an NVM record. - err2 = EncodeGroupKey(key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Write the encoded binary data into the NVM object. - err2 = WriteConfigValueBin(nvmKey, buf, keyLen); - SuccessOrExit(err2); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Key entry was stored. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Key entry was not stored. - break; - default: - break; - } - - if (err == CHIP_NO_ERROR) - { -#if CHIP_PROGRESS_LOGGING - { - char extraKeyInfo[32]; - if (ChipKeyId::IsAppEpochKey(key.KeyId)) - { - snprintf(extraKeyInfo, sizeof(extraKeyInfo), ", start time %" PRId32, key.StartTime); - } - else if (ChipKeyId::IsAppGroupMasterKey(key.KeyId)) - { - snprintf(extraKeyInfo, sizeof(extraKeyInfo), ", global id 0x%08" PRIX32, key.GlobalId); - } - else - { - extraKeyInfo[0] = 0; - } - -#if CHIP_CONFIG_SECURITY_TEST_MODE - ChipLogProgress(SecurityManager, - "GroupKeyStore: storing key 0x%08" PRIX32 " (%s), len %" PRId8 ", data 0x%02" PRIX8 "...%s", key.KeyId, - ChipKeyId::DescribeKey(key.KeyId), key.KeyLen, key.Key[0], extraKeyInfo); -#else - ChipLogProgress(SecurityManager, "GroupKeyStore: storing key 0x%08" PRIX32 " (%s), len %" PRId8 "%s", key.KeyId, - ChipKeyId::DescribeKey(key.KeyId), key.KeyLen, extraKeyInfo); -#endif - } - -#endif // CHIP_PROGRESS_LOGGING - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKey(uint32_t keyId) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey NVM records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyId](const Key & nvmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the NVM element data into the buffer. - err2 = ReadConfigValueBin(nvmKey, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If it matches the key we are looking for, delete the NVM record. - if (curKeyId == keyId) - { - err2 = ClearConfigValue(nvmKey); - ChipLogProgress(DeviceLayer, "GroupKeyStore: deleting key 0x%08" PRIX32, curKeyId); - - // End the iteration by returning a CHIP_END_OF_INPUT result. - ExitNow(err2 = CHIP_END_OF_INPUT); - } - - exit: - return err2; - }); - - // Modify error code for return. - switch (err) - { - case CHIP_END_OF_INPUT: - err = CHIP_NO_ERROR; // Key entry was deleted. - break; - case CHIP_NO_ERROR: - err = CHIP_ERROR_KEY_NOT_FOUND; // Key entry was not deleted. - break; - default: - break; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DeleteGroupKeysOfAType(uint32_t keyType) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey NVM records looking for a matching key... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyType](const Key & nvmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the NVM element data into the buffer. - err2 = ReadConfigValueBin(nvmKey, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If the current key matches the type we are looking for, delete the NVM record. - if (ChipKeyId::GetType(curKeyId) == keyType) - { - err2 = ClearConfigValue(nvmKey); - ChipLogProgress(DeviceLayer, "GroupKeyStore: deleting key 0x%08" PRIX32, curKeyId); - } - - exit: - return err2; - }); - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) -{ - CHIP_ERROR err; - - keyCount = 0; - - // Iterate over all the GroupKey records looking for keys of the specified type... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [keyType, keyIds, keyIdsArraySize, &keyCount](const Key & nvm3Key, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - size_t keyLen; - uint8_t buf[kMaxEncodedKeySize]; // (buf length == 45 bytes) - uint32_t curKeyId; - - // Read the NVM element data into the buffer. - err2 = ReadConfigValueBin(nvm3Key, buf, sizeof(buf), keyLen); - SuccessOrExit(err2); - - // Decode the CHIP key id for the current group key. - err2 = DecodeGroupKeyId(buf, keyLen, curKeyId); - SuccessOrExit(err2); - - // If the current key matches the type we're looking for, add it to the keyIds array. - if ((keyType == ChipKeyId::kType_None) || (ChipKeyId::GetType(curKeyId) == keyType)) - { - keyIds[keyCount++] = curKeyId; - - // Stop iterating if there's no more room in the keyIds array. - VerifyOrExit(keyCount < keyIdsArraySize, err2 = CHIP_ERROR_BUFFER_TOO_SMALL); - } - - exit: - return err2; - }); - - // Simply return a truncated list if there are more matching keys than will fit in the array. - if (err == CHIP_ERROR_BUFFER_TOO_SMALL) - { - err = CHIP_NO_ERROR; - } - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::Clear(void) -{ - CHIP_ERROR err; - - // Iterate over all the GroupKey NVM records deleting each one... - err = ForEachRecord(kConfigKey_GroupKeyBase, kConfigKey_GroupKeyMax, false, - [](const Key & nvmKey, const size_t & length) -> CHIP_ERROR { - CHIP_ERROR err2; - - err2 = ClearConfigValue(nvmKey); - SuccessOrExit(err2); - - exit: - return err2; - }); - - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::RetrieveLastUsedEpochKeyId(void) -{ - CHIP_ERROR err; - - err = ReadConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); - if (err == CHIP_DEVICE_ERROR_CONFIG_NOT_FOUND) - { - LastUsedEpochKeyId = ChipKeyId::kNone; - err = CHIP_NO_ERROR; - } - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::StoreLastUsedEpochKeyId(void) -{ - return WriteConfigValue(kConfigKey_LastUsedEpochKeyId, LastUsedEpochKeyId); -} - -CHIP_ERROR GroupKeyStoreImpl::Init() -{ - // Nothing to do - return CHIP_NO_ERROR; -} - -CHIP_ERROR GroupKeyStoreImpl::EncodeGroupKey(const ChipGroupKey & key, uint8_t * buf, size_t bufSize, size_t & encodedKeyLen) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - uint8_t * p = buf; - - VerifyOrExit(bufSize >= kFixedEncodedKeySize + key.KeyLen, err = CHIP_ERROR_BUFFER_TOO_SMALL); - - Encoding::LittleEndian::Write32(p, key.KeyId); - Encoding::LittleEndian::Write32(p, key.StartTime); - Encoding::Write8(p, key.KeyLen); - memcpy(p, key.Key, key.KeyLen); - p += key.KeyLen; - - encodedKeyLen = p - buf; - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DecodeGroupKeyId(const uint8_t * encodedKey, size_t encodedKeyLen, uint32_t & keyId) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize, err = CHIP_ERROR_INVALID_ARGUMENT); - - keyId = Encoding::LittleEndian::Get32(encodedKey); - -exit: - return err; -} - -CHIP_ERROR GroupKeyStoreImpl::DecodeGroupKey(const uint8_t * encodedKey, size_t encodedKeyLen, ChipGroupKey & key) -{ - CHIP_ERROR err = CHIP_NO_ERROR; - const uint8_t * p = encodedKey; - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize, err = CHIP_ERROR_INVALID_ARGUMENT); - - key.KeyId = Encoding::LittleEndian::Read32(p); - key.StartTime = Encoding::LittleEndian::Read32(p); - key.KeyLen = Encoding::Read8(p); - - VerifyOrExit(encodedKeyLen >= kFixedEncodedKeySize + key.KeyLen, err = CHIP_ERROR_INVALID_ARGUMENT); - - memcpy(key.Key, p, key.KeyLen); - -exit: - return err; -} - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip -} // namespace chip diff --git a/src/platform/qpg/GroupKeyStoreImpl.h b/src/platform/qpg/GroupKeyStoreImpl.h deleted file mode 100644 index 86ecfa01c0cdcc..00000000000000 --- a/src/platform/qpg/GroupKeyStoreImpl.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * - * Copyright (c) 2020 Project CHIP Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/** - * @file - * Provides an implementation of the chip Group Key Store interface - * for Qorvo QPG platforms. - */ - -#include -#include -#include - -namespace chip { -namespace DeviceLayer { -namespace Internal { - -class ChipGroupKey -{ -public: - enum - { - MaxKeySize = 36 - }; - uint32_t KeyId; /**< The key ID. */ - uint8_t KeyLen; /**< The key length. */ - uint8_t Key[MaxKeySize]; /**< The secret key material. */ - union - { - uint32_t StartTime; /**< The epoch key start time. */ - uint32_t GlobalId; /**< The application group key global ID. */ - }; -}; - -/** - * An implementation of the chip GroupKeyStoreBase API for this platform. - */ -class GroupKeyStoreImpl final : public ::chip::Profiles::Security::AppKeys::GroupKeyStoreBase, private QPGConfig -{ - using ChipGroupKey = ::chip::Profiles::Security::AppKeys::ChipGroupKey; - -public: - CHIP_ERROR Init(); - - CHIP_ERROR RetrieveGroupKey(uint32_t keyId, ChipGroupKey & key) override; - CHIP_ERROR StoreGroupKey(const ChipGroupKey & key) override; - CHIP_ERROR DeleteGroupKey(uint32_t keyId) override; - CHIP_ERROR DeleteGroupKeysOfAType(uint32_t keyType) override; - CHIP_ERROR EnumerateGroupKeys(uint32_t keyType, uint32_t * keyIds, uint8_t keyIdsArraySize, uint8_t & keyCount) override; - CHIP_ERROR Clear(void) override; - CHIP_ERROR RetrieveLastUsedEpochKeyId(void) override; - CHIP_ERROR StoreLastUsedEpochKeyId(void) override; - -private: - static constexpr size_t kFixedEncodedKeySize = 4U + // key id - 4U + // start time / global id - 1U; // key data length - - static constexpr size_t kMaxEncodedKeySize = kFixedEncodedKeySize + ChipGroupKey::MaxKeySize; - - static constexpr uint16_t kGroupKeyFileId = GetFileId(kConfigKey_GroupKey); - static constexpr uint16_t kGroupKeyRecordKey = GetRecordKey(kConfigKey_GroupKey); - - static CHIP_ERROR EncodeGroupKey(const ChipGroupKey & key, uint8_t * buf, size_t bufSize, size_t & encodedKeyLen); - static CHIP_ERROR DecodeGroupKey(const uint8_t * encodedKey, size_t encodedKeyLen, ChipGroupKey & key); - static CHIP_ERROR DecodeGroupKeyId(const uint8_t * encodedKey, size_t encodedKeyLen, uint32_t & keyId); -}; - -} // namespace Internal -} // namespace DeviceLayer -} // namespace chip