diff --git a/src/protocols/secure_channel/CheckinMessage.cpp b/src/protocols/secure_channel/CheckinMessage.cpp index d59052024dd4fa..f39d95f315a043 100644 --- a/src/protocols/secure_channel/CheckinMessage.cpp +++ b/src/protocols/secure_channel/CheckinMessage.cpp @@ -35,7 +35,7 @@ CHIP_ERROR CheckinMessage::GenerateCheckinMessagePayload(const Crypto::Aes128Key const CounterType & counter, const ByteSpan & appData, MutableByteSpan & output) { - VerifyOrReturnError(output.size() >= (appData.size() + sMinPayloadSize), CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(output.size() >= (appData.size() + sMinPayloadSize), CHIP_ERROR_BUFFER_TOO_SMALL); CHIP_ERROR err = CHIP_NO_ERROR; uint8_t * appDataStartPtr = output.data() + CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES; @@ -61,13 +61,13 @@ CHIP_ERROR CheckinMessage::ParseCheckinMessagePayload(const Crypto::Aes128KeyHan const Crypto::Hmac128KeyHandle & hmacKeyHandle, ByteSpan & payload, CounterType & counter, MutableByteSpan & appData) { - VerifyOrReturnError(payload.size() >= sMinPayloadSize, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(payload.size() >= sMinPayloadSize, CHIP_ERROR_BUFFER_TOO_SMALL); CHIP_ERROR err = CHIP_NO_ERROR; size_t appDataSize = GetAppDataSize(payload); // To prevent workbuffer usage, appData size needs to be large enough to hold both the appData and the counter - VerifyOrReturnError(appData.size() >= sizeof(CounterType) + appDataSize, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(appData.size() >= sizeof(CounterType) + appDataSize, CHIP_ERROR_BUFFER_TOO_SMALL); ByteSpan nonce = payload.SubSpan(0, CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES); ByteSpan encryptedData = payload.SubSpan(CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES, sizeof(CounterType) + appDataSize); @@ -89,7 +89,7 @@ CHIP_ERROR CheckinMessage::ParseCheckinMessagePayload(const Crypto::Aes128KeyHan CHIP_ERROR CheckinMessage::GenerateCheckInMessageNonce(const Crypto::Hmac128KeyHandle & hmacKeyHandle, CounterType counter, MutableByteSpan & output) { - VerifyOrReturnError(output.size() >= CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES, CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrReturnError(output.size() >= CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES, CHIP_ERROR_BUFFER_TOO_SMALL); uint8_t nonceWorkBuffer[CHIP_CRYPTO_HASH_LEN_BYTES] = { 0 }; diff --git a/src/protocols/secure_channel/CheckinMessage.h b/src/protocols/secure_channel/CheckinMessage.h index f1522e12eadb85..cd34deee106b74 100644 --- a/src/protocols/secure_channel/CheckinMessage.h +++ b/src/protocols/secure_channel/CheckinMessage.h @@ -53,8 +53,10 @@ class DLL_EXPORT CheckinMessage * @param[in] counter Check-in counter * @param[in] appData Application Data to incorporate within the Check-in message. Allowed to be empty. * @param[out] output Buffer in Which to store the generated payload. SUFFICIENT SPACE MUST BE ALLOCATED by the - * caller Required Buffer Size is : GetCheckinPayloadSize(appData.size()) - * @return CHIP_ERROR + * caller Required Buffer Size is : GetCheckinPayloadSize(appData.size()) + * + * @return CHIP_ERROR_BUFFER_TOO_SMALL if output buffer is too small + * CHIP_ERROR_INVALID_ARGUMENTS if the provide arguments cannot be used to generate the Check-In message */ static CHIP_ERROR GenerateCheckinMessagePayload(const Crypto::Aes128KeyHandle & aes128KeyHandle, const Crypto::Hmac128KeyHandle & hmacKeyHandle, const CounterType & counter, @@ -73,7 +75,9 @@ class DLL_EXPORT CheckinMessage * @param[in,out] appData The optional application data decrypted. The size of appData must be at least the size of * GetAppDataSize(payload) + sizeof(CounterType). * appData is used as a work buffer for the decryption process - * @return CHIP_ERROR + * + * @return CHIP_ERROR_BUFFER_TOO_SMALL if appData buffer is too small + * CHIP_ERROR_INVALID_ARGUMENTS if the provide arguments cannot be used to parse the Check-In message */ static CHIP_ERROR ParseCheckinMessagePayload(const Crypto::Aes128KeyHandle & aes128KeyHandle, const Crypto::Hmac128KeyHandle & hmacKeyHandle, ByteSpan & payload, @@ -101,7 +105,9 @@ class DLL_EXPORT CheckinMessage * @param[out] output output buffer for the generated Nonce. * SUFFICIENT SPACE MUST BE ALLOCATED by the caller * Size must be at least CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES - * @return CHIP_ERROR + * + * @return CHIP_ERROR_BUFFER_TOO_SMALL if output buffer is too small + * CHIP_ERROR_INVALID_ARGUMENTS if the provide arguments cannot be used to generate the Check-In message Nonce */ static CHIP_ERROR GenerateCheckInMessageNonce(const Crypto::Hmac128KeyHandle & hmacKeyHandle, CounterType counter, MutableByteSpan & output);