Skip to content

Commit

Permalink
[Crypto] Rename aes key byte array to symmetric key byte array (#30802)
Browse files Browse the repository at this point in the history
* Rename aes key byte array to symmetric key byte array

* Restyled by clang-format

---------

Co-authored-by: Restyled.io <[email protected]>
  • Loading branch information
2 people authored and pull[bot] committed Jan 30, 2024
1 parent b95c8fa commit 1008516
Show file tree
Hide file tree
Showing 24 changed files with 92 additions and 74 deletions.
4 changes: 2 additions & 2 deletions src/app/icd/ICDCheckInSender.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -89,8 +89,8 @@ CHIP_ERROR ICDCheckInSender::RequestResolve(ICDMonitoringEntry & entry, FabricTa

AddressResolve::NodeLookupRequest request(peerId);

memcpy(mKey.AsMutable<Crypto::Aes128KeyByteArray>(), entry.key.As<Crypto::Aes128KeyByteArray>(),
sizeof(Crypto::Aes128KeyByteArray));
memcpy(mKey.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), entry.key.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));

CHIP_ERROR err = AddressResolve::Resolver::Instance().LookupNode(request, mAddressLookupHandle);

Expand Down
21 changes: 11 additions & 10 deletions src/app/icd/ICDMonitoringTable.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ CHIP_ERROR ICDMonitoringEntry::Serialize(TLV::TLVWriter & writer) const
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kCheckInNodeID), checkInNodeID));
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kMonitoredSubject), monitoredSubject));

ByteSpan buf(key.As<Crypto::Aes128KeyByteArray>());
ByteSpan buf(key.As<Crypto::Symmetric128BitsKeyByteArray>());
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kKey), buf));
ReturnErrorOnFailure(writer.EndContainer(outer));
return CHIP_NO_ERROR;
Expand Down Expand Up @@ -70,13 +70,14 @@ CHIP_ERROR ICDMonitoringEntry::Deserialize(TLV::TLVReader & reader)
ReturnErrorOnFailure(reader.Get(monitoredSubject));
break;
case to_underlying(Fields::kKey): {
ByteSpan buf(key.AsMutable<Crypto::Aes128KeyByteArray>());
ByteSpan buf(key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>());
ReturnErrorOnFailure(reader.Get(buf));
// Since we are storing either the raw key or a key ID, we must
// simply copy the data as is in the keyHandle.
// Calling SetKey here would create another key in storage and will cause
// key leakage in some implementation.
memcpy(key.AsMutable<Crypto::Aes128KeyByteArray>(), buf.data(), sizeof(Crypto::Aes128KeyByteArray));
memcpy(key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), buf.data(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
keyHandleValid = true;
}
break;
Expand All @@ -100,12 +101,12 @@ void ICDMonitoringEntry::Clear()

CHIP_ERROR ICDMonitoringEntry::SetKey(ByteSpan keyData)
{
VerifyOrReturnError(keyData.size() == sizeof(Crypto::Aes128KeyByteArray), CHIP_ERROR_INVALID_ARGUMENT);
VerifyOrReturnError(keyData.size() == sizeof(Crypto::Symmetric128BitsKeyByteArray), CHIP_ERROR_INVALID_ARGUMENT);
VerifyOrReturnError(symmetricKeystore != nullptr, CHIP_ERROR_INTERNAL);
VerifyOrReturnError(!keyHandleValid, CHIP_ERROR_INTERNAL);

Crypto::Aes128KeyByteArray keyMaterial;
memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Aes128KeyByteArray));
Crypto::Symmetric128BitsKeyByteArray keyMaterial;
memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

ReturnErrorOnFailure(symmetricKeystore->CreateKey(keyMaterial, key));
keyHandleValid = true;
Expand Down Expand Up @@ -174,8 +175,8 @@ ICDMonitoringEntry & ICDMonitoringEntry::operator=(const ICDMonitoringEntry & ic
index = icdMonitoringEntry.index;
keyHandleValid = icdMonitoringEntry.keyHandleValid;
symmetricKeystore = icdMonitoringEntry.symmetricKeystore;
memcpy(key.AsMutable<Crypto::Aes128KeyByteArray>(), icdMonitoringEntry.key.As<Crypto::Aes128KeyByteArray>(),
sizeof(Crypto::Aes128KeyByteArray));
memcpy(key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), icdMonitoringEntry.key.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));

return *this;
}
Expand Down Expand Up @@ -214,8 +215,8 @@ CHIP_ERROR ICDMonitoringTable::Set(uint16_t index, const ICDMonitoringEntry & en
e.checkInNodeID = entry.checkInNodeID;
e.monitoredSubject = entry.monitoredSubject;
e.index = index;
memcpy(e.key.AsMutable<Crypto::Aes128KeyByteArray>(), entry.key.As<Crypto::Aes128KeyByteArray>(),
sizeof(Crypto::Aes128KeyByteArray));
memcpy(e.key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), entry.key.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));

return e.Save(this->mStorage);
}
Expand Down
13 changes: 7 additions & 6 deletions src/app/icd/client/DefaultICDClientStorage.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -262,8 +262,9 @@ CHIP_ERROR DefaultICDClientStorage::Load(FabricIndex fabricIndex, std::vector<IC
ReturnErrorOnFailure(reader.Next(TLV::ContextTag(ClientInfoTag::kSharedKey)));
ByteSpan buf;
ReturnErrorOnFailure(reader.Get(buf));
VerifyOrReturnError(buf.size() == sizeof(Crypto::Aes128KeyByteArray), CHIP_ERROR_INTERNAL);
memcpy(clientInfo.shared_key.AsMutable<Crypto::Aes128KeyByteArray>(), buf.data(), sizeof(Crypto::Aes128KeyByteArray));
VerifyOrReturnError(buf.size() == sizeof(Crypto::Symmetric128BitsKeyByteArray), CHIP_ERROR_INTERNAL);
memcpy(clientInfo.shared_key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), buf.data(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
ReturnErrorOnFailure(reader.ExitContainer(ICDClientInfoType));
clientInfoVector.push_back(clientInfo);
}
Expand All @@ -279,10 +280,10 @@ CHIP_ERROR DefaultICDClientStorage::Load(FabricIndex fabricIndex, std::vector<IC

CHIP_ERROR DefaultICDClientStorage::SetKey(ICDClientInfo & clientInfo, const ByteSpan keyData)
{
VerifyOrReturnError(keyData.size() == sizeof(Crypto::Aes128KeyByteArray), CHIP_ERROR_INVALID_ARGUMENT);
VerifyOrReturnError(keyData.size() == sizeof(Crypto::Symmetric128BitsKeyByteArray), CHIP_ERROR_INVALID_ARGUMENT);

Crypto::Aes128KeyByteArray keyMaterial;
memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Aes128KeyByteArray));
Crypto::Symmetric128BitsKeyByteArray keyMaterial;
memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

return mpKeyStore->CreateKey(keyMaterial, clientInfo.shared_key);
}
Expand All @@ -300,7 +301,7 @@ CHIP_ERROR DefaultICDClientStorage::SerializeToTlv(TLV::TLVWriter & writer, cons
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(ClientInfoTag::kStartICDCounter), clientInfo.start_icd_counter));
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(ClientInfoTag::kOffset), clientInfo.offset));
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(ClientInfoTag::kMonitoredSubject), clientInfo.monitored_subject));
ByteSpan buf(clientInfo.shared_key.As<Crypto::Aes128KeyByteArray>());
ByteSpan buf(clientInfo.shared_key.As<Crypto::Symmetric128BitsKeyByteArray>());
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(ClientInfoTag::kSharedKey), buf));
ReturnErrorOnFailure(writer.EndContainer(ICDClientInfoContainerType));
}
Expand Down
2 changes: 1 addition & 1 deletion src/app/icd/client/DefaultICDClientStorage.h
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ class DefaultICDClientStorage : public ICDClientStorage
{
// All the fields added together
return TLV::EstimateStructOverhead(sizeof(NodeId), sizeof(FabricIndex), sizeof(uint32_t), sizeof(uint32_t),
sizeof(uint64_t), sizeof(Crypto::Aes128KeyByteArray));
sizeof(uint64_t), sizeof(Crypto::Symmetric128BitsKeyByteArray));
}

static constexpr size_t MaxICDCounterSize()
Expand Down
5 changes: 3 additions & 2 deletions src/app/icd/client/ICDClientInfo.h
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,9 @@ struct ICDClientInfo
start_icd_counter = other.start_icd_counter;
offset = other.offset;
monitored_subject = other.monitored_subject;
ByteSpan buf(other.shared_key.As<Crypto::Aes128KeyByteArray>());
memcpy(shared_key.AsMutable<Crypto::Aes128KeyByteArray>(), buf.data(), sizeof(Crypto::Aes128KeyByteArray));
ByteSpan buf(other.shared_key.As<Crypto::Symmetric128BitsKeyByteArray>());
memcpy(shared_key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), buf.data(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
return *this;
}
};
Expand Down
8 changes: 4 additions & 4 deletions src/credentials/GroupDataProviderImpl.h
Original file line number Diff line number Diff line change
Expand Up @@ -156,16 +156,16 @@ class GroupDataProviderImpl : public GroupDataProvider
public:
GroupKeyContext(GroupDataProviderImpl & provider) : mProvider(provider) {}

GroupKeyContext(GroupDataProviderImpl & provider, const Crypto::Aes128KeyByteArray & encryptionKey, uint16_t hash,
const Crypto::Aes128KeyByteArray & privacyKey) :
GroupKeyContext(GroupDataProviderImpl & provider, const Crypto::Symmetric128BitsKeyByteArray & encryptionKey, uint16_t hash,
const Crypto::Symmetric128BitsKeyByteArray & privacyKey) :
mProvider(provider)

{
Initialize(encryptionKey, hash, privacyKey);
}

void Initialize(const Crypto::Aes128KeyByteArray & encryptionKey, uint16_t hash,
const Crypto::Aes128KeyByteArray & privacyKey)
void Initialize(const Crypto::Symmetric128BitsKeyByteArray & encryptionKey, uint16_t hash,
const Crypto::Symmetric128BitsKeyByteArray & privacyKey)
{
ReleaseKeys();
mKeyHash = hash;
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/CHIPCryptoPAL.h
Original file line number Diff line number Diff line change
Expand Up @@ -562,7 +562,7 @@ class P256Keypair : public P256KeypairBase
bool mInitialized = false;
};

using Aes128KeyByteArray = uint8_t[CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BYTES];
using Symmetric128BitsKeyByteArray = uint8_t[CHIP_CRYPTO_SYMMETRIC_KEY_LENGTH_BYTES];

/**
* @brief Platform-specific AES key
Expand Down
12 changes: 6 additions & 6 deletions src/crypto/CHIPCryptoPALOpenSSL.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c
#if CHIP_CRYPTO_BORINGSSL
aead = EVP_aead_aes_128_ccm_matter();

context = EVP_AEAD_CTX_new(aead, key.As<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray), tag_length);
context = EVP_AEAD_CTX_new(aead, key.As<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray), tag_length);
VerifyOrExit(context != nullptr, error = CHIP_ERROR_NO_MEMORY);

result = EVP_AEAD_CTX_seal_scatter(context, ciphertext, tag, &written_tag_len, tag_length, nonce, nonce_length, plaintext,
Expand All @@ -231,8 +231,8 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c
VerifyOrExit(result == 1, error = CHIP_ERROR_INTERNAL);

// Pass in key + nonce
static_assert(kAES_CCM128_Key_Length == sizeof(Aes128KeyByteArray), "Unexpected key length");
result = EVP_EncryptInit_ex(context, nullptr, nullptr, key.As<Aes128KeyByteArray>(), Uint8::to_const_uchar(nonce));
static_assert(kAES_CCM128_Key_Length == sizeof(Symmetric128BitsKeyByteArray), "Unexpected key length");
result = EVP_EncryptInit_ex(context, nullptr, nullptr, key.As<Symmetric128BitsKeyByteArray>(), Uint8::to_const_uchar(nonce));
VerifyOrExit(result == 1, error = CHIP_ERROR_INTERNAL);

// Pass in plain text length
Expand Down Expand Up @@ -336,7 +336,7 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length,
#if CHIP_CRYPTO_BORINGSSL
aead = EVP_aead_aes_128_ccm_matter();

context = EVP_AEAD_CTX_new(aead, key.As<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray), tag_length);
context = EVP_AEAD_CTX_new(aead, key.As<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray), tag_length);
VerifyOrExit(context != nullptr, error = CHIP_ERROR_NO_MEMORY);

result = EVP_AEAD_CTX_open_gather(context, plaintext, nonce, nonce_length, ciphertext, ciphertext_length, tag, tag_length, aad,
Expand Down Expand Up @@ -366,8 +366,8 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_length,
VerifyOrExit(result == 1, error = CHIP_ERROR_INTERNAL);

// Pass in key + nonce
static_assert(kAES_CCM128_Key_Length == sizeof(Aes128KeyByteArray), "Unexpected key length");
result = EVP_DecryptInit_ex(context, nullptr, nullptr, key.As<Aes128KeyByteArray>(), Uint8::to_const_uchar(nonce));
static_assert(kAES_CCM128_Key_Length == sizeof(Symmetric128BitsKeyByteArray), "Unexpected key length");
result = EVP_DecryptInit_ex(context, nullptr, nullptr, key.As<Symmetric128BitsKeyByteArray>(), Uint8::to_const_uchar(nonce));
VerifyOrExit(result == 1, error = CHIP_ERROR_INTERNAL);

// Pass in cipher text length
Expand Down
6 changes: 4 additions & 2 deletions src/crypto/CHIPCryptoPALmbedTLS.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,8 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c
}

// Size of key is expressed in bits, hence the multiplication by 8.
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray) * 8);
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(),
sizeof(Symmetric128BitsKeyByteArray) * 8);
VerifyOrExit(result == 0, error = CHIP_ERROR_INTERNAL);

// Encrypt
Expand Down Expand Up @@ -133,7 +134,8 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, co
}

// Size of key is expressed in bits, hence the multiplication by 8.
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray) * 8);
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(),
sizeof(Symmetric128BitsKeyByteArray) * 8);
VerifyOrExit(result == 0, error = CHIP_ERROR_INTERNAL);

// Decrypt
Expand Down
5 changes: 3 additions & 2 deletions src/crypto/PSASessionKeystore.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,14 @@ class AesKeyAttributes

} // namespace

CHIP_ERROR PSASessionKeystore::CreateKey(const Aes128KeyByteArray & keyMaterial, Aes128KeyHandle & key)
CHIP_ERROR PSASessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key)
{
// Destroy the old key if already allocated
psa_destroy_key(key.As<psa_key_id_t>());

AesKeyAttributes attrs;
psa_status_t status = psa_import_key(&attrs.Get(), keyMaterial, sizeof(Aes128KeyByteArray), &key.AsMutable<psa_key_id_t>());
psa_status_t status =
psa_import_key(&attrs.Get(), keyMaterial, sizeof(Symmetric128BitsKeyByteArray), &key.AsMutable<psa_key_id_t>());
VerifyOrReturnError(status == PSA_SUCCESS, CHIP_ERROR_INTERNAL);

return CHIP_NO_ERROR;
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/PSASessionKeystore.h
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ namespace Crypto {
class PSASessionKeystore : public SessionKeystore
{
public:
CHIP_ERROR CreateKey(const Aes128KeyByteArray & keyMaterial, Aes128KeyHandle & key) override;
CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) override;
CHIP_ERROR DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info,
Aes128KeyHandle & key) override;
CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, Aes128KeyHandle & i2rKey,
Expand Down
14 changes: 7 additions & 7 deletions src/crypto/RawKeySessionKeystore.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@ namespace Crypto {

using HKDF_sha_crypto = HKDF_sha;

CHIP_ERROR RawKeySessionKeystore::CreateKey(const Aes128KeyByteArray & keyMaterial, Aes128KeyHandle & key)
CHIP_ERROR RawKeySessionKeystore::CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key)
{
memcpy(key.AsMutable<Aes128KeyByteArray>(), keyMaterial, sizeof(Aes128KeyByteArray));
memcpy(key.AsMutable<Symmetric128BitsKeyByteArray>(), keyMaterial, sizeof(Symmetric128BitsKeyByteArray));
return CHIP_NO_ERROR;
}

Expand All @@ -36,30 +36,30 @@ CHIP_ERROR RawKeySessionKeystore::DeriveKey(const P256ECDHDerivedSecret & secret
HKDF_sha_crypto hkdf;

return hkdf.HKDF_SHA256(secret.ConstBytes(), secret.Length(), salt.data(), salt.size(), info.data(), info.size(),
key.AsMutable<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray));
key.AsMutable<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray));
}

CHIP_ERROR RawKeySessionKeystore::DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info,
Aes128KeyHandle & i2rKey, Aes128KeyHandle & r2iKey,
AttestationChallenge & attestationChallenge)
{
HKDF_sha_crypto hkdf;
uint8_t keyMaterial[2 * sizeof(Aes128KeyByteArray) + AttestationChallenge::Capacity()];
uint8_t keyMaterial[2 * sizeof(Symmetric128BitsKeyByteArray) + AttestationChallenge::Capacity()];

ReturnErrorOnFailure(hkdf.HKDF_SHA256(secret.data(), secret.size(), salt.data(), salt.size(), info.data(), info.size(),
keyMaterial, sizeof(keyMaterial)));

Encoding::LittleEndian::Reader reader(keyMaterial, sizeof(keyMaterial));

return reader.ReadBytes(i2rKey.AsMutable<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray))
.ReadBytes(r2iKey.AsMutable<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray))
return reader.ReadBytes(i2rKey.AsMutable<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray))
.ReadBytes(r2iKey.AsMutable<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray))
.ReadBytes(attestationChallenge.Bytes(), AttestationChallenge::Capacity())
.StatusCode();
}

void RawKeySessionKeystore::DestroyKey(Aes128KeyHandle & key)
{
ClearSecretData(key.AsMutable<Aes128KeyByteArray>());
ClearSecretData(key.AsMutable<Symmetric128BitsKeyByteArray>());
}

} // namespace Crypto
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/RawKeySessionKeystore.h
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ namespace Crypto {
class RawKeySessionKeystore : public SessionKeystore
{
public:
CHIP_ERROR CreateKey(const Aes128KeyByteArray & keyMaterial, Aes128KeyHandle & key) override;
CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) override;
CHIP_ERROR DeriveKey(const P256ECDHDerivedSecret & secret, const ByteSpan & salt, const ByteSpan & info,
Aes128KeyHandle & key) override;
CHIP_ERROR DeriveSessionKeys(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info, Aes128KeyHandle & i2rKey,
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/SessionKeystore.h
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ class SessionKeystore
* If the method returns no error, the application is responsible for destroying the handle
* using DestroyKey() method when the key is no longer needed.
*/
virtual CHIP_ERROR CreateKey(const Aes128KeyByteArray & keyMaterial, Aes128KeyHandle & key) = 0;
virtual CHIP_ERROR CreateKey(const Symmetric128BitsKeyByteArray & keyMaterial, Aes128KeyHandle & key) = 0;

/**
* @brief Derive key from a shared secret.
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/tests/CHIPCryptoPALTest.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ struct TestAesKey
public:
TestAesKey(nlTestSuite * inSuite, const uint8_t * keyBytes, size_t keyLength)
{
Crypto::Aes128KeyByteArray keyMaterial;
Crypto::Symmetric128BitsKeyByteArray keyMaterial;
memcpy(&keyMaterial, keyBytes, keyLength);

CHIP_ERROR err = keystore.CreateKey(keyMaterial, key);
Expand Down
2 changes: 1 addition & 1 deletion src/crypto/tests/TestSessionKeystore.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ void TestBasicImport(nlTestSuite * inSuite, void * inContext)
{
const ccm_128_test_vector & test = *testPtr;

Aes128KeyByteArray keyMaterial;
Symmetric128BitsKeyByteArray keyMaterial;
memcpy(keyMaterial, test.key, test.key_len);

Aes128KeyHandle keyHandle;
Expand Down
6 changes: 4 additions & 2 deletions src/platform/nxp/common/crypto/CHIPCryptoPALTinyCrypt.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,8 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c
}

// Size of key is expressed in bits, hence the multiplication by 8.
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray) * 8);
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(),
sizeof(Symmetric128BitsKeyByteArray) * 8);
VerifyOrExit(result == 0, error = CHIP_ERROR_INTERNAL);

// Encrypt
Expand Down Expand Up @@ -182,7 +183,8 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, co
}

// Size of key is expressed in bits, hence the multiplication by 8.
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Aes128KeyByteArray>(), sizeof(Aes128KeyByteArray) * 8);
result = mbedtls_ccm_setkey(&context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(),
sizeof(Symmetric128BitsKeyByteArray) * 8);
VerifyOrExit(result == 0, error = CHIP_ERROR_INTERNAL);

// Decrypt
Expand Down
Loading

0 comments on commit 1008516

Please sign in to comment.