Fix the size limits to be per session instead of one for all sessions

src/transport/SecureMessageCodec.cpp

@@ -37,11 +37,11 @@ using System::PacketBufferHandle;
 namespace SecureMessageCodec {
 
 CHIP_ERROR Encrypt(const CryptoContext & context, CryptoContext::ConstNonceView nonce, PayloadHeader & payloadHeader,
-                   PacketHeader & packetHeader, System::PacketBufferHandle & msgBuf)
+                   PacketHeader & packetHeader, System::PacketBufferHandle & msgBuf, size_t inputMaxLength)
 {
     VerifyOrReturnError(!msgBuf.IsNull(), CHIP_ERROR_INVALID_ARGUMENT);
     VerifyOrReturnError(!msgBuf->HasChainedBuffer(), CHIP_ERROR_INVALID_MESSAGE_LENGTH);
-    VerifyOrReturnError(msgBuf->TotalLength() <= kMaxAppMessageLen, CHIP_ERROR_MESSAGE_TOO_LONG);
+    VerifyOrReturnError(msgBuf->TotalLength() <= inputMaxLength, CHIP_ERROR_MESSAGE_TOO_LONG);
 
     static_assert(std::is_same<decltype(msgBuf->TotalLength()), uint16_t>::value,
                   "Addition to generate payloadLength might overflow");

src/transport/SecureMessageCodec.h

@@ -47,10 +47,11 @@ namespace SecureMessageCodec {
  * @param msgBuf        The message buffer that contains the unencrypted message. If
  *                      the operation is successful, this buffer will be mutated to contain
  *                      the encrypted message.
+ * @param inputMaxLength Max size for input
  * @return A CHIP_ERROR value consistent with the result of the encryption operation
  */
 CHIP_ERROR Encrypt(const CryptoContext & context, CryptoContext::ConstNonceView nonce, PayloadHeader & payloadHeader,
-                   PacketHeader & packetHeader, System::PacketBufferHandle & msgBuf);
+                   PacketHeader & packetHeader, System::PacketBufferHandle & msgBuf, size_t inputMaxLength);
 
 /**
  * @brief

src/transport/SessionManager.cpp

@@ -201,7 +201,18 @@ CHIP_ERROR SessionManager::PrepareMessage(const SessionHandle & sessionHandle, P
         packetHeader.SetSessionId(keyContext->GetKeyHash());
         CryptoContext::NonceStorage nonce;
         CryptoContext::BuildNonce(nonce, packetHeader.GetSecurityFlags(), packetHeader.GetMessageCounter(), sourceNodeId);
-        CHIP_ERROR err = SecureMessageCodec::Encrypt(CryptoContext(keyContext), nonce, payloadHeader, packetHeader, message);
+        CHIP_ERROR err = CHIP_NO_ERROR;
+        SecureSession * session = sessionHandle->AsSecureSession();
+        if (session == nullptr)
+        {
+            return CHIP_ERROR_NOT_CONNECTED;
+        }
+        if (session->GetPeerAddress().GetTransportType() == Transport::Type::kTcp) {
+            // support large payloads
+            err = SecureMessageCodec::Encrypt(CryptoContext(keyContext), nonce, payloadHeader, packetHeader, message, kLargePayloadMaxSizeBytes);
+        } else {
+            err = SecureMessageCodec::Encrypt(CryptoContext(keyContext), nonce, payloadHeader, packetHeader, message, kMaxAppMessageLen);
+        }
         keyContext->Release();
         ReturnErrorOnFailure(err);
 

src/transport/raw/MessageHeader.h

@@ -42,49 +42,40 @@
 
 namespace chip {
 
-static constexpr size_t kMaxTagLen = 16;
-
 namespace detail {
 // Figure out the max size of a packet we can allocate, including all headers.
-static constexpr size_t kMaxUdpIPPacketSizeBytes       = 1280;
-static constexpr size_t kMaxTcpIPPacketSizeBytes       = 12800;
+static constexpr size_t kMaxIPPacketSizeBytes       = 1280;
 static constexpr size_t kMaxUDPAndIPHeaderSizeBytes = 48;
 
-static_assert(kMaxUdpIPPacketSizeBytes >= kMaxUDPAndIPHeaderSizeBytes + CHIP_SYSTEM_HEADER_RESERVE_SIZE,
+static_assert(kMaxIPPacketSizeBytes >= kMaxUDPAndIPHeaderSizeBytes + CHIP_SYSTEM_HEADER_RESERVE_SIZE,
               "Matter headers and IP headers must fit in an MTU.");
 
 // Max space we have for our Application Payload and MIC, per spec.
 static constexpr size_t kMaxPerSpecApplicationPayloadAndMICSizeBytes =
-    kMaxUdpIPPacketSizeBytes - kMaxUDPAndIPHeaderSizeBytes - CHIP_SYSTEM_HEADER_RESERVE_SIZE;
+    kMaxIPPacketSizeBytes - kMaxUDPAndIPHeaderSizeBytes - CHIP_SYSTEM_HEADER_RESERVE_SIZE;
 
 // Max space we have for our Application Payload and MIC in our actual packet
 // buffers.  This is the size _excluding_ the header reserve.
 static constexpr size_t kMaxPacketBufferApplicationPayloadAndMICSizeBytes = System::PacketBuffer::kMaxSize;
 
-static constexpr size_t kMaxApplicationUdpPayloadAndMICSizeBytes =
+static constexpr size_t kMaxApplicationPayloadAndMICSizeBytes =
     min(kMaxPerSpecApplicationPayloadAndMICSizeBytes, kMaxPacketBufferApplicationPayloadAndMICSizeBytes);
 
-static constexpr size_t kMaxApplicationTcpPayloadAndMICSizeBytes =
-    kMaxTcpIPPacketSizeBytes - CHIP_SYSTEM_HEADER_RESERVE_SIZE;
+} // namespace detail
 
-static_assert(detail::kMaxApplicationUdpPayloadAndMICSizeBytes > kMaxTagLen, "Need to be able to fit our tag in a message");
-static_assert(detail::kMaxApplicationTcpPayloadAndMICSizeBytes > kMaxTagLen, "Need to be able to fit our tag in a message");
+static constexpr size_t kMaxTagLen = 16;
+
+static_assert(detail::kMaxApplicationPayloadAndMICSizeBytes > kMaxTagLen, "Need to be able to fit our tag in a message");
 
 // This is somewhat of an under-estimate, because in practice any time we have a
 // tag we will not have source/destination node IDs, but above we are including
 // those in the header sizes.
-static constexpr size_t kMaxUdpAppMessageLen = kMaxApplicationUdpPayloadAndMICSizeBytes - kMaxTagLen;
-static constexpr size_t kMaxTcpAppMessageLen = kMaxApplicationTcpPayloadAndMICSizeBytes - kMaxTagLen;
-} // namespace detail
+static constexpr size_t kMaxAppMessageLen = detail::kMaxApplicationPayloadAndMICSizeBytes - kMaxTagLen;
+// large payload limit
+static constexpr size_t kLargePayloadMaxSizeBytes   = 128000;
 
 static constexpr uint16_t kMsgUnicastSessionIdUnsecured = 0x0000;
 
-#if CHIP_CONFIG_TCP_SUPPORT_SERVER || CHIP_CONFIG_TCP_SUPPORT_CLIENT
-static constexpr size_t kMaxAppMessageLen = detail::kMaxTcpAppMessageLen;
-#else
-static constexpr size_t kMaxAppMessageLen = detail::kMaxUdpAppMessageLen;
-#endif
-
 typedef int PacketHeaderFlags;
 
 namespace Header {