diff --git a/examples/contact-sensor-app/nxp/k32w/k32w0/main/AppTask.cpp b/examples/contact-sensor-app/nxp/k32w/k32w0/main/AppTask.cpp index 81694523876d7e..d7d9763e491a62 100644 --- a/examples/contact-sensor-app/nxp/k32w/k32w0/main/AppTask.cpp +++ b/examples/contact-sensor-app/nxp/k32w/k32w0/main/AppTask.cpp @@ -979,3 +979,8 @@ extern "C" void OTAIdleActivities(void) OTA_TransactionResume(); #endif } + +extern "C" bool AppHaveBLEConnections(void) +{ + return sHaveBLEConnections; +} diff --git a/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter b/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter index b3c6233dc7a8e9..6f70ea9611ba62 100644 --- a/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter +++ b/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter @@ -1453,7 +1453,7 @@ endpoint 0 { callback attribute eventList; callback attribute attributeList; ram attribute featureMap default = 0; - ram attribute clusterRevision default = 2; + ram attribute clusterRevision default = 3; } server cluster OtaSoftwareUpdateRequestor { diff --git a/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.zap b/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.zap index 68b94ef250a67a..c5e51959f5b242 100644 --- a/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.zap +++ b/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.zap @@ -200,7 +200,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -264,7 +264,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -280,7 +280,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -296,7 +296,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -690,7 +690,7 @@ "storageOption": "RAM", "singleton": 1, "bounded": 0, - "defaultValue": "2", + "defaultValue": "3", "reportable": 1, "minInterval": 0, "maxInterval": 65344, @@ -2945,7 +2945,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -2961,7 +2961,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -2977,7 +2977,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -2993,7 +2993,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, diff --git a/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter b/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter index fd15a473ac447b..4c7c342dbc029c 100644 --- a/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter +++ b/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter @@ -1453,7 +1453,7 @@ endpoint 0 { callback attribute eventList; callback attribute attributeList; ram attribute featureMap default = 0; - ram attribute clusterRevision default = 2; + ram attribute clusterRevision default = 3; } server cluster OtaSoftwareUpdateRequestor { @@ -1692,7 +1692,7 @@ endpoint 0 { callback attribute eventList; callback attribute attributeList; ram attribute featureMap default = 0x0000; - ram attribute clusterRevision default = 1; + ram attribute clusterRevision default = 2; } } endpoint 1 { diff --git a/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.zap b/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.zap index a433e8e7bd9c9a..ce8cc0c551ca67 100644 --- a/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.zap +++ b/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.zap @@ -200,7 +200,7 @@ "storageOption": "External", "singleton": 0, "bounded": 0, - "defaultValue": "", + "defaultValue": null, "reportable": 1, "minInterval": 1, "maxInterval": 65534, @@ -690,7 +690,7 @@ "storageOption": "RAM", "singleton": 1, "bounded": 0, - "defaultValue": "2", + "defaultValue": "3", "reportable": 1, "minInterval": 0, "maxInterval": 65344, @@ -3679,7 +3679,7 @@ "storageOption": "RAM", "singleton": 0, "bounded": 0, - "defaultValue": "1", + "defaultValue": "2", "reportable": 1, "minInterval": 1, "maxInterval": 65534, diff --git a/examples/lighting-app/nxp/k32w/k32w0/main/AppTask.cpp b/examples/lighting-app/nxp/k32w/k32w0/main/AppTask.cpp index 7b9ecccdec3068..22535a1c974c92 100644 --- a/examples/lighting-app/nxp/k32w/k32w0/main/AppTask.cpp +++ b/examples/lighting-app/nxp/k32w/k32w0/main/AppTask.cpp @@ -987,3 +987,8 @@ extern "C" void OTAIdleActivities(void) OTA_TransactionResume(); #endif } + +extern "C" bool AppHaveBLEConnections(void) +{ + return sHaveBLEConnections; +} diff --git a/examples/platform/nxp/k32w/k32w0/app/support/FreeRtosHooks.c b/examples/platform/nxp/k32w/k32w0/app/support/FreeRtosHooks.c index 4d9b19781f1c92..59cae3f6d14cf9 100644 --- a/examples/platform/nxp/k32w/k32w0/app/support/FreeRtosHooks.c +++ b/examples/platform/nxp/k32w/k32w0/app/support/FreeRtosHooks.c @@ -252,10 +252,17 @@ static void BOARD_ActionOnIdle(void) } extern void OTAIdleActivities(void); +extern bool AppHaveBLEConnections(void); void vApplicationIdleHook(void) { - FS_vIdleTask(PDM_MAX_WRITES_INFINITE); +#if PDM_SAVE_IDLE + /* While in BLE connection during commissioning, PDM saves should be paused */ + if (!AppHaveBLEConnections()) + { + FS_vIdleTask(PDM_MAX_WRITES_INFINITE); + } +#endif OTAIdleActivities(); diff --git a/src/platform/nxp/k32w/common/OTAImageProcessorImpl.cpp b/src/platform/nxp/k32w/common/OTAImageProcessorImpl.cpp index c927ce65675035..1e00ddc293c0f0 100644 --- a/src/platform/nxp/k32w/common/OTAImageProcessorImpl.cpp +++ b/src/platform/nxp/k32w/common/OTAImageProcessorImpl.cpp @@ -407,7 +407,6 @@ CHIP_ERROR OTAImageProcessorImpl::ReleaseBlock() void OTAImageProcessorImpl::FetchNextData(uint32_t context) { - CHIP_ERROR error = CHIP_NO_ERROR; auto * imageProcessor = &OTAImageProcessorImpl::GetDefaultInstance(); SystemLayer().ScheduleLambda([imageProcessor] { if (imageProcessor->mDownloader) diff --git a/src/platform/nxp/k32w/k32w0/ConfigurationManagerImpl.cpp b/src/platform/nxp/k32w/k32w0/ConfigurationManagerImpl.cpp index d7e9088f322143..b8477051faeade 100644 --- a/src/platform/nxp/k32w/k32w0/ConfigurationManagerImpl.cpp +++ b/src/platform/nxp/k32w/k32w0/ConfigurationManagerImpl.cpp @@ -276,8 +276,6 @@ CHIP_ERROR ConfigurationManagerImpl::DetermineBootReason(uint8_t rebootCause) void ConfigurationManagerImpl::DoFactoryReset(intptr_t arg) { - CHIP_ERROR err; - ChipLogProgress(DeviceLayer, "Performing factory reset"); K32WConfig::FactoryResetConfig(); diff --git a/src/platform/nxp/k32w/k32w0/FactoryDataProviderImpl.cpp b/src/platform/nxp/k32w/k32w0/FactoryDataProviderImpl.cpp index c595bf9cf31033..dc6acd3b619272 100644 --- a/src/platform/nxp/k32w/k32w0/FactoryDataProviderImpl.cpp +++ b/src/platform/nxp/k32w/k32w0/FactoryDataProviderImpl.cpp @@ -55,31 +55,40 @@ CHIP_ERROR FactoryDataProviderImpl::Init() CHIP_ERROR FactoryDataProviderImpl::SignWithDacKey(const ByteSpan & messageToSign, MutableByteSpan & outSignBuffer) { + CHIP_ERROR error = CHIP_NO_ERROR; Crypto::P256ECDSASignature signature; Crypto::P256Keypair keypair; Crypto::P256SerializedKeypair serializedKeypair; - - VerifyOrReturnError(!outSignBuffer.empty(), CHIP_ERROR_INVALID_ARGUMENT); - VerifyOrReturnError(!messageToSign.empty(), CHIP_ERROR_INVALID_ARGUMENT); - VerifyOrReturnError(outSignBuffer.size() >= signature.Capacity(), CHIP_ERROR_BUFFER_TOO_SMALL); - - /* Get private key of DAC certificate from reserved section */ uint8_t keyBuf[Crypto::kP256_PrivateKey_Length]; MutableByteSpan dacPrivateKeySpan(keyBuf); uint16_t keySize = 0; - ReturnErrorOnFailure(SearchForId(FactoryDataId::kDacPrivateKeyId, dacPrivateKeySpan.data(), dacPrivateKeySpan.size(), keySize)); + + VerifyOrExit(!outSignBuffer.empty(), error = CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrExit(!messageToSign.empty(), error = CHIP_ERROR_INVALID_ARGUMENT); + VerifyOrExit(outSignBuffer.size() >= signature.Capacity(), error = CHIP_ERROR_BUFFER_TOO_SMALL); + + /* Get private key of DAC certificate from reserved section */ + error = SearchForId(FactoryDataId::kDacPrivateKeyId, dacPrivateKeySpan.data(), dacPrivateKeySpan.size(), keySize); + SuccessOrExit(error); dacPrivateKeySpan.reduce_size(keySize); /* Only the private key is used when signing */ - ReturnErrorOnFailure(serializedKeypair.SetLength(Crypto::kP256_PublicKey_Length + dacPrivateKeySpan.size())); + error = serializedKeypair.SetLength(Crypto::kP256_PublicKey_Length + dacPrivateKeySpan.size()); + SuccessOrExit(error); memcpy(serializedKeypair.Bytes() + Crypto::kP256_PublicKey_Length, dacPrivateKeySpan.data(), dacPrivateKeySpan.size()); - ReturnErrorOnFailure(keypair.Deserialize(serializedKeypair)); - ReturnErrorOnFailure(keypair.ECDSA_sign_msg(messageToSign.data(), messageToSign.size(), signature)); + error = keypair.Deserialize(serializedKeypair); + SuccessOrExit(error); - // TODO: sanitize temporary buffers used to store the private key, so it doesn't leak on the stack? + error = keypair.ECDSA_sign_msg(messageToSign.data(), messageToSign.size(), signature); + SuccessOrExit(error); - return CopySpanToMutableSpan(ByteSpan{ signature.ConstBytes(), signature.Length() }, outSignBuffer); + error = CopySpanToMutableSpan(ByteSpan{ signature.ConstBytes(), signature.Length() }, outSignBuffer); + +exit: + /* Sanitize temporary buffer */ + memset(keyBuf, 0, Crypto::kP256_PrivateKey_Length); + return error; } #if CONFIG_CHIP_K32W0_OTA_FACTORY_DATA_PROCESSOR diff --git a/src/platform/nxp/k32w/k32w0/K32W0Config.cpp b/src/platform/nxp/k32w/k32w0/K32W0Config.cpp index a346d18d69c90c..850a1b7398ef06 100644 --- a/src/platform/nxp/k32w/k32w0/K32W0Config.cpp +++ b/src/platform/nxp/k32w/k32w0/K32W0Config.cpp @@ -36,9 +36,9 @@ namespace chip { namespace DeviceLayer { namespace Internal { -RamStorage K32WConfig::sFactoryStorage{ kNvmId_Factory }; -RamStorage K32WConfig::sConfigStorage{ kNvmId_Config }; -RamStorage K32WConfig::sCounterStorage{ kNvmId_Counter }; +RamStorage K32WConfig::sFactoryStorage{ kNvmId_Factory, "Factory" }; +RamStorage K32WConfig::sConfigStorage{ kNvmId_Config, "Config" }; +RamStorage K32WConfig::sCounterStorage{ kNvmId_Counter, "Counter" }; const K32WConfig::Key K32WConfig::kConfigKey_SerialNum{ &K32WConfig::sFactoryStorage, kKeyId_Factory, 0x00 }; const K32WConfig::Key K32WConfig::kConfigKey_MfrDeviceId{ &K32WConfig::sFactoryStorage, kKeyId_Factory, 0x01 }; diff --git a/src/platform/nxp/k32w/k32w0/KeyValueStoreManagerImpl.cpp b/src/platform/nxp/k32w/k32w0/KeyValueStoreManagerImpl.cpp index 4d378cb01cbe1f..8dbf3e5bd71903 100644 --- a/src/platform/nxp/k32w/k32w0/KeyValueStoreManagerImpl.cpp +++ b/src/platform/nxp/k32w/k32w0/KeyValueStoreManagerImpl.cpp @@ -37,10 +37,10 @@ namespace PersistedStorage { constexpr size_t kMaxNumberOfKeys = 200; constexpr size_t kMaxKeyValueBytes = 255; -Internal::RamStorage KeyValueStoreManagerImpl::sKeysStorage = { kNvmId_KvsKeys }; -Internal::RamStorage KeyValueStoreManagerImpl::sValuesStorage = { kNvmId_KvsValues }; -Internal::RamStorage KeyValueStoreManagerImpl::sSubscriptionStorage = { kNvmId_KvsSubscription }; -Internal::RamStorage KeyValueStoreManagerImpl::sGroupsStorage = { kNvmId_KvsGroups }; +Internal::RamStorage KeyValueStoreManagerImpl::sKeysStorage = { kNvmId_KvsKeys, "Keys" }; +Internal::RamStorage KeyValueStoreManagerImpl::sValuesStorage = { kNvmId_KvsValues, "Values" }; +Internal::RamStorage KeyValueStoreManagerImpl::sSubscriptionStorage = { kNvmId_KvsSubscription, "Subscriptions" }; +Internal::RamStorage KeyValueStoreManagerImpl::sGroupsStorage = { kNvmId_KvsGroups, "Groups" }; KeyValueStoreManagerImpl KeyValueStoreManagerImpl::sInstance; @@ -169,13 +169,13 @@ CHIP_ERROR KeyValueStoreManagerImpl::_Get(const char * key, void * value, size_t { /* Use kKeyId_KvsValues as base key id for all keys. */ pdmInternalId = Internal::RamStorageKey::GetInternalId(kKeyId_KvsValues, keyId); - ChipLogProgress(DeviceLayer, "KVS, get the value of Matter key [%s] with PDM id: %i", key, pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS val: get [%s][%i][%s]", key, pdmInternalId, GetValStorage(key)->GetName()); err = GetValStorage(key)->Read(pdmInternalId, 0, (uint8_t *) value, &valueSize); *read_bytes_size = valueSize; } else { - ChipLogProgress(DeviceLayer, "KVS, Matter key [%s] not found in persistent storage.", key); + ChipLogProgress(DeviceLayer, "KVS key [%s] not found in persistent storage.", key); } exit: @@ -204,8 +204,7 @@ CHIP_ERROR KeyValueStoreManagerImpl::_Put(const char * key, const void * value, /* Use kKeyId_KvsValues as base key id for all keys. */ pdmInternalId = Internal::RamStorageKey::GetInternalId(kKeyId_KvsValues, keyId); - ChipLogProgress(DeviceLayer, "KVS, save in flash the value of the Matter key [%s] with PDM id: %i", key, pdmInternalId); - + ChipLogProgress(DeviceLayer, "KVS val: set [%s][%i][%s]", key, pdmInternalId, GetValStorage(key)->GetName()); err = GetValStorage(key)->Write(pdmInternalId, (uint8_t *) value, value_size); /* save the 'key' in flash such that it can be retrieved later on */ if (err == CHIP_NO_ERROR) @@ -213,21 +212,18 @@ CHIP_ERROR KeyValueStoreManagerImpl::_Put(const char * key, const void * value, if (putKey) { pdmInternalId = Internal::RamStorageKey::GetInternalId(kKeyId_KvsKeys, keyId); - ChipLogProgress(DeviceLayer, "KVS, save in flash the Matter key [%s] with PDM id: %i and length %d", key, pdmInternalId, - strlen(key) + 1); + ChipLogProgress(DeviceLayer, "KVS key: set [%s][%i][%s]", key, pdmInternalId, GetKeyStorage(key)->GetName()); err = GetKeyStorage(key)->Write(pdmInternalId, (uint8_t *) key, strlen(key) + 1); if (err != CHIP_NO_ERROR) { - ChipLogProgress(DeviceLayer, "KVS, Error while saving in flash the Matter key [%s] with PDM id: %i", key, - pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS key: error when setting [%s][%i]", key, pdmInternalId); } } } else { - ChipLogProgress(DeviceLayer, "KVS, Error while saving in flash the value of the Matter key [%s] with PDM id: %i", key, - pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS val: error when setting [%s][%i]", key, pdmInternalId); } exit: @@ -249,7 +245,7 @@ CHIP_ERROR KeyValueStoreManagerImpl::_Delete(const char * key) // entry exists so we can remove it pdmInternalId = Internal::RamStorageKey::GetInternalId(kKeyId_KvsKeys, keyId); - ChipLogProgress(DeviceLayer, "KVS, delete from flash the Matter key [%s] with PDM id: %i", key, pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS key: del [%s][%i][%s]", key, pdmInternalId, GetKeyStorage(key)->GetName()); err = GetKeyStorage(key)->Delete(pdmInternalId, -1); /* also delete the 'key string' from flash */ @@ -257,21 +253,17 @@ CHIP_ERROR KeyValueStoreManagerImpl::_Delete(const char * key) { /* Use kKeyId_KvsValues as base key id for all keys. */ pdmInternalId = Internal::RamStorageKey::GetInternalId(kKeyId_KvsValues, keyId); - ChipLogProgress(DeviceLayer, "KVS, delete from flash the value of the Matter key [%s] with PDM id: %i", key, - pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS val: del [%s][%i][%s]", key, pdmInternalId, GetValStorage(key)->GetName()); err = GetValStorage(key)->Delete(pdmInternalId, -1); if (err != CHIP_NO_ERROR) { - ChipLogProgress(DeviceLayer, - "KVS, Error while deleting from flash the value of the Matter key [%s] with PDM id: %i", key, - pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS val: error when deleting [%s][%i]", key, pdmInternalId); } } else { - ChipLogProgress(DeviceLayer, "KVS, Error while deleting from flash the Matter key [%s] with PDM id: %i", key, - pdmInternalId); + ChipLogProgress(DeviceLayer, "KVS key: error when deleting [%s][%i]", key, pdmInternalId); } } exit: diff --git a/src/platform/nxp/k32w/k32w0/RamStorage.cpp b/src/platform/nxp/k32w/k32w0/RamStorage.cpp index db7ab50a0f1247..ea32a7f9c525c8 100644 --- a/src/platform/nxp/k32w/k32w0/RamStorage.cpp +++ b/src/platform/nxp/k32w/k32w0/RamStorage.cpp @@ -70,8 +70,6 @@ CHIP_ERROR RamStorageKey::Delete() CHIP_ERROR RamStorage::Init(uint16_t aInitialSize, bool extendedSearch) { - CHIP_ERROR err; - mBuffer = getRamBuffer(mPdmId, aInitialSize, extendedSearch); mExtendedSearch = extendedSearch; @@ -162,13 +160,14 @@ void RamStorage::OnFactoryReset() { while (PDM_bDoesDataExist(mPdmId + i, &length)) { - ChipLogProgress(DeviceLayer, "Ram Storage: delete PDM id: %x", mPdmId + i); + ChipLogProgress(DeviceLayer, "Ram Storage: delete PDM id: 0x%x", mPdmId + i); PDM_vDeleteDataRecord(mPdmId + i); i++; } } else { + ChipLogProgress(DeviceLayer, "Ram Storage: delete PDM id: 0x%x", mPdmId); PDM_vDeleteDataRecord(mPdmId); } mutex_unlock(mBuffer); diff --git a/src/platform/nxp/k32w/k32w0/RamStorage.h b/src/platform/nxp/k32w/k32w0/RamStorage.h index 5b244b69df2bad..7b61a5a56a229c 100644 --- a/src/platform/nxp/k32w/k32w0/RamStorage.h +++ b/src/platform/nxp/k32w/k32w0/RamStorage.h @@ -59,11 +59,12 @@ class RamStorage static constexpr uint16_t kRamBufferInitialSize = 512; - RamStorage(uint16_t aPdmId) : mPdmId(aPdmId), mBuffer(nullptr) {} + RamStorage(uint16_t aPdmId, const char * name) : mPdmId(aPdmId), mBuffer(nullptr), mName(name) {} CHIP_ERROR Init(uint16_t aInitialSize, bool extendedSearch = false); void FreeBuffer(); Buffer * GetBuffer() const { return mBuffer; } + const char * GetName() const { return mName; } CHIP_ERROR Read(uint16_t aKey, int aIndex, uint8_t * aValue, uint16_t * aValueLength) const; CHIP_ERROR Write(uint16_t aKey, const uint8_t * aValue, uint16_t aValueLength); CHIP_ERROR Delete(uint16_t aKey, int aIndex); @@ -75,6 +76,7 @@ class RamStorage uint16_t mPdmId; Buffer * mBuffer; + const char * mName; bool mExtendedSearch; }; diff --git a/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp b/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp index 3ab24f33f2b756..8b30cdd0ce7b78 100644 --- a/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp +++ b/src/platform/nxp/k32w/k32w0/crypto/CHIPCryptoPALNXPUltrafastP256.cpp @@ -665,7 +665,7 @@ CHIP_ERROR P256Keypair::Initialize(ECPKeyTarget key_target) } keypair = nullptr; mInitialized = true; -exit: + _log_mbedTLS_error(result); return error; } @@ -929,8 +929,6 @@ CHIP_ERROR Spake2p_P256_SHA256_HKDF_HMAC::FEGenerate(void * fe) result = ECP256_GenerateKeyPair(&PublicKey, &PrivateKey, NULL); - Spake2p_Context * context = to_inner_spake2p_context(&mSpake2pContext); - VerifyOrExit(result == gSecEcp256Success_c, error = CHIP_ERROR_INTERNAL); ecp_coordinate_copy((uint8_t *) fe, (const uint8_t *) &PrivateKey); @@ -1040,7 +1038,6 @@ CHIP_ERROR Spake2p_P256_SHA256_HKDF_HMAC::ComputeL(uint8_t * Lout, size_t * L_le memcpy(p, (uint8_t *) &gen_point, SEC_ECP256_COORDINATE_LEN * 2); } while (0); -exit: _log_mbedTLS_error(result); return error; } diff --git a/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp b/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp index 5eab6bb0c8c706..9506d1bdfe1cc3 100644 --- a/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp +++ b/src/platform/nxp/k32w/k32w1/CHIPCryptoPalK32W1.cpp @@ -717,7 +717,9 @@ CHIP_ERROR P256PublicKey::ECDSA_validate_hash_signature(const uint8_t * hash, co sss_sscp_asymmetric_t asyc; bool bFreeAsyncCtx = false; - size_t keySize = SSS_ECP_KEY_SZ(kP256_PrivateKey_Length); + size_t coordinateLen = kP256_FE_Length; /* always 32 for P256 */ + size_t coordinateBitsLen = coordinateLen * 8; /* always 256 for P256 */ + size_t keySize = SSS_ECP_KEY_SZ(coordinateLen); VerifyOrReturnError(sss_sscp_key_object_init(&ecdsaPublic, &g_keyStore) == kStatus_SSS_Success, CHIP_ERROR_INTERNAL); @@ -726,18 +728,18 @@ CHIP_ERROR P256PublicKey::ECDSA_validate_hash_signature(const uint8_t * hash, co CHIP_ERROR_INTERNAL); // The first byte of the public key is the uncompressed marker - VerifyOrExit(SSS_KEY_STORE_SET_KEY(&ecdsaPublic, Uint8::to_const_uchar(*this) + 1, Length() - 1, keySize * 8, + VerifyOrExit(SSS_KEY_STORE_SET_KEY(&ecdsaPublic, Uint8::to_const_uchar(*this) + 1, Length() - 1, coordinateBitsLen, (uint32_t) kSSS_KeyPart_Public) == kStatus_SSS_Success, - CHIP_ERROR_INTERNAL); + error = CHIP_ERROR_INTERNAL); VerifyOrExit(sss_sscp_asymmetric_context_init(&asyc, &g_sssSession, &ecdsaPublic, kAlgorithm_SSS_ECDSA_SHA256, kMode_SSS_Verify) == kStatus_SSS_Success, - CHIP_ERROR_INTERNAL); + error = CHIP_ERROR_INTERNAL); bFreeAsyncCtx = true; VerifyOrExit(sss_sscp_asymmetric_verify_digest(&asyc, (uint8_t *) hash, hash_length, (uint8_t *) signature.ConstBytes(), signature.Length()) == kStatus_SSS_Success, - CHIP_ERROR_INTERNAL); + error = CHIP_ERROR_INTERNAL); exit: if (bFreeAsyncCtx) @@ -757,9 +759,10 @@ CHIP_ERROR P256Keypair::ECDH_derive_secret(const P256PublicKey & remote_public_k size_t secret_length = (out_secret.Length() == 0) ? out_secret.Capacity() : out_secret.Length(); sss_sscp_object_t * keypair = to_keypair(&mKeypair); - size_t coordinateLen = kP256_PrivateKey_Length; - size_t coordinateBitsLen = coordinateLen * 8; - size_t keySize = SSS_ECP_KEY_SZ(kP256_PrivateKey_Length); + + size_t coordinateLen = kP256_FE_Length; /* always 32 for P256 */ + size_t coordinateBitsLen = coordinateLen * 8; /* always 256 for P256 */ + size_t keySize = SSS_ECP_KEY_SZ(coordinateLen); sss_sscp_derive_key_t dCtx; sss_sscp_object_t pEcdhPubKey; diff --git a/src/platform/nxp/k32w/k32w1/FactoryDataProviderImpl.cpp b/src/platform/nxp/k32w/k32w1/FactoryDataProviderImpl.cpp index 06741ef770dcc4..c3c913858ee5f7 100644 --- a/src/platform/nxp/k32w/k32w1/FactoryDataProviderImpl.cpp +++ b/src/platform/nxp/k32w/k32w1/FactoryDataProviderImpl.cpp @@ -154,22 +154,28 @@ CHIP_ERROR FactoryDataProviderImpl::SSS_ConvertDacKey() CHIP_ERROR FactoryDataProviderImpl::SSS_ExportBlob(uint8_t * data, size_t * dataLen, uint32_t & offset) { + CHIP_ERROR error = CHIP_NO_ERROR; + auto res = kStatus_SSS_Success; + uint8_t keyBuf[Crypto::kP256_PrivateKey_Length]; MutableByteSpan dacPrivateKeySpan(keyBuf); uint16_t keySize = 0; - ReturnErrorOnFailure( - SearchForId(FactoryDataId::kDacPrivateKeyId, dacPrivateKeySpan.data(), dacPrivateKeySpan.size(), keySize, &offset)); + error = SearchForId(FactoryDataId::kDacPrivateKeyId, dacPrivateKeySpan.data(), dacPrivateKeySpan.size(), keySize, &offset); + SuccessOrExit(error); dacPrivateKeySpan.reduce_size(keySize); - auto res = SSS_KEY_STORE_SET_KEY(&mContext, dacPrivateKeySpan.data(), Crypto::kP256_PrivateKey_Length, keySize * 8, - kSSS_KeyPart_Private); - VerifyOrReturnError(res == kStatus_SSS_Success, CHIP_ERROR_INTERNAL); + res = SSS_KEY_STORE_SET_KEY(&mContext, dacPrivateKeySpan.data(), Crypto::kP256_PrivateKey_Length, keySize * 8, + kSSS_KeyPart_Private); + VerifyOrExit(res == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL); res = sss_sscp_key_store_export_key(&g_keyStore, &mContext, data, dataLen, kSSS_blobType_ELKE_blob); - VerifyOrReturnError(res == kStatus_SSS_Success, CHIP_ERROR_INTERNAL); + VerifyOrExit(res == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL); - return CHIP_NO_ERROR; +exit: + /* Sanitize temporary buffer */ + memset(keyBuf, 0, Crypto::kP256_PrivateKey_Length); + return error; } CHIP_ERROR FactoryDataProviderImpl::ReplaceWithBlob(uint8_t * data, uint8_t * blob, size_t blobLen, uint32_t offset)