Add OnCreateRefreshKey (project-chip#33202)

yunhanw-google · bzbarsky-apple · restyled-commits · web-flow · commit f9ac954217dd · 2024-04-27T00:34:20.000Z
* Add OnCreateRefreshKey

* Update src/app/icd/client/DefaultCheckInDelegate.h

Co-authored-by: Boris Zbarsky &lt;bzbarsky@apple.com&gt;

* Update src/app/icd/client/DefaultCheckInDelegate.h

Co-authored-by: Boris Zbarsky &lt;bzbarsky@apple.com&gt;

* Update src/app/icd/client/DefaultCheckInDelegate.h

Co-authored-by: Boris Zbarsky &lt;bzbarsky@apple.com&gt;

* Update DefaultCheckInDelegate.cpp

* Restyled by whitespace

---------

Co-authored-by: Boris Zbarsky &lt;bzbarsky@apple.com&gt;
Co-authored-by: Restyled.io &lt;commits@restyled.io&gt;
diff --git a/src/app/icd/client/DefaultCheckInDelegate.cpp b/src/app/icd/client/DefaultCheckInDelegate.cpp
@@ -16,7 +16,6 @@
  */
 
 #include <app/icd/client/DefaultCheckInDelegate.h>
-#include <app/icd/client/RefreshKeySender.h>
 #include <crypto/CHIPCryptoPAL.h>
 #include <lib/support/CodeUtils.h>
 #include <lib/support/logging/CHIPLogging.h>
@@ -40,12 +39,16 @@ void DefaultCheckInDelegate::OnCheckInComplete(const ICDClientInfo & clientInfo)
         clientInfo.start_icd_counter, clientInfo.offset, ChipLogValueScopedNodeId(clientInfo.peer_node));
 }
 
+CHIP_ERROR DefaultCheckInDelegate::GenerateRefreshKey(RefreshKeySender::RefreshKeyBuffer & newKey)
+{
+    return Crypto::DRBG_get_bytes(newKey.Bytes(), newKey.Capacity());
+}
+
 RefreshKeySender * DefaultCheckInDelegate::OnKeyRefreshNeeded(ICDClientInfo & clientInfo, ICDClientStorage * clientStorage)
 {
     CHIP_ERROR err = CHIP_NO_ERROR;
     RefreshKeySender::RefreshKeyBuffer newKey;
-
-    err = Crypto::DRBG_get_bytes(newKey.Bytes(), newKey.Capacity());
+    err = GenerateRefreshKey(newKey);
     if (err != CHIP_NO_ERROR)
     {
         ChipLogError(ICD, "Generation of new key failed: %" CHIP_ERROR_FORMAT, err.Format());
diff --git a/src/app/icd/client/DefaultCheckInDelegate.h b/src/app/icd/client/DefaultCheckInDelegate.h
@@ -20,6 +20,7 @@
 
 #include <app/icd/client/CheckInDelegate.h>
 #include <app/icd/client/ICDClientStorage.h>
+#include <app/icd/client/RefreshKeySender.h>
 
 namespace chip {
 namespace app {
@@ -33,6 +34,17 @@ class DefaultCheckInDelegate : public CheckInDelegate
     virtual ~DefaultCheckInDelegate() {}
     CHIP_ERROR Init(ICDClientStorage * storage, InteractionModelEngine * engine);
     void OnCheckInComplete(const ICDClientInfo & clientInfo) override;
+
+    /**
+     * @brief Callback used to let the application generate the new ICD symmetric key
+     *
+     * If this calback is not overridden, Crypto::DRBG_get_bytes will be used to generated the key.
+     *
+     * @param[inout] newKey sensitive data buffer with type Crypto::SensitiveDataBuffer<Crypto::kAES_CCM128_Key_Length>
+     * @param[out] CHIP_ERROR CHIP_ERROR_INVALID_ARGUMENT
+     *                        CHIP_ERROR_INTERNAL
+     */
+    virtual CHIP_ERROR GenerateRefreshKey(RefreshKeySender::RefreshKeyBuffer & newKey);
     RefreshKeySender * OnKeyRefreshNeeded(ICDClientInfo & clientInfo, ICDClientStorage * clientStorage) override;
     void OnKeyRefreshDone(RefreshKeySender * refreshKeySender, CHIP_ERROR error) override;
 
