forked from nrfconnect/sdk-connectedhomeip
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCHIPCryptoPALPSA.h
155 lines (135 loc) · 4.89 KB
/
CHIPCryptoPALPSA.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
/*
*
* Copyright (c) 2022 Project CHIP Authors
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* @file
* Header file that contains private definitions used by PSA crypto backend.
*
* This file should not be included directly by the application. Instead, use
* cryptographic primitives defined in CHIPCryptoPAL.h or SessionKeystore.h.
*/
#pragma once
#include "CHIPCryptoPAL.h"
#include <lib/core/DataModelTypes.h>
#include <lib/support/SafePointerCast.h>
#include <psa/crypto.h>
namespace chip {
namespace Crypto {
/**
* @def CHIP_CONFIG_CRYPTO_PSA_KEY_ID_BASE
*
* @brief
* Base of the PSA key identifier range used by Matter.
*
* Cryptographic keys stored in the PSA Internal Trusted Storage must have
* a user-assigned identifer from the range PSA_KEY_ID_USER_MIN to
* PSA_KEY_ID_USER_MAX. This option allows to override the base used to derive
* key identifiers used by Matter to avoid overlapping with other firmware
* components that also use PSA crypto API. The default value was selected
* not to interfere with OpenThread's default base that is 0x20000.
*
* Note that volatile keys like ephemeral keys used for ECDH have identifiers
* auto-assigned by the PSA backend.
*/
#ifndef CHIP_CONFIG_CRYPTO_PSA_KEY_ID_BASE
#define CHIP_CONFIG_CRYPTO_PSA_KEY_ID_BASE 0x30000
#endif // CHIP_CONFIG_CRYPTO_PSA_KEY_ID_BASE
/**
* @brief Defines subranges of the PSA key identifier space used by Matter.
*/
enum class KeyIdBase : psa_key_id_t
{
Minimum = CHIP_CONFIG_CRYPTO_PSA_KEY_ID_BASE,
Operational = Minimum, ///< Base of the PSA key ID range for Node Operational Certificate private keys
DACPrivKey = Operational + kMaxValidFabricIndex + 1,
Maximum = DACPrivKey,
};
static_assert(to_underlying(KeyIdBase::Minimum) >= PSA_KEY_ID_USER_MIN && to_underlying(KeyIdBase::Maximum) <= PSA_KEY_ID_USER_MAX,
"PSA key ID base out of allowed range");
/**
* @brief Calculates PSA key ID for Node Operational Certificate private key for the given fabric.
*/
constexpr psa_key_id_t MakeOperationalKeyId(FabricIndex fabricIndex)
{
return to_underlying(KeyIdBase::Operational) + static_cast<psa_key_id_t>(fabricIndex);
}
/**
* @brief Concrete P256 keypair context used by PSA crypto backend.
*/
struct PsaP256KeypairContext
{
psa_key_id_t key_id;
};
inline PsaP256KeypairContext & ToPsaContext(P256KeypairContext & context)
{
return *SafePointerCast<PsaP256KeypairContext *>(&context);
}
inline const PsaP256KeypairContext & ToConstPsaContext(const P256KeypairContext & context)
{
return *SafePointerCast<const PsaP256KeypairContext *>(&context);
}
/**
* @brief Wrapper for PSA key derivation API.
*/
class PsaKdf
{
public:
~PsaKdf()
{
psa_key_derivation_abort(&mOperation);
psa_destroy_key(mSecretKeyId);
}
/**
* @brief Initializes the key derivation operation.
*/
CHIP_ERROR Init(const ByteSpan & secret, const ByteSpan & salt, const ByteSpan & info);
/**
* @brief Initializes the key derivation operation.
*/
CHIP_ERROR Init(const HkdfKeyHandle & hkdfKey, const ByteSpan & salt, const ByteSpan & info);
/**
* @brief Derives raw key material from the operation.
*
* This method together with @p DeriveKeys can be called multiple times to
* derive several keys.
*
* @param[out] output Span that provides location and length for the derived key material.
*
* @retval CHIP_NO_ERROR On success.
* @retval CHIP_ERROR_INTERNAL On PSA crypto API error.
*/
CHIP_ERROR DeriveBytes(const MutableByteSpan & output);
/**
* @brief Derives a key from the operation.
*
* This method together with @p DeriveBytes can be called multiple times to
* derive several keys.
*
* @param[in] attributes Attributes of the derived key.
* @param[out] keyId PSA key ID of the derived key.
*
* @retval CHIP_NO_ERROR On success.
* @retval CHIP_ERROR_INTERNAL On PSA crypto API error.
*/
CHIP_ERROR DeriveKey(const psa_key_attributes_t & attributes, psa_key_id_t & keyId);
private:
CHIP_ERROR InitOperation(psa_key_id_t hkdfKey, const ByteSpan & salt, const ByteSpan & info);
psa_key_id_t mSecretKeyId = PSA_KEY_ID_NULL;
psa_key_derivation_operation_t mOperation = PSA_KEY_DERIVATION_OPERATION_INIT;
};
} // namespace Crypto
} // namespace chip