Implement setting key persitence for ICD server

Author: maciejbaczmanski

src/app/clusters/icd-management-server/icd-management-server.cpp

@@ -312,7 +312,7 @@ Status ICDManagementServer::RegisterClient(CommandHandler * commandObj, const Co
         entry.DeleteKey();
     }
 
-    err = entry.SetKey(key);
+    err = entry.SetKey(key, true);
     VerifyOrReturnError(CHIP_ERROR_INVALID_ARGUMENT != err, Status::ConstraintError);
     VerifyOrReturnError(CHIP_NO_ERROR == err, Status::Failure);
     err = table.Set(entry.index, entry);

src/app/icd/server/ICDMonitoringTable.cpp

@@ -19,6 +19,10 @@
 
 #include <crypto/RandUtils.h>
 
+#ifdef CONFIG_CHIP_CRYPTO_PSA
+#include <crypto/CHIPCryptoPALPSA.h>
+#endif
+
 namespace chip {
 
 enum class Fields : uint8_t
@@ -131,7 +135,7 @@ void ICDMonitoringEntry::Clear()
     this->clientType       = app::Clusters::IcdManagement::ClientTypeEnum::kPermanent;
 }
 
-CHIP_ERROR ICDMonitoringEntry::SetKey(ByteSpan keyData)
+CHIP_ERROR ICDMonitoringEntry::SetKey(ByteSpan keyData, bool persistent)
 {
     VerifyOrReturnError(keyData.size() == sizeof(Crypto::Symmetric128BitsKeyByteArray), CHIP_ERROR_INVALID_ARGUMENT);
     VerifyOrReturnError(symmetricKeystore != nullptr, CHIP_ERROR_INTERNAL);
@@ -140,7 +144,20 @@ CHIP_ERROR ICDMonitoringEntry::SetKey(ByteSpan keyData)
     Crypto::Symmetric128BitsKeyByteArray keyMaterial;
     memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Symmetric128BitsKeyByteArray));
 
-    // TODO - Add function to set PSA key lifetime
+#ifdef CONFIG_CHIP_CRYPTO_PSA
+    if (persistent)
+    {
+        ReturnErrorOnFailure(Crypto::FindFreeKeySlotInRange(aesKeyHandle.AsMutable<psa_key_id_t>(),
+                                                            to_underlying(Crypto::KeyIdBase::ICDAesKeyRangeStart),
+                                                            Crypto::kMaxICDClientKeys));
+        ReturnErrorOnFailure(Crypto::FindFreeKeySlotInRange(hmacKeyHandle.AsMutable<psa_key_id_t>(),
+                                                            to_underlying(Crypto::KeyIdBase::ICDHmacKeyRangeStart),
+                                                            Crypto::kMaxICDClientKeys));
+    }
+#else
+    IgnoreUnusedVariable(persistent);
+#endif // CONFIG_CHIP_CRYPTO_PSA
+
     ReturnErrorOnFailure(symmetricKeystore->CreateKey(keyMaterial, aesKeyHandle));
     CHIP_ERROR error = symmetricKeystore->CreateKey(keyMaterial, hmacKeyHandle);
 

src/app/icd/server/ICDMonitoringTable.h

@@ -69,13 +69,14 @@ struct ICDMonitoringEntry : public PersistentData<kICDMonitoringBufferSize>
      *        A new entry object should be used for each key when adding entries to the ICDMonitoring
      *        table.
      *
-     * @param keyData A byte span containing the raw key
+     * @param keyData    A byte span containing the raw key
+     * @param persistent Persistence of the key to be set (optional, needed only when setting persistent key with PSA Crypto API)
      * @return CHIP_ERROR CHIP_NO_ERROR     success
      *         CHIP_ERROR_INVALID_ARGUMENT  wrong size of the raw key
      *         CHIP_ERROR_INTERNAL          No KeyStore for the entry or Key Handle already present
      *         CHIP_ERROR_XXX               Crypto API related failure
      */
-    CHIP_ERROR SetKey(ByteSpan keyData);
+    CHIP_ERROR SetKey(ByteSpan keyData, bool persistent = false);
     CHIP_ERROR DeleteKey(void);
     inline bool IsValid()
     {