[nrf noup] [Zephyr] Prevent from removing DAC Private Key

ArekBalysNordic · ArekBalysNordic · commit 02a34889b2fe · 2024-05-06T14:18:07.000+02:00
Prevent from removing DAC Private Key from ITS during factory
reset.
diff --git a/src/platform/Zephyr/ConfigurationManagerImpl.cpp b/src/platform/Zephyr/ConfigurationManagerImpl.cpp
@@ -219,6 +219,13 @@ void ConfigurationManagerImpl::DoFactoryReset(intptr_t arg)
     for (uint32_t keyID = static_cast<uint32_t>(chip::Crypto::KeyIdBase::Minimum);
          keyID <= static_cast<uint32_t>(chip::Crypto::KeyIdBase::Maximum); keyID++)
     {
+#ifdef CONFIG_CHIP_CRYPTO_PSA_MIGRATE_DAC_PRIV_KEY
+        // Prevent from removing DAC Private Key
+        if (keyID == static_cast<uint32_t>(chip::Crypto::KeyIdBase::DACPrivKey))
+        {
+            continue;
+        }
+#endif
         psa_destroy_key(static_cast<psa_key_id_t>(keyID));
     }
 #endif

Original file line number	Diff line number	Diff line change
`@@ -219,6 +219,13 @@ void ConfigurationManagerImpl::DoFactoryReset(intptr_t arg)`
`219`	`219`	`for (uint32_t keyID = static_cast<uint32_t>(chip::Crypto::KeyIdBase::Minimum);`
`220`	`220`	`keyID <= static_cast<uint32_t>(chip::Crypto::KeyIdBase::Maximum); keyID++)`
`221`	`221`	`{`
	`222`	`+#ifdef CONFIG_CHIP_CRYPTO_PSA_MIGRATE_DAC_PRIV_KEY`
	`223`	`+ // Prevent from removing DAC Private Key`
	`224`	`+ if (keyID == static_cast<uint32_t>(chip::Crypto::KeyIdBase::DACPrivKey))`
	`225`	`+ {`
	`226`	`+ continue;`
	`227`	`+ }`
	`228`	`+#endif`
`222`	`229`	`psa_destroy_key(static_cast<psa_key_id_t>(keyID));`
`223`	`230`	`}`
`224`	`231`	`#endif`