Apply restyled changes.

Author: ankk-css

docs/guides/infineon_trustm_provisioning.md

@@ -57,5 +57,5 @@ Please note that production devices cannot re-use these test keys/certificates.
 _Step3: Write DAC test certificate into OPTIGA™ Trust M certificate slot
 0xE0E0_
 
-_Step4: Write Matter test PAI into OPTIGA™ Trust M certificate slot 0xE0E8
-and test CD into OPTIGA™ Trust M Arbitrary OID 0xF1E0.
+\_Step4: Write Matter test PAI into OPTIGA™ Trust M certificate slot
+0xE0E8 and test CD into OPTIGA™ Trust M Arbitrary OID 0xF1E0.

examples/lock-app/infineon/psoc6/README.md

@@ -154,12 +154,14 @@ cloud, giving every IoT device its own unique identity.
 
 -   Building
 
-    Follow the steps to build with OPTIGA™ Trust M for device attestation use case:
+    Follow the steps to build with OPTIGA™ Trust M for device attestation use
+    case:
 
     ```
       $ source scripts/activate.sh
       $ scripts/build/build_examples.py --no-log-timestamps --target 'infineon-psoc6-lock-trustm' build
     ```
+
 -   To delete generated executable, libraries and object files use:
 
         $ cd ~/connectedhomeip

scripts/build/builders/infineon.py

@@ -81,7 +81,7 @@ def __init__(self,
                  board: InfineonBoard = InfineonBoard.PSOC6BOARD,
                  enable_ota_requestor: bool = False,
                  update_image: bool = False,
-                 enable_trustm: bool = False): 
+                 enable_trustm: bool = False):
         super(InfineonBuilder, self).__init__(
             root=app.BuildRoot(root),
             runner=runner)
@@ -97,6 +97,7 @@ def __init__(self,
             self.extra_gn_options.append('chip_crypto=\"platform\"')
         if enable_trustm is False:
             self.extra_gn_options.append('chip_crypto=\"mbedtls\"')
+
     def GnBuildArgs(self):
         return self.extra_gn_options
 

src/crypto/crypto.gni

@@ -16,7 +16,7 @@ declare_args() {
   # Crypto implementation: mbedtls, openssl, boringssl, platform.
   chip_crypto = ""
   chip_with_se05x = 0
-  
+
   # Compile mbedtls externally. Only used if chip_crypto == "mbedtls"
   chip_external_mbedtls = false
 }

src/platform/Infineon/crypto/trustm/BUILD.gn

@@ -23,36 +23,33 @@ if (chip_crypto == "platform") {
 }
 
 source_set("public_headers") {
-  sources = [
-  ]
+  sources = []
 
   public_deps = [
+    "${chip_root}/src/crypto",
     "${chip_root}/src/lib/asn1",
     "${chip_root}/src/lib/core",
     "${chip_root}/src/lib/support",
     "${nlassert_root}:nlassert",
-    "${chip_root}/src/crypto",
-
   ]
 }
 
 static_library("infineon_crypto_lib") {
   sources = [
-    "CHIPCryptoPAL_HostFallBack.cpp",
     "CHIPCryptoPALHost.cpp",
     "CHIPCryptoPALHsm_HKDF_trustm.cpp",
     "CHIPCryptoPALHsm_HMAC_trustm.cpp",
     "CHIPCryptoPALHsm_P256_trustm.cpp",
     "CHIPCryptoPALHsm_rng_trustm.cpp",
     "CHIPCryptoPALHsm_utils_trustm.cpp",
+    "CHIPCryptoPAL_HostFallBack.cpp",
     "DeviceAttestationCredsExampleTrustM.cpp",
   ]
 
   public_deps = [ ":public_headers" ]
   public_configs = []
   public_deps += [ "${chip_root}/third_party/infineon/trustm:optiga-trust-m" ]
-  public_configs +=
-    [ "${chip_root}/third_party/infineon/trustm:trustm_config" ]
+  public_configs += [ "${chip_root}/third_party/infineon/trustm:trustm_config" ]
   deps = [ "${chip_root}/${infineon_crypto_root}:optiga-trust-m" ]
   external_mbedtls = current_os == "zephyr"
 
@@ -64,5 +61,4 @@ static_library("infineon_crypto_lib") {
     "${chip_root}/src/crypto",
     "${chip_root}/src/platform/Infineon/crypto/trustm",
   ]
-  
 }

src/platform/Infineon/crypto/trustm/CHIPCryptoPALHost.cpp

@@ -129,7 +129,8 @@ CHIP_ERROR AES_CCM_encrypt(const uint8_t * plaintext, size_t plaintext_length, c
     }
 
     // Size of key is expressed in bits, hence the multiplication by 8.
-    result = mbedtls_ccm_setkey(&ccm_context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray) * 8);
+    result = mbedtls_ccm_setkey(&ccm_context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(),
+                                sizeof(Symmetric128BitsKeyByteArray) * 8);
     VerifyOrExit(result == 0, error = CHIP_ERROR_INTERNAL);
 
     // Encrypt
@@ -165,7 +166,8 @@ CHIP_ERROR AES_CCM_decrypt(const uint8_t * ciphertext, size_t ciphertext_len, co
     }
 
     // Size of key is expressed in bits, hence the multiplication by 8.
-    result = mbedtls_ccm_setkey(&ccm_context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(), sizeof(Symmetric128BitsKeyByteArray) * 8);
+    result = mbedtls_ccm_setkey(&ccm_context, MBEDTLS_CIPHER_ID_AES, key.As<Symmetric128BitsKeyByteArray>(),
+                                sizeof(Symmetric128BitsKeyByteArray) * 8);
     VerifyOrExit(result == 0, error = CHIP_ERROR_INTERNAL);
 
     // Decrypt
@@ -293,7 +295,6 @@ CHIP_ERROR pbkdf2_sha256_h(const uint8_t * password, size_t plen, const uint8_t
     return error;
 }
 
-
 CHIP_ERROR Hash_SHA256_stream::AddData(const ByteSpan data)
 {
     mbedtls_sha256_context * const context = to_inner_hash_sha256_context(&mContext);

src/platform/Infineon/crypto/trustm/CHIPCryptoPALHsm_HKDF_trustm.cpp

@@ -47,9 +47,8 @@ namespace Crypto {
 extern CHIP_ERROR HKDF_SHA256_H(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
                                 const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length);
 
-CHIP_ERROR HKDF_sha::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt,
-                                    const size_t salt_length, const uint8_t * info, const size_t info_length, uint8_t * out_buffer,
-                                    size_t out_length)
+CHIP_ERROR HKDF_sha::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
+                                 const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
 {
 #if !ENABLE_TRUSTM_HKDF_SHA256
     return HKDF_SHA256_H(secret, secret_length, salt, salt_length, info, info_length, out_buffer, out_length);

src/platform/Infineon/crypto/trustm/CHIPCryptoPALHsm_HMAC_trustm.cpp

@@ -48,7 +48,7 @@ extern CHIP_ERROR HMAC_SHA256_h(const uint8_t * key, size_t key_length, const ui
                                 uint8_t * out_buffer, size_t out_length);
 
 CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const uint8_t * message, size_t message_length,
-                                    uint8_t * out_buffer, size_t out_length)
+                                 uint8_t * out_buffer, size_t out_length)
 
 {
 #if !ENABLE_TRUSTM_HMAC_SHA256
@@ -75,7 +75,7 @@ CHIP_ERROR HMAC_sha::HMAC_SHA256(const uint8_t * key, size_t key_length, const u
     // Trust M init
     trustm_Open();
     // Write metada for secret OID(Done during Provisioning)
-    //write_metadata(TRUSTM_HMAC_OID_KEY, metadata_hmac, sizeof(metadata_hmac));
+    // write_metadata(TRUSTM_HMAC_OID_KEY, metadata_hmac, sizeof(metadata_hmac));
     // Update the secret key
     write_data(TRUSTM_HMAC_OID_KEY, key, key_length_u16);