| /* |
| * Copyright (c) 2024 Project CHIP Authors |
| * All rights reserved. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #pragma once |
| |
| #include <app/server/Server.h> |
| |
| #ifdef CONFIG_CHIP_MIGRATE_OPERATIONAL_KEYS_TO_ITS |
| /** |
| * @brief Migrate all stored Operational Keys from the persistent storage (KVS) to secure PSA ITS. |
| * |
| * This function will schedule a factory reset automatically if the |
| * CONFIG_CHIP_FACTORY_RESET_ON_KEY_MIGRATION_FAILURE |
| * Kconfig option is set to 'y'. In this case, the function returns CHIP_NO_ERROR to not block any further |
| * operations until the scheduled factory reset is done. |
| * |
| * @note This function should be called just after Matter Server Init to avoid problems with further CASE |
| * session re-establishments. |
| * @param storage |
| * @param keystore |
| * @retval CHIP_NO_ERROR if all keys have been migrated properly to PSA ITS or if the error occurs, but |
| * the CONFIG_CHIP_FACTORY_RESET_ON_KEY_MIGRATION_FAILURE kconfig is set to 'y'. |
| * @retval CHIP_ERROR_INVALID_ARGUMENT when keystore or storage are not defined. |
| * @retval Other CHIP_ERROR codes related to internal Migration operations. |
| */ |
| CHIP_ERROR MoveOperationalKeysFromKvsToIts(chip::PersistentStorageDelegate * storage, chip::Crypto::OperationalKeystore * keystore); |
| #endif |