Google Git
Sign in
pigweed / third_party / github / project-chip / connectedhomeip / 81c7f2aacebbe5bb304a62ecdbeaff9220d72c69^! / . / src / credentials / DeviceAttestationCredsProvider.h
commit81c7f2aacebbe5bb304a62ecdbeaff9220d72c69[log] [tgz]
authorTennessee Carmel-Veilleux <tennessee.carmelveilleux@gmail.com>Tue Jun 28 23:23:53 2022 -0400
committerGitHub <noreply@github.com>Tue Jun 28 23:23:53 2022 -0400
tree280f87b372ee78e8f9ee6ba9c763cfc6e4162909
parent5d2472186a47ade0bf07f9e74fef5b9e7e875130 [diff] [blame]
Remove duplicate P256Keypair::ECDSA_sign_hash code (#20078)

* Remove duplicate P256Keypair::ECDSA_sign_hash code

- The ECDSA_sign_hash method is a near identical copy of of ECDSA_sign_msg,
  that takes a raw hash.
- This is problematic since some platforms, like Android, cannot directly sign
  a pre-computed hash with OS-aided APIs, and overall this is not consistent
  with signature APIs that work on messages, and where a digest is an internal
  implementation detail.
- Overall, the method adds little value and prevents easy transition to different
  signing algorithms over time if the hash assumption is kept

Fixes #18430

This PR:

- Removes the sign_hash API
- Replaces its usage throughout the SDK
- Updates all tests
- Leaves the ECDSA_verify_hash_signature (since it's only used in one place,
  already in native code, and always against raw public keys)

Testing done:

- Cert tests still pass, including device attestation during commissioning
- Unit tests still pass including updated unit tests

* Restyled by clang-format

* Remove missed removals

* Apply review comments

Co-authored-by: Restyled.io <commits@restyled.io>
diff --git a/src/credentials/DeviceAttestationCredsProvider.h b/src/credentials/DeviceAttestationCredsProvider.h
index 36ac029..adfcc33 100644
--- a/src/credentials/DeviceAttestationCredsProvider.h
+++ b/src/credentials/DeviceAttestationCredsProvider.h

@@ -80,16 +80,14 @@
     virtual CHIP_ERROR GetProductAttestationIntermediateCert(MutableByteSpan & out_pai_buffer) = 0;
 
     /**
-     * @brief Signs a SHA256 digest using the device attestation private key
+     * @brief Signs a message using the device attestation private key
      *
-     * @param[in] digest_to_sign The SHA256 digest to sign using the attestation private key. Must
-     *                           be exactly chip::Crypto::kSHA256_Hash_Length.
+     * @param[in] message_to_sign The message to sign using the attestation private key.
      * @param[in,out] out_signature_buffer Buffer to receive the signature in raw <r,s> format.
-     * @returns CHIP_NO_ERROR on success, CHIP_ERROR_INVALID_ARGUMENT if `digest_to_sign` is wrong size,
-     *          CHIP_ERROR_BUFFER_TOO_SMALL if `out_signature_buffer` is too small,
+     * @returns CHIP_NO_ERROR on success, CHIP_ERROR_BUFFER_TOO_SMALL if `out_signature_buffer` is too small,
      *          or another CHIP_ERROR from the underlying implementation if signature fails.
      */
-    virtual CHIP_ERROR SignWithDeviceAttestationKey(const ByteSpan & digest_to_sign, MutableByteSpan & out_signature_buffer) = 0;
+    virtual CHIP_ERROR SignWithDeviceAttestationKey(const ByteSpan & message_to_sign, MutableByteSpan & out_signature_buffer) = 0;
 };
 
 /**