Feature/hkdf hsm (#6662)
* added HKDF HSM
* restyled
* extended pbkdf api with sha algorithm input
diff --git a/src/crypto/BUILD.gn b/src/crypto/BUILD.gn
index 188c78d..58a18f2 100644
--- a/src/crypto/BUILD.gn
+++ b/src/crypto/BUILD.gn
@@ -87,6 +87,7 @@
if (chip_with_se05x == 1) {
sources += [
+ "hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp",
"hsm/nxp/CHIPCryptoPALHsm_SE05X_P256.cpp",
"hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp",
"hsm/nxp/CHIPCryptoPALHsm_SE05X_Spake2p.cpp",
diff --git a/src/crypto/CHIPCryptoPAL.cpp b/src/crypto/CHIPCryptoPAL.cpp
index 1160d24..dcc0ca3 100644
--- a/src/crypto/CHIPCryptoPAL.cpp
+++ b/src/crypto/CHIPCryptoPAL.cpp
@@ -27,6 +27,12 @@
namespace chip {
namespace Crypto {
+#ifdef ENABLE_HSM_HKDF
+using HKDF_sha_crypto = HKDF_shaHSM;
+#else
+using HKDF_sha_crypto = HKDF_sha;
+#endif
+
CHIP_ERROR Spake2p::InternalHash(const uint8_t * in, size_t in_len)
{
CHIP_ERROR error = CHIP_ERROR_INTERNAL;
@@ -431,8 +437,9 @@
size_t out_len)
{
CHIP_ERROR error = CHIP_ERROR_INTERNAL;
+ HKDF_sha_crypto mHKDF;
- error = HKDF_SHA256(ikm, ikm_len, salt, salt_len, info, info_len, out, out_len);
+ error = mHKDF.HKDF_SHA256(ikm, ikm_len, salt, salt_len, info, info_len, out, out_len);
VerifyOrExit(error == CHIP_NO_ERROR, error = CHIP_ERROR_INTERNAL);
error = CHIP_NO_ERROR;
diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h
index 2c1f388..157b12d 100644
--- a/src/crypto/CHIPCryptoPAL.h
+++ b/src/crypto/CHIPCryptoPAL.h
@@ -400,21 +400,28 @@
HashSHA256OpaqueContext mContext;
};
-/**
- * @brief A function that implements SHA-256 based HKDF
- * @param secret The secret to use as the key to the HKDF
- * @param secret_length Length of the secret
- * @param salt Optional salt to use as input to the HKDF
- * @param salt_length Length of the salt
- * @param info Optional info to use as input to the HKDF
- * @param info_length Length of the info
- * @param out_buffer Pointer to buffer to write output into.
- * @param out_length Resulting length of out_buffer
- * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise
- **/
+class HKDF_sha
+{
+public:
+ HKDF_sha() {}
+ virtual ~HKDF_sha() {}
-CHIP_ERROR HKDF_SHA256(const uint8_t * secret, size_t secret_length, const uint8_t * salt, size_t salt_length, const uint8_t * info,
- size_t info_length, uint8_t * out_buffer, size_t out_length);
+ /**
+ * @brief A function that implements SHA-256 based HKDF
+ * @param secret The secret to use as the key to the HKDF
+ * @param secret_length Length of the secret
+ * @param salt Optional salt to use as input to the HKDF
+ * @param salt_length Length of the salt
+ * @param info Optional info to use as input to the HKDF
+ * @param info_length Length of the info
+ * @param out_buffer Pointer to buffer to write output into.
+ * @param out_length Resulting length of out_buffer
+ * @return Returns a CHIP_ERROR on error, CHIP_NO_ERROR otherwise
+ **/
+
+ virtual CHIP_ERROR HKDF_SHA256(const uint8_t * secret, size_t secret_length, const uint8_t * salt, size_t salt_length,
+ const uint8_t * info, size_t info_length, uint8_t * out_buffer, size_t out_length);
+};
/**
* @brief A cryptographically secure random number generator based on NIST SP800-90A
diff --git a/src/crypto/CHIPCryptoPALOpenSSL.cpp b/src/crypto/CHIPCryptoPALOpenSSL.cpp
index f1e4886..c4f7bb5 100644
--- a/src/crypto/CHIPCryptoPALOpenSSL.cpp
+++ b/src/crypto/CHIPCryptoPALOpenSSL.cpp
@@ -361,8 +361,8 @@
memset(this, 0, sizeof(*this));
}
-CHIP_ERROR HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
- const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
+CHIP_ERROR HKDF_sha::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
+ const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
{
EVP_PKEY_CTX * context;
CHIP_ERROR error = CHIP_NO_ERROR;
diff --git a/src/crypto/CHIPCryptoPALmbedTLS.cpp b/src/crypto/CHIPCryptoPALmbedTLS.cpp
index 418682d..504ee01 100644
--- a/src/crypto/CHIPCryptoPALmbedTLS.cpp
+++ b/src/crypto/CHIPCryptoPALmbedTLS.cpp
@@ -259,8 +259,8 @@
memset(this, 0, sizeof(*this));
}
-CHIP_ERROR HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
- const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
+CHIP_ERROR HKDF_sha::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt, const size_t salt_length,
+ const uint8_t * info, const size_t info_length, uint8_t * out_buffer, size_t out_length)
{
CHIP_ERROR error = CHIP_NO_ERROR;
int result = 1;
diff --git a/src/crypto/hsm/CHIPCryptoPALHsm.h b/src/crypto/hsm/CHIPCryptoPALHsm.h
index ec846c3..bce797d 100644
--- a/src/crypto/hsm/CHIPCryptoPALHsm.h
+++ b/src/crypto/hsm/CHIPCryptoPALHsm.h
@@ -137,6 +137,28 @@
#endif //#if ENABLE_HSM_PBKDF2_SHA256
+#if ENABLE_HSM_HKDF_SHA256
+
+class HKDF_shaHSM : public HKDF_sha
+{
+public:
+ HKDF_shaHSM();
+ ~HKDF_shaHSM();
+
+ virtual CHIP_ERROR HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt,
+ const size_t salt_length, const uint8_t * info, const size_t info_length, uint8_t * out_buffer,
+ size_t out_length) override;
+
+ void SetKeyId(uint32_t id) { keyid = id; }
+
+ uint32_t GetKeyId() { return keyid; }
+
+private:
+ uint32_t keyid;
+};
+
+#endif //#if ENABLE_HSM_HKDF_SHA256
+
} // namespace Crypto
} // namespace chip
diff --git a/src/crypto/hsm/CHIPCryptoPALHsm_config.h b/src/crypto/hsm/CHIPCryptoPALHsm_config.h
index 5bd8c0f..380a497 100644
--- a/src/crypto/hsm/CHIPCryptoPALHsm_config.h
+++ b/src/crypto/hsm/CHIPCryptoPALHsm_config.h
@@ -43,6 +43,11 @@
*/
#define ENABLE_HSM_PBKDF2_SHA256 1
+/*
+ * Enable HSM for HKDF SHA256
+ */
+#define ENABLE_HSM_HKDF_SHA256 1
+
#if ((CHIP_CRYPTO_HSM) && ((ENABLE_HSM_SPAKE_VERIFIER) || (ENABLE_HSM_SPAKE_PROVER)))
#define ENABLE_HSM_SPAKE
#endif
@@ -55,4 +60,8 @@
#define ENABLE_HSM_PBKDF2
#endif
+#if ((CHIP_CRYPTO_HSM) && (ENABLE_HSM_HKDF_SHA256))
+#define ENABLE_HSM_HKDF
+#endif
+
#endif //#ifndef _CHIP_CRYPTO_PAL_HSM_CONFIG_H_
diff --git a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp
new file mode 100644
index 0000000..baac68e
--- /dev/null
+++ b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_HKDF.cpp
@@ -0,0 +1,97 @@
+/*
+ *
+ * Copyright (c) 2021 Project CHIP Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file
+ * HSM based implementation of CHIP crypto primitives
+ * Based on configurations in CHIPCryptoPALHsm_config.h file,
+ * chip crypto apis use either HSM or rollback to software implementation.
+ */
+
+#include "CHIPCryptoPALHsm_SE05X_utils.h"
+#include <core/CHIPEncoding.h>
+
+#if ENABLE_HSM_HKDF_SHA256
+
+namespace chip {
+namespace Crypto {
+
+HKDF_shaHSM::HKDF_shaHSM()
+{
+ keyid = kKeyId_hkdf_sha256_hmac_keyid;
+}
+HKDF_shaHSM::~HKDF_shaHSM() {}
+
+CHIP_ERROR HKDF_shaHSM::HKDF_SHA256(const uint8_t * secret, const size_t secret_length, const uint8_t * salt,
+ const size_t salt_length, const uint8_t * info, const size_t info_length, uint8_t * out_buffer,
+ size_t out_length)
+{
+ CHIP_ERROR error = CHIP_ERROR_INTERNAL;
+ sss_status_t status = kStatus_SSS_Success;
+ smStatus_t smstatus = SM_NOT_OK;
+ sss_object_t keyObject = { 0 };
+
+ if (salt_length > 64 || info_length > 80 || secret_length > 256 || out_length > 768)
+ {
+ /* Length not supported by se05x. Rollback to SW */
+ return HKDF_sha::HKDF_SHA256(secret, secret_length, salt, salt_length, info, info_length, out_buffer, out_length);
+ }
+
+ // Salt is optional
+ if (salt_length > 0)
+ {
+ VerifyOrExit(salt != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+ }
+ VerifyOrExit(info_length > 0, error = CHIP_ERROR_INVALID_ARGUMENT);
+ VerifyOrExit(info != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+ VerifyOrExit(out_length > 0, error = CHIP_ERROR_INVALID_ARGUMENT);
+ VerifyOrExit(out_buffer != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+ VerifyOrExit(secret != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
+
+ VerifyOrExit(keyid != kKeyId_NotInitialized, error = CHIP_ERROR_HSM);
+
+ se05x_sessionOpen();
+
+ status = sss_key_object_init(&keyObject, &gex_sss_chip_ctx.ks);
+ VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+ status = sss_key_object_allocate_handle(&keyObject, keyid, kSSS_KeyPart_Default, kSSS_CipherType_HMAC, secret_length,
+ kKeyObject_Mode_Transient);
+ VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+ status = sss_key_store_set_key(&gex_sss_chip_ctx.ks, &keyObject, secret, secret_length, secret_length * 8, NULL, 0);
+ VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+ VerifyOrExit(gex_sss_chip_ctx.ks.session != NULL, error = CHIP_ERROR_INTERNAL);
+
+ smstatus = Se05x_API_HKDF_Extended(&((sss_se05x_session_t *) &gex_sss_chip_ctx.session)->s_ctx, keyObject.keyId,
+ kSE05x_DigestMode_SHA256, kSE05x_HkdfMode_ExtractExpand, salt, salt_length, 0, info,
+ info_length, 0, (uint16_t) out_length, out_buffer, &out_length);
+ VerifyOrExit(smstatus == SM_OK, error = CHIP_ERROR_INTERNAL);
+
+ status = sss_key_store_erase_key(&gex_sss_chip_ctx.ks, &keyObject);
+ VerifyOrExit(status == kStatus_SSS_Success, error = CHIP_ERROR_INTERNAL);
+
+ error = CHIP_NO_ERROR;
+exit:
+ return error;
+}
+
+} // namespace Crypto
+} // namespace chip
+
+#endif //#if ENABLE_HSM_HKDF_SHA256
diff --git a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp
index 13a1f21..ba41628 100644
--- a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp
+++ b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_PBKDF.cpp
@@ -70,8 +70,8 @@
VerifyOrExit(gex_sss_chip_ctx.ks.session != NULL, error = CHIP_ERROR_INTERNAL);
- smStatus = Se05x_API_PBKDF2(&((sss_se05x_session_t *) &gex_sss_chip_ctx.session)->s_ctx, keyid, salt, slen,
- (uint16_t) iteration_count, (uint16_t) key_length, output, (size_t *) &key_length);
+ smStatus = Se05x_API_PBKDF2(&((sss_se05x_session_t *) &gex_sss_chip_ctx.session)->s_ctx, keyid, kSE05x_Pbkdf2_HMAC_SHA256, salt,
+ slen, (uint16_t) iteration_count, (uint16_t) key_length, output, (size_t *) &key_length);
VerifyOrExit(smStatus == SM_OK, error = CHIP_ERROR_INTERNAL);
diff --git a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h
index 1d137dc..d7d84c2 100644
--- a/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h
+++ b/src/crypto/hsm/nxp/CHIPCryptoPALHsm_SE05X_utils.h
@@ -44,6 +44,7 @@
{
kKeyId_NotInitialized = 0,
kKeyId_pbkdf2_sha256_hmac_keyid = 0xBCBCBCBC,
+ kKeyId_hkdf_sha256_hmac_keyid,
};
// Enable the below macro to make spake HSM imlementation reentrant.
diff --git a/src/crypto/tests/CHIPCryptoPALTest.cpp b/src/crypto/tests/CHIPCryptoPALTest.cpp
index 6e61244..10c6dd3 100644
--- a/src/crypto/tests/CHIPCryptoPALTest.cpp
+++ b/src/crypto/tests/CHIPCryptoPALTest.cpp
@@ -77,6 +77,12 @@
using TestPBKDF2_sha256 = PBKDF2_sha256;
#endif
+#ifdef ENABLE_HSM_HKDF
+using TestHKDF_sha = HKDF_shaHSM;
+#else
+using TestHKDF_sha = HKDF_sha;
+#endif
+
static uint32_t gs_test_entropy_source_called = 0;
static int test_entropy_source(void * data, uint8_t * output, size_t len, size_t * olen)
{
@@ -643,6 +649,7 @@
{
int numOfTestCases = ArraySize(hkdf_sha256_test_vectors);
int numOfTestsExecuted = 0;
+ TestHKDF_sha mHKDF;
for (numOfTestsExecuted = 0; numOfTestsExecuted < numOfTestCases; numOfTestsExecuted++)
{
@@ -651,8 +658,8 @@
chip::Platform::ScopedMemoryBuffer<uint8_t> out_buffer;
out_buffer.Alloc(out_length);
NL_TEST_ASSERT(inSuite, out_buffer);
- HKDF_SHA256(v.initial_key_material, v.initial_key_material_length, v.salt, v.salt_length, v.info, v.info_length,
- out_buffer.Get(), v.output_key_material_length);
+ mHKDF.HKDF_SHA256(v.initial_key_material, v.initial_key_material_length, v.salt, v.salt_length, v.info, v.info_length,
+ out_buffer.Get(), v.output_key_material_length);
bool success = memcmp(v.output_key_material, out_buffer.Get(), out_length) == 0;
NL_TEST_ASSERT(inSuite, success);
}
diff --git a/src/protocols/secure_channel/CASESession.cpp b/src/protocols/secure_channel/CASESession.cpp
index 4e31912..043add4 100644
--- a/src/protocols/secure_channel/CASESession.cpp
+++ b/src/protocols/secure_channel/CASESession.cpp
@@ -61,6 +61,12 @@
using namespace Credentials;
using namespace Messaging;
+#ifdef ENABLE_HSM_HKDF
+using HKDF_sha_crypto = HKDF_shaHSM;
+#else
+using HKDF_sha_crypto = HKDF_sha;
+#endif
+
// Wait at most 30 seconds for the response from the peer.
// This timeout value assumes the underlying transport is reliable.
// The session establishment fails if the response is not received within timeout window.
@@ -423,6 +429,8 @@
uint8_t tag[kTAGSize];
+ HKDF_sha_crypto mHKDF;
+
saltlen = kIPKSize + kSigmaParamRandomNumberSize + kP256_PublicKey_Length + kSHA256_Hash_Length;
msg_salt = System::PacketBufferHandle::New(saltlen);
@@ -455,8 +463,8 @@
err = ConstructSaltSigmaR2(msg_rand, mEphemeralKey.Pubkey(), mIPK, sizeof(mIPK), msg_salt);
SuccessOrExit(err);
- err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
- kAEADKeySize);
+ err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
+ kAEADKeySize);
SuccessOrExit(err);
// Step 6
@@ -589,6 +597,8 @@
uint16_t encryptionKeyId = 0;
+ HKDF_sha_crypto mHKDF;
+
VerifyOrExit(buf != nullptr, err = CHIP_ERROR_MESSAGE_INCOMPLETE);
ChipLogDetail(Inet, "Received SigmaR2 msg");
@@ -631,8 +641,8 @@
err = ConstructSaltSigmaR2(msg, mRemotePubKey, mRemoteIPK, sizeof(mRemoteIPK), msg_salt);
SuccessOrExit(err);
- err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
- kAEADKeySize);
+ err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR2Info, kKDFInfoLength, sr2k,
+ kAEADKeySize);
SuccessOrExit(err);
err = mCommissioningHash.AddData(msg->Start(), msg->DataLength());
@@ -706,6 +716,8 @@
uint8_t tag[kTAGSize];
+ HKDF_sha_crypto mHKDF;
+
// Step 1
saltlen = kIPKSize + kSHA256_Hash_Length;
@@ -716,8 +728,8 @@
err = ConstructSaltSigmaR3(mIPK, sizeof(mIPK), msg_salt);
SuccessOrExit(err);
- err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
- kAEADKeySize);
+ err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
+ kAEADKeySize);
SuccessOrExit(err);
// Step 2
@@ -835,6 +847,8 @@
uint8_t * tag = msg->Start() + msg->DataLength() - kTAGSize;
+ HKDF_sha_crypto mHKDF;
+
ChipLogDetail(Inet, "Received SigmaR3 msg");
mNextExpectedMsg = Protocols::SecureChannel::MsgType::CASE_SigmaErr;
@@ -852,8 +866,8 @@
err = ConstructSaltSigmaR3(mRemoteIPK, sizeof(mRemoteIPK), msg_salt);
SuccessOrExit(err);
- err = HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
- kAEADKeySize);
+ err = mHKDF.HKDF_SHA256(mSharedSecret, mSharedSecret.Length(), msg_salt->Start(), saltlen, kKDFSR3Info, kKDFInfoLength, sr3k,
+ kAEADKeySize);
SuccessOrExit(err);
err = mCommissioningHash.AddData(msg->Start(), msg->DataLength());
@@ -1044,8 +1058,9 @@
CHIP_ERROR CASESession::ComputeIPK(const uint16_t sessionID, uint8_t * ipk, size_t ipkLen)
{
- ReturnErrorOnFailure(HKDF_SHA256(fabricSecret, fabricSecret.Length(), reinterpret_cast<const uint8_t *>(&sessionID),
- sizeof(sessionID), kIPKInfo, sizeof(kIPKInfo), ipk, ipkLen));
+ HKDF_sha_crypto mHKDF;
+ ReturnErrorOnFailure(mHKDF.HKDF_SHA256(fabricSecret, fabricSecret.Length(), reinterpret_cast<const uint8_t *>(&sessionID),
+ sizeof(sessionID), kIPKInfo, sizeof(kIPKInfo), ipk, ipkLen));
return CHIP_NO_ERROR;
}
diff --git a/src/protocols/secure_channel/CASESession.h b/src/protocols/secure_channel/CASESession.h
index bc2ad16..0f4d897 100644
--- a/src/protocols/secure_channel/CASESession.h
+++ b/src/protocols/secure_channel/CASESession.h
@@ -28,6 +28,9 @@
#include <credentials/CHIPCert.h>
#include <credentials/CHIPOperationalCredentials.h>
#include <crypto/CHIPCryptoPAL.h>
+#if CHIP_CRYPTO_HSM
+#include <crypto/hsm/CHIPCryptoPALHsm.h>
+#endif
#include <messaging/ExchangeContext.h>
#include <messaging/ExchangeDelegate.h>
#include <protocols/secure_channel/Constants.h>
diff --git a/src/transport/SecureSession.cpp b/src/transport/SecureSession.cpp
index 68503e0..7035016 100644
--- a/src/transport/SecureSession.cpp
+++ b/src/transport/SecureSession.cpp
@@ -48,11 +48,17 @@
using namespace Crypto;
+#ifdef ENABLE_HSM_HKDF
+using HKDF_sha_crypto = HKDF_shaHSM;
+#else
+using HKDF_sha_crypto = HKDF_sha;
+#endif
+
SecureSession::SecureSession() : mKeyAvailable(false) {}
CHIP_ERROR SecureSession::InitFromSecret(const ByteSpan & secret, const ByteSpan & salt, SessionInfoType infoType, SessionRole role)
{
-
+ HKDF_sha_crypto mHKDF;
VerifyOrReturnError(mKeyAvailable == false, CHIP_ERROR_INCORRECT_STATE);
VerifyOrReturnError(secret.data() != nullptr, CHIP_ERROR_INVALID_ARGUMENT);
VerifyOrReturnError(secret.size() > 0, CHIP_ERROR_INVALID_ARGUMENT);
@@ -68,7 +74,7 @@
}
ReturnErrorOnFailure(
- HKDF_SHA256(secret.data(), secret.size(), salt.data(), salt.size(), info, infoLen, &mKeys[0][0], sizeof(mKeys)));
+ mHKDF.HKDF_SHA256(secret.data(), secret.size(), salt.data(), salt.size(), info, infoLen, &mKeys[0][0], sizeof(mKeys)));
mKeyAvailable = true;
mSessionRole = role;
