Skip to content

Commit

Permalink
[ICD] Refactor ICD Monitoring Table to support HMAC handle and AES ke…
Browse files Browse the repository at this point in the history 
…y handle (#30881)

* Rename key to keyHandle

* Refactor ICD Monitoring Table to not assume key type
Add Hmac Key Handle to ICD Monitoring Table

* remove utility functions

* replace helpers with memcpy

* Add test validation for Hmac key handle

* Apply suggestions from code review

Co-authored-by: Boris Zbarsky <bzbarsky@apple.com>

* Clarify comments

---------

Co-authored-by: Boris Zbarsky <bzbarsky@apple.com>
  • Loading branch information
@mkardous-silabs @bzbarsky-apple @pull
2 people authored and pull[bot] committed Jul 1, 2024
1 parent 8c229a5 commit 1412972
Show file tree
Hide file tree
Showing 6 changed files with 143 additions and 34 deletions.
6 changes: 3 additions & 3 deletions src/app/icd/ICDCheckInSender.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ CHIP_ERROR ICDCheckInSender::SendCheckInMsg(const Transport::PeerAddress & addr)
VerifyOrReturnError(!buffer.IsNull(), CHIP_ERROR_NO_MEMORY);
MutableByteSpan output{ buffer->Start(), buffer->MaxDataLength() };

ReturnErrorOnFailure(CheckinMessage::GenerateCheckinMessagePayload(mKey, mICDCounter, ByteSpan(), output));
ReturnErrorOnFailure(CheckinMessage::GenerateCheckinMessagePayload(mAesKeyHandle, mICDCounter, ByteSpan(), output));
buffer->SetDataLength(static_cast<uint16_t>(output.size()));

VerifyOrReturnError(mExchangeManager->GetSessionManager() != nullptr, CHIP_ERROR_INTERNAL);
Expand Down Expand Up @@ -89,8 +89,8 @@ CHIP_ERROR ICDCheckInSender::RequestResolve(ICDMonitoringEntry & entry, FabricTa

AddressResolve::NodeLookupRequest request(peerId);

memcpy(mKey.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), entry.key.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
memcpy(mAesKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
entry.aesKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

CHIP_ERROR err = AddressResolve::Resolver::Instance().LookupNode(request, mAddressLookupHandle);

Expand Down
2 changes: 1 addition & 1 deletion src/app/icd/ICDCheckInSender.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ class ICDCheckInSender : public AddressResolve::NodeListener

Messaging::ExchangeManager * mExchangeManager = nullptr;

Crypto::Aes128KeyHandle mKey = Crypto::Aes128KeyHandle();
Crypto::Aes128KeyHandle mAesKeyHandle = Crypto::Aes128KeyHandle();

uint32_t mICDCounter = 0;
};
Expand Down
84 changes: 65 additions & 19 deletions src/app/icd/ICDMonitoringTable.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ enum class Fields : uint8_t
{
kCheckInNodeID = 1,
kMonitoredSubject = 2,
kKey = 3,
kAesKeyHandle = 3,
kHmacKeyHandle = 4,
};

CHIP_ERROR ICDMonitoringEntry::UpdateKey(StorageKeyName & skey)
Expand All @@ -42,8 +43,12 @@ CHIP_ERROR ICDMonitoringEntry::Serialize(TLV::TLVWriter & writer) const
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kCheckInNodeID), checkInNodeID));
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kMonitoredSubject), monitoredSubject));

ByteSpan buf(key.As<Crypto::Symmetric128BitsKeyByteArray>());
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kKey), buf));
ByteSpan aesKeybuf(aesKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>());
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kAesKeyHandle), aesKeybuf));

ByteSpan hmacKeybuf(hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>());
ReturnErrorOnFailure(writer.Put(TLV::ContextTag(Fields::kHmacKeyHandle), hmacKeybuf));

ReturnErrorOnFailure(writer.EndContainer(outer));
return CHIP_NO_ERROR;
}
Expand All @@ -69,18 +74,38 @@ CHIP_ERROR ICDMonitoringEntry::Deserialize(TLV::TLVReader & reader)
case to_underlying(Fields::kMonitoredSubject):
ReturnErrorOnFailure(reader.Get(monitoredSubject));
break;
case to_underlying(Fields::kKey): {
ByteSpan buf(key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>());
case to_underlying(Fields::kAesKeyHandle): {
ByteSpan buf;
ReturnErrorOnFailure(reader.Get(buf));
// Since we are storing either the raw key or a key ID, we must
// simply copy the data as is in the keyHandle.
// Calling SetKey here would create another key in storage and will cause
// key leakage in some implementation.
memcpy(key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), buf.data(),
// Calling SetKey here would create another keyHandle in storage and will cause
// key leaks in some implementations.
memcpy(aesKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), buf.data(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
keyHandleValid = true;
}
break;
case to_underlying(Fields::kHmacKeyHandle): {
ByteSpan buf;
CHIP_ERROR error = reader.Get(buf);

if (error != CHIP_NO_ERROR)
{
// If retreiving the hmac key handle failed, we need to set an invalid key handle
// even if the AesKeyHandle is valid.
keyHandleValid = false;
return error;
}

// Since we are storing either the raw key or a key ID, we must
// simply copy the data as is in the keyHandle.
// Calling SetKey here would create another keyHandle in storage and will cause
// key leaks in some implementations.
memcpy(hmacKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), buf.data(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
}
break;
default:
break;
}
Expand Down Expand Up @@ -108,16 +133,29 @@ CHIP_ERROR ICDMonitoringEntry::SetKey(ByteSpan keyData)
Crypto::Symmetric128BitsKeyByteArray keyMaterial;
memcpy(keyMaterial, keyData.data(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

ReturnErrorOnFailure(symmetricKeystore->CreateKey(keyMaterial, key));
keyHandleValid = true;
// TODO - Add function to set PSA key lifetime
ReturnErrorOnFailure(symmetricKeystore->CreateKey(keyMaterial, aesKeyHandle));
CHIP_ERROR error = symmetricKeystore->CreateKey(keyMaterial, hmacKeyHandle);

return CHIP_NO_ERROR;
if (error == CHIP_NO_ERROR)
{
// If the creation of the HmacKeyHandle succeeds, both key handles are valid
keyHandleValid = true;
}
else
{
// Creation of the HmacKeyHandle failed, we need to delete the AesKeyHandle to avoid a key leak
symmetricKeystore->DestroyKey(this->aesKeyHandle);
}

return error;
}

CHIP_ERROR ICDMonitoringEntry::DeleteKey()
{
VerifyOrReturnError(symmetricKeystore != nullptr, CHIP_ERROR_INTERNAL);
symmetricKeystore->DestroyKey(this->key);
symmetricKeystore->DestroyKey(this->aesKeyHandle);
symmetricKeystore->DestroyKey(this->hmacKeyHandle);
keyHandleValid = false;
return CHIP_NO_ERROR;
}
Expand All @@ -141,15 +179,15 @@ bool ICDMonitoringEntry::IsKeyEquivalent(ByteSpan keyData)
uint64_t data = Crypto::GetRandU64(), validation, encrypted;
validation = data;

err = Crypto::AES_CCM_encrypt(reinterpret_cast<uint8_t *>(&data), sizeof(data), nullptr, 0, tempEntry.key, aead,
err = Crypto::AES_CCM_encrypt(reinterpret_cast<uint8_t *>(&data), sizeof(data), nullptr, 0, tempEntry.aesKeyHandle, aead,
Crypto::CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES, reinterpret_cast<uint8_t *>(&encrypted), mic,
Crypto::CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES);

data = 0;
if (err == CHIP_NO_ERROR)
{
err = Crypto::AES_CCM_decrypt(reinterpret_cast<uint8_t *>(&encrypted), sizeof(encrypted), nullptr, 0, mic,
Crypto::CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES, key, aead,
Crypto::CHIP_CRYPTO_AEAD_MIC_LENGTH_BYTES, aesKeyHandle, aead,
Crypto::CHIP_CRYPTO_AEAD_NONCE_LENGTH_BYTES, reinterpret_cast<uint8_t *>(&data));
}
tempEntry.DeleteKey();
Expand All @@ -175,7 +213,11 @@ ICDMonitoringEntry & ICDMonitoringEntry::operator=(const ICDMonitoringEntry & ic
index = icdMonitoringEntry.index;
keyHandleValid = icdMonitoringEntry.keyHandleValid;
symmetricKeystore = icdMonitoringEntry.symmetricKeystore;
memcpy(key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), icdMonitoringEntry.key.As<Crypto::Symmetric128BitsKeyByteArray>(),
memcpy(aesKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
icdMonitoringEntry.aesKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));
memcpy(hmacKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
icdMonitoringEntry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));

return *this;
Expand Down Expand Up @@ -211,12 +253,16 @@ CHIP_ERROR ICDMonitoringTable::Set(uint16_t index, const ICDMonitoringEntry & en
VerifyOrReturnError(kUndefinedNodeId != entry.checkInNodeID, CHIP_ERROR_INVALID_ARGUMENT);
VerifyOrReturnError(kUndefinedNodeId != entry.monitoredSubject, CHIP_ERROR_INVALID_ARGUMENT);
VerifyOrReturnError(entry.keyHandleValid, CHIP_ERROR_INVALID_ARGUMENT);

ICDMonitoringEntry e(this->mFabric, index);
e.checkInNodeID = entry.checkInNodeID;
e.monitoredSubject = entry.monitoredSubject;
e.index = index;
memcpy(e.key.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(), entry.key.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray));

memcpy(e.aesKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
entry.aesKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(), sizeof(Crypto::Symmetric128BitsKeyByteArray));
memcpy(e.hmacKeyHandle.AsMutable<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(), sizeof(Crypto::Symmetric128BitsKeyByteArray));

return e.Save(this->mStorage);
}
Expand All @@ -225,8 +271,8 @@ CHIP_ERROR ICDMonitoringTable::Remove(uint16_t index)
{
ICDMonitoringEntry entry(mSymmetricKeystore, this->mFabric);

// Retrieve entry and delete the key first as to not
// cause any key leakage.
// Retrieve entry and delete the keyHandle first as to not
// cause any key leaks.
this->Get(index, entry);
ReturnErrorOnFailure(entry.DeleteKey());

Expand Down
5 changes: 3 additions & 2 deletions src/app/icd/ICDMonitoringTable.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ using SymmetricKeystore = SessionKeystore;

namespace chip {

inline constexpr size_t kICDMonitoringBufferSize = 40;
inline constexpr size_t kICDMonitoringBufferSize = 60;

struct ICDMonitoringEntry : public PersistentData<kICDMonitoringBufferSize>
{
Expand Down Expand Up @@ -104,7 +104,8 @@ struct ICDMonitoringEntry : public PersistentData<kICDMonitoringBufferSize>
chip::FabricIndex fabricIndex = kUndefinedFabricIndex;
chip::NodeId checkInNodeID = kUndefinedNodeId;
uint64_t monitoredSubject = static_cast<uint64_t>(0);
Crypto::Aes128KeyHandle key = Crypto::Aes128KeyHandle();
Crypto::Aes128KeyHandle aesKeyHandle = Crypto::Aes128KeyHandle();
Crypto::Hmac128KeyHandle hmacKeyHandle = Crypto::Hmac128KeyHandle();
bool keyHandleValid = false;
uint16_t index = 0;
Crypto::SymmetricKeystore * symmetricKeystore = nullptr;
Expand Down
52 changes: 51 additions & 1 deletion src/app/tests/TestICDMonitoringTable.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -155,11 +155,16 @@ void TestSaveAndLoadRegistrationValue(nlTestSuite * aSuite, void * aContext)

// Retrieve first entry
err = loading.Get(0, entry);

NL_TEST_ASSERT(aSuite, CHIP_NO_ERROR == err);
NL_TEST_ASSERT(aSuite, kTestFabricIndex1 == entry.fabricIndex);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry1.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Retrieve second entry
err = loading.Get(1, entry);
Expand All @@ -168,6 +173,10 @@ void TestSaveAndLoadRegistrationValue(nlTestSuite * aSuite, void * aContext)
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry2.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// No more entries
err = loading.Get(2, entry);
Expand All @@ -176,6 +185,7 @@ void TestSaveAndLoadRegistrationValue(nlTestSuite * aSuite, void * aContext)

// Remove first entry
saving.Remove(0);

ICDMonitoringEntry entry4(&keystore);
entry4.checkInNodeID = kClientNodeId13;
entry4.monitoredSubject = kClientNodeId11;
Expand All @@ -190,6 +200,10 @@ void TestSaveAndLoadRegistrationValue(nlTestSuite * aSuite, void * aContext)
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry2.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Retrieve second entry
err = loading.Get(1, entry);
Expand All @@ -198,6 +212,10 @@ void TestSaveAndLoadRegistrationValue(nlTestSuite * aSuite, void * aContext)
NL_TEST_ASSERT(aSuite, kClientNodeId13 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b)));
NL_TEST_ASSERT(aSuite,
memcmp(entry4.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);
}

void TestSaveAllInvalidRegistrationValues(nlTestSuite * aSuite, void * aContext)
Expand Down Expand Up @@ -296,14 +314,22 @@ void TestSaveLoadRegistrationValueForMultipleFabrics(nlTestSuite * aSuite, void
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry1.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Retrieve fabric2, second entry
// Retrieve fabric1, second entry
err = table1.Get(1, entry);
NL_TEST_ASSERT(aSuite, CHIP_NO_ERROR == err);
NL_TEST_ASSERT(aSuite, kTestFabricIndex1 == entry.fabricIndex);
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b)));
NL_TEST_ASSERT(aSuite,
memcmp(entry2.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Retrieve fabric2, first entry
err = table2.Get(0, entry);
Expand All @@ -312,6 +338,10 @@ void TestSaveLoadRegistrationValueForMultipleFabrics(nlTestSuite * aSuite, void
NL_TEST_ASSERT(aSuite, kClientNodeId21 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId22 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry3.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);
}

void TestDeleteValidEntryFromStorage(nlTestSuite * aSuite, void * context)
Expand Down Expand Up @@ -358,6 +388,10 @@ void TestDeleteValidEntryFromStorage(nlTestSuite * aSuite, void * context)
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry1.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Retrieve second entry (not modified)
err = table1.Get(1, entry);
Expand All @@ -366,6 +400,10 @@ void TestDeleteValidEntryFromStorage(nlTestSuite * aSuite, void * context)
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry2.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Remove (existing)
err = table1.Remove(0);
Expand All @@ -381,6 +419,10 @@ void TestDeleteValidEntryFromStorage(nlTestSuite * aSuite, void * context)
NL_TEST_ASSERT(aSuite, kClientNodeId12 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId11 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer2a)));
NL_TEST_ASSERT(aSuite,
memcmp(entry2.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Retrieve fabric2, first entry
err = table2.Get(0, entry);
Expand All @@ -389,6 +431,10 @@ void TestDeleteValidEntryFromStorage(nlTestSuite * aSuite, void * context)
NL_TEST_ASSERT(aSuite, kClientNodeId21 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId22 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b)));
NL_TEST_ASSERT(aSuite,
memcmp(entry3.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Remove all (fabric 1)
err = table1.RemoveAll();
Expand All @@ -404,6 +450,10 @@ void TestDeleteValidEntryFromStorage(nlTestSuite * aSuite, void * context)
NL_TEST_ASSERT(aSuite, kClientNodeId21 == entry.checkInNodeID);
NL_TEST_ASSERT(aSuite, kClientNodeId22 == entry.monitoredSubject);
NL_TEST_ASSERT(aSuite, entry.IsKeyEquivalent(ByteSpan(kKeyBuffer1b)));
NL_TEST_ASSERT(aSuite,
memcmp(entry3.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
entry.hmacKeyHandle.As<Crypto::Symmetric128BitsKeyByteArray>(),
sizeof(Crypto::Symmetric128BitsKeyByteArray)) == 0);

// Remove all (fabric 2)
err = table2.RemoveAll();
Expand Down
Loading

0 comments on commit 1412972

Please sign in to comment.