Silicon Labs: Attestation credentials now remain upon factory reset. (#27966)

rcasallas-silabs · pull[bot] · commit 1057432f574c · 2023-08-29T01:32:39.000Z
diff --git a/examples/platform/silabs/SilabsDeviceAttestationCreds.cpp b/examples/platform/silabs/SilabsDeviceAttestationCreds.cpp
@@ -26,6 +26,8 @@
 
 using namespace chip::DeviceLayer::Internal;
 
+using chip::DeviceLayer::Internal::SilabsConfig;
+
 extern uint8_t linker_nvm_end[];
 static uint8_t * _credentials_address = (uint8_t *) linker_nvm_end;
 
@@ -44,21 +46,8 @@ class DeviceAttestationCredsSilabs : public DeviceAttestationCredentialsProvider
 public:
     CHIP_ERROR GetCertificationDeclaration(MutableByteSpan & out_span) override
     {
-        uint32_t offset = SILABS_CREDENTIALS_CD_OFFSET;
-        uint32_t size   = SILABS_CREDENTIALS_CD_SIZE;
-
-        if (SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_CD_Offset) &&
-            SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_CD_Size))
-        {
-            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_CD_Offset, offset));
-            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_CD_Size, size));
-        }
-
-        uint8_t * address = _credentials_address + offset;
-        ByteSpan cd_span(address, size);
-        ChipLogProgress(DeviceLayer, "GetCertificationDeclaration, addr:%p, size:%lu", address, size);
-        ChipLogByteSpan(DeviceLayer, ByteSpan(cd_span.data(), kDebugLength > cd_span.size() ? cd_span.size() : kDebugLength));
-        return CopySpanToMutableSpan(cd_span, out_span);
+        return GetFile("GetCertificationDeclaration", SilabsConfig::kConfigKey_Creds_CD_Offset, SILABS_CREDENTIALS_CD_OFFSET,
+                       SilabsConfig::kConfigKey_Creds_CD_Size, SILABS_CREDENTIALS_CD_SIZE, out_span);
     }
 
     CHIP_ERROR GetFirmwareInformation(MutableByteSpan & out_firmware_info_buffer) override
@@ -70,40 +59,15 @@ class DeviceAttestationCredsSilabs : public DeviceAttestationCredentialsProvider
 
     CHIP_ERROR GetDeviceAttestationCert(MutableByteSpan & out_span) override
     {
-        uint32_t offset = SILABS_CREDENTIALS_DAC_OFFSET;
-        uint32_t size   = SILABS_CREDENTIALS_DAC_SIZE;
-
-        if (SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_DAC_Offset) &&
-            SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_DAC_Size))
-        {
-            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_DAC_Offset, offset));
-            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_DAC_Size, size));
-        }
-
-        uint8_t * address = _credentials_address + offset;
-        ByteSpan cert_span(address, size);
-        ChipLogProgress(DeviceLayer, "GetDeviceAttestationCert, addr:%p, size:%lu", address, size);
-        ChipLogByteSpan(DeviceLayer, ByteSpan(cert_span.data(), kDebugLength > cert_span.size() ? cert_span.size() : kDebugLength));
-        return CopySpanToMutableSpan(cert_span, out_span);
+        return GetFile("GetDeviceAttestationCert", SilabsConfig::kConfigKey_Creds_DAC_Offset, SILABS_CREDENTIALS_DAC_OFFSET,
+                       SilabsConfig::kConfigKey_Creds_DAC_Size, SILABS_CREDENTIALS_DAC_SIZE, out_span);
     }
 
     CHIP_ERROR GetProductAttestationIntermediateCert(MutableByteSpan & out_span) override
     {
-        uint32_t offset = SILABS_CREDENTIALS_PAI_OFFSET;
-        uint32_t size   = SILABS_CREDENTIALS_PAI_SIZE;
-
-        if (SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_PAI_Offset) &&
-            SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_PAI_Size))
-        {
-            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_PAI_Offset, offset));
-            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_PAI_Size, size));
-        }
-
-        uint8_t * address = _credentials_address + offset;
-        ByteSpan cert_span(address, size);
-        ChipLogProgress(DeviceLayer, "GetProductAttestationIntermediateCert, addr:%p, size:%lu", address, size);
-        ChipLogByteSpan(DeviceLayer, ByteSpan(cert_span.data(), kDebugLength > cert_span.size() ? cert_span.size() : kDebugLength));
-        return CopySpanToMutableSpan(cert_span, out_span);
+        return GetFile("GetProductAttestationIntermediateCert", SilabsConfig::kConfigKey_Creds_PAI_Offset,
+                       SILABS_CREDENTIALS_PAI_OFFSET, SilabsConfig::kConfigKey_Creds_PAI_Size, SILABS_CREDENTIALS_PAI_SIZE,
+                       out_span);
     }
 
     CHIP_ERROR SignWithDeviceAttestationKey(const ByteSpan & message_to_sign, MutableByteSpan & out_span) override
@@ -126,6 +90,45 @@ class DeviceAttestationCredsSilabs : public DeviceAttestationCredentialsProvider
 
         return CopySpanToMutableSpan(ByteSpan(signature, signature_size), out_span);
     }
+
+private:
+    CHIP_ERROR GetFile(const char * description, uint32_t offset_key, uint32_t offset_default, uint32_t size_key,
+                       uint32_t size_default, MutableByteSpan & out_span)
+    {
+        uint8_t * address = nullptr;
+        uint32_t offset   = offset_default;
+        if (SilabsConfig::ConfigValueExists(offset_key))
+        {
+            // NVM-provided offset
+            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(offset_key, offset));
+        }
+
+        if (SilabsConfig::ConfigValueExists(SilabsConfig::kConfigKey_Creds_Base_Addr))
+        {
+            // NVM-provided location
+            uint32_t base_addr = 0;
+            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(SilabsConfig::kConfigKey_Creds_Base_Addr, base_addr));
+            address = (uint8_t *) (base_addr + offset);
+        }
+        else
+        {
+            // Default location
+            address = _credentials_address + offset;
+        }
+
+        // Size
+        uint32_t size = size_default;
+        if (SilabsConfig::ConfigValueExists(size_key))
+        {
+            // NVM-provided size
+            ReturnErrorOnFailure(SilabsConfig::ReadConfigValue(size_key, size));
+        }
+
+        ByteSpan span(address, size);
+        ChipLogProgress(DeviceLayer, "%s, addr:%p, size:%lu", description, address, size);
+        ChipLogByteSpan(DeviceLayer, ByteSpan(span.data(), kDebugLength > span.size() ? span.size() : kDebugLength));
+        return CopySpanToMutableSpan(span, out_span);
+    }
 };
 
 } // namespace
@@ -138,4 +141,43 @@ DeviceAttestationCredentialsProvider * GetSilabsDacProvider()
 
 } // namespace Silabs
 } // namespace Credentials
+
+namespace DeviceLayer {
+namespace Silabs {
+namespace {
+
+void MigrateUint32(uint32_t old_key, uint32_t new_key)
+{
+    uint32_t value = 0;
+    if (SilabsConfig::ConfigValueExists(old_key) && (CHIP_NO_ERROR == SilabsConfig::ReadConfigValue(old_key, value)))
+    {
+        SilabsConfig::WriteConfigValue(new_key, value);
+    }
+}
+
+} // namespace
+
+void MigrateDacProvider(void)
+{
+    constexpr uint32_t kOldKey_Creds_KeyId      = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x21);
+    constexpr uint32_t kOldKey_Creds_Base_Addr  = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x22);
+    constexpr uint32_t kOldKey_Creds_DAC_Offset = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x23);
+    constexpr uint32_t kOldKey_Creds_DAC_Size   = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x24);
+    constexpr uint32_t kOldKey_Creds_PAI_Offset = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x25);
+    constexpr uint32_t kOldKey_Creds_PAI_Size   = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x26);
+    constexpr uint32_t kOldKey_Creds_CD_Offset  = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x27);
+    constexpr uint32_t kOldKey_Creds_CD_Size    = SilabsConfigKey(SilabsConfig::kMatterConfig_KeyBase, 0x28);
+
+    MigrateUint32(kOldKey_Creds_KeyId, SilabsConfig::kConfigKey_Creds_KeyId);
+    MigrateUint32(kOldKey_Creds_Base_Addr, SilabsConfig::kConfigKey_Creds_Base_Addr);
+    MigrateUint32(kOldKey_Creds_DAC_Offset, SilabsConfig::kConfigKey_Creds_DAC_Offset);
+    MigrateUint32(kOldKey_Creds_DAC_Size, SilabsConfig::kConfigKey_Creds_DAC_Size);
+    MigrateUint32(kOldKey_Creds_PAI_Offset, SilabsConfig::kConfigKey_Creds_PAI_Offset);
+    MigrateUint32(kOldKey_Creds_PAI_Size, SilabsConfig::kConfigKey_Creds_PAI_Size);
+    MigrateUint32(kOldKey_Creds_CD_Offset, SilabsConfig::kConfigKey_Creds_CD_Offset);
+    MigrateUint32(kOldKey_Creds_CD_Size, SilabsConfig::kConfigKey_Creds_CD_Size);
+}
+
+} // namespace Silabs
+} // namespace DeviceLayer
 } // namespace chip
diff --git a/examples/platform/silabs/SilabsDeviceAttestationCreds.h b/examples/platform/silabs/SilabsDeviceAttestationCreds.h
@@ -34,6 +34,8 @@ namespace Silabs {
  */
 DeviceAttestationCredentialsProvider * GetSilabsDacProvider();
 
+void SilabsDacProviderMigration(void);
+
 } // namespace Silabs
 } // namespace Credentials
 } // namespace chip
diff --git a/src/platform/silabs/KeyValueStoreManagerImpl.cpp b/src/platform/silabs/KeyValueStoreManagerImpl.cpp
@@ -300,5 +300,14 @@ void KeyValueStoreManagerImpl::KvsMapMigration(void)
 }
 
 } // namespace PersistedStorage
+
+namespace Silabs {
+
+void MigrateKvsMap(void)
+{
+    PersistedStorage::KeyValueStoreMgrImpl().KvsMapMigration();
+}
+
+} // namespace Silabs
 } // namespace DeviceLayer
 } // namespace chip
diff --git a/src/platform/silabs/KeyValueStoreManagerImpl.h b/src/platform/silabs/KeyValueStoreManagerImpl.h
@@ -33,10 +33,6 @@ namespace PersistedStorage {
 
 class KeyValueStoreManagerImpl final : public KeyValueStoreManager
 {
-    // Allow the KeyValueStoreManager interface class to delegate method calls to
-    // the implementation methods provided by this class.
-    friend class KeyValueStoreManager;
-
 public:
     CHIP_ERROR Init(void);
     CHIP_ERROR _Put(const char * key, const void * value, size_t value_size);
diff --git a/src/platform/silabs/MigrationManager.cpp b/src/platform/silabs/MigrationManager.cpp
@@ -17,7 +17,6 @@
 
 #include "MigrationManager.h"
 #include <platform/CHIPDeviceLayer.h>
-#include <platform/KeyValueStoreManager.h>
 #include <platform/silabs/SilabsConfig.h>
 #include <stdio.h>
 
@@ -38,7 +37,10 @@ typedef struct
 
 #define COUNT_OF(A) (sizeof(A) / sizeof((A)[0]))
 static migrationData_t migrationTable[] = {
-    { .migrationGroup = 1, .migrationFunc = &KeyValueStoreMgrImpl().KvsMapMigration },
+    { .migrationGroup = 1, .migrationFunc = MigrateKvsMap },
+#ifdef SILABS_ATTESTATION_CREDENTIALS
+    { .migrationGroup = 2, .migrationFunc = MigrateDacProvider },
+#endif
     // add any additional migration neccesary. migrationGroup should stay equal if done in the same commit or increment by 1 for
     // each new entry.
 };
diff --git a/src/platform/silabs/MigrationManager.h b/src/platform/silabs/MigrationManager.h
@@ -24,8 +24,6 @@ namespace Silabs {
 
 class MigrationManager
 {
-    friend class KeyValueStoreManagerImpl;
-
 public:
     /**
      * The Silabs migration manager is implemented as a singleton
@@ -39,6 +37,13 @@ class MigrationManager
     ~MigrationManager(){};
 };
 
+/**
+ * Migration functions. These definitions allow the MigrationManager
+ * to be agnostic of the specifics of each individual migration.
+ */
+void MigrateKvsMap(void);
+void MigrateDacProvider(void);
+
 } // namespace Silabs
 } // namespace DeviceLayer
 } // namespace chip
diff --git a/src/platform/silabs/SilabsConfig.h b/src/platform/silabs/SilabsConfig.h
@@ -112,6 +112,14 @@ class SilabsConfig
     static constexpr Key kConfigKey_ProductURL            = SilabsConfigKey(kMatterFactory_KeyBase, 0x11);
     static constexpr Key kConfigKey_PartNumber            = SilabsConfigKey(kMatterFactory_KeyBase, 0x12);
     static constexpr Key kConfigKey_UniqueId              = SilabsConfigKey(kMatterFactory_KeyBase, 0x1F);
+    static constexpr Key kConfigKey_Creds_KeyId           = SilabsConfigKey(kMatterFactory_KeyBase, 0x20);
+    static constexpr Key kConfigKey_Creds_Base_Addr       = SilabsConfigKey(kMatterFactory_KeyBase, 0x21);
+    static constexpr Key kConfigKey_Creds_DAC_Offset      = SilabsConfigKey(kMatterFactory_KeyBase, 0x22);
+    static constexpr Key kConfigKey_Creds_DAC_Size        = SilabsConfigKey(kMatterFactory_KeyBase, 0x23);
+    static constexpr Key kConfigKey_Creds_PAI_Offset      = SilabsConfigKey(kMatterFactory_KeyBase, 0x24);
+    static constexpr Key kConfigKey_Creds_PAI_Size        = SilabsConfigKey(kMatterFactory_KeyBase, 0x25);
+    static constexpr Key kConfigKey_Creds_CD_Offset       = SilabsConfigKey(kMatterFactory_KeyBase, 0x26);
+    static constexpr Key kConfigKey_Creds_CD_Size         = SilabsConfigKey(kMatterFactory_KeyBase, 0x27);
     // Matter Config Keys
     static constexpr Key kConfigKey_ServiceConfig      = SilabsConfigKey(kMatterConfig_KeyBase, 0x01);
     static constexpr Key kConfigKey_PairedAccountId    = SilabsConfigKey(kMatterConfig_KeyBase, 0x02);
@@ -135,14 +143,6 @@ class SilabsConfig
     static constexpr Key kConfigKey_YearDaySchedules   = SilabsConfigKey(kMatterConfig_KeyBase, 0x16);
     static constexpr Key kConfigKey_HolidaySchedules   = SilabsConfigKey(kMatterConfig_KeyBase, 0x17);
     static constexpr Key kConfigKey_OpKeyMap           = SilabsConfigKey(kMatterConfig_KeyBase, 0x20);
-    static constexpr Key kConfigKey_Creds_KeyId        = SilabsConfigKey(kMatterConfig_KeyBase, 0x21);
-    static constexpr Key kConfigKey_Creds_Base_Addr    = SilabsConfigKey(kMatterConfig_KeyBase, 0x22);
-    static constexpr Key kConfigKey_Creds_DAC_Offset   = SilabsConfigKey(kMatterConfig_KeyBase, 0x23);
-    static constexpr Key kConfigKey_Creds_DAC_Size     = SilabsConfigKey(kMatterConfig_KeyBase, 0x24);
-    static constexpr Key kConfigKey_Creds_PAI_Offset   = SilabsConfigKey(kMatterConfig_KeyBase, 0x25);
-    static constexpr Key kConfigKey_Creds_PAI_Size     = SilabsConfigKey(kMatterConfig_KeyBase, 0x26);
-    static constexpr Key kConfigKey_Creds_CD_Offset    = SilabsConfigKey(kMatterConfig_KeyBase, 0x27);
-    static constexpr Key kConfigKey_Creds_CD_Size      = SilabsConfigKey(kMatterConfig_KeyBase, 0x28);
 
     static constexpr Key kConfigKey_GroupKeyMax =
         SilabsConfigKey(kMatterConfig_KeyBase, 0x1E); // Allows 16 Group Keys to be created.
@@ -160,7 +160,7 @@ class SilabsConfig
 
     // Set key id limits for each group.
     static constexpr Key kMinConfigKey_MatterFactory = SilabsConfigKey(kMatterFactory_KeyBase, 0x00);
-    static constexpr Key kMaxConfigKey_MatterFactory = SilabsConfigKey(kMatterFactory_KeyBase, 0x1F);
+    static constexpr Key kMaxConfigKey_MatterFactory = SilabsConfigKey(kMatterFactory_KeyBase, 0x2F);
     static constexpr Key kMinConfigKey_MatterConfig  = SilabsConfigKey(kMatterConfig_KeyBase, 0x00);
     static constexpr Key kMaxConfigKey_MatterConfig  = SilabsConfigKey(kMatterConfig_KeyBase, 0x20);
 
