Implemented CASEServer to fetch credentials, and wait for SigmaR1

[pan-apple]

Problem

Need mechanism to

1. Wait for first CASE message from peer to start handshake
2. Fetch operational credentials provisioned by the commissioner for which the CASE session is being established.

Summary of Changes

This PR adds a new class CASEServer, that'll perform the actions mentioned in the problem.
The CASEServer will be available to device, as well as controllers.

This PR also optimizes the RAM usage for AdminPairingInfo.

Fixes #6779

[todo]

- Enable multiple concurrent CASE session establishment

connectedhomeip/src/protocols/secure_channel/CASEServer.cpp

Lines 82 to 92 in bb08a09

	// TODO - Enable multiple concurrent CASE session establishment
	// This will prevent CASEServer to process another CASE session establishment request until the current
	// one completes (successfully or failed)
	mExchangeManager->UnregisterUnsolicitedMessageHandlerForType(Protocols::SecureChannel::MsgType::CASE_SigmaR1);
	}
	void CASEServer::Cleanup()
	{
	// Let's re-register for CASE SigmaR1 message, so that the next CASE session setup request can be processed.
	mExchangeManager->RegisterUnsolicitedMessageHandlerForType(Protocols::SecureChannel::MsgType::CASE_SigmaR1, this);
	mAdminId = Transport::kUndefinedAdminId;

---

This comment was generated by todo based on a TODO comment in bb08a09 in #6791. cc @pan-apple.

[todo]

- Add support of ICA certificates

connectedhomeip/src/transport/AdminPairingTable.cpp

Lines 261 to 269 in bb08a09

	// TODO - Add support of ICA certificates
	ReturnErrorOnFailure(
	certSet.LoadCert(mOperationalCert, mOpCertLen, BitFlags<CertDecodeFlags>(CertDecodeFlags::kGenerateTBSHash)));
	return CHIP_NO_ERROR;
	}
	AdminPairingInfo * AdminPairingTable::AssignAdminId(AdminId adminId)
	{
	for (size_t i = 0; i < CHIP_CONFIG_MAX_DEVICE_ADMINS; i++)

---

This comment was generated by todo based on a TODO comment in bb08a09 in #6791. cc @pan-apple.

[andy31415]

14K text, 4K bss ... this is very large :/

[woody-apple]

14K text, 4K bss ... this is very large :/

Wow, yeah. @pan-apple ?

[github-actions]

Size increase report for "nrfconnect-example-build" from 8d203d7

File	Section	File	VM
chip-lock.elf	text	14348	14348
chip-lock.elf	bss	0	4383
chip-lock.elf	rodata	1448	1448
chip-lock.elf	init_array	4	4
chip-lock.elf	[LOAD #3 [RW]]	0	-31
chip-shell.elf	device_handles	12	12
chip-shell.elf	text	-12	-12
chip-lighting.elf	text	14268	14268
chip-lighting.elf	bss	0	4379
chip-lighting.elf	rodata	1192	1196
chip-lighting.elf	init_array	4	4
chip-lighting.elf	[LOAD #3 [RW]]	0	-27

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-lock.elf and ./pull_artifact/chip-lock.elf:

sections,vmsize,filesize
.debug_info,0,830063
.debug_line,0,68597
.debug_loc,0,52741
.debug_abbrev,0,38036
.debug_str,0,36311
text,14348,14348
.strtab,0,11856
.debug_ranges,0,7936
.symtab,0,7360
.debug_frame,0,5876
bss,4383,0
.debug_aranges,0,1824
rodata,1448,1448
init_array,4,4
[LOAD #3 [RW]],-31,0

Comparing ./master_artifact/chip-shell.elf and ./pull_artifact/chip-shell.elf:

sections,vmsize,filesize
.debug_info,0,130956
.debug_str,0,16343
.debug_line,0,2759
.debug_abbrev,0,2329
.debug_loc,0,333
.debug_ranges,0,64
.debug_frame,0,32
device_handles,12,12
.debug_aranges,0,8
text,-12,-12

Comparing ./master_artifact/chip-lighting.elf and ./pull_artifact/chip-lighting.elf:

sections,vmsize,filesize
.debug_info,0,1016802
.debug_line,0,69622
.debug_loc,0,52768
.debug_abbrev,0,39688
.debug_str,0,36308
text,14268,14268
.strtab,0,11799
.debug_ranges,0,7568
.symtab,0,7296
.debug_frame,0,5852
bss,4379,0
.debug_aranges,0,1816
rodata,1196,1192
init_array,4,4
.shstrtab,0,1
[LOAD #3 [RW]],-27,0

[github-actions]

Size increase report for "esp32-example-build" from 8d203d7

File	Section	File	VM
chip-pigweed-app.elf	.flash.text	-440	-440
chip-pigweed-app.elf	.flash.rodata	-1416	-1416

Full report output

BLOAT REPORT

Files found only in the build output:
    report.csv

Comparing ./master_artifact/chip-all-clusters-app.elf and ./pull_artifact/chip-all-clusters-app.elf:

BLOAT EXECUTION FAILED WITH CODE 1:
bloaty: integer overflow

Comparing ./master_artifact/chip-pigweed-app.elf and ./pull_artifact/chip-pigweed-app.elf:

sections,vmsize,filesize
.xt.prop._ZNK2pw3rpc8internal7Channel13AcquireBufferEv,0,68
.xt.prop._ZN2pw3rpc8internal7Channel4SendERKNS1_6PacketE,0,40
.xt.prop._ZSt9__find_ifIPKSt4byteN9__gnu_cxx5__ops10_Iter_predIPFbS0_EEEET_S9_S9_T0_St26random_access_iterator_tag,0,-2
.debug_str,0,-26
.xt.lit._ZN2pw3rpc8internal7Channel12OutputBufferD5Ev,0,-48
.shstrtab,0,-60
.debug_aranges,0,-72
.xt.prop._ZNK2pw3rpc8internal10ServerCall7serviceEv$isra$0,0,-76
.xt.prop._ZN2pw3rpc8internal7Channel12OutputBufferD5Ev,0,-92
.debug_frame,0,-216
.symtab,0,-272
.debug_abbrev,0,-422
.flash.text,-440,-440
.debug_loc,0,-602
.strtab,0,-668
.debug_ranges,0,-672
.debug_line,0,-1076
.flash.rodata,-1416,-1416
[Unmapped],0,-2680
.debug_info,0,-3024

[bzbarsky-apple]

The fact that we end up having to make copies of this stuff is not great. Ideally we would just hold on to the right admin and use these things in-place from there. Followup for that?

[pan-apple]

I am expecting some refactor/cleanup once CASE state machine is hooked up on controller and device side. A lot of these overheads will iron out at that point.

[bzbarsky-apple]

So here, if we stored the certs as a ChipCertificateSet to start with, couldn't we just return a const ref to it?

[pan-apple]

I am expecting some refactor/cleanup once CASE state machine is hooked up on controller and device side. A lot of these overheads will iron out at that point.

[pan-apple]

14K text, 4K bss ... this is very large :/

Wow, yeah. @pan-apple ?

Yeah, most of this is because now some previously unused crypto code is getting linked with the final ELF.

[msandstedt]

Indexing and lookup up by Admin ID breaks scoping. Per the spec, the admin must be located based upon the root PK of the root CA for the requesting agent.

[pan-apple]

That makes sense. We can do that as part of multi admin feature.
Would you prefer if I updated the above comment as part of this PR?

[msandstedt]

A TODO seems appropriate. It doesn't have to happen now. I'm just pointing out that this code does not appear to be compliant with the 4.369 Validate Sigma1 algorithm.

[pan-apple]

Updated the TODO here: https://github.com/project-chip/connectedhomeip/pull/6810/files#diff-c9e9c579ef5bbdbb97683c09136f253a842efdbb8d8febaf3e92ca12b47a0dddR56

[kghost]

Memory usage

change a-size b-size symbol
4464     0    4464   (anonymous namespace)::gCASEServer
 960     0     960   chip::CASESession::SendSigmaR2()
 772     0     772   chip::CASESession::SendSigmaR3()
 620    68     688   __static_initialization_and_destruction_0(int, int)
 584     0     584   chip::CASESession::HandleSigmaR2(chip::System::PacketBufferHandle const&)
 484     0     484   chip::CASESession::HandleSigmaR3(chip::System::PacketBufferHandle const&)
 484     0     484   chip::Credentials::DecodeConvertDN(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipDN&)
 456     0     456   chip::ASN1::sOIDTable
 392     0     392   chip::Credentials::ChipCertificateSet::ValidateCert(chip::Credentials::ChipCertificateData const*, chip::Credentials::ValidationContext&, chip::BitFlags<chip::Credentials::CertValidateFlags, unsigned char>, unsigned char)
 364     0     364   chip::Credentials::DecodeConvertTBSCert(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 324     0     324   chip::Credentials::DecodeConvertFutureExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 300     0     300   chip::Credentials::DecodeConvertBasicConstraintsExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 284     0     284   chip::Credentials::DecodeConvertSubjectPublicKeyInfo(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 260     0     260   chip::ASN1::ASN1Reader::DecodeHead()
 260     0     260   chip::DaysSinceEpochToCalendarDate(unsigned long, unsigned short&, unsigned char&, unsigned char&)
 256     0     256   chip::Credentials::DecodeConvertExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 248     0     248   chip::Credentials::ChipCertificateSet::LoadCert(chip::TLV::TLVReader&, chip::BitFlags<chip::Credentials::CertDecodeFlags, unsigned char>)
 236     0     236   chip::CASESession::CASESession()
 228     0     228   chip::Credentials::DecodeConvertExtendedKeyUsageExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 220     0     220   chip::Credentials::DecodeConvertCert(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 208     0     208   chip::Credentials::ChipCertificateSet::VerifySignature(chip::Credentials::ChipCertificateData const*, chip::Credentials::ChipCertificateData const*)
 208     0     208   chip::Credentials::DecodeConvertValidity(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 204     0     204   chip::CASESession::Validate_and_RetrieveResponderID(unsigned char const**, chip::Crypto::P256PublicKey&, unsigned char const**, unsigned short&)
 202     0     202   chip::ASN1::ASN1Writer::PutBitString(unsigned long)
 180     0     180   chip::CASESession::ConstructSignedCredentials(unsigned char const**, unsigned char const*, unsigned short, chip::System::PacketBufferHandle&, chip::Crypto::CapacityBoundBuffer<72u>&, unsigned int)
 176     0     176   chip::CASESession::HandleSigmaR1(chip::System::PacketBufferHandle const&)
 176     0     176   chip::CASESession::ValidateReceivedMessage(chip::Messaging::ExchangeContext*, chip::PacketHeader const&, chip::PayloadHeader const&, chip::System::PacketBufferHandle&)
 172     0     172   chip::Credentials::DecodeECDSASignature(chip::TLV::TLVReader&, chip::Credentials::ChipCertificateData&)
 168     0     168   chip::ASN1::ASN1Writer::EncodeHead(unsigned char, unsigned long, bool, long)
 168     0     168   chip::CASESession::OnMessageReceived(chip::Messaging::ExchangeContext*, chip::PacketHeader const&, chip::PayloadHeader const&, chip::System::PacketBufferHandle)
 168     0     168   chip::Credentials::ChipCertificateSet::FindValidCert(chip::Credentials::ChipDN const&, chip::Credentials::CertificateKeyId const&, chip::Credentials::ValidationContext&, chip::BitFlags<chip::Credentials::CertValidateFlags, unsigned char>, unsigned char, chip::Credentials::ChipCertificateData*&)
 156     0     156   chip::Credentials::DecodeConvertExtensions(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 148     0     148   chip::ASN1::ASN1Writer::PutTime(chip::ASN1::ASN1UniversalTime const&)
 148     0     148   chip::CASESession::Clear()
 144     0     144   chip::CASESession::DeriveSecureSession(chip::SecureSession&, chip::SecureSession::SessionRole)
 144     0     144   chip::Credentials::ChipDN::GetCertType(unsigned char&) const
 144     0     144   chip::Credentials::DecodeConvertAuthorityKeyIdentifierExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 140     0     140   chip::CASEServer::InitCASEHandshake(chip::Messaging::ExchangeContext*)
 140     0     140   chip::CASEServer::OnSessionEstablished()
 132     0     132   chip::CalendarDateToDaysSinceEpoch(unsigned short, unsigned char, unsigned char, unsigned long&)
 128     0     128   chip::CASESession::FindValidTrustedRoot(unsigned char const**, unsigned long)
 128     0     128   chip::Credentials::DecodeConvertKeyUsageExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 124     0     124   chip::CASESession::ConstructSaltSigmaR2(chip::System::PacketBufferHandle const&, chip::Crypto::P256PublicKey const&, unsigned char const*, unsigned int, chip::System::PacketBufferHandle&)
 124     0     124   chip::Credentials::DecodeConvertECDSASignature(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 124     0     124   chip::Credentials::OperationalCredentialSet::Release()
 120     0     120   chip::ASN1::ASN1Writer::Finalize()
 112     0     112   chip::ASN1::ASN1Writer::PutInteger(long long)
 112     0     112   chip::CASESession::SendErrorMsg(chip::CASESession::SigmaErrorType)
 112     0     112   non-virtual thunk to chip::CASEServer::~CASEServer()
 108     0     108   chip::CASEServer::~CASEServer()
 108     0     108   chip::Credentials::DecodeConvertSubjectKeyIdentifierExtension(chip::TLV::TLVReader&, chip::ASN1::ASN1Writer&, chip::Credentials::ChipCertificateData&)
 104     0     104   non-virtual thunk to chip::CASEServer::~CASEServer()
 100     0     100   chip::CASEServer::~CASEServer()
 100     0     100   chip::CASESession::Init(chip::Credentials::OperationalCredentialSet*, unsigned short, chip::SessionEstablishmentDelegate*)
 100     0     100   chip::Credentials::ChipRDN::IsEqual(chip::Credentials::ChipRDN const&) const
  98     0      98   chip::Credentials::ChipCertificateData::Clear()
  96     0      96   chip::ASN1::ASN1Writer::WriteDeferredLength()
  96     0      96   chip::SecondsSinceEpochToCalendarTime(unsigned long long, unsigned short&, unsigned char&, unsigned char&, unsigned char&, unsigned char&, unsigned char&)
  92     0      92   chip::Credentials::ChipDN::AddAttribute(unsigned short, unsigned long long)
  92     0      92   vtable for chip::CASESession
  88     0      88   chip::ASN1::ParseObjectID(unsigned char const*, unsigned short)
  88     0      88   chip::CASEServer::OnMessageReceived(chip::Messaging::ExchangeContext*, chip::PacketHeader const&, chip::PayloadHeader const&, chip::System::PacketBufferHandle)
  88     0      88   chip::Credentials::ChipDN::AddAttribute(unsigned short, unsigned char const*, unsigned long)
  84     0      84   chip::ASN1::ASN1Reader::ExitContainer()
  84     0      84   chip::CASESession::OnResponseTimeout(chip::Messaging::ExchangeContext*)
  84     0      84   chip::CalendarToChipEpochTime(unsigned short, unsigned char, unsigned char, unsigned char, unsigned char, unsigned char, unsigned long&)
  84     0      84   chip::Credentials::ASN1ToChipEpochTime(chip::ASN1::ASN1UniversalTime const&, unsigned long&)
  84     0      84   chip::Credentials::ChipCertificateSet::Init(unsigned char, unsigned short)
  84     0      84   chip::Credentials::OperationalCredentialSet::FindCertSet(chip::Credentials::CertificateKeyId const&) const
  80     0      80   chip::ASN1::ASN1Reader::GetBoolean(bool&)
  76     0      76   chip::ASN1::ASN1Reader::EnterContainer(unsigned long)
  76     0      76   chip::ASN1::ASN1Writer::PutBitString(unsigned char, unsigned char const*, unsigned short)
  76     0      76   chip::Credentials::OperationalCredentialSet::GetNodeKeypairAt(chip::Credentials::CertificateKeyId const&)
  74     0      74   chip::ASN1::ASN1Writer::PutValue(unsigned char, unsigned long, bool, chip::TLV::TLVReader&)
  72     0      72   chip::ASN1::GetEncodedObjectID(unsigned short, unsigned char const*&, unsigned short&)
  72     0      72   chip::CASESession::ConstructSaltSigmaR3(unsigned char const*, unsigned int, chip::System::PacketBufferHandle&)
  72     0      72   chip::CASESession::HandleErrorMsg(chip::System::PacketBufferHandle const&)
  68     0      68   chip::CASEServer::WaitForSessionEstablishment(chip::Messaging::ExchangeManager*, chip::TransportMgrBase*, chip::SecureSessionMgr*, chip::Transport::AdminPairingTable*)
  68     0      68   chip::Credentials::OperationalCredentialSet::GetNodeCredentialAt(chip::Credentials::CertificateKeyId const&) const
  68     0      68   vtable for chip::CASEServer
  66     0      66   chip::Credentials::ChipDN::IsEqual(chip::Credentials::ChipDN const&) const
  64     0      64   chip::ASN1::ASN1Reader::GetObjectId(unsigned short&)
  64     0      64   chip::ASN1::ASN1Reader::Next()
  64     0      64   chip::Credentials::ChipEpochToASN1Time(unsigned long, chip::ASN1::ASN1UniversalTime&)
  64     0      64   chip::Transport::AdminPairingInfo::GetOperationalCertificateSet(chip::Credentials::ChipCertificateSet&)
  62     0      62   chip::Credentials::OperationalCredentialSet::GetTrustedRootId(unsigned short) const
  60     0      60   __static_initialization_and_destruction_0(int, int)
  60     0      60   chip::ASN1::ASN1Writer::StartEncapsulatedType(unsigned char, unsigned long, bool)
  60     0      60   chip::CASESession::ComputeIPK(unsigned short, unsigned char*, unsigned int)
  56     0      56   chip::ChipEpochToCalendarTime(unsigned long, unsigned short&, unsigned char&, unsigned char&, unsigned char&, unsigned char&, unsigned char&)
  56     0      56   chip::Credentials::OperationalCredentialSet::CleanupMaps()
  56     0      56   chip::Credentials::OperationalCredentialSet::Init(chip::Credentials::ChipCertificateSet*, unsigned char)
  54     0      54   chip::ASN1::ASN1Writer::PutValue(unsigned char, unsigned long, bool, unsigned char const*, unsigned short)
  54     0      54   chip::CASESession::SetEffectiveTime()
  52     0      52   chip::ASN1::HighestBit(unsigned long)
  52     0      52   chip::ASN1::itoa2(unsigned long, unsigned char*)
  50     0      50   chip::ASN1::ASN1Writer::BytesForLength(long)
  50     0      50   chip::ASN1::ASN1Writer::PutBoolean(bool)
  50     0      50   chip::ASN1::ReverseBits(unsigned char)
  48     0      48   chip::Credentials::CertificateKeyId::IsEqual(chip::Credentials::CertificateKeyId const&) const
  48     0      48   chip::Credentials::ChipCertificateSet::LoadCert(unsigned char const*, unsigned long, chip::BitFlags<chip::Credentials::CertDecodeFlags, unsigned char>)
  48     0      48   long chip::Messaging::ExchangeContext::SendMessage<chip::Protocols::SecureChannel::MsgType, void>(chip::Protocols::SecureChannel::MsgType, chip::System::PacketBufferHandle&&, chip::BitFlags<chip::Messaging::SendMessageFlags, unsigned short> const&)
  44     0      44   chip::ASN1::ASN1Writer::PutObjectId(unsigned short)
  44     0      44   chip::CASESession::~CASESession()
  44     0      44   chip::Credentials::OperationalCredentialSet::IsTrustedRootIn(chip::Credentials::CertificateKeyId const&) const
  42     0      42   chip::Credentials::ChipCertificateSet::Release()
  40     0      40   chip::CASEServer::Cleanup()
  40     0      40   chip::Credentials::OperationalCredentialSet::FindValidCert(chip::Credentials::CertificateKeyId const&, chip::Credentials::ChipDN const&, chip::Credentials::CertificateKeyId const&, chip::Credentials::ValidationContext&, chip::Credentials::ChipCertificateData*&)
  40     0      40   chip::TLV::TLVReader::Init(unsigned char const*, unsigned long)
  36     0      36   chip::CASEServer::OnSessionEstablishmentError(long)
  36     0      36   chip::fabricSecret
  34     0      34   chip::Credentials::DecodeChipCert(chip::TLV::TLVReader&, chip::Credentials::ChipCertificateData&)
  32     0      32   chip::ASN1::ASN1Writer::EncodeLength(unsigned char*, unsigned char, long)
  32     0      32   chip::Credentials::ChipCertificateSet::Clear()
  32     0      32   chip::Credentials::OperationalCredentialSet::Clear()
  32     0      32   chip::Crypto::Hash_SHA256(unsigned char const*, unsigned int, unsigned char*)
  32     0      32   chip::TLV::TLVReader::VerifyEndOfContainer()
  30     0      30   chip::ASN1::ASN1Reader::Init(unsigned char const*, unsigned long)
  28     0      28   chip::Credentials::ChipCertificateSet::FindValidCert(chip::Credentials::ChipDN const&, chip::Credentials::CertificateKeyId const&, chip::Credentials::ValidationContext&, chip::Credentials::ChipCertificateData*&)
  28     0      28   chip::Credentials::DecodeChipCert(unsigned char const*, unsigned long, chip::Credentials::ChipCertificateData&)
  26     0      26   chip::ASN1::ASN1Writer::PutConstructedType(unsigned char const*, unsigned short)
  24     0      24   chip::ASN1::ASN1Reader::EnterConstructedType()
  24     0      24   chip::ASN1::ASN1Writer::PutObjectId(unsigned char const*, unsigned short)
  24     0      24   chip::ASN1::ASN1Writer::PutOctetString(unsigned char const*, unsigned short)
  24     0      24   chip::ASN1::ASN1Writer::PutString(unsigned long, char const*, unsigned short)
  24     0      24   chip::Credentials::ChipDN::RDNCount() const
  24     0      24   chip::Credentials::OperationalCredentialSet::SignMsg(chip::Credentials::CertificateKeyId const&, unsigned char const*, unsigned int, chip::Crypto::CapacityBoundBuffer<72u>&)
  24     0      24   chip::MarchBasedDayOfYearToMonth(unsigned short)
  24     0      24   chip::MarchBasedMonthToDayOfYear(unsigned char)
  22     0      22   chip::ASN1::ASN1Writer::PutOctetString(unsigned char, unsigned long, unsigned char const*, unsigned short)
  22     0      22   chip::ASN1::ASN1Writer::StartConstructedType(unsigned char, unsigned long)
  22     0      22   chip::CASESession::WaitForSessionEstablishment(chip::Credentials::OperationalCredentialSet*, unsigned short, chip::SessionEstablishmentDelegate*)
  22     0      22   chip::CASESession::~CASESession()
  22     0      22   chip::Credentials::ChipDN::Clear()
  21     0      21   chip::kIPKInfo
  20   504     524   InitServer(AppDelegate*)
  20    28      48   __static_initialization_and_destruction_0(int, int)
  20     0      20   chip::ASN1::ASN1Reader::ResetElementState()
  20     0      20   chip::CASESession::HandleSigmaR1_and_SendSigmaR2(chip::System::PacketBufferHandle const&)
  20     0      20   chip::CASESession::HandleSigmaR2_and_SendSigmaR3(chip::System::PacketBufferHandle const&)
  18     0      18   chip::Credentials::ValidationContext::Reset()
  16     0      16   chip::ASN1::ASN1Writer::GetLengthWritten() const
  16     0      16   chip::ASN1::ASN1Writer::Init(unsigned char*, unsigned long)
  16     0      16   chip::Credentials::ChipCertificateData::ChipCertificateData()
  16     0      16   chip::Credentials::ChipCertificateSet::ChipCertificateSet()
  14     0      14   _GLOBAL__sub_I__ZN4chip11CASESessionC2Ev
  13     0      13   chip::kIVSR2
  13     0      13   chip::kIVSR3
  12    36      48   __static_initialization_and_destruction_0(int, int)
  12     0      12   chip::ASN1::ASN1Writer::InitNullWriter()
  12     0      12   chip::Credentials::ChipCertificateSet::~ChipCertificateSet()
  10     0      10   chip::ASN1::sOID_AttributeType_ChipAuthTag1
  10     0      10   chip::ASN1::sOID_AttributeType_ChipAuthTag2
  10     0      10   chip::ASN1::sOID_AttributeType_ChipFabricId
  10     0      10   chip::ASN1::sOID_AttributeType_ChipFirmwareSigningId
  10     0      10   chip::ASN1::sOID_AttributeType_ChipICAId
  10     0      10   chip::ASN1::sOID_AttributeType_ChipNodeId
  10     0      10   chip::ASN1::sOID_AttributeType_ChipRootId
  10     0      10   chip::ASN1::sOID_AttributeType_DomainComponent
   8    60      68   __static_initialization_and_destruction_0(int, int)
   8     0       8   chip::ASN1::ASN1Reader::ExitConstructedType()
   8     0       8   chip::ASN1::ASN1Writer::EndConstructedType()
   8     0       8   chip::ASN1::ASN1Writer::EndEncapsulatedType()
   8     0       8   chip::ASN1::sOID_EllipticCurve_prime256v1
   8     0       8   chip::ASN1::sOID_KeyPurpose_ClientAuth
   8     0       8   chip::ASN1::sOID_KeyPurpose_CodeSigning
   8     0       8   chip::ASN1::sOID_KeyPurpose_EmailProtection
   8     0       8   chip::ASN1::sOID_KeyPurpose_OCSPSigning
   8     0       8   chip::ASN1::sOID_KeyPurpose_ServerAuth
   8     0       8   chip::ASN1::sOID_KeyPurpose_TimeStamping
   8     0       8   chip::ASN1::sOID_SigAlgo_ECDSAWithSHA256
   8     0       8   chip::CASESession::GetI2RSessionInfo() const
   8     0       8   chip::CASESession::GetR2ISessionInfo() const
   8     0       8   non-virtual thunk to chip::CASEServer::OnMessageReceived(chip::Messaging::ExchangeContext*, chip::PacketHeader const&, chip::PayloadHeader const&, chip::System::PacketBufferHandle)
   8     0       8   non-virtual thunk to chip::CASESession::DeriveSecureSession(chip::SecureSession&, chip::SecureSession::SessionRole)
   8     0       8   non-virtual thunk to chip::CASESession::GetI2RSessionInfo() const
   8     0       8   non-virtual thunk to chip::CASESession::GetR2ISessionInfo() const
   8     0       8   non-virtual thunk to chip::CASESession::~CASESession()
   7     0       7   chip::ASN1::sOID_PubKeyAlgo_ECPublicKey
   7     0       7   chip::kKDFSR2Info
   7     0       7   chip::kKDFSR3Info
   6     0       6   chip::CASEServer::GetMessageDispatch(chip::Messaging::ReliableMessageMgr*, chip::SecureSessionMgr*)
   6     0       6   chip::CASESession::GetLocalKeyId()
   6     0       6   chip::CASESession::GetMessageDispatch(chip::Messaging::ReliableMessageMgr*, chip::SecureSessionMgr*)
   6     0       6   chip::CASESession::GetPeerKeyId()
   6     0       6   non-virtual thunk to chip::CASEServer::GetMessageDispatch(chip::Messaging::ReliableMessageMgr*, chip::SecureSessionMgr*)
   6     0       6   non-virtual thunk to chip::CASESession::GetLocalKeyId()
   6     0       6   non-virtual thunk to chip::CASESession::GetPeerKeyId()
   4     0       4   chip::Protocols::SecureChannel::Id
   4    32      36   hal_timer_get_current_time_us
   3     0       3   chip::ASN1::sOID_AttributeType_CommonName
   3     0       3   chip::ASN1::sOID_AttributeType_CountryName
   3     0       3   chip::ASN1::sOID_AttributeType_DNQualifier
   3     0       3   chip::ASN1::sOID_AttributeType_GenerationQualifier
   3     0       3   chip::ASN1::sOID_AttributeType_GivenName
   3     0       3   chip::ASN1::sOID_AttributeType_Initials
   3     0       3   chip::ASN1::sOID_AttributeType_LocalityName
   3     0       3   chip::ASN1::sOID_AttributeType_Name
   3     0       3   chip::ASN1::sOID_AttributeType_OrganizationName
   3     0       3   chip::ASN1::sOID_AttributeType_OrganizationalUnitName
   3     0       3   chip::ASN1::sOID_AttributeType_Pseudonym
   3     0       3   chip::ASN1::sOID_AttributeType_SerialNumber
   3     0       3   chip::ASN1::sOID_AttributeType_StateOrProvinceName
   3     0       3   chip::ASN1::sOID_AttributeType_Surname
   3     0       3   chip::ASN1::sOID_AttributeType_Title
   3     0       3   chip::ASN1::sOID_Extension_AuthorityKeyIdentifier
   3     0       3   chip::ASN1::sOID_Extension_BasicConstraints
   3     0       3   chip::ASN1::sOID_Extension_ExtendedKeyUsage
   3     0       3   chip::ASN1::sOID_Extension_KeyUsage
   3     0       3   chip::ASN1::sOID_Extension_SubjectKeyIdentifier
   2     0       2   chip::CASEServer::OnResponseTimeout(chip::Messaging::ExchangeContext*)
   2     0       2   chip::Credentials::ChipCertificateData::~ChipCertificateData()
   2    56      58   chip::Transport::AdminPairingTable::AssignAdminId(unsigned short)
   2     0       2   non-virtual thunk to chip::CASEServer::OnResponseTimeout(chip::Messaging::ExchangeContext*)
  -2    74      72   chip::Transport::AdminPairingTable::Reset()
  -4    36      32   hal_timer_get_current_time_us
  -8    36      28   __static_initialization_and_destruction_0(int, int)
 -12    48      36   __static_initialization_and_destruction_0(int, int)
 -32   232     200   (anonymous namespace)::gAdminPairings
-524   552      28   __static_initialization_and_destruction_0(int, int)