Remove TrustedRootID from Sigma messages. Replce HKDF algorithm with …

…HMAC-SHA256 Algorithm in GenerateDestinationID method.
project-chip · Jul 23, 2021 · 1161192 · 1161192
1 parent 7c1ca90
commit 1161192
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 2 deletions.
diff --git a/src/controller/CHIPDeviceController.cpp b/src/controller/CHIPDeviceController.cpp
@@ -802,6 +802,7 @@ ControllerDeviceInitParams DeviceController::GetControllerDeviceInitParams()
         .inetLayer       = mInetLayer,
         .storageDelegate = mStorageDelegate,
         .credentials     = &mCredentials,
+        .trustedRoot     = &mRootKeyId,
         .idAllocator     = &mIDAllocator,
     };
 }

diff --git a/src/protocols/secure_channel/CASESession.h b/src/protocols/secure_channel/CASESession.h
@@ -197,7 +197,6 @@ class DLL_EXPORT CASESession : public Messaging::ExchangeDelegate, public Pairin
 private:
     enum SigmaErrorType : uint8_t
     {
-        kNoSharedTrustRoots   = 0x01,
         kInvalidSignature     = 0x04,
         kInvalidResumptionTag = 0x05,
         kUnsupportedVersion   = 0x06,
@@ -223,7 +222,6 @@ class DLL_EXPORT CASESession : public Messaging::ExchangeDelegate, public Pairin
     CHIP_ERROR GenerateDestinationID(const ByteSpan & random, const Credentials::CertificateKeyId * trustedRootId, NodeId nodeId,
                                      MutableByteSpan & destinationId);
     CHIP_ERROR FindDestinationIdCandidate(const ByteSpan & destinationId, const ByteSpan & initiatorRandom);
-    CHIP_ERROR FindValidTrustedRoot(const Credentials::CertificateKeyId & trustedRootId);
     CHIP_ERROR ConstructSaltSigmaR2(const ByteSpan & rand, const Crypto::P256PublicKey & pubkey, const ByteSpan & ipk,
                                     MutableByteSpan & salt);
     CHIP_ERROR Validate_and_RetrieveResponderID(const ByteSpan & responderOpCert, Crypto::P256PublicKey & responderID);