LCOV - code coverage report
Current view: top level - protocols/secure_channel - SessionResumptionStorage.h (source / functions) Hit Total Coverage
Test: lcov_final.info Lines: 1 1 100.0 %
Date: 2024-02-15 08:20:41 Functions: 1 2 50.0 % 

          Line data    Source code
       1             : /*
       2             :  *    Copyright (c) 2022 Project CHIP Authors
       3             :  *    All rights reserved.
       4             :  *
       5             :  *    Licensed under the Apache License, Version 2.0 (the "License");
       6             :  *    you may not use this file except in compliance with the License.
       7             :  *    You may obtain a copy of the License at
       8             :  *
       9             :  *        http://www.apache.org/licenses/LICENSE-2.0
      10             :  *
      11             :  *    Unless required by applicable law or agreed to in writing, software
      12             :  *    distributed under the License is distributed on an "AS IS" BASIS,
      13             :  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      14             :  *    See the License for the specific language governing permissions and
      15             :  *    limitations under the License.
      16             :  */
      17             : 
      18             : #pragma once
      19             : 
      20             : #include <crypto/CHIPCryptoPAL.h>
      21             : #include <lib/core/CASEAuthTag.h>
      22             : #include <lib/core/ScopedNodeId.h>
      23             : 
      24             : namespace chip {
      25             : 
      26             : /**
      27             :  * @brief Interface to store and recover assets for session resumption. The
      28             :  *   resumption data are indexed by 2 parameters: ScopedNodeId and
      29             :  *   ResumptionId. The index on ScopedNodeId is used when initiating a CASE
      30             :  *   session.  It allows the caller to query storage to check whether there is a
      31             :  *   previous session with the given peer for which session resumption may be
      32             :  *   attempted.  The index on ResumptionId is used when receiving a Sigma1 with
      33             :  *   ResumptionId.
      34             :  *
      35             :  */
      36             : class SessionResumptionStorage
      37             : {
      38             : public:
      39             :     static constexpr size_t kResumptionIdSize = 16;
      40             :     using ResumptionIdStorage                 = std::array<uint8_t, kResumptionIdSize>;
      41             :     using ConstResumptionIdView               = FixedSpan<const uint8_t, kResumptionIdSize>;
      42             : 
      43           1 :     virtual ~SessionResumptionStorage(){};
      44             : 
      45             :     /**
      46             :      * Recover session resumption ID, shared secret and CAT values for a given
      47             :      * fabric-scoped node identity.
      48             :      *
      49             :      * @param node the node for which to recover session resumption information
      50             :      * @param resumptionId (out) recovered session resumption ID
      51             :      * @param sharedSecret (out) recovered session shared secret
      52             :      * @param peerCATs (out) recovered CATs for the session peer
      53             :      * @return CHIP_NO_ERROR on success, CHIP_ERROR_KEY_NOT_FOUND if no session resumption information can be found, else an
      54             :      * appropriate CHIP error on failure
      55             :      */
      56             :     virtual CHIP_ERROR FindByScopedNodeId(const ScopedNodeId & node, ResumptionIdStorage & resumptionId,
      57             :                                           Crypto::P256ECDHDerivedSecret & sharedSecret, CATValues & peerCATs) = 0;
      58             :     /**
      59             :      * Recover session shared secret, fabric-scoped node identity and CAT values
      60             :      * for a given session resumption ID.
      61             :      *
      62             :      * @param resumptionId the session resumption ID for which to recover session resumption information
      63             :      * @param node (out) the peer node associated with the session resumption ID
      64             :      * @param sharedSecret (out) recovered session shared secret
      65             :      * @param peerCATs (out) recovered CATs for the session peer
      66             :      * @return CHIP_NO_ERROR on success, CHIP_ERROR_KEY_NOT_FOUND if no session resumption information can be found, else an
      67             :      * appropriate CHIP error on failure
      68             :      */
      69             :     virtual CHIP_ERROR FindByResumptionId(ConstResumptionIdView resumptionId, ScopedNodeId & node,
      70             :                                           Crypto::P256ECDHDerivedSecret & sharedSecret, CATValues & peerCATs) = 0;
      71             :     /**
      72             :      * Save session resumption information to storage.
      73             :      *
      74             :      * @param resumptionId the session resumption ID for the current session
      75             :      * @param node the peer node for the session
      76             :      * @param sharedSecret the session shared secret
      77             :      * @param peerCATs the CATs of the session peer
      78             :      * @return CHIP_NO_ERROR on success, else an appropriate CHIP error on failure
      79             :      */
      80             :     virtual CHIP_ERROR Save(const ScopedNodeId & node, ConstResumptionIdView resumptionId,
      81             :                             const Crypto::P256ECDHDerivedSecret & sharedSecret, const CATValues & peerCATs) = 0;
      82             : 
      83             :     /**
      84             :      * Remove all session resumption information associated with the specified
      85             :      * fabric index.  If no entries for the fabric index exist, this is a no-op
      86             :      * and is considered successful.
      87             :      *
      88             :      * @param fabricIndex the index of the fabric for which to remove session resumption information
      89             :      * @return CHIP_NO_ERROR on success, else an appropriate CHIP error on failure
      90             :      */
      91             :     virtual CHIP_ERROR DeleteAll(FabricIndex fabricIndex) = 0;
      92             : };
      93             : 
      94             : } // namespace chip

Generated by: LCOV version 1.14