Skip to content

Commit

Permalink
Cleanup tokens manager.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Nerivec
Nerivec committed Jul 1, 2024
1 parent 9bdba32 commit bd90b83
Showing 1 changed file with 22 additions and 21 deletions.
43 changes: 22 additions & 21 deletions src/adapter/ember/adapter/tokensManager.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,8 +300,8 @@ export class EmberTokensManager {
*
* @returns false if keys are in classic key storage, and true if they are located in PSA key storage.
*/
private static async ncpUsesPSAKeyStorage(ezsp: Ezsp): Promise<boolean> {
const [status, valueLength, value] = (await ezsp.ezspGetValue(EzspValueId.KEY_STORAGE_VERSION, 1));
public static async ncpUsesPSAKeyStorage(ezsp: Ezsp): Promise<boolean> {
const [status, valueLength, value] = await ezsp.ezspGetValue(EzspValueId.KEY_STORAGE_VERSION, 1);

if ((status !== SLStatus.OK) || (valueLength < 1)) {
throw new Error(`[TOKENS] Error retrieving key storage version, status=${SLStatus[status]}.`);
Expand All @@ -315,7 +315,7 @@ export class EmberTokensManager {
* @param nvm3Key
* @returns
*/
private static getCreatorFromNvm3Key(nvm3Key: number): number {
public static getCreatorFromNvm3Key(nvm3Key: number): number {
for (let i = 0; i < NVM3KEYS.length; i++) {
if (NVM3KEYS[i] === nvm3Key) {
return CREATORS[i];
Expand Down Expand Up @@ -348,12 +348,12 @@ export class EmberTokensManager {
const chunks: Buffer[] = [Buffer.from([tokenCount])];// 1 byte
// returns 1 if NCP has secure key storage (where these tokens do not store the key data).
// Don't compile for scripted test or any non-host code due to linker issues.
const hasSecureStorage: boolean = (await EmberTokensManager.ncpUsesPSAKeyStorage(ezsp));
const hasSecureStorage: boolean = await EmberTokensManager.ncpUsesPSAKeyStorage(ezsp);

logger.debug(`[TOKENS] Saving ${tokenCount} tokens, ${hasSecureStorage ? "with" : "without"} secure storage.`, NS);

for (let i = 0; i < tokenCount; i++) {
const [tiStatus, tokenInfo] = (await ezsp.ezspGetTokenInfo(i));
const [tiStatus, tokenInfo] = await ezsp.ezspGetTokenInfo(i);
let writeOffset: number = 0;

if (tiStatus === SLStatus.OK) {
Expand All @@ -364,7 +364,7 @@ export class EmberTokensManager {
outputToken.writeUInt8(tokenInfo.arraySize, writeOffset++);// 1 byte

for (let arrayIndex = 0; arrayIndex < tokenInfo.arraySize; arrayIndex++) {
const [tdStatus, tokenData] = (await ezsp.ezspGetTokenData(tokenInfo.nvm3Key, arrayIndex));
const [tdStatus, tokenData] = await ezsp.ezspGetTokenData(tokenInfo.nvm3Key, arrayIndex);

if (tdStatus === SLStatus.OK) {
if (hasSecureStorage) {
Expand All @@ -379,6 +379,7 @@ export class EmberTokensManager {
);
}
}

// logger.debug(`[TOKENS] TOKEN nvm3Key=${DEBUG_TOKEN_STRINGS[tokenInfo.nvm3Key]} size=${tokenInfo.size} `
// + `arraySize=${tokenInfo.arraySize} token=${tokenData.data.toString('hex')}`, NS);

Expand All @@ -387,7 +388,7 @@ export class EmberTokensManager {
// received from the API. Once it saves, during restore process the set token will
// simply write the restoredEUI64 and the node will start to use that.
if (tokenInfo.nvm3Key === NVM3KEY_STACK_RESTORED_EUI64 && tokenData.size === EUI64_SIZE
&& (tokenData.data === BLANK_EUI64_BUF)) {
&& (tokenData.data.equals(BLANK_EUI64_BUF))) {
// Special case : Save the node EUI64 on the restoredEui64 token while saving.
tokenData.data.set(localEui64);
logger.debug(`[TOKENS] Saved node EUI64 in place of blank RESTORED EUI64.`, NS);
Expand Down Expand Up @@ -434,12 +435,12 @@ export class EmberTokensManager {

let readOffset: number = 0;
const inTokenCount = inBuffer.readUInt8(readOffset++);
const hasSecureStorage: boolean = (await EmberTokensManager.ncpUsesPSAKeyStorage(ezsp));
const hasSecureStorage: boolean = await EmberTokensManager.ncpUsesPSAKeyStorage(ezsp);

logger.debug(`[TOKENS] Restoring ${inTokenCount} tokens, ${hasSecureStorage ? "with" : "without"} secure storage.`, NS);

for (let i = 0; i < inTokenCount; i++) {
const [tiStatus, tokenInfo] = (await ezsp.ezspGetTokenInfo(i));
const [tiStatus, tokenInfo] = await ezsp.ezspGetTokenInfo(i);

if (tiStatus === SLStatus.OK) {
const nvm3Key = inBuffer.readUInt32LE(readOffset);// 4 bytes Token Key/Creator
Expand All @@ -458,7 +459,7 @@ export class EmberTokensManager {
await EmberTokensManager.restoreKeysFromData(ezsp, tokenData, tokenInfo.nvm3Key, arrayIndex);
}

const status = (await ezsp.ezspSetTokenData(nvm3Key, arrayIndex, tokenData));
const status = await ezsp.ezspSetTokenData(nvm3Key, arrayIndex, tokenData);

if (status !== SLStatus.OK) {
logger.error(`[TOKENS] Failed to set token data for key "${nvm3Key}" with status=${SLStatus[status]}.`, NS);
Expand All @@ -482,7 +483,7 @@ export class EmberTokensManager {
* @param index uint8_t
* @returns
*/
private static async saveKeysToData(ezsp: Ezsp, tokenData: EmberTokenData, nvm3Key: number, index: number): Promise<SLStatus> {
public static async saveKeysToData(ezsp: Ezsp, tokenData: EmberTokenData, nvm3Key: number, index: number): Promise<SLStatus> {
let status: SLStatus = SLStatus.OK;
const context = initSecurityManagerContext();
let plaintextKey: SecManKey;
Expand All @@ -496,7 +497,7 @@ export class EmberTokensManager {
context.coreKeyType = SecManKeyType.NETWORK;
context.keyIndex = 0;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 0);// at beginning
} else if (nvm3Key === NVM3KEY_STACK_ALTERNATE_KEY) {
Expand All @@ -508,7 +509,7 @@ export class EmberTokensManager {
context.coreKeyType = SecManKeyType.NETWORK;
context.keyIndex = 1;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 0);// at beginning
} else if (nvm3Key === NVM3KEY_STACK_TRUST_CENTER) {
Expand All @@ -520,7 +521,7 @@ export class EmberTokensManager {

context.coreKeyType = SecManKeyType.TC_LINK;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 2 + EUI64_SIZE);// uint16_t+uint8_t[8]
} else if (nvm3Key === NVM3KEY_STACK_KEY_TABLE) {
Expand All @@ -531,7 +532,7 @@ export class EmberTokensManager {
//this must be set to export a specific link key from table
context.flags |= SecManFlag.KEY_INDEX_IS_VALID;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, KEY_ENTRY_KEY_DATA_OFFSET);// end part of uint8_t[25]
} else if (nvm3Key === NVM3KEY_STACK_GP_PROXY_TABLE) {
Expand All @@ -553,7 +554,7 @@ export class EmberTokensManager {
context.coreKeyType = SecManKeyType.GREEN_POWER_PROXY_TABLE_KEY;
context.keyIndex = index;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 1 + 4 + 8 + 1 + 1);// uint8_t+uint32_t+uint8_t[8]+uint8_t+uint8_t
} else if (nvm3Key === NVM3KEY_STACK_GP_SINK_TABLE) {
Expand All @@ -576,7 +577,7 @@ export class EmberTokensManager {
context.coreKeyType = SecManKeyType.GREEN_POWER_SINK_TABLE_KEY;
context.keyIndex = index;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 1 + 2 + 8 + 1 + 1);// uint8_t+uint16_t+uint8_t[8]+uint8_t+uint8_t
} else if (nvm3Key === NVM3KEY_STACK_ZLL_SECURITY) {
Expand All @@ -589,13 +590,13 @@ export class EmberTokensManager {

context.coreKeyType = SecManKeyType.ZLL_ENCRYPTION_KEY;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 4 + 1);// uint32_t+uint8_t

context.coreKeyType = SecManKeyType.ZLL_PRECONFIGURED_KEY;

[status, plaintextKey] = (await ezsp.ezspExportKey(context));
[status, plaintextKey] = await ezsp.ezspExportKey(context);

tokenData.data.set(plaintextKey.contents, 4 + 1 + EMBER_ENCRYPTION_KEY_SIZE);// uint32_t+uint8_t+uint8_t[EMBER_ENCRYPTION_KEY_SIZE]
} else {
Expand All @@ -614,7 +615,7 @@ export class EmberTokensManager {
*
* @from sli_zigbee_af_trust_center_backup_restore_keys_from_data
*/
private static async restoreKeysFromData(ezsp: Ezsp, tokenData: EmberTokenData, nvm3Key: number, index: number): Promise<SLStatus> {
public static async restoreKeysFromData(ezsp: Ezsp, tokenData: EmberTokenData, nvm3Key: number, index: number): Promise<SLStatus> {
let status: SLStatus = SLStatus.OK;
const context = initSecurityManagerContext();

Expand Down Expand Up @@ -765,7 +766,7 @@ export class EmberTokensManager {
};

const creator = EmberTokensManager.getCreatorFromNvm3Key(nvm3Key);// uint16_t
const status = (await ezsp.ezspSetTokenData(creator, arrayIndex, tokenData));
const status = await ezsp.ezspSetTokenData(creator, arrayIndex, tokenData);

if (status !== SLStatus.OK) {
logger.error(
Expand Down

0 comments on commit bd90b83

Please sign in to comment.