From 647999793d98861553510b4c4d9eca4f6d933edc Mon Sep 17 00:00:00 2001 From: Marc Lepage Date: Mon, 17 Apr 2023 15:05:54 -0400 Subject: [PATCH] Only store data.fabricTable if fg case Store only one of data.fabricTable or data.keystore. --- src/protocols/secure_channel/CASESession.cpp | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/src/protocols/secure_channel/CASESession.cpp b/src/protocols/secure_channel/CASESession.cpp index 286bd92e3bace8..70146409192202 100644 --- a/src/protocols/secure_channel/CASESession.cpp +++ b/src/protocols/secure_channel/CASESession.cpp @@ -261,9 +261,10 @@ class CASESession::WorkHelper struct CASESession::SendSigma3Data { - FabricTable * fabricTable; std::atomic fabricIndex; + // Use one or the other + FabricTable * fabricTable; Crypto::OperationalKeystore * keystore; chip::Platform::ScopedMemoryBuffer msg_R3_Signed; @@ -1301,17 +1302,21 @@ CHIP_ERROR CASESession::SendSigma3a() auto & data = helper->mData; VerifyOrExit(mFabricsTable != nullptr, err = CHIP_ERROR_INCORRECT_STATE); - data.fabricTable = mFabricsTable; data.fabricIndex = mFabricIndex; + data.fabricTable = nullptr; + data.keystore = nullptr; - // If an operational keystore is used, signing will be performed in the background. - // Otherwise, legacy signing will be performed in the foreground. - data.keystore = nullptr; { const FabricInfo * fabricInfo = mFabricsTable->FindFabricWithIndex(mFabricIndex); VerifyOrExit(fabricInfo != nullptr, err = CHIP_ERROR_KEY_NOT_FOUND); - if (!fabricInfo->HasOperationalKey()) + if (fabricInfo->HasOperationalKey()) + { + // NOTE: used to sign in foreground. + data.fabricTable = mFabricsTable; + } + else { + // NOTE: used to sign in background. data.keystore = mFabricsTable->GetOperationalKeystore(); VerifyOrExit(data.keystore != nullptr, err = CHIP_ERROR_KEY_NOT_FOUND); }