[Silabs] SPAKE2+ verifier fixed for Si917.

[rcasallas-silabs]

Summary

The SPAKE2+ algorithm uses kSpake2p_WS_Length = kP256_FE_Length + 8 (40 bytes), but there are two methods in CHIPCryptoPALTinyCrypt.cpp that assumes 32 byte inputs: Spake2p_P256_SHA256_HKDF_HMAC::ComputeL, and Spake2p_P256_SHA256_HKDF_HMAC::FELoad, truncating the actual value. This causes an incorrect output Crypto::Spake2pVerifier::Generate.

Related issues

MATTER-5716.

Testing

SPAKE2+ Verifier generated in BRD4338A (Si917) using the inputs from TestOnlyCommissionableDataProvider.

Readability checklist

The checklist below will help the reviewer finish PR review in time and keep the
code readable:

• PR title is
  descriptive
• Apply the
  “When in Rome…”
  rule (coding style)
• PR size is short
• Try to avoid "squashing" and "force-update" in commit history
• CI time didn't increase

See:
Pull Request Guidelines

[gemini-code-assist]

Code Review

This pull request improves the safety of SPAKE2+ operations in CHIPCryptoPALTinyCrypt.cpp by validating input lengths and using them dynamically in uECC_vli_bytesToNative. The review feedback suggests further strengthening this input validation by checking for null pointers and ensuring that the input lengths are multiples of sizeof(uECC_word_t) to prevent silent truncation during conversion.

[gemini-code-assist]

To prevent potential null pointer dereferences and ensure cryptographic correctness, we should defensively check that in is not null. Additionally, uECC_vli_bytesToNative expects the input length to be a multiple of sizeof(uECC_word_t). If in_len is not a multiple, the function will silently ignore the most significant bytes due to integer division truncation (size / sizeof(uECC_word_t)). Adding a check for this ensures robust input validation.

    VerifyOrReturnError(in != nullptr, CHIP_ERROR_INVALID_ARGUMENT);
    VerifyOrReturnError(in_len <= sizeof(tmp), CHIP_ERROR_INVALID_ARGUMENT);
    VerifyOrReturnError((in_len % sizeof(uECC_word_t)) == 0, CHIP_ERROR_INVALID_ARGUMENT);

    uECC_vli_bytesToNative(tmp, in, static_cast<int>(in_len));

[gemini-code-assist]

To prevent potential null pointer dereferences and ensure cryptographic correctness, we should defensively check that w1sin is not null. Additionally, uECC_vli_bytesToNative expects the input length to be a multiple of sizeof(uECC_word_t). If w1sin_len is not a multiple, the function will silently ignore the most significant bytes due to integer division truncation. Adding a check for this ensures robust input validation.

    VerifyOrExit(w1sin != nullptr, error = CHIP_ERROR_INVALID_ARGUMENT);
    VerifyOrExit(w1sin_len <= sizeof(tmp), error = CHIP_ERROR_INVALID_ARGUMENT);
    VerifyOrExit((w1sin_len % sizeof(uECC_word_t)) == 0, error = CHIP_ERROR_INVALID_ARGUMENT);

    uECC_vli_bytesToNative(tmp, w1sin, static_cast<int>(w1sin_len));

[lpbeliveau-silabs]

I don't feel like this comment is telling me a whole lot. Especially since we are removing NUM_ECC_BYTES usage below.

Either we add a bit of context or we remove it.

[lpbeliveau-silabs]

Same about this comment, feels like it explain the changes in the PR, but for someone reading the code outside of this PR, it doesn't convey much information.

[lpbeliveau-silabs]

Approved, only nit is the comments, I don't think this warning is understandable as is. I wouldn't know how to take action on it. Maybe add some detail in the method's brief or remove the comments altogether.

[lpbeliveau-silabs]

+1 to the AI comment, nullptr checks appear to be missing in the methods in this PR.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 55.57%. Comparing base (b578401) to head (fd4576f).

Additional details and impacted files

@@           Coverage Diff           @@
##           master   #72365   +/-   ##
=======================================
  Coverage   55.57%   55.57%           
=======================================
  Files        1630     1630           
  Lines      111220   111220           
  Branches    13408    13408           
=======================================
  Hits        61812    61812           
  Misses      49408    49408           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

PR #72365: Size comparison from b578401 to fd4576f

Full report (35 builds for bl602, bl616, bl702, bl702l, cc13x4_26x4, cc32xx, efr32, esp32, nrfconnect, psoc6, qpg, realtek, stm32, telink)

platform	target	config	section	b578401	fd4576f	change	% change
bl602	lighting-app	bl602+mfd+littlefs+rpc	FLASH	1094324	1094324	0	0.0
			RAM	144882	144882	0	0.0
bl616	lighting-app	bl616+thread	FLASH	1105636	1105636	0	0.0
			RAM	104280	104280	0	0.0
		bl616+wifi+shell	FLASH	1593424	1593424	0	0.0
			RAM	98176	98176	0	0.0
bl702	lighting-app	bl702+eth	FLASH	1057326	1057326	0	0.0
			RAM	108509	108509	0	0.0
bl702l	contact-sensor-app	bl702l+mfd+littlefs	FLASH	896162	896162	0	0.0
			RAM	105884	105884	0	0.0
cc13x4_26x4	lighting-app	LP_EM_CC1354P10_6	FLASH	776976	776976	0	0.0
			RAM	103388	103388	0	0.0
	lock-ftd	LP_EM_CC1354P10_6	FLASH	789744	789744	0	0.0
			RAM	108676	108676	0	0.0
	pump-app	LP_EM_CC1354P10_6	FLASH	738868	738868	0	0.0
			RAM	97596	97596	0	0.0
	pump-controller-app	LP_EM_CC1354P10_6	FLASH	719032	719032	0	0.0
			RAM	97636	97636	0	0.0
cc32xx	air-purifier	CC3235SF_LAUNCHXL	FLASH	568818	568818	0	0.0
			RAM	205056	205056	0	0.0
	lock	CC3235SF_LAUNCHXL	FLASH	596298	596298	0	0.0
			RAM	205256	205256	0	0.0
efr32	lock-app	BRD4187C	FLASH	994188	994188	0	0.0
			RAM	131288	131288	0	0.0
	window-app	BRD4187C	FLASH	1100608	1100608	0	0.0
			RAM	130360	130360	0	0.0
	lock-app	BRD4338a	FLASH	798741	798789	48	0.0
			RAM	243424	243424	0	0.0
esp32	all-clusters-app	c3devkit	DRAM	99716	99716	0	0.0
			FLASH	1621642	1621642	0	0.0
			IRAM	94776	94776	0	0.0
nrfconnect	all-clusters-app	nrf52840dk_nrf52840	FLASH	834276	834276	0	0.0
			RAM	157540	157540	0	0.0
psoc6	all-clusters	cy8ckit_062s2_43012	FLASH	1733676	1733676	0	0.0
			RAM	215260	215260	0	0.0
	all-clusters-minimal	cy8ckit_062s2_43012	FLASH	1622756	1622756	0	0.0
			RAM	211548	211548	0	0.0
	light	cy8ckit_062s2_43012	FLASH	1469988	1469988	0	0.0
			RAM	197420	197420	0	0.0
	lock	cy8ckit_062s2_43012	FLASH	1503428	1503428	0	0.0
			RAM	225252	225252	0	0.0
qpg	lighting-app	qpg6200+debug	FLASH	844200	844200	0	0.0
			RAM	127948	127948	0	0.0
	lock-app	qpg6200+debug	FLASH	782276	782276	0	0.0
			RAM	118856	118856	0	0.0
realtek	light-switch-app	rtl8777g	FLASH	688760	688760	0	0.0
			RAM	101764	101764	0	0.0
	lighting-app	rtl8777g	FLASH	729712	729712	0	0.0
			RAM	102044	102044	0	0.0
stm32	light	STM32WB5MM-DK	FLASH	478416	478416	0	0.0
			RAM	141476	141476	0	0.0
telink	light-app-ota-compress-lzma-shell-factory-data	tl3218x	FLASH	851824	851824	0	0.0
			RAM	44332	44332	0	0.0
	light-switch-app-ota-factory-data	tl3218x_retention	FLASH	731904	731904	0	0.0
			RAM	33468	33468	0	0.0
	all-devices-app	tl7218x	FLASH	813116	813116	0	0.0
			RAM	97196	97196	0	0.0
	bridge-app	tl7218x	FLASH	731480	731480	0	0.0
			RAM	95864	95864	0	0.0
	light-app-ota-compress-lzma-shell-factory-data	tl7218x	FLASH	843152	843152	0	0.0
			RAM	99656	99656	0	0.0
	light-switch-app-ota-compress-lzma-factory-data	tl7218x_retention	FLASH	731974	731974	0	0.0
			RAM	55980	55980	0	0.0
	all-devices-app	tlsr9118bdk40d	FLASH	606574	606574	0	0.0
			RAM	120152	120152	0	0.0
	lighting-app-ota-factory-data	tlsr9118bdk40d	FLASH	614610	614610	0	0.0
			RAM	118496	118496	0	0.0
	lighting-app-ota-rpc-factory-data-4mb	tlsr9518adk80d	FLASH	841268	841272	4	0.0
			RAM	97364	97364	0	0.0
	light-switch-app-ota-compress-lzma-shell-factory-data	tlsr9528a	FLASH	795200	795200	0	0.0
			RAM	75164	75164	0	0.0