From d6d2f517cd6f4e35685a9e6fba6f15c4273d6ad6 Mon Sep 17 00:00:00 2001
From: yunhanw <yunhanw@google.com>
Date: Tue, 3 Sep 2024 12:25:12 -0700
Subject: [PATCH 1/2] refreshKey needs to be set with length

---
 src/app/icd/client/DefaultCheckInDelegate.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/app/icd/client/DefaultCheckInDelegate.cpp b/src/app/icd/client/DefaultCheckInDelegate.cpp
index 2d4624b7837470..29fd6bd609add3 100644
--- a/src/app/icd/client/DefaultCheckInDelegate.cpp
+++ b/src/app/icd/client/DefaultCheckInDelegate.cpp
@@ -41,7 +41,8 @@ void DefaultCheckInDelegate::OnCheckInComplete(const ICDClientInfo & clientInfo)
 
 CHIP_ERROR DefaultCheckInDelegate::GenerateRefreshKey(RefreshKeySender::RefreshKeyBuffer & newKey)
 {
-    return Crypto::DRBG_get_bytes(newKey.Bytes(), newKey.Capacity());
+    ReturnErrorOnFailure(Crypto::DRBG_get_bytes(newKey.Bytes(), newKey.Capacity()));
+    return newKey.SetLength(Crypto::kAES_CCM128_Key_Length);
 }
 
 RefreshKeySender * DefaultCheckInDelegate::OnKeyRefreshNeeded(ICDClientInfo & clientInfo, ICDClientStorage * clientStorage)

From cc54d2d497f63fac81abe366627b35ca99169374 Mon Sep 17 00:00:00 2001
From: yunhanw <yunhanw@google.com>
Date: Tue, 3 Sep 2024 12:35:54 -0700
Subject: [PATCH 2/2] address comments

---
 src/app/icd/client/DefaultCheckInDelegate.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/app/icd/client/DefaultCheckInDelegate.cpp b/src/app/icd/client/DefaultCheckInDelegate.cpp
index 29fd6bd609add3..081b4be7bb7395 100644
--- a/src/app/icd/client/DefaultCheckInDelegate.cpp
+++ b/src/app/icd/client/DefaultCheckInDelegate.cpp
@@ -42,7 +42,7 @@ void DefaultCheckInDelegate::OnCheckInComplete(const ICDClientInfo & clientInfo)
 CHIP_ERROR DefaultCheckInDelegate::GenerateRefreshKey(RefreshKeySender::RefreshKeyBuffer & newKey)
 {
     ReturnErrorOnFailure(Crypto::DRBG_get_bytes(newKey.Bytes(), newKey.Capacity()));
-    return newKey.SetLength(Crypto::kAES_CCM128_Key_Length);
+    return newKey.SetLength(newKey.Capacity());
 }
 
 RefreshKeySender * DefaultCheckInDelegate::OnKeyRefreshNeeded(ICDClientInfo & clientInfo, ICDClientStorage * clientStorage)