Skip to content

Commit

Permalink
Fix constexpr complaints on test vectors (project-chip#29462)
Browse files Browse the repository at this point in the history
* Fix constexpr complaints on test vectors

* Attempt #2 - separate PAAs used in non-test

* Things work better when we add all the files

* Restyled by whitespace

* Restyled by clang-format

* add tokenizer

* add the gni

* add pigweed import

* Change filenames

* Restyled by clang-format

---------

Co-authored-by: Restyled.io <[email protected]>
  • Loading branch information
cecille and restyled-commits authored Sep 29, 2023
1 parent 433e676 commit f5f2e51
Show file tree
Hide file tree
Showing 10 changed files with 164 additions and 77 deletions.
21 changes: 21 additions & 0 deletions src/credentials/BUILD.gn
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,9 @@
import("//build_overrides/chip.gni")
import("//build_overrides/nlassert.gni")
import("${chip_root}/src/crypto/crypto.gni")
import("${chip_root}/src/lib/core/core.gni")
import("${chip_root}/src/platform/device.gni")

declare_args() {
chip_build_example_creds = true
}
Expand Down Expand Up @@ -126,6 +128,24 @@ static_library("credentials") {
]
}

source_set("test_paa_store") {
sources = [
"attestation_verifier/TestPAAStore.cpp",
"attestation_verifier/TestPAAStore.h",
]

public_deps = [
"${chip_root}/src/lib/core:chip_config_header", # for lib/support/Span.h
"${nlassert_root}:nlassert", # for lib/support/Span.h
]
if (chip_pw_tokenizer_logging) {
import("//build_overrides/pigweed.gni")
public_deps += [
"${dir_pw_tokenizer}", # for /lib/support/Span.h
]
}
}

static_library("default_attestation_verifier") {
output_name = "libDefaultAttestationVerifier"

Expand All @@ -144,6 +164,7 @@ static_library("default_attestation_verifier") {

public_deps = [
":credentials",
":test_paa_store",
"${chip_root}/src/crypto",
"${nlassert_root}:nlassert",
]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
#include <credentials/CertificationDeclaration.h>
#include <credentials/DeviceAttestationConstructor.h>
#include <credentials/DeviceAttestationVendorReserved.h>
#include <credentials/attestation_verifier/TestPAAStore.h>
#include <crypto/CHIPCryptoPAL.h>

#include <lib/core/CHIPError.h>
Expand All @@ -29,14 +30,8 @@
#include <lib/support/ScopedBuffer.h>
#include <lib/support/Span.h>

namespace chip {
namespace TestCerts {
extern const Span<const ByteSpan> kTestAttestationTrustStoreRoots;
} // namespace TestCerts
} // namespace chip

using namespace chip::Crypto;
using chip::TestCerts::kTestAttestationTrustStoreRoots;
using chip::TestCerts::GetTestPaaRootStore;

namespace chip {
namespace Credentials {
Expand Down Expand Up @@ -274,9 +269,7 @@ constexpr std::array<MatterCDSigningKey, 6> gCdSigningKeys = { {

struct TestAttestationTrustStore final : public ArrayAttestationTrustStore
{
TestAttestationTrustStore() :
ArrayAttestationTrustStore(kTestAttestationTrustStoreRoots.data(), kTestAttestationTrustStoreRoots.size())
{}
TestAttestationTrustStore() : ArrayAttestationTrustStore(GetTestPaaRootStore().data(), GetTestPaaRootStore().size()) {}
};
Global<TestAttestationTrustStore> gTestAttestationTrustStore;

Expand Down
93 changes: 93 additions & 0 deletions src/credentials/attestation_verifier/TestPAAStore.cpp
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
/*
*
* Copyright (c) 2023 Project CHIP Authors
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

#include <lib/support/Span.h>

namespace chip {
namespace TestCerts {

// ${chip_root}/credentials/test/attestation/Chip-Test-PAA-FFF1-Cert.pem

constexpr uint8_t sTestCert_PAA_FFF1_Cert_Array[] = {
0x30, 0x82, 0x01, 0xbd, 0x30, 0x82, 0x01, 0x64, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x4e, 0xa8, 0xe8, 0x31, 0x82, 0xd4,
0x1c, 0x1c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x30, 0x31, 0x18, 0x30, 0x16, 0x06,
0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41,
0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46,
0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39,
0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x30, 0x31, 0x18, 0x30, 0x16, 0x06,
0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41,
0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46,
0x31, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xb6, 0xcb, 0x63, 0x72, 0x88, 0x7f, 0x29, 0x28, 0xf5, 0xba, 0xc8, 0x1a, 0xa9, 0xd9,
0x3a, 0xe2, 0x43, 0x1c, 0xad, 0xa9, 0xd7, 0x9e, 0x24, 0x2f, 0x65, 0x17, 0x7e, 0xf9, 0xce, 0xd9, 0x32, 0xa2, 0x8e, 0xcd, 0x03,
0xba, 0xaf, 0x6a, 0x8f, 0xca, 0x18, 0x4a, 0x1a, 0x50, 0x35, 0x42, 0x96, 0x0d, 0x45, 0x3f, 0x30, 0x3f, 0x1f, 0x19, 0x42, 0x1d,
0x75, 0x1e, 0x8f, 0x8f, 0x1a, 0x9a, 0x9b, 0x75, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01,
0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff,
0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6a, 0xfd, 0x22, 0x77,
0x1f, 0x51, 0x1f, 0xec, 0xbf, 0x16, 0x41, 0x97, 0x67, 0x10, 0xdc, 0xdc, 0x31, 0xa1, 0x71, 0x7e, 0x30, 0x1f, 0x06, 0x03, 0x55,
0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x6a, 0xfd, 0x22, 0x77, 0x1f, 0x51, 0x1f, 0xec, 0xbf, 0x16, 0x41, 0x97, 0x67,
0x10, 0xdc, 0xdc, 0x31, 0xa1, 0x71, 0x7e, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47,
0x00, 0x30, 0x44, 0x02, 0x20, 0x50, 0xaa, 0x80, 0x02, 0xf4, 0xd9, 0x32, 0xa9, 0xa0, 0x05, 0x38, 0xf6, 0x53, 0x68, 0xad, 0x0f,
0xff, 0xc8, 0xef, 0xbb, 0xc9, 0xbe, 0xb7, 0xda, 0x56, 0x98, 0x35, 0xcf, 0x9a, 0xa7, 0x51, 0x0e, 0x02, 0x20, 0x23, 0xba, 0xc8,
0xfe, 0x0f, 0x23, 0xe7, 0x54, 0x45, 0xb6, 0x53, 0x39, 0x08, 0x1a, 0x47, 0x99, 0x49, 0x29, 0xc7, 0x2a, 0xaf, 0x0a, 0x15, 0x48,
0xd4, 0x0d, 0x03, 0x4d, 0x51, 0x4b, 0x25, 0xde,
};

// These are used directly by the CryptoPAL test, so need to be declared extern
extern constexpr ByteSpan sTestCert_PAA_FFF1_Cert = ByteSpan(sTestCert_PAA_FFF1_Cert_Array);

// ${chip_root}/credentials/test/attestation/Chip-Test-PAA-NoVID-Cert.pem

constexpr uint8_t sTestCert_PAA_NoVID_Cert_Array[] = {
0x30, 0x82, 0x01, 0x91, 0x30, 0x82, 0x01, 0x37, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x07, 0x0b, 0x8f, 0xba, 0xa8, 0xdd, 0x86,
0xee, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41, 0x30,
0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39,
0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41, 0x30, 0x59,
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
0x03, 0x42, 0x00, 0x04, 0x10, 0xef, 0x02, 0xa8, 0x1a, 0x87, 0xb6, 0x81, 0x21, 0xfb, 0xa8, 0xd3, 0x19, 0x78, 0xf8, 0x07, 0xa3,
0x17, 0xe5, 0x0a, 0xa8, 0xa8, 0x28, 0x44, 0x68, 0x28, 0x91, 0x4b, 0x93, 0x3d, 0xe8, 0xed, 0xd4, 0xa5, 0xc3, 0x9c, 0x9f, 0xf7,
0x1a, 0x4c, 0xe3, 0x64, 0x7f, 0xd7, 0xf6, 0x26, 0x53, 0xb7, 0xd2, 0x49, 0x5f, 0xcb, 0xa4, 0xc0, 0xf4, 0x7f, 0x87, 0x68, 0x80,
0x03, 0x9e, 0x07, 0x20, 0x4a, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08,
0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03,
0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x78, 0x5c, 0xe7, 0x05, 0xb8, 0x6b, 0x8f,
0x4e, 0x6f, 0xc7, 0x93, 0xaa, 0x60, 0xcb, 0x43, 0xea, 0x69, 0x68, 0x82, 0xd5, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04,
0x18, 0x30, 0x16, 0x80, 0x14, 0x78, 0x5c, 0xe7, 0x05, 0xb8, 0x6b, 0x8f, 0x4e, 0x6f, 0xc7, 0x93, 0xaa, 0x60, 0xcb, 0x43, 0xea,
0x69, 0x68, 0x82, 0xd5, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45,
0x02, 0x21, 0x00, 0xb9, 0xef, 0xdb, 0x3e, 0xa0, 0x6a, 0x52, 0xec, 0x0b, 0xf0, 0x1e, 0x61, 0xda, 0xed, 0x2c, 0x2d, 0x15, 0x6d,
0xdb, 0x6c, 0xf0, 0x14, 0x10, 0x1d, 0xab, 0x79, 0x8f, 0xac, 0x05, 0xfa, 0x47, 0xe5, 0x02, 0x20, 0x60, 0x06, 0x1d, 0x3e, 0x35,
0xd6, 0x0d, 0x9d, 0x4b, 0x0d, 0x44, 0x8d, 0xad, 0x76, 0x12, 0xf7, 0xe8, 0x5c, 0x58, 0x2e, 0x3f, 0xc3, 0x12, 0xdc, 0x18, 0x79,
0x4d, 0xd3, 0x73, 0x71, 0x5e, 0x5d,
};

// These are used directly by the CryptoPAL test, so need to be declared extern
extern constexpr ByteSpan sTestCert_PAA_NoVID_Cert = ByteSpan(sTestCert_PAA_NoVID_Cert_Array);

const Span<const ByteSpan> kTestAttestationTrustStoreRoots((const ByteSpan[]){
sTestCert_PAA_FFF1_Cert,
sTestCert_PAA_NoVID_Cert,
});

const Span<const ByteSpan> & GetTestPaaRootStore()
{
return kTestAttestationTrustStoreRoots;
}

} // namespace TestCerts
} // namespace chip
38 changes: 38 additions & 0 deletions src/credentials/attestation_verifier/TestPAAStore.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
/*
*
* Copyright (c) 2021-2023 Project CHIP Authors
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* Storage for test attestation PAA certificates. Contains the certs for
* the 0xFFF1 vid PAA cert and the test PAA cert with no VID.
*
* These certs are used by the device attestation and crypto tests
* and by the DefaultDeviceAttestationVerifier.
*/

#pragma once

#include <lib/support/Span.h>

namespace chip {
namespace TestCerts {

extern const ByteSpan sTestCert_PAA_FFF1_Cert;
extern const ByteSpan sTestCert_PAA_NoVID_Cert;

const Span<const ByteSpan> & GetTestPaaRootStore();

} // namespace TestCerts
} // namespace chip
5 changes: 4 additions & 1 deletion src/credentials/tests/BUILD.gn
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,10 @@ static_library("cert_test_vectors") {

cflags = [ "-Wconversion" ]

public_deps = [ "${chip_root}/src/credentials" ]
public_deps = [
"${chip_root}/src/credentials",
"${chip_root}/src/credentials:test_paa_store",
]
}

chip_test_suite("tests") {
Expand Down
61 changes: 0 additions & 61 deletions src/credentials/tests/CHIPAttCert_test_vectors.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -3347,35 +3347,6 @@ constexpr uint8_t sTestCert_DAC_FFF2_8006_0035_Val1SecBefore_PrivateKey_Array[]
extern const ByteSpan sTestCert_DAC_FFF2_8006_0035_Val1SecBefore_PrivateKey =
ByteSpan(sTestCert_DAC_FFF2_8006_0035_Val1SecBefore_PrivateKey_Array);

// ${chip_root}/credentials/test/attestation/Chip-Test-PAA-FFF1-Cert.pem

constexpr uint8_t sTestCert_PAA_FFF1_Cert_Array[] = {
0x30, 0x82, 0x01, 0xbd, 0x30, 0x82, 0x01, 0x64, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x4e, 0xa8, 0xe8, 0x31, 0x82, 0xd4,
0x1c, 0x1c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x30, 0x31, 0x18, 0x30, 0x16, 0x06,
0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41,
0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46,
0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39,
0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x30, 0x31, 0x18, 0x30, 0x16, 0x06,
0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41,
0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46,
0x31, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xb6, 0xcb, 0x63, 0x72, 0x88, 0x7f, 0x29, 0x28, 0xf5, 0xba, 0xc8, 0x1a, 0xa9, 0xd9,
0x3a, 0xe2, 0x43, 0x1c, 0xad, 0xa9, 0xd7, 0x9e, 0x24, 0x2f, 0x65, 0x17, 0x7e, 0xf9, 0xce, 0xd9, 0x32, 0xa2, 0x8e, 0xcd, 0x03,
0xba, 0xaf, 0x6a, 0x8f, 0xca, 0x18, 0x4a, 0x1a, 0x50, 0x35, 0x42, 0x96, 0x0d, 0x45, 0x3f, 0x30, 0x3f, 0x1f, 0x19, 0x42, 0x1d,
0x75, 0x1e, 0x8f, 0x8f, 0x1a, 0x9a, 0x9b, 0x75, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01,
0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff,
0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6a, 0xfd, 0x22, 0x77,
0x1f, 0x51, 0x1f, 0xec, 0xbf, 0x16, 0x41, 0x97, 0x67, 0x10, 0xdc, 0xdc, 0x31, 0xa1, 0x71, 0x7e, 0x30, 0x1f, 0x06, 0x03, 0x55,
0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x6a, 0xfd, 0x22, 0x77, 0x1f, 0x51, 0x1f, 0xec, 0xbf, 0x16, 0x41, 0x97, 0x67,
0x10, 0xdc, 0xdc, 0x31, 0xa1, 0x71, 0x7e, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47,
0x00, 0x30, 0x44, 0x02, 0x20, 0x50, 0xaa, 0x80, 0x02, 0xf4, 0xd9, 0x32, 0xa9, 0xa0, 0x05, 0x38, 0xf6, 0x53, 0x68, 0xad, 0x0f,
0xff, 0xc8, 0xef, 0xbb, 0xc9, 0xbe, 0xb7, 0xda, 0x56, 0x98, 0x35, 0xcf, 0x9a, 0xa7, 0x51, 0x0e, 0x02, 0x20, 0x23, 0xba, 0xc8,
0xfe, 0x0f, 0x23, 0xe7, 0x54, 0x45, 0xb6, 0x53, 0x39, 0x08, 0x1a, 0x47, 0x99, 0x49, 0x29, 0xc7, 0x2a, 0xaf, 0x0a, 0x15, 0x48,
0xd4, 0x0d, 0x03, 0x4d, 0x51, 0x4b, 0x25, 0xde,
};

extern const ByteSpan sTestCert_PAA_FFF1_Cert = ByteSpan(sTestCert_PAA_FFF1_Cert_Array);

constexpr uint8_t sTestCert_PAA_FFF1_SKID_Array[] = {
0x6A, 0xFD, 0x22, 0x77, 0x1F, 0x51, 0x1F, 0xEC, 0xBF, 0x16, 0x41, 0x97, 0x67, 0x10, 0xDC, 0xDC, 0x31, 0xA1, 0x71, 0x7E,
};
Expand Down Expand Up @@ -3506,33 +3477,6 @@ constexpr uint8_t sTestCert_PAA_FFF2_ValInPast_PrivateKey_Array[] = {

extern const ByteSpan sTestCert_PAA_FFF2_ValInPast_PrivateKey = ByteSpan(sTestCert_PAA_FFF2_ValInPast_PrivateKey_Array);

// ${chip_root}/credentials/test/attestation/Chip-Test-PAA-NoVID-Cert.pem

constexpr uint8_t sTestCert_PAA_NoVID_Cert_Array[] = {
0x30, 0x82, 0x01, 0x91, 0x30, 0x82, 0x01, 0x37, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x07, 0x0b, 0x8f, 0xba, 0xa8, 0xdd, 0x86,
0xee, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41, 0x30,
0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39,
0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55,
0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41, 0x30, 0x59,
0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
0x03, 0x42, 0x00, 0x04, 0x10, 0xef, 0x02, 0xa8, 0x1a, 0x87, 0xb6, 0x81, 0x21, 0xfb, 0xa8, 0xd3, 0x19, 0x78, 0xf8, 0x07, 0xa3,
0x17, 0xe5, 0x0a, 0xa8, 0xa8, 0x28, 0x44, 0x68, 0x28, 0x91, 0x4b, 0x93, 0x3d, 0xe8, 0xed, 0xd4, 0xa5, 0xc3, 0x9c, 0x9f, 0xf7,
0x1a, 0x4c, 0xe3, 0x64, 0x7f, 0xd7, 0xf6, 0x26, 0x53, 0xb7, 0xd2, 0x49, 0x5f, 0xcb, 0xa4, 0xc0, 0xf4, 0x7f, 0x87, 0x68, 0x80,
0x03, 0x9e, 0x07, 0x20, 0x4a, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08,
0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03,
0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x78, 0x5c, 0xe7, 0x05, 0xb8, 0x6b, 0x8f,
0x4e, 0x6f, 0xc7, 0x93, 0xaa, 0x60, 0xcb, 0x43, 0xea, 0x69, 0x68, 0x82, 0xd5, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04,
0x18, 0x30, 0x16, 0x80, 0x14, 0x78, 0x5c, 0xe7, 0x05, 0xb8, 0x6b, 0x8f, 0x4e, 0x6f, 0xc7, 0x93, 0xaa, 0x60, 0xcb, 0x43, 0xea,
0x69, 0x68, 0x82, 0xd5, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45,
0x02, 0x21, 0x00, 0xb9, 0xef, 0xdb, 0x3e, 0xa0, 0x6a, 0x52, 0xec, 0x0b, 0xf0, 0x1e, 0x61, 0xda, 0xed, 0x2c, 0x2d, 0x15, 0x6d,
0xdb, 0x6c, 0xf0, 0x14, 0x10, 0x1d, 0xab, 0x79, 0x8f, 0xac, 0x05, 0xfa, 0x47, 0xe5, 0x02, 0x20, 0x60, 0x06, 0x1d, 0x3e, 0x35,
0xd6, 0x0d, 0x9d, 0x4b, 0x0d, 0x44, 0x8d, 0xad, 0x76, 0x12, 0xf7, 0xe8, 0x5c, 0x58, 0x2e, 0x3f, 0xc3, 0x12, 0xdc, 0x18, 0x79,
0x4d, 0xd3, 0x73, 0x71, 0x5e, 0x5d,
};

extern const ByteSpan sTestCert_PAA_NoVID_Cert = ByteSpan(sTestCert_PAA_NoVID_Cert_Array);

constexpr uint8_t sTestCert_PAA_NoVID_SKID_Array[] = {
0x78, 0x5C, 0xE7, 0x05, 0xB8, 0x6B, 0x8F, 0x4E, 0x6F, 0xC7, 0x93, 0xAA, 0x60, 0xCB, 0x43, 0xEA, 0x69, 0x68, 0x82, 0xD5,
};
Expand Down Expand Up @@ -4289,10 +4233,5 @@ constexpr uint8_t sTestCert_PAI_FFF2_NoPID_Resigned_SKID_Array[] = {

extern const ByteSpan sTestCert_PAI_FFF2_NoPID_Resigned_SKID = ByteSpan(sTestCert_PAI_FFF2_NoPID_Resigned_SKID_Array);

extern constexpr Span<const ByteSpan> kTestAttestationTrustStoreRoots((const ByteSpan[]){
sTestCert_PAA_FFF1_Cert,
sTestCert_PAA_NoVID_Cert,
});

} // namespace TestCerts
} // namespace chip
7 changes: 2 additions & 5 deletions src/credentials/tests/CHIPAttCert_test_vectors.h
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,6 @@
namespace chip {
namespace TestCerts {

// Root CA certs for chip::Credentials::GetTestAttestationTrustStore()
extern const Span<const ByteSpan> kTestAttestationTrustStoreRoots;

extern const ByteSpan sTestCert_DAC_FFF1_8000_0000_2CDPs_Cert;
extern const ByteSpan sTestCert_DAC_FFF1_8000_0000_2CDPs_SKID;
extern const ByteSpan sTestCert_DAC_FFF1_8000_0000_2CDPs_PublicKey;
Expand Down Expand Up @@ -316,7 +313,7 @@ extern const ByteSpan sTestCert_DAC_FFF2_8006_0035_Val1SecBefore_SKID;
extern const ByteSpan sTestCert_DAC_FFF2_8006_0035_Val1SecBefore_PublicKey;
extern const ByteSpan sTestCert_DAC_FFF2_8006_0035_Val1SecBefore_PrivateKey;

extern const ByteSpan sTestCert_PAA_FFF1_Cert;
// Cert is provided in the PAA store file as it is used in the default verifier.
extern const ByteSpan sTestCert_PAA_FFF1_SKID;
extern const ByteSpan sTestCert_PAA_FFF1_PublicKey;
extern const ByteSpan sTestCert_PAA_FFF1_PrivateKey;
Expand All @@ -331,7 +328,7 @@ extern const ByteSpan sTestCert_PAA_FFF2_ValInPast_SKID;
extern const ByteSpan sTestCert_PAA_FFF2_ValInPast_PublicKey;
extern const ByteSpan sTestCert_PAA_FFF2_ValInPast_PrivateKey;

extern const ByteSpan sTestCert_PAA_NoVID_Cert;
// Cert is provided in the PAA store file as it is used in the default verifier.
extern const ByteSpan sTestCert_PAA_NoVID_SKID;
extern const ByteSpan sTestCert_PAA_NoVID_PublicKey;
extern const ByteSpan sTestCert_PAA_NoVID_PrivateKey;
Expand Down
1 change: 1 addition & 0 deletions src/credentials/tests/TestDeviceAttestationCredentials.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
#include <credentials/DeviceAttestationCredsProvider.h>
#include <credentials/attestation_verifier/DefaultDeviceAttestationVerifier.h>
#include <credentials/attestation_verifier/DeviceAttestationVerifier.h>
#include <credentials/attestation_verifier/TestPAAStore.h>
#include <credentials/examples/DeviceAttestationCredsExample.h>
#include <credentials/examples/ExampleDACs.h>
#include <credentials/examples/ExamplePAI.h>
Expand Down
1 change: 1 addition & 0 deletions src/crypto/tests/BUILD.gn
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@ chip_test_suite("tests") {
cflags = [ "-Wconversion" ]

public_deps = [
"${chip_root}/src/credentials:test_paa_store",
"${chip_root}/src/credentials/tests:cert_test_vectors",
"${chip_root}/src/crypto",
"${chip_root}/src/lib/core",
Expand Down
1 change: 1 addition & 0 deletions src/crypto/tests/CHIPCryptoPALTest.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@
#endif

#include <credentials/CHIPCert.h>
#include <credentials/attestation_verifier/TestPAAStore.h>
#include <credentials/tests/CHIPAttCert_test_vectors.h>
#include <credentials/tests/CHIPCert_test_vectors.h>

Expand Down

0 comments on commit f5f2e51

Please sign in to comment.