From 103086e17b8cb2a2e97632fe3da4868fd8c02572 Mon Sep 17 00:00:00 2001 From: Boris Zbarsky Date: Mon, 8 May 2023 14:07:02 -0400 Subject: [PATCH] Add unit tests for conversion of certs with no defined notAfter time. --- .../tests/CHIPCert_test_vectors.cpp | 140 ++++++++++++++++++ src/credentials/tests/CHIPCert_test_vectors.h | 14 ++ 2 files changed, 154 insertions(+) diff --git a/src/credentials/tests/CHIPCert_test_vectors.cpp b/src/credentials/tests/CHIPCert_test_vectors.cpp index 565e1cfdaf51ce..314c13e6f8063e 100644 --- a/src/credentials/tests/CHIPCert_test_vectors.cpp +++ b/src/credentials/tests/CHIPCert_test_vectors.cpp @@ -35,6 +35,7 @@ namespace TestCerts { extern const uint8_t gTestCerts[] = { TestCert::kRoot01, TestCert::kRoot02, + TestCert::kRoot03, TestCert::kICA01, TestCert::kICA02, TestCert::kICA01_1, @@ -78,6 +79,7 @@ CHIP_ERROR GetTestCert(uint8_t certType, BitFlags certLoadFla SELECT_CERT(Root01); SELECT_CERT(Root02); + SELECT_CERT(Root03); SELECT_CERT(ICA01); SELECT_CERT(ICA02); SELECT_CERT(ICA01_1); @@ -114,6 +116,7 @@ const char * GetTestCertName(uint8_t certType) NAME_CERT(Root01); NAME_CERT(Root02); + NAME_CERT(Root03); NAME_CERT(ICA01); NAME_CERT(ICA02); NAME_CERT(ICA01_1); @@ -150,6 +153,7 @@ CHIP_ERROR GetTestCertPubkey(uint8_t certType, ByteSpan & pubkey) SELECT_PUBKEY(Root01); SELECT_PUBKEY(Root02); + SELECT_PUBKEY(Root03); SELECT_PUBKEY(ICA01); SELECT_PUBKEY(ICA02); SELECT_PUBKEY(ICA01_1); @@ -189,6 +193,7 @@ CHIP_ERROR GetTestCertSKID(uint8_t certType, ByteSpan & skid) SELECT_SKID(Root01); SELECT_SKID(Root02); + SELECT_SKID(Root03); SELECT_SKID(ICA01); SELECT_SKID(ICA02); SELECT_SKID(ICA01_1); @@ -228,6 +233,7 @@ CHIP_ERROR GetTestCertAKID(uint8_t certType, ByteSpan & akid) SELECT_AKID(Root01); SELECT_AKID(Root02); + SELECT_AKID(Root03); SELECT_AKID(ICA01); SELECT_AKID(ICA02); SELECT_AKID(ICA01_1); @@ -557,6 +563,140 @@ extern const uint8_t sTestCert_Root02_AuthorityKeyId[] = { extern const size_t sTestCert_Root02_AuthorityKeyId_Len = sizeof(sTestCert_Root02_AuthorityKeyId); +/************** Test Root03 Certificate ************** +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 7744074172075392897 (0x6b787a6dfcd4bf81) + Signature Algorithm: ecdsa-with-SHA256 + Issuer: 1.3.6.1.4.1.37244.1.4 = CACACACA00000002, 1.3.6.1.4.1.37244.1.5 = FAB000000000001D + Validity + Not Before: Oct 15 14:23:43 2020 GMT + Not After : Dec 31 23:59:59 9999 GMT + Subject: 1.3.6.1.4.1.37244.1.4 = CACACACA00000002, 1.3.6.1.4.1.37244.1.5 = FAB000000000001D + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (256 bit) + pub: + 04:71:05:40:8a:85:a9:d9:a0:8a:f8:b7:70:77:db: + 38:8b:7e:a4:38:97:dc:df:d3:16:f2:4f:0a:7e:71: + de:69:a5:0c:44:55:0c:0c:9d:a2:36:1c:d8:29:e5: + 5f:dd:63:cc:f5:79:ed:44:e0:22:08:b4:f8:25:fc: + d6:f0:68:2c:02 + ASN1 OID: prime256v1 + NIST CURVE: P-256 + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:1 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + FF:87:F3:CD:D2:06:9A:EF:8D:5D:32:EB:A3:16:3B:9E:B0:0A:00:29 + X509v3 Authority Key Identifier: + keyid:FF:87:F3:CD:D2:06:9A:EF:8D:5D:32:EB:A3:16:3B:9E:B0:0A:00:29 + + Signature Algorithm: ecdsa-with-SHA256 + 30:44:02:20:75:f6:70:eb:35:45:b9:97:86:46:67:99:eb:ea: + 40:51:a3:41:af:2a:9b:67:7f:d7:1b:4c:3d:4e:68:09:3b:66: + 02:20:5f:28:42:cb:7e:d3:19:9c:9a:d7:c9:62:79:47:a1:8a: + 92:16:8a:fc:d6:5f:3e:9c:af:6e:ed:fa:9e:60:c5:2f + +-----BEGIN CERTIFICATE----- +MIIB5TCCAYygAwIBAgIIa3h6bfzUv4EwCgYIKoZIzj0EAwIwRDEgMB4GCisGAQQB +gqJ8AQQMEENBQ0FDQUNBMDAwMDAwMDIxIDAeBgorBgEEAYKifAEFDBBGQUIwMDAw +MDAwMDAwMDFEMCAXDTIwMTAxNTE0MjM0M1oYDzk5OTkxMjMxMjM1OTU5WjBEMSAw +HgYKKwYBBAGConwBBAwQQ0FDQUNBQ0EwMDAwMDAwMjEgMB4GCisGAQQBgqJ8AQUM +EEZBQjAwMDAwMDAwMDAwMUQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARxBUCK +hanZoIr4t3B32ziLfqQ4l9zf0xbyTwp+cd5ppQxEVQwMnaI2HNgp5V/dY8z1ee1E +4CIItPgl/NbwaCwCo2YwZDASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQE +AwIBBjAdBgNVHQ4EFgQU/4fzzdIGmu+NXTLroxY7nrAKACkwHwYDVR0jBBgwFoAU +/4fzzdIGmu+NXTLroxY7nrAKACkwCgYIKoZIzj0EAwIDRwAwRAIgdfZw6zVFuZeG +RmeZ6+pAUaNBryqbZ3/XG0w9TmgJO2YCIF8oQst+0xmcmtfJYnlHoYqSFor81l8+ +nK9u7fqeYMUv +-----END CERTIFICATE----- + +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIHDnbQApKIHktaW8tOzQL/XkdbwUid5uw+jWPFo/LlqHoAoGCCqGSM49 +AwEHoUQDQgAEcQVAioWp2aCK+Ldwd9s4i36kOJfc39MW8k8KfnHeaaUMRFUMDJ2i +NhzYKeVf3WPM9XntROAiCLT4JfzW8GgsAg== +-----END EC PRIVATE KEY----- +*/ + +extern const uint8_t sTestCert_Root03_Chip[] = { + 0x15, 0x30, 0x01, 0x08, 0x6b, 0x78, 0x7a, 0x6d, 0xfc, 0xd4, 0xbf, 0x81, 0x24, 0x02, 0x01, 0x37, 0x03, 0x27, 0x14, 0x02, 0x00, + 0x00, 0x00, 0xca, 0xca, 0xca, 0xca, 0x27, 0x15, 0x1d, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb0, 0xfa, 0x18, 0x26, 0x04, 0xef, 0x17, + 0x1b, 0x27, 0x24, 0x05, 0x00, 0x37, 0x06, 0x27, 0x14, 0x02, 0x00, 0x00, 0x00, 0xca, 0xca, 0xca, 0xca, 0x27, 0x15, 0x1d, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xb0, 0xfa, 0x18, 0x24, 0x07, 0x01, 0x24, 0x08, 0x01, 0x30, 0x09, 0x41, 0x04, 0x71, 0x05, 0x40, 0x8a, + 0x85, 0xa9, 0xd9, 0xa0, 0x8a, 0xf8, 0xb7, 0x70, 0x77, 0xdb, 0x38, 0x8b, 0x7e, 0xa4, 0x38, 0x97, 0xdc, 0xdf, 0xd3, 0x16, 0xf2, + 0x4f, 0x0a, 0x7e, 0x71, 0xde, 0x69, 0xa5, 0x0c, 0x44, 0x55, 0x0c, 0x0c, 0x9d, 0xa2, 0x36, 0x1c, 0xd8, 0x29, 0xe5, 0x5f, 0xdd, + 0x63, 0xcc, 0xf5, 0x79, 0xed, 0x44, 0xe0, 0x22, 0x08, 0xb4, 0xf8, 0x25, 0xfc, 0xd6, 0xf0, 0x68, 0x2c, 0x02, 0x37, 0x0a, 0x35, + 0x01, 0x29, 0x01, 0x24, 0x02, 0x01, 0x18, 0x24, 0x02, 0x60, 0x30, 0x04, 0x14, 0xff, 0x87, 0xf3, 0xcd, 0xd2, 0x06, 0x9a, 0xef, + 0x8d, 0x5d, 0x32, 0xeb, 0xa3, 0x16, 0x3b, 0x9e, 0xb0, 0x0a, 0x00, 0x29, 0x30, 0x05, 0x14, 0xff, 0x87, 0xf3, 0xcd, 0xd2, 0x06, + 0x9a, 0xef, 0x8d, 0x5d, 0x32, 0xeb, 0xa3, 0x16, 0x3b, 0x9e, 0xb0, 0x0a, 0x00, 0x29, 0x18, 0x30, 0x0b, 0x40, 0x75, 0xf6, 0x70, + 0xeb, 0x35, 0x45, 0xb9, 0x97, 0x86, 0x46, 0x67, 0x99, 0xeb, 0xea, 0x40, 0x51, 0xa3, 0x41, 0xaf, 0x2a, 0x9b, 0x67, 0x7f, 0xd7, + 0x1b, 0x4c, 0x3d, 0x4e, 0x68, 0x09, 0x3b, 0x66, 0x5f, 0x28, 0x42, 0xcb, 0x7e, 0xd3, 0x19, 0x9c, 0x9a, 0xd7, 0xc9, 0x62, 0x79, + 0x47, 0xa1, 0x8a, 0x92, 0x16, 0x8a, 0xfc, 0xd6, 0x5f, 0x3e, 0x9c, 0xaf, 0x6e, 0xed, 0xfa, 0x9e, 0x60, 0xc5, 0x2f, 0x18, +}; + +extern const size_t sTestCert_Root03_Chip_Len = sizeof(sTestCert_Root03_Chip); + +extern const uint8_t sTestCert_Root03_DER[] = { + 0x30, 0x82, 0x01, 0xe5, 0x30, 0x82, 0x01, 0x8c, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x6b, 0x78, 0x7a, 0x6d, 0xfc, 0xd4, + 0xbf, 0x81, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x44, 0x31, 0x20, 0x30, 0x1e, 0x06, + 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x01, 0x04, 0x0c, 0x10, 0x43, 0x41, 0x43, 0x41, 0x43, 0x41, 0x43, 0x41, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x32, 0x31, 0x20, 0x30, 0x1e, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, + 0x7c, 0x01, 0x05, 0x0c, 0x10, 0x46, 0x41, 0x42, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x31, 0x44, + 0x30, 0x20, 0x17, 0x0d, 0x32, 0x30, 0x31, 0x30, 0x31, 0x35, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, + 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x44, 0x31, 0x20, 0x30, 0x1e, 0x06, 0x0a, + 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x01, 0x04, 0x0c, 0x10, 0x43, 0x41, 0x43, 0x41, 0x43, 0x41, 0x43, 0x41, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x32, 0x31, 0x20, 0x30, 0x1e, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, + 0x01, 0x05, 0x0c, 0x10, 0x46, 0x41, 0x42, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x31, 0x44, 0x30, + 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, + 0x07, 0x03, 0x42, 0x00, 0x04, 0x71, 0x05, 0x40, 0x8a, 0x85, 0xa9, 0xd9, 0xa0, 0x8a, 0xf8, 0xb7, 0x70, 0x77, 0xdb, 0x38, 0x8b, + 0x7e, 0xa4, 0x38, 0x97, 0xdc, 0xdf, 0xd3, 0x16, 0xf2, 0x4f, 0x0a, 0x7e, 0x71, 0xde, 0x69, 0xa5, 0x0c, 0x44, 0x55, 0x0c, 0x0c, + 0x9d, 0xa2, 0x36, 0x1c, 0xd8, 0x29, 0xe5, 0x5f, 0xdd, 0x63, 0xcc, 0xf5, 0x79, 0xed, 0x44, 0xe0, 0x22, 0x08, 0xb4, 0xf8, 0x25, + 0xfc, 0xd6, 0xf0, 0x68, 0x2c, 0x02, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, + 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, + 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xff, 0x87, 0xf3, 0xcd, 0xd2, 0x06, + 0x9a, 0xef, 0x8d, 0x5d, 0x32, 0xeb, 0xa3, 0x16, 0x3b, 0x9e, 0xb0, 0x0a, 0x00, 0x29, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, + 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xff, 0x87, 0xf3, 0xcd, 0xd2, 0x06, 0x9a, 0xef, 0x8d, 0x5d, 0x32, 0xeb, 0xa3, 0x16, 0x3b, + 0x9e, 0xb0, 0x0a, 0x00, 0x29, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, + 0x44, 0x02, 0x20, 0x75, 0xf6, 0x70, 0xeb, 0x35, 0x45, 0xb9, 0x97, 0x86, 0x46, 0x67, 0x99, 0xeb, 0xea, 0x40, 0x51, 0xa3, 0x41, + 0xaf, 0x2a, 0x9b, 0x67, 0x7f, 0xd7, 0x1b, 0x4c, 0x3d, 0x4e, 0x68, 0x09, 0x3b, 0x66, 0x02, 0x20, 0x5f, 0x28, 0x42, 0xcb, 0x7e, + 0xd3, 0x19, 0x9c, 0x9a, 0xd7, 0xc9, 0x62, 0x79, 0x47, 0xa1, 0x8a, 0x92, 0x16, 0x8a, 0xfc, 0xd6, 0x5f, 0x3e, 0x9c, 0xaf, 0x6e, + 0xed, 0xfa, 0x9e, 0x60, 0xc5, 0x2f, +}; + +extern const size_t sTestCert_Root03_DER_Len = sizeof(sTestCert_Root03_DER); + +extern const uint8_t sTestCert_Root03_PublicKey[] = { + 0x04, 0x71, 0x05, 0x40, 0x8a, 0x85, 0xa9, 0xd9, 0xa0, 0x8a, 0xf8, 0xb7, 0x70, 0x77, 0xdb, 0x38, 0x8b, + 0x7e, 0xa4, 0x38, 0x97, 0xdc, 0xdf, 0xd3, 0x16, 0xf2, 0x4f, 0x0a, 0x7e, 0x71, 0xde, 0x69, 0xa5, 0x0c, + 0x44, 0x55, 0x0c, 0x0c, 0x9d, 0xa2, 0x36, 0x1c, 0xd8, 0x29, 0xe5, 0x5f, 0xdd, 0x63, 0xcc, 0xf5, 0x79, + 0xed, 0x44, 0xe0, 0x22, 0x08, 0xb4, 0xf8, 0x25, 0xfc, 0xd6, 0xf0, 0x68, 0x2c, 0x02, +}; + +extern const size_t sTestCert_Root03_PublicKey_Len = sizeof(sTestCert_Root03_PublicKey); + +extern const uint8_t sTestCert_Root03_PrivateKey[] = { + 0x70, 0xe7, 0x6d, 0x00, 0x29, 0x28, 0x81, 0xe4, 0xb5, 0xa5, 0xbc, 0xb4, 0xec, 0xd0, 0x2f, 0xf5, + 0xe4, 0x75, 0xbc, 0x14, 0x89, 0xde, 0x6e, 0xc3, 0xe8, 0xd6, 0x3c, 0x5a, 0x3f, 0x2e, 0x5a, 0x87, +}; + +extern const size_t sTestCert_Root03_PrivateKey_Len = sizeof(sTestCert_Root03_PrivateKey); + +extern const uint8_t sTestCert_Root03_SubjectKeyId[] = { + 0xFF, 0x87, 0xF3, 0xCD, 0xD2, 0x06, 0x9A, 0xEF, 0x8D, 0x5D, 0x32, 0xEB, 0xA3, 0x16, 0x3B, 0x9E, 0xB0, 0x0A, 0x00, 0x29, +}; + +extern const size_t sTestCert_Root03_SubjectKeyId_Len = sizeof(sTestCert_Root03_SubjectKeyId); + +extern const uint8_t sTestCert_Root03_AuthorityKeyId[] = { + 0xFF, 0x87, 0xF3, 0xCD, 0xD2, 0x06, 0x9A, 0xEF, 0x8D, 0x5D, 0x32, 0xEB, 0xA3, 0x16, 0x3B, 0x9E, 0xB0, 0x0A, 0x00, 0x29, +}; + +extern const size_t sTestCert_Root03_AuthorityKeyId_Len = sizeof(sTestCert_Root03_AuthorityKeyId); + /************** Test ICA01 Certificate ************** Certificate: Data: diff --git a/src/credentials/tests/CHIPCert_test_vectors.h b/src/credentials/tests/CHIPCert_test_vectors.h index 30f36c8cd46455..2793fd8d5ef867 100644 --- a/src/credentials/tests/CHIPCert_test_vectors.h +++ b/src/credentials/tests/CHIPCert_test_vectors.h @@ -54,6 +54,7 @@ enum TestCert kNode02_06 = 14, kNode02_07 = 15, kNode02_08 = 16, + kRoot03 = 17, }; // Special flags to alter how certificates are fetched/loaded. @@ -106,6 +107,19 @@ extern const size_t sTestCert_Root02_SubjectKeyId_Len; extern const uint8_t sTestCert_Root02_AuthorityKeyId[]; extern const size_t sTestCert_Root02_AuthorityKeyId_Len; +extern const uint8_t sTestCert_Root03_Chip[]; +extern const size_t sTestCert_Root03_Chip_Len; +extern const uint8_t sTestCert_Root03_DER[]; +extern const size_t sTestCert_Root03_DER_Len; +extern const uint8_t sTestCert_Root03_PublicKey[]; +extern const size_t sTestCert_Root03_PublicKey_Len; +extern const uint8_t sTestCert_Root03_PrivateKey[]; +extern const size_t sTestCert_Root03_PrivateKey_Len; +extern const uint8_t sTestCert_Root03_SubjectKeyId[]; +extern const size_t sTestCert_Root03_SubjectKeyId_Len; +extern const uint8_t sTestCert_Root03_AuthorityKeyId[]; +extern const size_t sTestCert_Root03_AuthorityKeyId_Len; + extern const uint8_t sTestCert_ICA01_Chip[]; extern const size_t sTestCert_ICA01_Chip_Len; extern const uint8_t sTestCert_ICA01_DER[];