Skip to content

Commit

Permalink
Rename ExampleDeviceAttestationVerifier (#12182)
Browse files Browse the repository at this point in the history
* Rename ExampleDeviceAttestationVerifier

- Rename ExampleDeviceAttestationVerifier to DefaultDeviceAttestationVerifier
  since it is now used commonly and becoming fully spec-compliant.

Fixes #11919

* Restyled by clang-format

* Restyled by gn

Co-authored-by: Restyled.io <[email protected]>
  • Loading branch information
2 people authored and pull[bot] committed Feb 26, 2024
1 parent 66eb138 commit 624703d
Show file tree
Hide file tree
Showing 11 changed files with 28 additions and 32 deletions.
4 changes: 2 additions & 2 deletions examples/chip-tool/commands/common/CHIPCommand.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@
#include <controller/CHIPDeviceControllerFactory.h>
#include <credentials/DeviceAttestationCredsProvider.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationCredsExample.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>
#include <lib/core/CHIPVendorIdentifiers.hpp>
#include <lib/support/CodeUtils.h>
#include <lib/support/ScopedBuffer.h>
Expand All @@ -45,7 +45,7 @@ CHIP_ERROR CHIPCommand::Run()
chip::Platform::ScopedMemoryBuffer<uint8_t> rcac;

chip::Credentials::SetDeviceAttestationCredentialsProvider(chip::Credentials::Examples::GetExampleDACProvider());
chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::Examples::GetExampleDACVerifier());
chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier());

VerifyOrReturnError(noc.Alloc(chip::Controller::kMaxCHIPDERCertLength), CHIP_ERROR_NO_MEMORY);
VerifyOrReturnError(icac.Alloc(chip::Controller::kMaxCHIPDERCertLength), CHIP_ERROR_NO_MEMORY);
Expand Down
4 changes: 2 additions & 2 deletions examples/platform/linux/AppMain.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@

#include <credentials/DeviceAttestationCredsProvider.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationCredsExample.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>

#include <lib/support/CHIPMem.h>
#include <lib/support/ScopedBuffer.h>
Expand Down Expand Up @@ -234,7 +234,7 @@ CHIP_ERROR InitCommissioner()
ReturnErrorOnFailure(gCommissioner.SetUdcListenPort(LinuxDeviceOptions::GetInstance().unsecuredCommissionerPort));

// Initialize device attestation verifier
SetDeviceAttestationVerifier(Examples::GetExampleDACVerifier());
SetDeviceAttestationVerifier(GetDefaultDACVerifier());

chip::Platform::ScopedMemoryBuffer<uint8_t> noc;
VerifyOrReturnError(noc.Alloc(chip::Controller::kMaxCHIPDERCertLength), CHIP_ERROR_NO_MEMORY);
Expand Down
4 changes: 2 additions & 2 deletions examples/tv-casting-app/linux/main.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@
#include <controller/CHIPCommissionableNodeController.h>
#include <credentials/DeviceAttestationCredsProvider.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationCredsExample.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>
#include <lib/support/CHIPArgParser.hpp>
#include <lib/support/SafeInt.h>
#include <platform/CHIPDeviceLayer.h>
Expand Down Expand Up @@ -196,7 +196,7 @@ int main(int argc, char * argv[])
SetDeviceAttestationCredentialsProvider(Examples::GetExampleDACProvider());

// Initialize device attestation verifier
SetDeviceAttestationVerifier(Examples::GetExampleDACVerifier());
SetDeviceAttestationVerifier(GetDefaultDACVerifier());

if (!chip::ArgParser::ParseArgs(argv[0], argc, argv, allOptions))
{
Expand Down
4 changes: 2 additions & 2 deletions src/controller/java/AndroidDeviceControllerWrapper.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@

#include <controller/CHIPDeviceControllerFactory.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <lib/core/CHIPTLV.h>
#include <lib/support/PersistentStorageMacros.h>
#include <lib/support/SafeInt.h>
Expand Down Expand Up @@ -204,7 +204,7 @@ AndroidDeviceControllerWrapper * AndroidDeviceControllerWrapper::AllocateNew(Jav
wrapper->SetJavaObjectRef(vm, deviceControllerObj);

// Initialize device attestation verifier
SetDeviceAttestationVerifier(Examples::GetExampleDACVerifier());
SetDeviceAttestationVerifier(GetDefaultDACVerifier());

chip::Controller::FactoryInitParams initParams;
chip::Controller::SetupParams setupParams;
Expand Down
4 changes: 2 additions & 2 deletions src/controller/python/ChipDeviceController-ScriptBinding.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
#include <controller/CHIPDeviceControllerFactory.h>
#include <controller/ExampleOperationalCredentialsIssuer.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <inet/IPAddress.h>
#include <lib/dnssd/Resolver.h>
#include <lib/support/BytesToHex.h>
Expand Down Expand Up @@ -182,7 +182,7 @@ ChipError::StorageType pychip_DeviceController_NewDeviceController(chip::Control
}

// Initialize device attestation verifier
SetDeviceAttestationVerifier(Examples::GetExampleDACVerifier());
SetDeviceAttestationVerifier(GetDefaultDACVerifier());

CHIP_ERROR err = sOperationalCredentialsIssuer.Initialize(sStorageDelegate);
VerifyOrReturnError(err == CHIP_NO_ERROR, err.AsInteger());
Expand Down
4 changes: 2 additions & 2 deletions src/controller/python/chip/internal/CommissionerImpl.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
#include <controller/CHIPDeviceControllerFactory.h>
#include <controller/ExampleOperationalCredentialsIssuer.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <lib/support/CodeUtils.h>
#include <lib/support/ScopedBuffer.h>
#include <lib/support/ThreadOperationalDataset.h>
Expand Down Expand Up @@ -117,7 +117,7 @@ extern "C" chip::Controller::DeviceCommissioner * pychip_internal_Commissioner_N
commissionerParams.storageDelegate = &gServerStorage;

// Initialize device attestation verifier
chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::Examples::GetExampleDACVerifier());
chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier());

err = ephemeralKey.Initialize();
SuccessOrExit(err);
Expand Down
4 changes: 2 additions & 2 deletions src/credentials/BUILD.gn
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,10 @@ static_library("credentials") {
"FabricTable.h",
"GenerateChipX509Cert.cpp",
"GroupDataProvider.h",
"examples/DefaultDeviceAttestationVerifier.cpp",
"examples/DefaultDeviceAttestationVerifier.h",
"examples/DeviceAttestationCredsExample.cpp",
"examples/DeviceAttestationCredsExample.h",
"examples/DeviceAttestationVerifierExample.cpp",
"examples/DeviceAttestationVerifierExample.h",
"examples/GroupDataProviderExample.cpp",
]

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "DeviceAttestationVerifierExample.h"
#include "DefaultDeviceAttestationVerifier.h"

#include <credentials/CHIPCert.h>
#include <credentials/CertificationDeclaration.h>
Expand All @@ -31,7 +31,6 @@ using namespace chip::Crypto;

namespace chip {
namespace Credentials {
namespace Examples {

namespace {

Expand Down Expand Up @@ -189,7 +188,7 @@ CHIP_ERROR GetCertificationDeclarationCertificate(const ByteSpan & skid, Mutable
return CopySpanToMutableSpan(ByteSpan{ sCertChainLookupTable[certChainLookupTableIdx].mCertificate }, outCertificate);
}

class ExampleDACVerifier : public DeviceAttestationVerifier
class DefaultDACVerifier : public DeviceAttestationVerifier
{
public:
AttestationVerificationResult VerifyAttestationInformation(const ByteSpan & attestationInfoBuffer,
Expand All @@ -206,7 +205,7 @@ class ExampleDACVerifier : public DeviceAttestationVerifier
const DeviceInfoForAttestation & deviceInfo) override;
};

AttestationVerificationResult ExampleDACVerifier::VerifyAttestationInformation(const ByteSpan & attestationInfoBuffer,
AttestationVerificationResult DefaultDACVerifier::VerifyAttestationInformation(const ByteSpan & attestationInfoBuffer,
const ByteSpan & attestationChallengeBuffer,
const ByteSpan & attestationSignatureBuffer,
const ByteSpan & paiCertDerBuffer,
Expand Down Expand Up @@ -310,7 +309,7 @@ AttestationVerificationResult ExampleDACVerifier::VerifyAttestationInformation(c
return ValidateCertificateDeclarationPayload(certificationDeclarationPayload, firmwareInfoSpan, deviceInfo);
}

AttestationVerificationResult ExampleDACVerifier::ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
AttestationVerificationResult DefaultDACVerifier::ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
ByteSpan & certDeclBuffer)
{
uint8_t certificate[Credentials::kMaxDERCertLength];
Expand All @@ -329,7 +328,7 @@ AttestationVerificationResult ExampleDACVerifier::ValidateCertificationDeclarati
return AttestationVerificationResult::kSuccess;
}

AttestationVerificationResult ExampleDACVerifier::ValidateCertificateDeclarationPayload(const ByteSpan & certDeclBuffer,
AttestationVerificationResult DefaultDACVerifier::ValidateCertificateDeclarationPayload(const ByteSpan & certDeclBuffer,
const ByteSpan & firmwareInfo,
const DeviceInfoForAttestation & deviceInfo)
{
Expand Down Expand Up @@ -398,13 +397,12 @@ AttestationVerificationResult ExampleDACVerifier::ValidateCertificateDeclaration

} // namespace

DeviceAttestationVerifier * GetExampleDACVerifier()
DeviceAttestationVerifier * GetDefaultDACVerifier()
{
static ExampleDACVerifier exampleDacVerifier;
static DefaultDACVerifier defaultDACVerifier;

return &exampleDacVerifier;
return &defaultDACVerifier;
}

} // namespace Examples
} // namespace Credentials
} // namespace chip
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@

namespace chip {
namespace Credentials {
namespace Examples {

/**
* @brief Get implementation of a sample DAC verifier to validate device
Expand All @@ -29,8 +28,7 @@ namespace Examples {
* @returns a singleton DeviceAttestationVerifier that relies on no
* storage abstractions.
*/
DeviceAttestationVerifier * GetExampleDACVerifier();
DeviceAttestationVerifier * GetDefaultDACVerifier();

} // namespace Examples
} // namespace Credentials
} // namespace chip
6 changes: 3 additions & 3 deletions src/credentials/tests/TestDeviceAttestationCredentials.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@
#include <credentials/CertificationDeclaration.h>
#include <credentials/DeviceAttestationCredsProvider.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationCredsExample.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>

#include <lib/core/CHIPError.h>
#include <lib/support/CHIPMem.h>
Expand Down Expand Up @@ -196,7 +196,7 @@ static void TestDACVerifierExample_AttestationInfoVerification(nlTestSuite * inS
NL_TEST_ASSERT(inSuite, attestation_result == AttestationVerificationResult::kNotImplemented);

// Replace default verifier with example verifier
DeviceAttestationVerifier * example_dac_verifier = Examples::GetExampleDACVerifier();
DeviceAttestationVerifier * example_dac_verifier = GetDefaultDACVerifier();
NL_TEST_ASSERT(inSuite, example_dac_verifier != nullptr);
NL_TEST_ASSERT(inSuite, default_verifier != example_dac_verifier);

Expand Down Expand Up @@ -252,7 +252,7 @@ static void TestDACVerifierExample_CertDeclarationVerification(nlTestSuite * inS
CHIP_ERROR err = CHIP_NO_ERROR;

// Replace default verifier with example verifier
DeviceAttestationVerifier * example_dac_verifier = Examples::GetExampleDACVerifier();
DeviceAttestationVerifier * example_dac_verifier = GetDefaultDACVerifier();
NL_TEST_ASSERT(inSuite, example_dac_verifier != nullptr);

SetDeviceAttestationVerifier(example_dac_verifier);
Expand Down
4 changes: 2 additions & 2 deletions src/darwin/Framework/CHIP/CHIPDeviceController.mm
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@
#include <controller/CHIPDeviceController.h>
#include <controller/CHIPDeviceControllerFactory.h>
#include <credentials/DeviceAttestationVerifier.h>
#include <credentials/examples/DeviceAttestationVerifierExample.h>
#include <credentials/examples/DefaultDeviceAttestationVerifier.h>
#include <lib/support/CHIPMem.h>
#include <platform/PlatformManager.h>
#include <setup_payload/ManualSetupPayloadGenerator.h>
Expand Down Expand Up @@ -190,7 +190,7 @@ - (BOOL)startup:(_Nullable id<CHIPPersistentStorageDelegate>)storageDelegate
}

// Initialize device attestation verifier
chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::Examples::GetExampleDACVerifier());
chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier());

params.fabricStorage = _fabricStorage;
commissionerParams.storageDelegate = _persistentStorageDelegateBridge;
Expand Down

0 comments on commit 624703d

Please sign in to comment.