From cb3698eadc8ba8aa6997d531ed84b1be4497cdf2 Mon Sep 17 00:00:00 2001
From: Vijay Selvaraj <vijay.selva@hotmail.com>
Date: Thu, 2 Dec 2021 10:45:18 -0500
Subject: [PATCH] Disabled cert validation test in certain platforms

---
 src/credentials/BUILD.gn                                     | 5 +++++
 .../examples/DefaultDeviceAttestationVerifier.cpp            | 2 ++
 src/crypto/tests/BUILD.gn                                    | 4 ++++
 src/crypto/tests/CHIPCryptoPALTest.cpp                       | 2 ++
 4 files changed, 13 insertions(+)

diff --git a/src/credentials/BUILD.gn b/src/credentials/BUILD.gn
index fd43190c147d59..05e98773068a07 100644
--- a/src/credentials/BUILD.gn
+++ b/src/credentials/BUILD.gn
@@ -15,6 +15,7 @@
 import("//build_overrides/chip.gni")
 import("//build_overrides/nlassert.gni")
 import("${chip_root}/src/crypto/crypto.gni")
+import("${chip_root}/src/platform/device.gni")
 
 static_library("credentials") {
   output_name = "libCredentials"
@@ -48,6 +49,10 @@ static_library("credentials") {
     sources += [ "${chip_root}/examples/platform/nxp/se05x/DeviceAttestationSe05xCredsExample.cpp" ]
   }
 
+  if (chip_device_platform == "esp32" || chip_device_platform == "nrfconnect") {
+    defines = [ "CURRENT_TIME_NOT_IMPLEMENTED=1" ]
+  }
+
   cflags = [ "-Wconversion" ]
 
   public_deps = [
diff --git a/src/credentials/examples/DefaultDeviceAttestationVerifier.cpp b/src/credentials/examples/DefaultDeviceAttestationVerifier.cpp
index 2890720f866e4a..bc26e558f945a3 100644
--- a/src/credentials/examples/DefaultDeviceAttestationVerifier.cpp
+++ b/src/credentials/examples/DefaultDeviceAttestationVerifier.cpp
@@ -248,7 +248,9 @@ AttestationVerificationResult DefaultDACVerifier::VerifyAttestationInformation(c
     VerifyOrReturnError(mAttestationTrustStore->GetProductAttestationAuthorityCert(akid, paaDerBuffer) == CHIP_NO_ERROR,
                         AttestationVerificationResult::kPaaNotFound);
 
+#if !defined(CURRENT_TIME_NOT_IMPLEMENTED)
     VerifyOrReturnError(IsCertificateValidAtCurrentTime(dacDerBuffer) == CHIP_NO_ERROR, AttestationVerificationResult::kDacExpired);
+#endif
 
     VerifyOrReturnError(IsCertificateValidAtIssuance(dacDerBuffer, paiDerBuffer) == CHIP_NO_ERROR,
                         AttestationVerificationResult::kPaiExpired);
diff --git a/src/crypto/tests/BUILD.gn b/src/crypto/tests/BUILD.gn
index cec9162d32aa7d..364d0b916257be 100644
--- a/src/crypto/tests/BUILD.gn
+++ b/src/crypto/tests/BUILD.gn
@@ -48,6 +48,10 @@ chip_test_suite("tests") {
     sources += [ "CHIPCryptoPALTest.cpp" ]
   }
 
+  if (chip_device_platform == "esp32" || chip_device_platform == "nrfconnect") {
+    defines = [ "CURRENT_TIME_NOT_IMPLEMENTED=1" ]
+  }
+
   cflags = [ "-Wconversion" ]
 
   public_deps = [
diff --git a/src/crypto/tests/CHIPCryptoPALTest.cpp b/src/crypto/tests/CHIPCryptoPALTest.cpp
index e2c2856d1db315..a65b314364e1da 100644
--- a/src/crypto/tests/CHIPCryptoPALTest.cpp
+++ b/src/crypto/tests/CHIPCryptoPALTest.cpp
@@ -1947,9 +1947,11 @@ static void TestX509_IssuingTimestampValidation(nlTestSuite * inSuite, void * in
     err = IsCertificateValidAtIssuance(kDacCert, leafCert);
     NL_TEST_ASSERT(inSuite, err == CHIP_NO_ERROR);
 
+#if !defined(CURRENT_TIME_NOT_IMPLEMENTED)
     // test certificate validity (this one contains validity until year 9999 so it will not fail soon)
     err = IsCertificateValidAtCurrentTime(kDacCert);
     NL_TEST_ASSERT(inSuite, err == CHIP_NO_ERROR);
+#endif
 }
 
 static void TestSKID_x509Extraction(nlTestSuite * inSuite, void * inContext)