Matter SDK Coverage Report
Current view: top level - credentials/attestation_verifier - DefaultDeviceAttestationVerifier.cpp (source / functions) Coverage Total Hit
Test: SHA:5853f10e345717417494f970a7d13b422d94af51 Lines: 82.5 % 269 222
Test Date: 2025-06-30 07:09:23 Functions: 88.9 % 18 16

            Line data    Source code
       1              : /*
       2              :  *
       3              :  *    Copyright (c) 2021-2022 Project CHIP Authors
       4              :  *
       5              :  *    Licensed under the Apache License, Version 2.0 (the "License");
       6              :  *    you may not use this file except in compliance with the License.
       7              :  *    You may obtain a copy of the License at
       8              :  *
       9              :  *        http://www.apache.org/licenses/LICENSE-2.0
      10              :  *
      11              :  *    Unless required by applicable law or agreed to in writing, software
      12              :  *    distributed under the License is distributed on an "AS IS" BASIS,
      13              :  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      14              :  *    See the License for the specific language governing permissions and
      15              :  *    limitations under the License.
      16              :  */
      17              : #include "DefaultDeviceAttestationVerifier.h"
      18              : 
      19              : #include <controller/OperationalCredentialsDelegate.h>
      20              : #include <credentials/CHIPCert.h>
      21              : #include <credentials/CertificationDeclaration.h>
      22              : #include <credentials/DeviceAttestationConstructor.h>
      23              : #include <credentials/DeviceAttestationVendorReserved.h>
      24              : #include <credentials/attestation_verifier/TestPAAStore.h>
      25              : #include <crypto/CHIPCryptoPAL.h>
      26              : 
      27              : #include <lib/core/CHIPError.h>
      28              : #include <lib/core/Global.h>
      29              : #include <lib/support/CodeUtils.h>
      30              : #include <lib/support/ScopedBuffer.h>
      31              : #include <lib/support/Span.h>
      32              : #include <lib/support/StringBuilder.h>
      33              : #include <lib/support/logging/CHIPLogging.h>
      34              : 
      35              : using namespace chip::Crypto;
      36              : using chip::TestCerts::GetTestPaaRootStore;
      37              : 
      38              : namespace chip {
      39              : namespace Credentials {
      40              : 
      41              : namespace {
      42              : 
      43              : // As per specifications section 11.22.5.1. Constant RESP_MAX
      44              : constexpr size_t kMaxResponseLength = 900;
      45              : 
      46              : // Test CD Signing Key from `credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem`
      47              : // used to verify any in-SDK development CDs. The associated keypair to do actual signing is in
      48              : // `credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem`.
      49              : //
      50              : // Note that this certificate is a self signed certificate and doesn't chain up to the CSA trusted root.
      51              : // This CD Signing certificate can only be used to sign CDs for testing/development purposes
      52              : // and should never be used in production devices.
      53              : //
      54              : // -----BEGIN CERTIFICATE-----
      55              : // MIIBszCCAVqgAwIBAgIIRdrzneR6oI8wCgYIKoZIzj0EAwIwKzEpMCcGA1UEAwwg
      56              : // TWF0dGVyIFRlc3QgQ0QgU2lnbmluZyBBdXRob3JpdHkwIBcNMjEwNjI4MTQyMzQz
      57              : // WhgPOTk5OTEyMzEyMzU5NTlaMCsxKTAnBgNVBAMMIE1hdHRlciBUZXN0IENEIFNp
      58              : // Z25pbmcgQXV0aG9yaXR5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPDmJIkUr
      59              : // VcrzicJb0bykZWlSzLkOiGkkmthHRlMBTL+V1oeWXgNrUhxRA35rjO3vyh60QEZp
      60              : // T6CIgu7WUZ3suqNmMGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMC
      61              : // AQYwHQYDVR0OBBYEFGL6gjNZrPqplj4c+hQK3fUE83FgMB8GA1UdIwQYMBaAFGL6
      62              : // gjNZrPqplj4c+hQK3fUE83FgMAoGCCqGSM49BAMCA0cAMEQCICxUXOTkV9im8NnZ
      63              : // u+vW7OHd/n+MbZps83UyH8b6xxOEAiBUB3jodDlyUn7t669YaGIgtUB48s1OYqdq
      64              : // 58u5L/VMiw==
      65              : // -----END CERTIFICATE-----
      66              : //
      67              : constexpr uint8_t gTestCdPubkeyBytes[] = {
      68              :     0x04, 0x3c, 0x39, 0x89, 0x22, 0x45, 0x2b, 0x55, 0xca, 0xf3, 0x89, 0xc2, 0x5b, 0xd1, 0xbc, 0xa4, 0x65,
      69              :     0x69, 0x52, 0xcc, 0xb9, 0x0e, 0x88, 0x69, 0x24, 0x9a, 0xd8, 0x47, 0x46, 0x53, 0x01, 0x4c, 0xbf, 0x95,
      70              :     0xd6, 0x87, 0x96, 0x5e, 0x03, 0x6b, 0x52, 0x1c, 0x51, 0x03, 0x7e, 0x6b, 0x8c, 0xed, 0xef, 0xca, 0x1e,
      71              :     0xb4, 0x40, 0x46, 0x69, 0x4f, 0xa0, 0x88, 0x82, 0xee, 0xd6, 0x51, 0x9d, 0xec, 0xba,
      72              : };
      73              : 
      74              : constexpr uint8_t gTestCdPubkeyKid[] = {
      75              :     0x62, 0xfa, 0x82, 0x33, 0x59, 0xac, 0xfa, 0xa9, 0x96, 0x3e, 0x1c, 0xfa, 0x14, 0x0a, 0xdd, 0xf5, 0x04, 0xf3, 0x71, 0x60,
      76              : };
      77              : 
      78              : // Official CSA "Matter Certification and Testing CA"
      79              : //
      80              : // -----BEGIN CERTIFICATE-----
      81              : // MIICATCCAaegAwIBAgIHY3Nhcm9vdDAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
      82              : // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
      83              : // MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjA3MDcxOTI4MDRaGA8yMTIyMDYx
      84              : // MzE5MjgwNFowUjEMMAoGA1UECgwDQ1NBMSwwKgYDVQQDDCNNYXR0ZXIgQ2VydGlm
      85              : // aWNhdGlvbiBhbmQgVGVzdGluZyBDQTEUMBIGCisGAQQBgqJ8AgEMBEM1QTAwWTAT
      86              : // BgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ4SjrDql2+y3IP5iEdPK1IYm/3EaCkkp+t
      87              : // 2GD44nf/wN4fPrYzejSEe1o6BW6ocQ6Td+7t7iUXA/3ZNQEly45Io2YwZDASBgNV
      88              : // HRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUl+Rp0MUE
      89              : // FMJvxwH3fpR3OQmN9qUwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3OQmN9qUw
      90              : // CgYIKoZIzj0EAwIDSAAwRQIgearlB0fCJ49UoJ6xwKPdlPEopCOL9jVCviODEleI
      91              : // +mQCIQDvvDCKi7kvj4R4BoFS4BVZGCk4zJ84W4tfTTfu89lRbQ==
      92              : // -----END CERTIFICATE-----
      93              : //
      94              : constexpr uint8_t gCdRootCert[] = {
      95              :     0x30, 0x82, 0x02, 0x01, 0x30, 0x82, 0x01, 0xa7, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x07, 0x63, 0x73, 0x61, 0x72, 0x6f, 0x6f,
      96              :     0x74, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x52, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03,
      97              :     0x55, 0x04, 0x0a, 0x0c, 0x03, 0x43, 0x53, 0x41, 0x31, 0x2c, 0x30, 0x2a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61,
      98              :     0x74, 0x74, 0x65, 0x72, 0x20, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x61, 0x6e,
      99              :     0x64, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x67, 0x20, 0x43, 0x41, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01,
     100              :     0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x43, 0x35, 0x41, 0x30, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30, 0x37,
     101              :     0x30, 0x37, 0x31, 0x39, 0x32, 0x38, 0x30, 0x34, 0x5a, 0x18, 0x0f, 0x32, 0x31, 0x32, 0x32, 0x30, 0x36, 0x31, 0x33, 0x31, 0x39,
     102              :     0x32, 0x38, 0x30, 0x34, 0x5a, 0x30, 0x52, 0x31, 0x0c, 0x30, 0x0a, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x03, 0x43, 0x53, 0x41,
     103              :     0x31, 0x2c, 0x30, 0x2a, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x43, 0x65, 0x72,
     104              :     0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6e,
     105              :     0x67, 0x20, 0x43, 0x41, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c,
     106              :     0x04, 0x43, 0x35, 0x41, 0x30, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
     107              :     0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x38, 0x4a, 0x3a, 0xc3, 0xaa, 0x5d, 0xbe, 0xcb, 0x72, 0x0f,
     108              :     0xe6, 0x21, 0x1d, 0x3c, 0xad, 0x48, 0x62, 0x6f, 0xf7, 0x11, 0xa0, 0xa4, 0x92, 0x9f, 0xad, 0xd8, 0x60, 0xf8, 0xe2, 0x77, 0xff,
     109              :     0xc0, 0xde, 0x1f, 0x3e, 0xb6, 0x33, 0x7a, 0x34, 0x84, 0x7b, 0x5a, 0x3a, 0x05, 0x6e, 0xa8, 0x71, 0x0e, 0x93, 0x77, 0xee, 0xed,
     110              :     0xee, 0x25, 0x17, 0x03, 0xfd, 0xd9, 0x35, 0x01, 0x25, 0xcb, 0x8e, 0x48, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55,
     111              :     0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d,
     112              :     0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
     113              :     0x97, 0xe4, 0x69, 0xd0, 0xc5, 0x04, 0x14, 0xc2, 0x6f, 0xc7, 0x01, 0xf7, 0x7e, 0x94, 0x77, 0x39, 0x09, 0x8d, 0xf6, 0xa5, 0x30,
     114              :     0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x97, 0xe4, 0x69, 0xd0, 0xc5, 0x04, 0x14, 0xc2, 0x6f,
     115              :     0xc7, 0x01, 0xf7, 0x7e, 0x94, 0x77, 0x39, 0x09, 0x8d, 0xf6, 0xa5, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04,
     116              :     0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x79, 0xaa, 0xe5, 0x07, 0x47, 0xc2, 0x27, 0x8f, 0x54, 0xa0, 0x9e, 0xb1,
     117              :     0xc0, 0xa3, 0xdd, 0x94, 0xf1, 0x28, 0xa4, 0x23, 0x8b, 0xf6, 0x35, 0x42, 0xbe, 0x23, 0x83, 0x12, 0x57, 0x88, 0xfa, 0x64, 0x02,
     118              :     0x21, 0x00, 0xef, 0xbc, 0x30, 0x8a, 0x8b, 0xb9, 0x2f, 0x8f, 0x84, 0x78, 0x06, 0x81, 0x52, 0xe0, 0x15, 0x59, 0x18, 0x29, 0x38,
     119              :     0xcc, 0x9f, 0x38, 0x5b, 0x8b, 0x5f, 0x4d, 0x37, 0xee, 0xf3, 0xd9, 0x51, 0x6d
     120              : };
     121              : 
     122              : // Official CD "Signing Key 001"
     123              : //
     124              : // -----BEGIN CERTIFICATE-----
     125              : // MIICBzCCAa2gAwIBAgIHY3NhY2RrMTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
     126              : // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
     127              : // MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTI4NTVaGA8yMDcyMDky
     128              : // MDE5Mjg1NVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
     129              : // IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMTEUMBIGCisGAQQBgqJ8AgEMBEM1
     130              : // QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATN7uk+RPi3K+PRqcB+IZaLmv/z
     131              : // tAPwXhZp17Hlyu5vx3FLQufiNpXpLNdjVHOigK5ojze7lInhFim5uU/3sJkpo2Yw
     132              : // ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
     133              : // /jQ/lZlHdjth7kU5ExM4SU/mfY4wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
     134              : // OQmN9qUwCgYIKoZIzj0EAwIDSAAwRQIgEDWOcdKsVGtUh3evHbBd1lq4aS7yQtOp
     135              : // 6GrOQ3/zXBsCIQDxorh2RXSaI8m2RCcoWaiWa0nLzQepNm3C2jrQVJmC2Q==
     136              : // -----END CERTIFICATE-----
     137              : //
     138              : constexpr uint8_t gCdSigningKey001PubkeyBytes[] = {
     139              :     0x04, 0xcd, 0xee, 0xe9, 0x3e, 0x44, 0xf8, 0xb7, 0x2b, 0xe3, 0xd1, 0xa9, 0xc0, 0x7e, 0x21, 0x96, 0x8b,
     140              :     0x9a, 0xff, 0xf3, 0xb4, 0x03, 0xf0, 0x5e, 0x16, 0x69, 0xd7, 0xb1, 0xe5, 0xca, 0xee, 0x6f, 0xc7, 0x71,
     141              :     0x4b, 0x42, 0xe7, 0xe2, 0x36, 0x95, 0xe9, 0x2c, 0xd7, 0x63, 0x54, 0x73, 0xa2, 0x80, 0xae, 0x68, 0x8f,
     142              :     0x37, 0xbb, 0x94, 0x89, 0xe1, 0x16, 0x29, 0xb9, 0xb9, 0x4f, 0xf7, 0xb0, 0x99, 0x29,
     143              : };
     144              : 
     145              : constexpr uint8_t gCdSigningKey001Kid[] = {
     146              :     0xFE, 0x34, 0x3F, 0x95, 0x99, 0x47, 0x76, 0x3B, 0x61, 0xEE, 0x45, 0x39, 0x13, 0x13, 0x38, 0x49, 0x4F, 0xE6, 0x7D, 0x8E,
     147              : };
     148              : 
     149              : // Official CD "Signing Key 002"
     150              : //
     151              : // -----BEGIN CERTIFICATE-----
     152              : // MIICCDCCAa2gAwIBAgIHY3NhY2RrMjAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
     153              : // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
     154              : // MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTM2NDZaGA8yMDcyMDky
     155              : // MDE5MzY0NlowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
     156              : // IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMjEUMBIGCisGAQQBgqJ8AgEMBEM1
     157              : // QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQDGTfo+UJRBF3ydFe7RiU+43VO
     158              : // jBKuKFV9gCe51MNW2RtAjP8yJ1AXsl+Mi6IFFtXIOvK3JBKAE9/Mj5XSAKkLo2Yw
     159              : // ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
     160              : // 3QTbWFshTBxYFYfmVo30h7bdxwEwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
     161              : // OQmN9qUwCgYIKoZIzj0EAwIDSQAwRgIhAJruzxZ806cP/LoQ07PN9xAbjLdwUalV
     162              : // h0Qfx304Tb92AiEAk+jnf2qtyfKyTEHpT3Xf3bfekqUOA+8ikB1yjL5oTsI=
     163              : // -----END CERTIFICATE-----
     164              : //
     165              : constexpr uint8_t gCdSigningKey002PubkeyBytes[] = {
     166              :     0x04, 0x03, 0x19, 0x37, 0xe8, 0xf9, 0x42, 0x51, 0x04, 0x5d, 0xf2, 0x74, 0x57, 0xbb, 0x46, 0x25, 0x3e,
     167              :     0xe3, 0x75, 0x4e, 0x8c, 0x12, 0xae, 0x28, 0x55, 0x7d, 0x80, 0x27, 0xb9, 0xd4, 0xc3, 0x56, 0xd9, 0x1b,
     168              :     0x40, 0x8c, 0xff, 0x32, 0x27, 0x50, 0x17, 0xb2, 0x5f, 0x8c, 0x8b, 0xa2, 0x05, 0x16, 0xd5, 0xc8, 0x3a,
     169              :     0xf2, 0xb7, 0x24, 0x12, 0x80, 0x13, 0xdf, 0xcc, 0x8f, 0x95, 0xd2, 0x00, 0xa9, 0x0b,
     170              : };
     171              : 
     172              : constexpr uint8_t gCdSigningKey002Kid[] = {
     173              :     0xDD, 0x04, 0xDB, 0x58, 0x5B, 0x21, 0x4C, 0x1C, 0x58, 0x15, 0x87, 0xE6, 0x56, 0x8D, 0xF4, 0x87, 0xB6, 0xDD, 0xC7, 0x01,
     174              : };
     175              : 
     176              : // Official CD "Signing Key 003"
     177              : //
     178              : // -----BEGIN CERTIFICATE-----
     179              : // MIICBjCCAa2gAwIBAgIHY3NhY2RrMzAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
     180              : // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
     181              : // MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQxMDFaGA8yMDcyMDky
     182              : // MDE5NDEwMVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
     183              : // IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMzEUMBIGCisGAQQBgqJ8AgEMBEM1
     184              : // QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASfV1zV/bdSHxCk3zHwc5ErYUco
     185              : // 8tN/W2uWvCy/fAsRlpBXfVVdIaCWYKiwgqM56lMPeoEthpO1b9dkGF+rzTL1o2Yw
     186              : // ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
     187              : // RxA158BOqqi+fE1ME+PkwgmVqEswHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
     188              : // OQmN9qUwCgYIKoZIzj0EAwIDRwAwRAIgIFecbY+1mVVNqxH9+8IMB8+safdyIJU2
     189              : // AqqtZ/w7AkQCIHiVlYTaCnJsnW5/cvj9GfIv7Eb0cjdmcAkrYGbnPQzX
     190              : // -----END CERTIFICATE-----
     191              : //
     192              : constexpr uint8_t gCdSigningKey003PubkeyBytes[] = {
     193              :     0x04, 0x9f, 0x57, 0x5c, 0xd5, 0xfd, 0xb7, 0x52, 0x1f, 0x10, 0xa4, 0xdf, 0x31, 0xf0, 0x73, 0x91, 0x2b,
     194              :     0x61, 0x47, 0x28, 0xf2, 0xd3, 0x7f, 0x5b, 0x6b, 0x96, 0xbc, 0x2c, 0xbf, 0x7c, 0x0b, 0x11, 0x96, 0x90,
     195              :     0x57, 0x7d, 0x55, 0x5d, 0x21, 0xa0, 0x96, 0x60, 0xa8, 0xb0, 0x82, 0xa3, 0x39, 0xea, 0x53, 0x0f, 0x7a,
     196              :     0x81, 0x2d, 0x86, 0x93, 0xb5, 0x6f, 0xd7, 0x64, 0x18, 0x5f, 0xab, 0xcd, 0x32, 0xf5,
     197              : };
     198              : 
     199              : constexpr uint8_t gCdSigningKey003Kid[] = {
     200              :     0x47, 0x10, 0x35, 0xE7, 0xC0, 0x4E, 0xAA, 0xA8, 0xBE, 0x7C, 0x4D, 0x4C, 0x13, 0xE3, 0xE4, 0xC2, 0x09, 0x95, 0xA8, 0x4B,
     201              : };
     202              : 
     203              : // Official CD "Signing Key 004"
     204              : //
     205              : // -----BEGIN CERTIFICATE-----
     206              : // MIICBjCCAa2gAwIBAgIHY3NhY2RrNDAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
     207              : // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
     208              : // MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQzMjFaGA8yMDcyMDky
     209              : // MDE5NDMyMVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
     210              : // IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwNDEUMBIGCisGAQQBgqJ8AgEMBEM1
     211              : // QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR8/I2IEKic9PoZF3jyr+x4+FF6
     212              : // l6Plf8ITutiI42EedP+2hL3rqKaLJSNKXDWPNzurm20wThMG3XYgpSjRFhwLo2Yw
     213              : // ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
     214              : // 9oYDo2kumBByQZ6h4as4VL13ldMwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
     215              : // OQmN9qUwCgYIKoZIzj0EAwIDRwAwRAIgLqAfkbtLYYdmQsnbn0CWv3G1/lbE36nz
     216              : // HbLbW5t6PY4CIE8oyIHsVhNSTPcb3mwRp+Vxhs8tKhbAdwv5BGgDaAHj
     217              : // -----END CERTIFICATE-----
     218              : //
     219              : constexpr uint8_t gCdSigningKey004PubkeyBytes[] = {
     220              :     0x04, 0x7c, 0xfc, 0x8d, 0x88, 0x10, 0xa8, 0x9c, 0xf4, 0xfa, 0x19, 0x17, 0x78, 0xf2, 0xaf, 0xec, 0x78,
     221              :     0xf8, 0x51, 0x7a, 0x97, 0xa3, 0xe5, 0x7f, 0xc2, 0x13, 0xba, 0xd8, 0x88, 0xe3, 0x61, 0x1e, 0x74, 0xff,
     222              :     0xb6, 0x84, 0xbd, 0xeb, 0xa8, 0xa6, 0x8b, 0x25, 0x23, 0x4a, 0x5c, 0x35, 0x8f, 0x37, 0x3b, 0xab, 0x9b,
     223              :     0x6d, 0x30, 0x4e, 0x13, 0x06, 0xdd, 0x76, 0x20, 0xa5, 0x28, 0xd1, 0x16, 0x1c, 0x0b,
     224              : };
     225              : 
     226              : constexpr uint8_t gCdSigningKey004Kid[] = {
     227              :     0xF6, 0x86, 0x03, 0xA3, 0x69, 0x2E, 0x98, 0x10, 0x72, 0x41, 0x9E, 0xA1, 0xE1, 0xAB, 0x38, 0x54, 0xBD, 0x77, 0x95, 0xD3,
     228              : };
     229              : 
     230              : // Official CD "Signing Key 005"
     231              : //
     232              : // -----BEGIN CERTIFICATE-----
     233              : // MIICBzCCAa2gAwIBAgIHY3NhY2RrNTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
     234              : // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
     235              : // MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQ3MTVaGA8yMDcyMDky
     236              : // MDE5NDcxNVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
     237              : // IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwNTEUMBIGCisGAQQBgqJ8AgEMBEM1
     238              : // QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARDilLGYqKm1yZH+V63UxNu5K4P
     239              : // 2zqpwWkxQms9CGf5EDrn16G4h+n4E6byb3a7zak1k3h8EneMqPKXXcRaIEL5o2Yw
     240              : // ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
     241              : // Y38mNK1i6v5q9mLvuW9v0vy//C8wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
     242              : // OQmN9qUwCgYIKoZIzj0EAwIDSAAwRQIhAM1HQpvkHKxLJByWaSYAPRZgh3Bis18W
     243              : // AViq7c/mtzEAAiBZO0lVe6Qo9iQPIBWZaVx/S/YSNO9uKNa/pvFu3V+nIg==
     244              : // -----END CERTIFICATE-----
     245              : //
     246              : constexpr uint8_t gCdSigningKey005PubkeyBytes[] = {
     247              :     0x04, 0x43, 0x8a, 0x52, 0xc6, 0x62, 0xa2, 0xa6, 0xd7, 0x26, 0x47, 0xf9, 0x5e, 0xb7, 0x53, 0x13, 0x6e,
     248              :     0xe4, 0xae, 0x0f, 0xdb, 0x3a, 0xa9, 0xc1, 0x69, 0x31, 0x42, 0x6b, 0x3d, 0x08, 0x67, 0xf9, 0x10, 0x3a,
     249              :     0xe7, 0xd7, 0xa1, 0xb8, 0x87, 0xe9, 0xf8, 0x13, 0xa6, 0xf2, 0x6f, 0x76, 0xbb, 0xcd, 0xa9, 0x35, 0x93,
     250              :     0x78, 0x7c, 0x12, 0x77, 0x8c, 0xa8, 0xf2, 0x97, 0x5d, 0xc4, 0x5a, 0x20, 0x42, 0xf9,
     251              : };
     252              : 
     253              : constexpr uint8_t gCdSigningKey005Kid[] = {
     254              :     0x63, 0x7F, 0x26, 0x34, 0xAD, 0x62, 0xEA, 0xFE, 0x6A, 0xF6, 0x62, 0xEF, 0xB9, 0x6F, 0x6F, 0xD2, 0xFC, 0xBF, 0xFC, 0x2F,
     255              : };
     256              : 
     257              : struct MatterCDSigningKey
     258              : {
     259              :     const CertificateKeyId mKid;
     260              :     const P256PublicKeySpan mPubkey;
     261              : };
     262              : 
     263              : constexpr std::array<MatterCDSigningKey, 6> gCdSigningKeys = { {
     264              :     { FixedByteSpan<20>{ gTestCdPubkeyKid }, FixedByteSpan<65>{ gTestCdPubkeyBytes } },
     265              :     { FixedByteSpan<20>{ gCdSigningKey001Kid }, FixedByteSpan<65>{ gCdSigningKey001PubkeyBytes } },
     266              :     { FixedByteSpan<20>{ gCdSigningKey002Kid }, FixedByteSpan<65>{ gCdSigningKey002PubkeyBytes } },
     267              :     { FixedByteSpan<20>{ gCdSigningKey003Kid }, FixedByteSpan<65>{ gCdSigningKey003PubkeyBytes } },
     268              :     { FixedByteSpan<20>{ gCdSigningKey004Kid }, FixedByteSpan<65>{ gCdSigningKey004PubkeyBytes } },
     269              :     { FixedByteSpan<20>{ gCdSigningKey005Kid }, FixedByteSpan<65>{ gCdSigningKey005PubkeyBytes } },
     270              : } };
     271              : 
     272              : struct TestAttestationTrustStore final : public ArrayAttestationTrustStore
     273              : {
     274            3 :     TestAttestationTrustStore() : ArrayAttestationTrustStore(GetTestPaaRootStore().data(), GetTestPaaRootStore().size()) {}
     275              : };
     276              : Global<TestAttestationTrustStore> gTestAttestationTrustStore;
     277              : 
     278            0 : AttestationVerificationResult MapError(CertificateChainValidationResult certificateChainValidationResult)
     279              : {
     280            0 :     switch (certificateChainValidationResult)
     281              :     {
     282            0 :     case CertificateChainValidationResult::kRootFormatInvalid:
     283            0 :         return AttestationVerificationResult::kPaaFormatInvalid;
     284              : 
     285            0 :     case CertificateChainValidationResult::kRootArgumentInvalid:
     286            0 :         return AttestationVerificationResult::kPaaArgumentInvalid;
     287              : 
     288            0 :     case CertificateChainValidationResult::kICAFormatInvalid:
     289            0 :         return AttestationVerificationResult::kPaiFormatInvalid;
     290              : 
     291            0 :     case CertificateChainValidationResult::kICAArgumentInvalid:
     292            0 :         return AttestationVerificationResult::kPaiArgumentInvalid;
     293              : 
     294            0 :     case CertificateChainValidationResult::kLeafFormatInvalid:
     295            0 :         return AttestationVerificationResult::kDacFormatInvalid;
     296              : 
     297            0 :     case CertificateChainValidationResult::kLeafArgumentInvalid:
     298            0 :         return AttestationVerificationResult::kDacArgumentInvalid;
     299              : 
     300            0 :     case CertificateChainValidationResult::kChainInvalid:
     301            0 :         return AttestationVerificationResult::kDacSignatureInvalid;
     302              : 
     303            0 :     case CertificateChainValidationResult::kNoMemory:
     304            0 :         return AttestationVerificationResult::kNoMemory;
     305              : 
     306            0 :     case CertificateChainValidationResult::kInternalFrameworkError:
     307            0 :         return AttestationVerificationResult::kInternalError;
     308              : 
     309            0 :     default:
     310            0 :         return AttestationVerificationResult::kInternalError;
     311              :     }
     312              : }
     313              : 
     314              : // CertificateType class doesn't work since it doesn't encode PAA.
     315              : enum class AttestationChainElement : uint8_t
     316              : {
     317              :     kPAA = 0,
     318              :     kPAI = 1,
     319              :     kDAC = 2
     320              : };
     321              : 
     322              : enum class KeyIdType : uint8_t
     323              : {
     324              :     kAuthorityKeyId = 0,
     325              :     kSubjectKeyId   = 1,
     326              : };
     327              : 
     328              : #if CHIP_PROGRESS_LOGGING
     329            9 : const char * CertTypeAsString(AttestationChainElement certType)
     330              : {
     331            9 :     switch (certType)
     332              :     {
     333            3 :     case AttestationChainElement::kPAA:
     334            3 :         return "PAA";
     335            3 :     case AttestationChainElement::kPAI:
     336            3 :         return "PAI";
     337            3 :     case AttestationChainElement::kDAC:
     338            3 :         return "DAC";
     339            0 :     default:
     340            0 :         break;
     341              :     }
     342            0 :     return "<UNKNOWN>";
     343              : }
     344              : #endif // CHIP_PROGRESS_LOGGING
     345              : 
     346            6 : void LogOneKeyId(KeyIdType keyIdType, AttestationChainElement certType, ByteSpan derBuffer)
     347              : {
     348              : #if CHIP_PROGRESS_LOGGING
     349            6 :     const char * certTypeName = CertTypeAsString(certType);
     350              : 
     351              :     uint8_t keyIdBuf[Crypto::kAuthorityKeyIdentifierLength]; // Big enough for SKID/AKID.
     352            6 :     MutableByteSpan keyIdSpan{ keyIdBuf };
     353            6 :     CHIP_ERROR err = CHIP_NO_ERROR;
     354              : 
     355            6 :     const char * keyIdTypeString = "<UNKNOWN>";
     356            6 :     switch (keyIdType)
     357              :     {
     358            3 :     case KeyIdType::kAuthorityKeyId:
     359            3 :         err             = ExtractAKIDFromX509Cert(derBuffer, keyIdSpan);
     360            3 :         keyIdTypeString = "AKID";
     361            3 :         break;
     362            3 :     case KeyIdType::kSubjectKeyId:
     363            3 :         err             = ExtractSKIDFromX509Cert(derBuffer, keyIdSpan);
     364            3 :         keyIdTypeString = "SKID";
     365            3 :         break;
     366            0 :     default:
     367            0 :         err = CHIP_ERROR_INTERNAL;
     368            0 :         break;
     369              :     }
     370              : 
     371            6 :     if (err != CHIP_NO_ERROR)
     372              :     {
     373            0 :         ChipLogError(NotSpecified, "Failed to extract %s from %s: %" CHIP_ERROR_FORMAT, keyIdTypeString, certTypeName,
     374              :                      err.Format());
     375            0 :         return;
     376              :     }
     377              : 
     378            6 :     KeyIdStringifier KeyIdStringifier;
     379            6 :     const char * keyIdString = KeyIdStringifier.KeyIdToHex(keyIdSpan);
     380              : 
     381            6 :     ChipLogProgress(NotSpecified, "--> %s certificate %s: %s", certTypeName, keyIdTypeString, keyIdString);
     382              : #else
     383              :     IgnoreUnusedVariable(keyIdType);
     384              :     IgnoreUnusedVariable(certType);
     385              :     IgnoreUnusedVariable(derBuffer);
     386              : #endif // CHIP_PROGRESS_LOGGING
     387              : }
     388              : 
     389            3 : void LogCertificateAsPem(AttestationChainElement element, ByteSpan derBuffer)
     390              : {
     391              : #if CHIP_PROGRESS_LOGGING
     392            3 :     ChipLogProgress(NotSpecified, "==== %s certificate considered (%u bytes) ====", CertTypeAsString(element),
     393              :                     static_cast<unsigned>(derBuffer.size()));
     394            3 :     PemEncoder encoder("CERTIFICATE", derBuffer);
     395           40 :     for (const char * pemLine = encoder.NextLine(); pemLine != nullptr; pemLine = encoder.NextLine())
     396              :     {
     397           37 :         ChipLogProgress(NotSpecified, "%s", pemLine);
     398              :     }
     399              : #else
     400              :     IgnoreUnusedVariable(element);
     401              :     IgnoreUnusedVariable(derBuffer);
     402              : #endif // CHIP_PROGRESS_LOGGING
     403            3 : }
     404              : 
     405            3 : void LogCertDebugData(AttestationChainElement element, ByteSpan derBuffer)
     406              : {
     407            3 :     LogCertificateAsPem(element, derBuffer);
     408            3 :     LogOneKeyId(KeyIdType::kSubjectKeyId, element, derBuffer);
     409            3 :     LogOneKeyId(KeyIdType::kAuthorityKeyId, element, derBuffer);
     410            3 : }
     411              : 
     412              : #if CHIP_PROGRESS_LOGGING
     413            2 : const char * CertificationTypeAsString(CertificationType certificationType)
     414              : {
     415            2 :     switch (certificationType)
     416              :     {
     417            2 :     case CertificationType::kDevelopmentAndTest:
     418            2 :         return "Development and testing";
     419            0 :     case CertificationType::kProvisional:
     420            0 :         return "Provisional certification";
     421            0 :     case CertificationType::kOfficial:
     422            0 :         return "Certified device";
     423            0 :     default:
     424            0 :         break;
     425              :     }
     426            0 :     return "<UNKNOWN>";
     427              : }
     428              : #endif
     429              : 
     430              : } // namespace
     431              : 
     432          153 : void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVerifier::AttestationInfo & info,
     433              :                                                       Callback::Callback<OnAttestationInformationVerification> * onCompletion)
     434              : {
     435          153 :     AttestationVerificationResult attestationError = AttestationVerificationResult::kSuccess;
     436              : 
     437          153 :     Platform::ScopedMemoryBuffer<uint8_t> paaCert;
     438          153 :     MutableByteSpan paaDerBuffer;
     439          153 :     AttestationCertVidPid dacVidPid;
     440          153 :     AttestationCertVidPid paiVidPid;
     441          153 :     AttestationCertVidPid paaVidPid;
     442              : 
     443          153 :     VerifyOrExit(!info.attestationElementsBuffer.empty() && !info.attestationChallengeBuffer.empty() &&
     444              :                      !info.attestationSignatureBuffer.empty() && !info.dacDerBuffer.empty() &&
     445              :                      !info.attestationNonceBuffer.empty() && onCompletion != nullptr,
     446              :                  attestationError = AttestationVerificationResult::kInvalidArgument);
     447              : 
     448          153 :     VerifyOrExit(info.attestationElementsBuffer.size() <= kMaxResponseLength,
     449              :                  attestationError = AttestationVerificationResult::kInvalidArgument);
     450              : 
     451              :     // Ensure PAI is present
     452          153 :     VerifyOrExit(!info.paiDerBuffer.empty(), attestationError = AttestationVerificationResult::kPaiMissing);
     453              : 
     454              :     // Validate Proper Certificate Format
     455              :     {
     456          153 :         VerifyOrExit(VerifyAttestationCertificateFormat(info.paiDerBuffer, AttestationCertType::kPAI) == CHIP_NO_ERROR,
     457              :                      attestationError = AttestationVerificationResult::kPaiFormatInvalid);
     458          135 :         VerifyOrExit(VerifyAttestationCertificateFormat(info.dacDerBuffer, AttestationCertType::kDAC) == CHIP_NO_ERROR,
     459              :                      attestationError = AttestationVerificationResult::kDacFormatInvalid);
     460              :     }
     461              : 
     462              :     // match DAC and PAI VIDs
     463              :     {
     464          116 :         VerifyOrExit(ExtractVIDPIDFromX509Cert(info.dacDerBuffer, dacVidPid) == CHIP_NO_ERROR,
     465              :                      attestationError = AttestationVerificationResult::kDacFormatInvalid);
     466          109 :         VerifyOrExit(ExtractVIDPIDFromX509Cert(info.paiDerBuffer, paiVidPid) == CHIP_NO_ERROR,
     467              :                      attestationError = AttestationVerificationResult::kPaiFormatInvalid);
     468          102 :         VerifyOrExit(paiVidPid.mVendorId.HasValue() && paiVidPid.mVendorId == dacVidPid.mVendorId,
     469              :                      attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
     470           93 :         VerifyOrExit(dacVidPid.mProductId.HasValue(), attestationError = AttestationVerificationResult::kDacProductIdMismatch);
     471           93 :         if (paiVidPid.mProductId.HasValue())
     472              :         {
     473           71 :             VerifyOrExit(paiVidPid.mProductId == dacVidPid.mProductId,
     474              :                          attestationError = AttestationVerificationResult::kDacProductIdMismatch);
     475              :         }
     476              :     }
     477              : 
     478              :     // Log info about the DAC chain so far (DAC, PAI).
     479           93 :     if (AreVerboseLogsEnabled())
     480              :     {
     481            1 :         ChipLogProgress(NotSpecified, "Device candidate DAC chain details:");
     482            1 :         ChipLogProgress(NotSpecified, "--> DAC's VID: 0x%04X, PID: 0x%04X", dacVidPid.mVendorId.Value(),
     483              :                         dacVidPid.mProductId.Value());
     484              : 
     485            1 :         LogCertDebugData(AttestationChainElement::kDAC, info.dacDerBuffer);
     486            1 :         LogCertDebugData(AttestationChainElement::kPAI, info.paiDerBuffer);
     487              :     }
     488              : 
     489              :     // Validate overall attestation signature on attestation information.
     490              :     {
     491           93 :         P256PublicKey remoteManufacturerPubkey;
     492           93 :         P256ECDSASignature deviceSignature;
     493              : 
     494           93 :         VerifyOrExit(ExtractPubkeyFromX509Cert(info.dacDerBuffer, remoteManufacturerPubkey) == CHIP_NO_ERROR,
     495              :                      attestationError = AttestationVerificationResult::kDacFormatInvalid);
     496              : 
     497              :         // SetLength will fail if signature doesn't fit
     498           93 :         VerifyOrExit(deviceSignature.SetLength(info.attestationSignatureBuffer.size()) == CHIP_NO_ERROR,
     499              :                      attestationError = AttestationVerificationResult::kAttestationSignatureInvalidFormat);
     500           93 :         memcpy(deviceSignature.Bytes(), info.attestationSignatureBuffer.data(), info.attestationSignatureBuffer.size());
     501           93 :         VerifyOrExit(ValidateAttestationSignature(remoteManufacturerPubkey, info.attestationElementsBuffer,
     502              :                                                   info.attestationChallengeBuffer, deviceSignature) == CHIP_NO_ERROR,
     503              :                      attestationError = AttestationVerificationResult::kAttestationSignatureInvalid);
     504           93 :     }
     505              : 
     506              :     // Find PAA and validate it.
     507              :     {
     508              :         uint8_t paiAkidBuf[Crypto::kAuthorityKeyIdentifierLength];
     509           93 :         MutableByteSpan paiAkid(paiAkidBuf);
     510           93 :         constexpr size_t paaCertAllocatedLen = kMaxDERCertLength;
     511           93 :         CHIP_ERROR err                       = CHIP_NO_ERROR;
     512              : 
     513           95 :         VerifyOrExit(ExtractAKIDFromX509Cert(info.paiDerBuffer, paiAkid) == CHIP_NO_ERROR,
     514              :                      attestationError = AttestationVerificationResult::kPaiFormatInvalid);
     515              : 
     516           93 :         VerifyOrExit(paaCert.Alloc(paaCertAllocatedLen), attestationError = AttestationVerificationResult::kNoMemory);
     517              : 
     518           93 :         paaDerBuffer = MutableByteSpan(paaCert.Get(), paaCertAllocatedLen);
     519           93 :         err          = mAttestationTrustStore->GetProductAttestationAuthorityCert(paiAkid, paaDerBuffer);
     520           93 :         if (err == CHIP_ERROR_NOT_IMPLEMENTED)
     521              :         {
     522            0 :             err = gTestAttestationTrustStore->GetProductAttestationAuthorityCert(paiAkid, paaDerBuffer);
     523              :         }
     524              : 
     525           93 :         if (err != CHIP_NO_ERROR)
     526              :         {
     527            1 :             attestationError = AttestationVerificationResult::kPaaNotFound;
     528              : #if CHIP_ERROR_LOGGING
     529            1 :             KeyIdStringifier paiAkidWriter;
     530            1 :             [[maybe_unused]] const char * paiAkidHexString = paiAkidWriter.KeyIdToHex(paiAkid);
     531              : 
     532            1 :             ChipLogError(NotSpecified, "Unable to find PAA, err: %" CHIP_ERROR_FORMAT ", PAI's AKID: %s", err.Format(),
     533              :                          paiAkidHexString);
     534              : #endif // CHIP_ERROR_LOGGING
     535            1 :             ExitNow();
     536              :         }
     537              : 
     538           92 :         if (AreVerboseLogsEnabled())
     539              :         {
     540              :             // PAA details following the DAC/PAI above.
     541            1 :             LogCertDebugData(AttestationChainElement::kPAA, paaDerBuffer);
     542              :         }
     543              : 
     544           92 :         VerifyOrExit(ExtractVIDPIDFromX509Cert(paaDerBuffer, paaVidPid) == CHIP_NO_ERROR,
     545              :                      attestationError = AttestationVerificationResult::kPaaFormatInvalid);
     546              : 
     547           92 :         if (paaVidPid.mVendorId.HasValue())
     548              :         {
     549           91 :             VerifyOrExit(paaVidPid.mVendorId == paiVidPid.mVendorId,
     550              :                          attestationError = AttestationVerificationResult::kPaiVendorIdMismatch);
     551              :         }
     552              : 
     553           91 :         VerifyOrExit(!paaVidPid.mProductId.HasValue(), attestationError = AttestationVerificationResult::kPaaFormatInvalid);
     554              :     }
     555              : 
     556              : #if !defined(CURRENT_TIME_NOT_IMPLEMENTED)
     557           91 :     VerifyOrExit(IsCertificateValidAtCurrentTime(info.dacDerBuffer) == CHIP_NO_ERROR,
     558              :                  attestationError = AttestationVerificationResult::kDacExpired);
     559              : #endif
     560              : 
     561              :     CertificateChainValidationResult chainValidationResult;
     562           87 :     VerifyOrExit(ValidateCertificateChain(paaDerBuffer.data(), paaDerBuffer.size(), info.paiDerBuffer.data(),
     563              :                                           info.paiDerBuffer.size(), info.dacDerBuffer.data(), info.dacDerBuffer.size(),
     564              :                                           chainValidationResult) == CHIP_NO_ERROR,
     565              :                  attestationError = MapError(chainValidationResult));
     566              : 
     567              :     {
     568           87 :         ByteSpan certificationDeclarationSpan;
     569           87 :         ByteSpan attestationNonceSpan;
     570              :         uint32_t timestampDeconstructed;
     571           87 :         ByteSpan firmwareInfoSpan;
     572           87 :         DeviceAttestationVendorReservedDeconstructor vendorReserved;
     573           87 :         ByteSpan certificationDeclarationPayload;
     574              : 
     575           87 :         DeviceInfoForAttestation deviceInfo{
     576           87 :             .vendorId     = info.vendorId,
     577           87 :             .productId    = info.productId,
     578          174 :             .dacVendorId  = dacVidPid.mVendorId.Value(),
     579          174 :             .dacProductId = dacVidPid.mProductId.Value(),
     580          174 :             .paiVendorId  = paiVidPid.mVendorId.Value(),
     581          174 :             .paiProductId = paiVidPid.mProductId.ValueOr(0),
     582          174 :             .paaVendorId  = paaVidPid.mVendorId.ValueOr(VendorId::NotSpecified),
     583           87 :         };
     584              : 
     585           87 :         MutableByteSpan paaSKID(deviceInfo.paaSKID);
     586          121 :         VerifyOrExit(ExtractSKIDFromX509Cert(paaDerBuffer, paaSKID) == CHIP_NO_ERROR,
     587              :                      attestationError = AttestationVerificationResult::kPaaFormatInvalid);
     588           87 :         VerifyOrExit(paaSKID.size() == sizeof(deviceInfo.paaSKID),
     589              :                      attestationError = AttestationVerificationResult::kPaaFormatInvalid);
     590              : 
     591           87 :         VerifyOrExit(DeconstructAttestationElements(info.attestationElementsBuffer, certificationDeclarationSpan,
     592              :                                                     attestationNonceSpan, timestampDeconstructed, firmwareInfoSpan,
     593              :                                                     vendorReserved) == CHIP_NO_ERROR,
     594              :                      attestationError = AttestationVerificationResult::kAttestationElementsMalformed);
     595              : 
     596              :         // Verify that Nonce matches with what we sent
     597           87 :         VerifyOrExit(attestationNonceSpan.data_equal(info.attestationNonceBuffer),
     598              :                      attestationError = AttestationVerificationResult::kAttestationNonceMismatch);
     599              : 
     600           87 :         attestationError = ValidateCertificationDeclarationSignature(certificationDeclarationSpan, certificationDeclarationPayload);
     601           87 :         VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess, attestationError = attestationError);
     602              : 
     603           79 :         attestationError = ValidateCertificateDeclarationPayload(certificationDeclarationPayload, firmwareInfoSpan, deviceInfo);
     604           79 :         VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess, attestationError = attestationError);
     605              :     }
     606              : 
     607          153 : exit:
     608          153 :     onCompletion->mCall(onCompletion->mContext, info, attestationError);
     609          153 : }
     610              : 
     611           88 : AttestationVerificationResult DefaultDACVerifier::ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
     612              :                                                                                             ByteSpan & certDeclBuffer)
     613              : {
     614           88 :     ByteSpan kid;
     615           88 :     VerifyOrReturnError(CMS_ExtractKeyId(cmsEnvelopeBuffer, kid) == CHIP_NO_ERROR,
     616              :                         AttestationVerificationResult::kCertificationDeclarationNoKeyId);
     617              : 
     618           85 :     Crypto::P256PublicKey verifyingKey;
     619           85 :     CHIP_ERROR err = mCdKeysTrustStore.LookupVerifyingKey(kid, verifyingKey);
     620           85 :     VerifyOrReturnError(err == CHIP_NO_ERROR, AttestationVerificationResult::kCertificationDeclarationNoCertificateFound);
     621              : 
     622              : #if CHIP_PROGRESS_LOGGING
     623           84 :     if (AreVerboseLogsEnabled())
     624              :     {
     625            2 :         KeyIdStringifier cdAkidWriter;
     626            2 :         const char * cdAkidHexString = cdAkidWriter.KeyIdToHex(kid);
     627            2 :         ChipLogProgress(NotSpecified, "CD signing key identifier: %s", cdAkidHexString);
     628              :     }
     629              : #endif
     630              : 
     631           84 :     if (mCdKeysTrustStore.IsCdTestKey(kid))
     632              :     {
     633              :         // Disallow test key if support not enabled
     634           84 :         if (!IsCdTestKeySupported())
     635              :         {
     636            0 :             ChipLogError(NotSpecified, "Disallowing CD signed by test key");
     637            0 :             return AttestationVerificationResult::kCertificationDeclarationNoCertificateFound;
     638              :         }
     639              : 
     640           84 :         ChipLogProgress(NotSpecified, "Allowing CD signed by test key");
     641              :     }
     642              : 
     643           84 :     VerifyOrReturnError(CMS_Verify(cmsEnvelopeBuffer, verifyingKey, certDeclBuffer) == CHIP_NO_ERROR,
     644              :                         AttestationVerificationResult::kCertificationDeclarationInvalidSignature);
     645              : 
     646           80 :     return AttestationVerificationResult::kSuccess;
     647           85 : }
     648              : 
     649           80 : AttestationVerificationResult DefaultDACVerifier::ValidateCertificateDeclarationPayload(const ByteSpan & certDeclBuffer,
     650              :                                                                                         const ByteSpan & firmwareInfo,
     651              :                                                                                         const DeviceInfoForAttestation & deviceInfo)
     652              : {
     653           80 :     CertificationElementsWithoutPIDs cdContent;
     654           80 :     CertificationElementsDecoder cdElementsDecoder;
     655           80 :     VerifyOrReturnError(DecodeCertificationElements(certDeclBuffer, cdContent) == CHIP_NO_ERROR,
     656              :                         AttestationVerificationResult::kCertificationDeclarationInvalidFormat);
     657              : 
     658           68 :     if (!firmwareInfo.empty())
     659              :     {
     660              :         // TODO: validate contents based on DCL
     661              :     }
     662              : 
     663              :     // Verify the cd elements are as required by the spec
     664              :     // security_level, security_information are meant to be ignored. version_number is not meant to be interpreted by the
     665              :     // commissioners.
     666           68 :     if (cdContent.formatVersion != 1 || cdContent.certificationType >= chip::to_underlying(CertificationType::kReserved))
     667              :     {
     668            2 :         return AttestationVerificationResult::kAttestationElementsMalformed;
     669              :     }
     670              : 
     671              :     // The vendor_id field in the Certification Declaration SHALL match the VendorID attribute found in the Basic Information
     672              :     // cluster
     673           66 :     VerifyOrReturnError(cdContent.vendorId == deviceInfo.vendorId,
     674              :                         AttestationVerificationResult::kCertificationDeclarationInvalidVendorId);
     675              : 
     676              :     //  The product_id_array field in the Certification Declaration SHALL contain the value of the ProductID attribute found in
     677              :     //  the Basic Information cluster.
     678           65 :     VerifyOrReturnError(cdElementsDecoder.IsProductIdIn(certDeclBuffer, deviceInfo.productId),
     679              :                         AttestationVerificationResult::kCertificationDeclarationInvalidProductId);
     680              : 
     681           60 :     if (cdContent.dacOriginVIDandPIDPresent)
     682              :     {
     683              :         // The Vendor ID (VID) subject DN in the DAC SHALL match the dac_origin_vendor_id field in the Certification
     684              :         // Declaration.
     685            4 :         VerifyOrReturnError(deviceInfo.dacVendorId == cdContent.dacOriginVendorId,
     686              :                             AttestationVerificationResult::kCertificationDeclarationInvalidVendorId);
     687              :         // The Vendor ID (VID) subject DN in the PAI SHALL match the dac_origin_vendor_id field in the Certification
     688              :         // Declaration.
     689            2 :         VerifyOrReturnError(deviceInfo.paiVendorId == cdContent.dacOriginVendorId,
     690              :                             AttestationVerificationResult::kCertificationDeclarationInvalidVendorId);
     691              :         // The Product ID (PID) subject DN in the DAC SHALL match the dac_origin_product_id field in the Certification
     692              :         // Declaration.
     693            2 :         VerifyOrReturnError(deviceInfo.dacProductId == cdContent.dacOriginProductId,
     694              :                             AttestationVerificationResult::kCertificationDeclarationInvalidProductId);
     695              :         // The Product ID (PID) subject DN in the PAI, if such a Product ID is present, SHALL match the dac_origin_product_id
     696              :         // field in the Certification Declaration.
     697            2 :         if (deviceInfo.paiProductId != 0) // if PAI PID is present
     698              :         {
     699            2 :             VerifyOrReturnError(deviceInfo.paiProductId == cdContent.dacOriginProductId,
     700              :                                 AttestationVerificationResult::kCertificationDeclarationInvalidProductId);
     701              :         }
     702              :     }
     703              :     else
     704              :     {
     705              :         //  The Vendor ID (VID) subject DN in the DAC SHALL match the vendor_id field in the Certification Declaration
     706           56 :         VerifyOrReturnError(deviceInfo.dacVendorId == cdContent.vendorId,
     707              :                             AttestationVerificationResult::kCertificationDeclarationInvalidVendorId);
     708              :         // The Vendor ID (VID) subject DN in the PAI SHALL match the vendor_id field in the Certification Declaration.
     709           56 :         VerifyOrReturnError(deviceInfo.paiVendorId == cdContent.vendorId,
     710              :                             AttestationVerificationResult::kCertificationDeclarationInvalidVendorId);
     711              :         // The Product ID (PID) subject DN in the DAC SHALL be present in the product_id_array field in the Certification
     712              :         // Declaration.
     713           56 :         VerifyOrReturnError(cdElementsDecoder.IsProductIdIn(certDeclBuffer, deviceInfo.dacProductId),
     714              :                             AttestationVerificationResult::kCertificationDeclarationInvalidProductId);
     715              :         // The Product ID (PID) subject DN in the PAI, if such a Product ID is present, SHALL match one of the values present in
     716              :         // the product_id_array field in the Certification Declaration.
     717           55 :         if (deviceInfo.paiProductId != 0) // if PAI PID is present
     718              :         {
     719           41 :             VerifyOrReturnError(cdElementsDecoder.IsProductIdIn(certDeclBuffer, deviceInfo.paiProductId),
     720              :                                 AttestationVerificationResult::kCertificationDeclarationInvalidProductId);
     721              :         }
     722              :     }
     723              : 
     724           57 :     if (cdContent.authorizedPAAListPresent)
     725              :     {
     726              :         // The Subject Key Id of the PAA SHALL match one of the values present in the authorized_paa_list
     727              :         // in the Certification Declaration.
     728            6 :         VerifyOrReturnError(cdElementsDecoder.HasAuthorizedPAA(certDeclBuffer, ByteSpan(deviceInfo.paaSKID)),
     729              :                             AttestationVerificationResult::kCertificationDeclarationInvalidPAA);
     730              :     }
     731              : 
     732           54 :     if (AreVerboseLogsEnabled())
     733              :     {
     734            2 :         ChipLogProgress(NotSpecified, "Device certification declaration details:");
     735            2 :         ChipLogProgress(NotSpecified, "--> VID: 0x%04X", cdContent.vendorId);
     736              :         // TODO (https://github.com/project-chip/connectedhomeip/issues/39714): Figure out how to
     737              :         // log the product_id_array, which is not in cdContent.
     738            2 :         ChipLogProgress(NotSpecified, "--> Device type ID: " ChipLogFormatMEI, ChipLogValueMEI(cdContent.deviceTypeId));
     739            2 :         ChipLogProgress(NotSpecified, "--> Certification type: %d (%s)", cdContent.certificationType,
     740              :                         CertificationTypeAsString(static_cast<CertificationType>(cdContent.certificationType)));
     741            2 :         if (cdContent.dacOriginVIDandPIDPresent)
     742              :         {
     743            0 :             ChipLogProgress(NotSpecified, "--> DAC origin VID: 0x%04X, PID: 0x%04X", cdContent.dacOriginVendorId,
     744              :                             cdContent.dacOriginProductId);
     745              :         }
     746              :     }
     747              : 
     748           54 :     return AttestationVerificationResult::kSuccess;
     749              : }
     750              : 
     751            2 : CHIP_ERROR DefaultDACVerifier::VerifyNodeOperationalCSRInformation(const ByteSpan & nocsrElementsBuffer,
     752              :                                                                    const ByteSpan & attestationChallengeBuffer,
     753              :                                                                    const ByteSpan & attestationSignatureBuffer,
     754              :                                                                    const P256PublicKey & dacPublicKey, const ByteSpan & csrNonce)
     755              : {
     756            2 :     VerifyOrReturnError(!nocsrElementsBuffer.empty() && !attestationChallengeBuffer.empty() &&
     757              :                             !attestationSignatureBuffer.empty() && !csrNonce.empty(),
     758              :                         CHIP_ERROR_INVALID_ARGUMENT);
     759              : 
     760            2 :     VerifyOrReturnError(nocsrElementsBuffer.size() <= kMaxResponseLength, CHIP_ERROR_INVALID_ARGUMENT);
     761            2 :     VerifyOrReturnError(csrNonce.size() == Controller::kCSRNonceLength, CHIP_ERROR_INVALID_ARGUMENT);
     762              : 
     763            2 :     ByteSpan csrSpan;
     764            2 :     ByteSpan csrNonceSpan;
     765            2 :     ByteSpan vendorReserved1Span;
     766            2 :     ByteSpan vendorReserved2Span;
     767            2 :     ByteSpan vendorReserved3Span;
     768            2 :     ReturnErrorOnFailure(DeconstructNOCSRElements(nocsrElementsBuffer, csrSpan, csrNonceSpan, vendorReserved1Span,
     769              :                                                   vendorReserved2Span, vendorReserved3Span));
     770              : 
     771            2 :     VerifyOrReturnError(csrNonceSpan.size() == Controller::kCSRNonceLength, CHIP_ERROR_INVALID_ARGUMENT);
     772              : 
     773              :     // Verify that Nonce matches with what we sent
     774            2 :     VerifyOrReturnError(csrNonceSpan.data_equal(csrNonce), CHIP_ERROR_INVALID_ARGUMENT);
     775              : 
     776              :     // Validate overall attestation signature on attestation information
     777            2 :     P256ECDSASignature signature;
     778              :     // SetLength will fail if signature doesn't fit
     779            2 :     ReturnErrorOnFailure(signature.SetLength(attestationSignatureBuffer.size()));
     780            2 :     memcpy(signature.Bytes(), attestationSignatureBuffer.data(), attestationSignatureBuffer.size());
     781              : 
     782            2 :     ReturnErrorOnFailure(ValidateAttestationSignature(dacPublicKey, nocsrElementsBuffer, attestationChallengeBuffer, signature));
     783              : 
     784            1 :     return CHIP_NO_ERROR;
     785            2 : }
     786              : 
     787            0 : void DefaultDACVerifier::CheckForRevokedDACChain(const AttestationInfo & info,
     788              :                                                  Callback::Callback<OnAttestationInformationVerification> * onCompletion)
     789              : {
     790            0 :     if (mRevocationDelegate != nullptr)
     791              :     {
     792            0 :         mRevocationDelegate->CheckForRevokedDACChain(info, onCompletion);
     793              :     }
     794              :     else
     795              :     {
     796            0 :         ChipLogProgress(NotSpecified, "WARNING: No revocation delegate available. Revocation checks will be skipped!");
     797            0 :         onCompletion->mCall(onCompletion->mContext, info, AttestationVerificationResult::kSuccess);
     798              :     }
     799            0 : }
     800              : 
     801           88 : bool CsaCdKeysTrustStore::IsCdTestKey(const ByteSpan & kid) const
     802              : {
     803           88 :     return kid.data_equal(ByteSpan{ gTestCdPubkeyKid });
     804              : }
     805              : 
     806            2 : CHIP_ERROR CsaCdKeysTrustStore::AddTrustedKey(const ByteSpan & kid, const Crypto::P256PublicKey & pubKey)
     807              : {
     808            2 :     VerifyOrReturnError(kid.size() <= SingleKeyEntry::kMaxKidSize, CHIP_ERROR_INVALID_ARGUMENT);
     809            2 :     VerifyOrReturnError(!kid.empty(), CHIP_ERROR_INVALID_ARGUMENT);
     810            2 :     VerifyOrReturnError(mNumTrustedKeys != kMaxNumTrustedKeys, CHIP_ERROR_NO_MEMORY);
     811              : 
     812            2 :     auto & entry = mTrustedKeys[mNumTrustedKeys];
     813              : 
     814            2 :     entry.kidSize = kid.size();
     815            2 :     memcpy(&entry.kidBuffer[0], kid.data(), kid.size());
     816            2 :     entry.publicKey = pubKey;
     817              : 
     818            2 :     ++mNumTrustedKeys;
     819            2 :     return CHIP_NO_ERROR;
     820              : }
     821              : 
     822            2 : CHIP_ERROR CsaCdKeysTrustStore::AddTrustedKey(const ByteSpan & derCertBytes)
     823              : {
     824            2 :     uint8_t kidBuf[Crypto::kSubjectKeyIdentifierLength] = { 0 };
     825            2 :     MutableByteSpan kidSpan{ kidBuf };
     826            2 :     P256PublicKey pubKey;
     827              : 
     828            2 :     VerifyOrReturnError(CHIP_NO_ERROR == Crypto::ExtractSKIDFromX509Cert(derCertBytes, kidSpan), CHIP_ERROR_INVALID_ARGUMENT);
     829            2 :     VerifyOrReturnError(CHIP_NO_ERROR == Crypto::ExtractPubkeyFromX509Cert(derCertBytes, pubKey), CHIP_ERROR_INVALID_ARGUMENT);
     830              : 
     831            2 :     if (!IsCdTestKey(kidSpan))
     832              :     {
     833              :         // Verify cert against CSA CD root of trust.
     834              :         CertificateChainValidationResult chainValidationResult;
     835            2 :         VerifyOrReturnError(CHIP_NO_ERROR ==
     836              :                                 ValidateCertificateChain(gCdRootCert, sizeof(gCdRootCert), nullptr, 0, derCertBytes.data(),
     837              :                                                          derCertBytes.size(), chainValidationResult),
     838              :                             CHIP_ERROR_INVALID_ARGUMENT);
     839            1 :         VerifyOrReturnError(chainValidationResult == CertificateChainValidationResult::kSuccess, CHIP_ERROR_INVALID_ARGUMENT);
     840              :     }
     841              : 
     842            1 :     return AddTrustedKey(kidSpan, pubKey);
     843            2 : }
     844              : 
     845           88 : CHIP_ERROR CsaCdKeysTrustStore::LookupVerifyingKey(const ByteSpan & kid, Crypto::P256PublicKey & outPubKey) const
     846              : {
     847              :     // First, search for the well known keys
     848          106 :     for (auto & cdSigningKey : gCdSigningKeys)
     849              :     {
     850          103 :         if (kid.data_equal(cdSigningKey.mKid))
     851              :         {
     852           85 :             outPubKey = cdSigningKey.mPubkey;
     853           85 :             return CHIP_NO_ERROR;
     854              :         }
     855              :     }
     856              : 
     857              :     // Seconds, search externally added keys
     858            3 :     for (size_t keyIdx = 0; keyIdx < mNumTrustedKeys; keyIdx++)
     859              :     {
     860            1 :         auto & entry = mTrustedKeys[keyIdx];
     861            1 :         if (kid.data_equal(entry.GetKid()))
     862              :         {
     863            1 :             outPubKey = entry.publicKey;
     864            1 :             return CHIP_NO_ERROR;
     865              :         }
     866              :     }
     867              : 
     868              :     // If we get here, the desired key was not found
     869            2 :     return CHIP_ERROR_KEY_NOT_FOUND;
     870              : }
     871              : 
     872            5 : const AttestationTrustStore * GetTestAttestationTrustStore()
     873              : {
     874            5 :     return &gTestAttestationTrustStore.get();
     875              : }
     876              : 
     877            4 : DeviceAttestationVerifier * GetDefaultDACVerifier(const AttestationTrustStore * paaRootStore,
     878              :                                                   DeviceAttestationRevocationDelegate * revocationDelegate)
     879              : {
     880            4 :     static DefaultDACVerifier defaultDACVerifier{ paaRootStore, revocationDelegate };
     881              : 
     882            4 :     return &defaultDACVerifier;
     883              : }
     884              : 
     885              : } // namespace Credentials
     886              : } // namespace chip
        

Generated by: LCOV version 2.0-1