Device Attestation Verifier: Certification Declaration (#10545)

* Added method to Validate Certification Declaration in DeviceAttestationVerifier Class.

Implemented lookup table for Certification Declaration signer certificate

Added unit test

* Update certification declaration buffer on DAC Provider Example.
    Use Max CMS Signed CD Message constant to instantiate cd_data_buf.
    Check that CMS CD Payload content matches the test vector.

    add documentation for new ValidateCertificationDeclaration method. bzbarsky review

* renamed ValidateCertificationDeclaration method to ValidateCertificationDeclarationSignature
Added TODO to implement ValidateCertificationDeclarationPayload (new spec Updates)
Updated Certification Declaration as per Spec updates. Updated respective signing certificate and test vectors used on unit tests.

src/controller/CHIPDeviceController.cpp

@@ -1172,7 +1172,6 @@ CHIP_ERROR DeviceCommissioner::ValidateAttestationInfo(const ByteSpan & attestat
 
  ChipLogProgress(Controller, "Successfully validated 'Attestation Information' command received from the device.");
 
- // TODO: Validate Certification Declaration
  // TODO: Validate Firmware Information
 
  return CHIP_NO_ERROR;

src/credentials/DeviceAttestationVerifier.cpp

@@ -44,6 +44,14 @@ class UnimplementedDACVerifier : public DeviceAttestationVerifier
  (void) attestationNonce;
  return AttestationVerificationResult::kNotImplemented;
  }
+
+ AttestationVerificationResult ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
+ ByteSpan & certDeclBuffer) override
+ {
+ (void) cmsEnvelopeBuffer;
+ (void) certDeclBuffer;
+ return AttestationVerificationResult::kNotImplemented;
+ }
 };
 
 // Default to avoid nullptr on getter and cleanly handle new products/clients before

src/credentials/DeviceAttestationVerifier.h

@@ -52,13 +52,16 @@ enum class AttestationVerificationResult : uint16_t
  kFirmwareInformationMismatch = 400,
  kFirmwareInformationMissing = 401,
 
- kCertificationDeclarationMissing = 500,
- kAttestationSignatureInvalid = 501,
- kAttestationElementsMalformed = 502,
- kAttestationNonceMismatch = 503,
- kAttestationSignatureInvalidFormat = 504,
+ kAttestationSignatureInvalid = 500,
+ kAttestationElementsMalformed = 501,
+ kAttestationNonceMismatch = 502,
+ kAttestationSignatureInvalidFormat = 503,
 
- kNoMemory = 600,
+ kCertificationDeclarationNoKeyId = 600,
+ kCertificationDeclarationNoCertificateFound = 601,
+ kCertificationDeclarationInvalidSignature = 602,
+
+ kNoMemory = 700,
 
  kNotImplemented = 0xFFFFU,
 
@@ -101,7 +104,21 @@ class DeviceAttestationVerifier
  const ByteSpan & attestationSignatureBuffer, const ByteSpan & paiCertDerBuffer,
  const ByteSpan & dacCertDerBuffer, const ByteSpan & attestationNonce) = 0;
 
- // TODO: Validate Certification Declaration
+ /**
+ * @brief Verify a CMS Signed Data signature against the CSA certificate of Subject Key Identifier that matches
+ * the subjectKeyIdentifier field of cmsEnvelopeBuffer.
+ *
+ * @param[in] cmsEnvelopeBuffer A ByteSpan with a CMS signed message.
+ * @param[out] certDeclBuffer A ByteSpan to hold the CD content extracted from the CMS signed message.
+ *
+ * @returns AttestationVerificationResult::kSuccess on success or another specific
+ * value from AttestationVerificationResult enum on failure.
+ */
+ virtual AttestationVerificationResult ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
+ ByteSpan & certDeclBuffer) = 0;
+
+ // TODO: Validate Certification Declaration Payload
+
  // TODO: Validate Firmware Information
 
 protected:

src/credentials/examples/DeviceAttestationCredsExample.cpp

@@ -144,8 +144,31 @@ CHIP_ERROR ExampleDACProvider::GetProductAttestationIntermediateCert(MutableByte
 
 CHIP_ERROR ExampleDACProvider::GetCertificationDeclaration(MutableByteSpan & out_cd_buffer)
 {
- // TODO: We need a real example CD to be populated.
- constexpr uint8_t kCertificationDeclaration[128] = { 1 };
+ // -> format_version = 1
+ // -> vendor_id = 0xFFF1
+ // -> product_id_array = [ 0x8000 ]
+ // -> device_type_id = 0x1234
+ // -> certificate_id = "ZIG20141ZB330001-24"
+ // -> security_level = 0
+ // -> security_information = 0
+ // -> version_number = 0x2694
+ // -> certification_type = 0
+ // -> dac_origin_vendor_id is not present
+ // -> dac_origin_product_id is not present
+ constexpr uint8_t kCertificationDeclaration[] = {
+ 0x30, 0x81, 0xe8, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x81, 0xda, 0x30, 0x81, 0xd7,
+ 0x02, 0x01, 0x03, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x45,
+ 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x38, 0x04, 0x36, 0x15, 0x24, 0x00, 0x01, 0x25,
+ 0x01, 0xf1, 0xff, 0x36, 0x02, 0x05, 0x00, 0x80, 0x18, 0x25, 0x03, 0x34, 0x12, 0x2c, 0x04, 0x13, 0x5a, 0x49, 0x47, 0x32,
+ 0x30, 0x31, 0x34, 0x31, 0x5a, 0x42, 0x33, 0x33, 0x30, 0x30, 0x30, 0x31, 0x2d, 0x32, 0x34, 0x24, 0x05, 0x00, 0x24, 0x06,
+ 0x00, 0x25, 0x07, 0x94, 0x26, 0x24, 0x08, 0x00, 0x18, 0x31, 0x7c, 0x30, 0x7a, 0x02, 0x01, 0x03, 0x80, 0x14, 0x62, 0xfa,
+ 0x82, 0x33, 0x59, 0xac, 0xfa, 0xa9, 0x96, 0x3e, 0x1c, 0xfa, 0x14, 0x0a, 0xdd, 0xf5, 0x04, 0xf3, 0x71, 0x60, 0x30, 0x0b,
+ 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ 0x04, 0x03, 0x02, 0x04, 0x46, 0x30, 0x44, 0x02, 0x20, 0x43, 0xa6, 0x3f, 0x2b, 0x94, 0x3d, 0xf3, 0x3c, 0x38, 0xb3, 0xe0,
+ 0x2f, 0xca, 0xa7, 0x5f, 0xe3, 0x53, 0x2a, 0xeb, 0xbf, 0x5e, 0x63, 0xf5, 0xbb, 0xdb, 0xc0, 0xb1, 0xf0, 0x1d, 0x3c, 0x4f,
+ 0x60, 0x02, 0x20, 0x4c, 0x1a, 0xbf, 0x5f, 0x18, 0x07, 0xb8, 0x18, 0x94, 0xb1, 0x57, 0x6c, 0x47, 0xe4, 0x72, 0x4e, 0x4d,
+ 0x96, 0x6c, 0x61, 0x2e, 0xd3, 0xfa, 0x25, 0xc1, 0x18, 0xc3, 0xf2, 0xb3, 0xf9, 0x03, 0x69
+ };
 
  return CopySpanToMutableSpan(ByteSpan{ kCertificationDeclaration }, out_cd_buffer);
 }

src/credentials/examples/DeviceAttestationVerifierExample.cpp

@@ -17,10 +17,12 @@
 #include "DeviceAttestationVerifierExample.h"
 
 #include <credentials/CHIPCert.h>
+#include <credentials/CertificationDeclaration.h>
 #include <credentials/DeviceAttestationConstructor.h>
 #include <crypto/CHIPCryptoPAL.h>
 
 #include <lib/core/CHIPError.h>
+#include <lib/support/CodeUtils.h>
 #include <lib/support/ScopedBuffer.h>
 #include <lib/support/Span.h>
 
@@ -134,6 +136,58 @@ CHIP_ERROR GetProductAttestationAuthorityCert(const ByteSpan & skid, MutableByte
  return CopySpanToMutableSpan(ByteSpan{ sPAALookupTable[paaLookupTableIdx].mPAACertificate }, outDacBuffer);
 }
 
+CHIP_ERROR GetCertificationDeclarationCertificate(const ByteSpan & skid, MutableByteSpan & outCertificate)
+{
+ struct CertChainLookupTable
+ {
+ const uint8_t mCertificate[kMax_x509_Certificate_Length];
+ const uint8_t mSKID[kKeyIdentifierLength];
+ };
+
+ static CertChainLookupTable
+ sCertChainLookupTable[] = {
+ { { 0x30, 0x82, 0x01, 0xb3, 0x30, 0x82, 0x01, 0x5a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x45, 0xda, 0xf3, 0x9d,
+ 0xe4, 0x7a, 0xa0, 0x8f, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x2b, 0x31,
+ 0x29, 0x30, 0x27, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x20, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65,
+ 0x73, 0x74, 0x20, 0x43, 0x44, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6f,
+ 0x72, 0x69, 0x74, 0x79, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34,
+ 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a,
+ 0x30, 0x2b, 0x31, 0x29, 0x30, 0x27, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x20, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72,
+ 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x44, 0x20, 0x53, 0x69, 0x67, 0x6e, 0x69, 0x6e, 0x67, 0x20, 0x41, 0x75,
+ 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+ 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x3c, 0x39, 0x89, 0x22,
+ 0x45, 0x2b, 0x55, 0xca, 0xf3, 0x89, 0xc2, 0x5b, 0xd1, 0xbc, 0xa4, 0x65, 0x69, 0x52, 0xcc, 0xb9, 0x0e, 0x88, 0x69,
+ 0x24, 0x9a, 0xd8, 0x47, 0x46, 0x53, 0x01, 0x4c, 0xbf, 0x95, 0xd6, 0x87, 0x96, 0x5e, 0x03, 0x6b, 0x52, 0x1c, 0x51,
+ 0x03, 0x7e, 0x6b, 0x8c, 0xed, 0xef, 0xca, 0x1e, 0xb4, 0x40, 0x46, 0x69, 0x4f, 0xa0, 0x88, 0x82, 0xee, 0xd6, 0x51,
+ 0x9d, 0xec, 0xba, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08,
+ 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x01, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04,
+ 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x62, 0xfa, 0x82,
+ 0x33, 0x59, 0xac, 0xfa, 0xa9, 0x96, 0x3e, 0x1c, 0xfa, 0x14, 0x0a, 0xdd, 0xf5, 0x04, 0xf3, 0x71, 0x60, 0x30, 0x1f,
+ 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x62, 0xfa, 0x82, 0x33, 0x59, 0xac, 0xfa, 0xa9,
+ 0x96, 0x3e, 0x1c, 0xfa, 0x14, 0x0a, 0xdd, 0xf5, 0x04, 0xf3, 0x71, 0x60, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
+ 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x2c, 0x54, 0x5c, 0xe4, 0xe4, 0x57, 0xd8,
+ 0xa6, 0xf0, 0xd9, 0xd9, 0xbb, 0xeb, 0xd6, 0xec, 0xe1, 0xdd, 0xfe, 0x7f, 0x8c, 0x6d, 0x9a, 0x6c, 0xf3, 0x75, 0x32,
+ 0x1f, 0xc6, 0xfa, 0xc7, 0x13, 0x84, 0x02, 0x20, 0x54, 0x07, 0x78, 0xe8, 0x74, 0x39, 0x72, 0x52, 0x7e, 0xed, 0xeb,
+ 0xaf, 0x58, 0x68, 0x62, 0x20, 0xb5, 0x40, 0x78, 0xf2, 0xcd, 0x4e, 0x62, 0xa7, 0x6a, 0xe7, 0xcb, 0xb9, 0x2f, 0xf5,
+ 0x4c, 0x8b },
+ { 0x62, 0xfa, 0x82, 0x33, 0x59, 0xac, 0xfa, 0xa9, 0x96, 0x3e,
+ 0x1c, 0xfa, 0x14, 0x0a, 0xdd, 0xf5, 0x04, 0xf3, 0x71, 0x60 } }
+ };
+
+ size_t certChainLookupTableIdx;
+ for (certChainLookupTableIdx = 0; certChainLookupTableIdx < ArraySize(sCertChainLookupTable); ++certChainLookupTableIdx)
+ {
+ if (skid.data_equal(ByteSpan(sCertChainLookupTable[certChainLookupTableIdx].mSKID)))
+ {
+ break;
+ }
+ }
+
+ VerifyOrReturnError(certChainLookupTableIdx < ArraySize(sCertChainLookupTable), CHIP_ERROR_INVALID_ARGUMENT);
+
+ return CopySpanToMutableSpan(ByteSpan{ sCertChainLookupTable[certChainLookupTableIdx].mCertificate }, outCertificate);
+}
+
 class ExampleDACVerifier : public DeviceAttestationVerifier
 {
 public:
@@ -142,6 +196,9 @@ class ExampleDACVerifier : public DeviceAttestationVerifier
  const ByteSpan & attestationSignatureBuffer,
  const ByteSpan & paiCertDerBuffer, const ByteSpan & dacCertDerBuffer,
  const ByteSpan & attestationNonce) override;
+
+ AttestationVerificationResult ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
+ ByteSpan & certDeclBuffer) override;
 };
 
 AttestationVerificationResult ExampleDACVerifier::VerifyAttestationInformation(const ByteSpan & attestationInfoBuffer,
@@ -218,6 +275,26 @@ AttestationVerificationResult ExampleDACVerifier::VerifyAttestationInformation(c
  VerifyOrReturnError(attestationNonceSpan.data_equal(attestationNonce),
  AttestationVerificationResult::kAttestationNonceMismatch);
 
+ ByteSpan certificationDeclarationPayload;
+ return ValidateCertificationDeclarationSignature(certificationDeclarationSpan, certificationDeclarationPayload);
+}
+
+AttestationVerificationResult ExampleDACVerifier::ValidateCertificationDeclarationSignature(const ByteSpan & cmsEnvelopeBuffer,
+ ByteSpan & certDeclBuffer)
+{
+ uint8_t certificate[Credentials::kMaxDERCertLength];
+ MutableByteSpan certificateSpan(certificate);
+ ByteSpan skid;
+
+ VerifyOrReturnError(CMS_ExtractKeyId(cmsEnvelopeBuffer, skid) == CHIP_NO_ERROR,
+ AttestationVerificationResult::kCertificationDeclarationNoKeyId);
+
+ VerifyOrReturnError(GetCertificationDeclarationCertificate(skid, certificateSpan) == CHIP_NO_ERROR,
+ AttestationVerificationResult::kCertificationDeclarationNoCertificateFound);
+
+ VerifyOrReturnError(CMS_Verify(cmsEnvelopeBuffer, certificateSpan, certDeclBuffer) == CHIP_NO_ERROR,
+ AttestationVerificationResult::kCertificationDeclarationInvalidSignature);
+
  return AttestationVerificationResult::kSuccess;
 }