Skip to content

Commit

Permalink
[TC-DA-1.4] Added Test Case Vector with Invalid (Untrusted) PAA. (#22577
Browse files Browse the repository at this point in the history
)
  • Loading branch information
emargolis authored and pull[bot] committed Oct 14, 2022
1 parent 0062a56 commit 32398df
Show file tree
Hide file tree
Showing 13 changed files with 95 additions and 0 deletions.
Binary file not shown.
Binary file not shown.
12 changes: 12 additions & 0 deletions credentials/development/commissioner_dut/invalid_paa/dac-Cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIBzjCCAXSgAwIBAgIIWRRjypC2cxkwCgYIKoZIzj0EAwIwMDEYMBYGA1UEAwwP
TWF0dGVyIFRlc3QgUEFJMRQwEgYKKwYBBAGConwCAQwERkZGMTAgFw0yMTA2Mjgx
NDIzNDNaGA85OTk5MTIzMTIzNTk1OVowRjEYMBYGA1UEAwwPTWF0dGVyIFRlc3Qg
REFDMRQwEgYKKwYBBAGConwCAQwERkZGMTEUMBIGCisGAQQBgqJ8AgIMBDgwMDAw
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ1lnUF27XW2SR0MYjYBm2BSgDGS3TT
bi6A0tsHKjuB/8Y9bU3bAT5+gNnz6IIgXSt3949rRlcN4gN5Sux5Td8Fo2AwXjAM
BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQU3JVLDvstIQgd
qOejQv2K2nz5m2IwHwYDVR0jBBgwFoAU44aqTINKlOXlPPM+5w93H6P7TAAwCgYI
KoZIzj0EAwIDSAAwRQIhAJbqcL/1bbwLjHtzVz+BIVmUVwq7QXS7A6NsL7CgMiZy
AiAyLK2B8V7wI2VPppLeWQuZt5Aso89n7+J/gJaIKnBKhw==
-----END CERTIFICATE-----
Binary file not shown.
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIJbEKXtKCVCXl0KbWX+6WlxDIcxH649NH1Nm33Prxqs6oAoGCCqGSM49
AwEHoUQDQgAENZZ1Bdu11tkkdDGI2AZtgUoAxkt0024ugNLbByo7gf/GPW1N2wE+
foDZ8+iCIF0rd/ePa0ZXDeIDeUrseU3fBQ==
-----END EC PRIVATE KEY-----
12 changes: 12 additions & 0 deletions credentials/development/commissioner_dut/invalid_paa/paa-Cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIB0DCCAXagAwIBAgIIOOfO8k+viIgwCgYIKoZIzj0EAwIwOTE3MDUGA1UEAwwu
SW52YWxpZCAoTm90IFJlZ2lzdGVyZWQgaW4gdGhlIERDTCkgTWF0dGVyIFBBQTAg
Fw0yMTA2MjgxNDIzNDNaGA85OTk5MTIzMTIzNTk1OVowOTE3MDUGA1UEAwwuSW52
YWxpZCAoTm90IFJlZ2lzdGVyZWQgaW4gdGhlIERDTCkgTWF0dGVyIFBBQTBZMBMG
ByqGSM49AgEGCCqGSM49AwEHA0IABPpJ2vGCmLL490OZuD1htkMjRuSOc5kCb3lx
bFxwmk66gvXU8Yocg3BvqK+9WWC6JBlgzvviw93276bvpHGpMYajZjBkMBIGA1Ud
EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBQrDv6LP/qE
lgvYk8SvEXFnR+BIpTAfBgNVHSMEGDAWgBQrDv6LP/qElgvYk8SvEXFnR+BIpTAK
BggqhkjOPQQDAgNIADBFAiB/D0/Pz+Fz+SU6mNOjvPKcGlZIPe+FRDGI5uqI8rX2
PwIhAOyShTFQMhNfy+1TnWRbwm/ShROaLr1Zcj7nLRczeGjD
-----END CERTIFICATE-----
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIFY+k2145+Tfyl9Stq08M5H+SieAPCwwoOLg1NS8s2TqoAoGCCqGSM49
AwEHoUQDQgAE+kna8YKYsvj3Q5m4PWG2QyNG5I5zmQJveXFsXHCaTrqC9dTxihyD
cG+or71ZYLokGWDO++LD3fbvpu+kcakxhg==
-----END EC PRIVATE KEY-----
Binary file not shown.
12 changes: 12 additions & 0 deletions credentials/development/commissioner_dut/invalid_paa/pai-Cert.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
-----BEGIN CERTIFICATE-----
MIIByDCCAW2gAwIBAgIIVH5lccL+7gYwCgYIKoZIzj0EAwIwOTE3MDUGA1UEAwwu
SW52YWxpZCAoTm90IFJlZ2lzdGVyZWQgaW4gdGhlIERDTCkgTWF0dGVyIFBBQTAg
Fw0yMTA2MjgxNDIzNDNaGA85OTk5MTIzMTIzNTk1OVowMDEYMBYGA1UEAwwPTWF0
dGVyIFRlc3QgUEFJMRQwEgYKKwYBBAGConwCAQwERkZGMTBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABJTSFb4sA9AkXurgPmWCT2maCtyOp8AaqS6dlms2IehJKykQ
j8u1lC4GM1u0iYwhj820yadRtGRmww0cNgjQrQejZjBkMBIGA1UdEwEB/wQIMAYB
Af8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTjhqpMg0qU5eU88z7nD3cf
o/tMADAfBgNVHSMEGDAWgBQrDv6LP/qElgvYk8SvEXFnR+BIpTAKBggqhkjOPQQD
AgNJADBGAiEA4CLir/Rmk9mDUS71Jrteov7tCIT9eXrFGUTPkoW+6zcCIQDEhmKi
4hXiW6WC8eXcUxS6kYvEoAKI+kic9A00szhNkg==
-----END CERTIFICATE-----
Binary file not shown.
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIHOVwVthXM49128hkyBUFt/P5rCpOxBikVZ1HyiTyV90oAoGCCqGSM49
AwEHoUQDQgAElNIVviwD0CRe6uA+ZYJPaZoK3I6nwBqpLp2WazYh6EkrKRCPy7WU
LgYzW7SJjCGPzbTJp1G0ZGbDDRw2CNCtBw==
-----END EC PRIVATE KEY-----
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"description": "PAI Test Vector: Invalid CMS Signature.",
"is_success_case": "false",
"dac_cert": "308201ce30820174a0030201020208591463ca90b67319300a06082a8648ce3d04030230303118301606035504030c0f4d617474657220546573742050414931143012060a2b0601040182a27c02010c04464646313020170d3231303632383134323334335a180f39393939313233313233353935395a30463118301606035504030c0f4d617474657220546573742044414331143012060a2b0601040182a27c02010c044646463131143012060a2b0601040182a27c02020c04383030303059301306072a8648ce3d020106082a8648ce3d0301070342000435967505dbb5d6d924743188d8066d814a00c64b74d36e2e80d2db072a3b81ffc63d6d4ddb013e7e80d9f3e882205d2b77f78f6b46570de203794aec794ddf05a360305e300c0603551d130101ff04023000300e0603551d0f0101ff040403020780301d0603551d0e04160414dc954b0efb2d21081da8e7a342fd8ada7cf99b62301f0603551d23041830168014e386aa4c834a94e5e53cf33ee70f771fa3fb4c00300a06082a8648ce3d040302034800304502210096ea70bff56dbc0b8c7b73573f81215994570abb4174bb03a36c2fb0a03226720220322cad81f15ef023654fa692de590b99b7902ca3cf67efe27f8096882a704a87",
"pai_cert": "308201c83082016da0030201020208547e6571c2feee06300a06082a8648ce3d04030230393137303506035504030c2e496e76616c696420284e6f74205265676973746572656420696e207468652044434c29204d6174746572205041413020170d3231303632383134323334335a180f39393939313233313233353935395a30303118301606035504030c0f4d617474657220546573742050414931143012060a2b0601040182a27c02010c04464646313059301306072a8648ce3d020106082a8648ce3d0301070342000494d215be2c03d0245eeae03e65824f699a0adc8ea7c01aa92e9d966b3621e8492b29108fcbb5942e06335bb4898c218fcdb4c9a751b46466c30d1c3608d0ad07a366306430120603551d130101ff040830060101ff020100300e0603551d0f0101ff040403020106301d0603551d0e04160414e386aa4c834a94e5e53cf33ee70f771fa3fb4c00301f0603551d230418301680142b0efe8b3ffa84960bd893c4af11716747e048a5300a06082a8648ce3d0403020349003046022100e022e2aff46693d983512ef526bb5ea2feed0884fd797ac51944cf9285beeb37022100c48662a2e215e25ba582f1e5dc5314ba918bc4a00288fa489cf40d34b3384d92",
"certification_declaration": "3081e906092a864886f70d010702a081db3081d8020103310d300b0609608648016503040201304506092a864886f70d010701a0380436152400012501f1ff360205008018250334122c04135a494732303134315a423333303030312d32342405002406002507769824080018317d307b020103801462fa823359acfaa9963e1cfa140addf504f37160300b0609608648016503040201300a06082a8648ce3d040302044730450221009537f838ebfd9f8b1f26b4c207098ec082928254e8db72fc32f8a870ef97563a02203c59748c2c49d7222b58088c3689127a2df28aa8ae8320bd3c82fdcf01dd6044",
"dac_private_key": "96c4297b4a09509797429b597fba5a5c4321cc47eb8f4d1f5366df73ebc6ab3a",
"dac_public_key": "0435967505dbb5d6d924743188d8066d814a00c64b74d36e2e80d2db072a3b81ffc63d6d4ddb013e7e80d9f3e882205d2b77f78f6b46570de203794aec794ddf05"
}
35 changes: 35 additions & 0 deletions src/tools/chip-cert/gen_com_dut_test_vectors.py
Original file line number Diff line number Diff line change
Expand Up @@ -944,6 +944,41 @@ def main():
# Generate Test Case Data Container in JSON Format
generate_test_case_vector_json(test_case_out_dir, 'cd', test_case)

# Test case: Generate {DAC, PAI, PAA} chain with random (invalid) PAA
test_case_out_dir = args.outdir + '/invalid_paa'
paapath = test_case_out_dir + '/paa-'

if not os.path.exists(test_case_out_dir):
os.mkdir(test_case_out_dir)

# Generate PAA Cert/Key
cmd = chipcert + ' gen-att-cert -t a -c "Invalid (Not Registered in the DCL) Matter PAA" -f "' + VALID_IN_PAST + \
'" -l 4294967295 -o ' + paapath + 'Cert.pem -O ' + paapath + 'Key.pem'
subprocess.run(cmd, shell=True)

vid = 0xFFF1
pid = 0x8000

# Generate PAI Cert/Key
builder = DevCertBuilder(CertType.PAI, 'no-error', paapath, test_case_out_dir,
chipcert, vid, PID_NOT_PRESENT, '', VALID_IN_PAST)
builder.make_certs_and_keys()

# Generate DAC Cert/Key
builder = DevCertBuilder(CertType.DAC, 'no-error', paapath, test_case_out_dir,
chipcert, vid, pid, '', VALID_IN_PAST)
builder.make_certs_and_keys()

# Generate Certification Declaration (CD)
vid_flag = ' -V 0x{:X}'.format(vid)
pid_flag = ' -p 0x{:X}'.format(pid)
cmd = chipcert + ' gen-cd -K ' + cd_key + ' -C ' + cd_cert + ' -O ' + test_case_out_dir + '/cd.der' + \
' -f 1 ' + vid_flag + pid_flag + ' -d 0x1234 -c "ZIG20141ZB330001-24" -l 0 -i 0 -n 9876 -t 0'
subprocess.run(cmd, shell=True)

# Generate Test Case Data Container in JSON Format
generate_test_case_vector_json(test_case_out_dir, test_cert, test_case)


if __name__ == '__main__':
sys.exit(main())

0 comments on commit 32398df

Please sign in to comment.