handle vendor reserved data properly in device attestation constructor/deconstructor #9825
Comments
mleisner
pushed a commit
to mleisner/connectedhomeip
that referenced
this issue
Sep 19, 2021
tcarmelveilleux
pushed a commit
that referenced
this issue
Sep 21, 2021
* Added DeconstructAttestationElements/ConstructAttestationElements helpers Moved CopySpantoMutableSpan into src/lib/support/Span.h as a general use routine. Added ExtractVIDFromX509Cert and ExtractAKIDFromX509Cert Changed attestation data to equate with updated spec. coauthor: restyled io * Address review comments Changing naming convention for constants simpler logic for context tags. Eliminate boolean array indexed by tag and have boolean flags. Removed vector for VendorReserved data and changed signature of helper functions. * address review comments use TLV::ContiguousBufferTLVReader have consecutive context tags add TODOs for future work improve documentations on usage in headers Have seperate tests for deconstruction with/without firmware info. * change enum type to uint32_t to avoid unsigned to signed conversion errors. Use UINT32_MAX instead of -1. * removed unneded header clang-format did a number of reformats Updated firmwareInfoTestVector * added TODO about issue #9825 * restyle: whitespace * changed numbers of errors
hawk248
pushed a commit
that referenced
this issue
Nov 12, 2021
* added credentials/DeviceAttestationVendorReserved.h added classes for deconstruction and construction for VendorReserved data changed calls for device attestation for new signatures * coauthor: restyled - whitespace * added credentials/DeviceAttestationVendorReserved.h added classes for deconstruction and construction for VendorReserved data changed calls for device attestation for new signatures * coauthor: restyled - whitespace * Update src/credentials/DeviceAttestationConstructor.cpp Co-authored-by: Boris Zbarsky <[email protected]> * review updates made sure private is after public private data items are prefixed with 'm' * review comment, used strlen instead of hardcoded number, compute bytespans based on strlen instead of size of arrays test err code from to many added elements (CHIP_ERROR_NO_MEMORY instread of !CHIP_NO_ERROR) * coauthor: clang-format * per review, replace Init and SaveAttestationElements in DeviceAttestationsElementsDeconstructor with PrepareToReadVendorReservedElements. * Incorporated PR 10546 review comments * Incorporated PR 10546 review comments (part 2) * Addressed PR 10546 review comments (11/10) Co-authored-by: Boris Zbarsky <[email protected]> Co-authored-by: Vijay Selvaraj <[email protected]> Co-authored-by: Vijay Selvaraj <[email protected]>
PSONALl
pushed a commit
to PSONALl/connectedhomeip
that referenced
this issue
Dec 3, 2021
…ect-chip#10546) * added credentials/DeviceAttestationVendorReserved.h added classes for deconstruction and construction for VendorReserved data changed calls for device attestation for new signatures * coauthor: restyled - whitespace * added credentials/DeviceAttestationVendorReserved.h added classes for deconstruction and construction for VendorReserved data changed calls for device attestation for new signatures * coauthor: restyled - whitespace * Update src/credentials/DeviceAttestationConstructor.cpp Co-authored-by: Boris Zbarsky <[email protected]> * review updates made sure private is after public private data items are prefixed with 'm' * review comment, used strlen instead of hardcoded number, compute bytespans based on strlen instead of size of arrays test err code from to many added elements (CHIP_ERROR_NO_MEMORY instread of !CHIP_NO_ERROR) * coauthor: clang-format * per review, replace Init and SaveAttestationElements in DeviceAttestationsElementsDeconstructor with PrepareToReadVendorReservedElements. * Incorporated PR 10546 review comments * Incorporated PR 10546 review comments (part 2) * Addressed PR 10546 review comments (11/10) Co-authored-by: Boris Zbarsky <[email protected]> Co-authored-by: Vijay Selvaraj <[email protected]> Co-authored-by: Vijay Selvaraj <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem
spec compliant approach approach to handling VendorReservedData needed.
Proposed Solution
class for VendorReservedData with methods to:
addVendorReservedData
deleteVendorReservedData
a custom input iterator compliant with appendix A.2.4 (Canonical Ordering of Tags) to deal with ordering of Profile Specific Tags)
The text was updated successfully, but these errors were encountered: