Allow partial validation of DAC and CD (for external cloud or custom app based validation) #21725
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pullapprove
bot
requested review from
andy31415,
anush-apple,
arkq,
Byungjoo-Lee,
bzbarsky-apple,
carol-apple,
chshu,
chulspro,
Damian-Nordic,
dhrishi,
electrocucaracha,
emargolis,
erjiaqing,
franck-apple,
gjc13,
harsha-rajendran,
hawk248,
isiu-apple,
jelderton,
jepenven-silabs,
jmartinez-silabs,
jtung-apple,
kghost,
lazarkov,
LuDuda,
mlepage-google,
mrjerryjohns and
msandstedt
…station verification logic to allow cloud verifier to leverage it
…station verification logic to allow cloud verifier to leverage it
src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.h
Outdated
Show resolved
Hide resolved
chrisdecenzo
changed the title
sharadb-amazon
approved these changes
Aug 12, 2022
hawk248
approved these changes
Aug 14, 2022
woody-apple
approved these changes
Aug 15, 2022
|
Fast tracking, given this has had enough time for review |
| } | ||
|
|
||
| exit: | ||
| onCompletion->mCall(onCompletion->mContext, attestationError); // TODO: is this check getting done? |
There was a problem hiding this comment.
Can you revisit this TODO?
| namespace chip { | ||
| namespace Credentials { | ||
|
|
||
| class PartialDACVerifier : public DefaultDACVerifier |
There was a problem hiding this comment.
This file is missing docs and comments about the limitations
| // As per specifications section 11.22.5.1. Constant RESP_MAX | ||
| constexpr size_t kMaxResponseLength = 900; | ||
|
|
||
| void PartialDACVerifier::VerifyAttestationInformation(const DeviceAttestationVerifier::AttestationInfo & info, |
There was a problem hiding this comment.
This method is missing comments about the limitations
| @@ -202,8 +203,13 @@ CHIP_ERROR AndroidOperationalCredentialsIssuer::CallbackGenerateNOCChain(const B | |||
| jbyteArray javaCsr; | |||
| JniReferences::GetInstance().N2J_ByteArray(env, csr.data(), csr.size(), javaCsr); | |||
|
|
|||
| P256PublicKey pubkey; | |||
| ReturnErrorOnFailure(VerifyCertificateSigningRequest(csr.data(), csr.size(), pubkey)); | |||
| // TODO: verify signed by DAC creds? | |||
There was a problem hiding this comment.
Is this TODO intended to remain?
|
|
||
| if (useCallback) | ||
| { | ||
| // if we are assigning a callback, then make the device commissioner delegate verification to the cloud |
There was a problem hiding this comment.
There is no cloud involved. Suggest removing the word cloud
| if (useCallback) | ||
| { | ||
| // if we are assigning a callback, then make the device commissioner delegate verification to the cloud | ||
| wrapper->Controller()->SetDeviceAttestationVerifier(wrapper->GetPartialDACVerifier()); |
There was a problem hiding this comment.
This forces usage of "PartialDACVerifier" for auto-commissioner all the time, which may override a prior call to SetDeviceAttestationVerifier. This is not explained in the API contract of the method
isiu-apple
pushed a commit
to isiu-apple/connectedhomeip
that referenced
this pull request
Sep 16, 2022
…app based validation) (project-chip#21725) * Draft: Allow partial validation of DAC and CD (when PAA list is not local) * Draft: Allow partial validation of DAC and CD (when PAA list is not local) * Move cloud attestation to a separate class, re-structure default attestation verification logic to allow cloud verifier to leverage it * straggler * address feedback * address feedback * straggler * fix builds, integration tests
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When PAA list is not local, clients will want to perform as much local validation as possible.
Problem
Change overview
Testing