Make TestPubkey_x509Extraction build/run on ESP32 QEMU (project-chip#…

…9077) * Make TestPubkey_x509Extraction build/run on ESP32 QEMU Fixes project-chip#9075 * Fixed QEMU build based on project-chip#9080 suggestions
tewarid · Aug 23, 2021 · deb227f · deb227f
1 parent 82cf1b1
commit deb227f
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 14 deletions.
diff --git a/scripts/tests/esp32_qemu_tests.sh b/scripts/tests/esp32_qemu_tests.sh
@@ -76,7 +76,7 @@ run_suite libCoreTests.a
 run_suite libInetLayerTests.a
 run_suite libRetransmitTests.a
 run_suite libSystemLayerTests.a
-run_suite libChipCryptoTests.a
+run_suite libChipCryptoTests.a "-lChipCertTestVectors"
 
 # TODO: Transport layer tests do not link:
 #    - getpid undefined

diff --git a/src/credentials/tests/BUILD.gn b/src/credentials/tests/BUILD.gn
@@ -19,7 +19,7 @@ import("//build_overrides/nlunit_test.gni")
 import("${chip_root}/build/chip/chip_test_suite.gni")
 
 static_library("cert_test_vectors") {
-  output_name = "LibChipCertTestVectors"
+  output_name = "libChipCertTestVectors"
   output_dir = "${root_out_dir}/lib"
 
   sources = [

diff --git a/src/credentials/tests/TestDeviceAttestationCredentials.cpp b/src/credentials/tests/TestDeviceAttestationCredentials.cpp
@@ -33,7 +33,6 @@ using namespace chip::Credentials;
 
 namespace {
 
-#if CHIP_CRYPTO_OPENSSL
 constexpr uint8_t kExpectedDacPublicKey[] = { 0x04, 0x7a, 0x84, 0x58, 0xaf, 0xbb, 0x9b, 0xcd, 0x15, 0xe1, 0x9a, 0xdc, 0xd2,
                                               0x66, 0xf6, 0x6c, 0x9c, 0x2f, 0x60, 0x7c, 0x74, 0x74, 0x7a, 0x35, 0xf8, 0x0f,
                                               0x37, 0xe1, 0x18, 0x13, 0x3f, 0x80, 0xf1, 0x76, 0x01, 0x13, 0x27, 0x8f, 0x91,
@@ -45,7 +44,6 @@ constexpr uint8_t kExpectedPaiPublicKey[] = { 0x04, 0xca, 0x73, 0xce, 0x46, 0x41
                                               0x2f, 0x25, 0x06, 0xcf, 0x6a, 0xd3, 0x70, 0xe3, 0x7f, 0x65, 0xd6, 0x34, 0x7a,
                                               0xe7, 0x97, 0xa1, 0x97, 0x26, 0x50, 0x50, 0x97, 0x6d, 0x34, 0xac, 0x7b, 0x63,
                                               0x7b, 0x3b, 0xda, 0x0b, 0x5b, 0xd8, 0x43, 0xed, 0x8e, 0x5d, 0x5e, 0x9b, 0xf2 };
-#endif // CHIP_CRYPTO_OPENSSL
 
 } // namespace
 
@@ -70,9 +68,6 @@ static void TestDACProvidersExample_Providers(nlTestSuite * inSuite, void * inCo
     default_provider = GetDeviceAttestationCredentialsProvider();
     NL_TEST_ASSERT(inSuite, default_provider == example_dac_provider);
 
-    // TODO: Fix ESP32 QEMU X.509 unit tests
-    // Can only run the following cases on OpenSSL due to x509 cert parsing
-#if CHIP_CRYPTO_OPENSSL
     // Make sure DAC is what we expect, by validating public key
     memset(der_cert_span.data(), 0, der_cert_span.size());
     err = example_dac_provider->GetDeviceAttestationCert(der_cert_span);
@@ -95,7 +90,6 @@ static void TestDACProvidersExample_Providers(nlTestSuite * inSuite, void * inCo
     NL_TEST_ASSERT(inSuite, err == CHIP_NO_ERROR);
     NL_TEST_ASSERT(inSuite, pai_public_key.Length() == sizeof(kExpectedPaiPublicKey));
     NL_TEST_ASSERT(inSuite, 0 == memcmp(pai_public_key.ConstBytes(), kExpectedPaiPublicKey, sizeof(kExpectedPaiPublicKey)));
-#endif // CHIP_CRYPTO_OPENSSL
 
     // Check for CD presence
     uint8_t other_data_buf[256];
@@ -142,9 +136,6 @@ static void TestDACProvidersExample_Signature(nlTestSuite * inSuite, void * inCo
     err = example_dac_provider->GetDeviceAttestationCert(dac_cert_span);
     NL_TEST_ASSERT(inSuite, err == CHIP_NO_ERROR);
 
-    // TODO: Fix ESP32 QEMU X.509 unit tests
-    // Can only run the following cases on OpenSSL due to x509 cert parsing
-#if CHIP_CRYPTO_OPENSSL
     // Extract public key from DAC, prior to signature verification
     P256PublicKey dac_public_key;
     err = ExtractPubkeyFromX509Cert(dac_cert_span, dac_public_key);
@@ -155,7 +146,6 @@ static void TestDACProvidersExample_Signature(nlTestSuite * inSuite, void * inCo
     // Verify round trip signature
     err = dac_public_key.ECDSA_validate_hash_signature(&kExampleDigest[0], sizeof(kExampleDigest), da_signature);
     NL_TEST_ASSERT(inSuite, err == CHIP_NO_ERROR);
-#endif // CHIP_CRYPTO_OPENSSL
 }
 
 /**

diff --git a/src/crypto/tests/CHIPCryptoPALTest.cpp b/src/crypto/tests/CHIPCryptoPALTest.cpp
@@ -1769,6 +1769,7 @@ static void TestX509_PKCS7Extraction(nlTestSuite * inSuite, void * inContext)
     status = memcmp(certificate_blob_root, x509list[2], x509list[2].Length());
     NL_TEST_ASSERT(inSuite, status == 0);
 }
+#endif // CHIP_CRYPTO_OPENSSL
 
 static void TestPubkey_x509Extraction(nlTestSuite * inSuite, void * inContext)
 {
@@ -1795,7 +1796,6 @@ static void TestPubkey_x509Extraction(nlTestSuite * inSuite, void * inContext)
         NL_TEST_ASSERT(inSuite, memcmp(publicKey.ConstBytes(), certPubkey, certPubkeyLen) == 0);
     }
 }
-#endif // CHIP_CRYPTO_OPENSSL
 
 /**
  *   Test Suite. It lists all the test functions.
@@ -1856,8 +1856,8 @@ static const nlTest sTests[] = {
     NL_TEST_DEF("Test Spake2p_spake2p PointIsValid", TestSPAKE2P_spake2p_PointIsValid),
     NL_TEST_DEF("Test Spake2+ against RFC test vectors", TestSPAKE2P_RFC),
     NL_TEST_DEF("Test compressed fabric identifier", TestCompressedFabricIdentifier),
-#if CHIP_CRYPTO_OPENSSL
     NL_TEST_DEF("Test Pubkey Extraction from x509 Certificate", TestPubkey_x509Extraction),
+#if CHIP_CRYPTO_OPENSSL
     NL_TEST_DEF("Test x509 Certificate Extraction from PKCS7", TestX509_PKCS7Extraction),
 #endif // CHIP_CRYPTO_OPENSSL
     NL_TEST_SENTINEL()