Added an interface for revocation checks to DeviceAttestationVerifier

vijs · vijs · commit a11e4b305985 · 2024-03-15T01:26:46.000-04:00
diff --git a/examples/chip-tool/BUILD.gn b/examples/chip-tool/BUILD.gn
@@ -109,6 +109,7 @@ static_library("chip-tool-utils") {
     "${chip_root}/src/app/tests/suites/commands/interaction_model",
     "${chip_root}/src/controller/data_model",
     "${chip_root}/src/credentials:file_attestation_trust_store",
+    "${chip_root}/src/credentials:json_file_revocation_set",
     "${chip_root}/src/lib",
     "${chip_root}/src/lib/core:types",
     "${chip_root}/src/lib/support/jsontlv",
diff --git a/examples/chip-tool/commands/common/CHIPCommand.h b/examples/chip-tool/commands/common/CHIPCommand.h
@@ -69,6 +69,9 @@ class CHIPCommand : public Command
     CHIPCommand(const char * commandName, CredentialIssuerCommands * credIssuerCmds, const char * helpText = nullptr) :
         Command(commandName, helpText), mCredIssuerCmds(credIssuerCmds)
     {
+        AddArgument(
+            "revocation-set-path", &mRevocationSetPath,
+            "Path to file holding a list of Revoked Certificates. Can be absolute or relative to the current working directory.");
         AddArgument("paa-trust-store-path", &mPaaTrustStorePath,
                     "Path to directory holding PAA certificate information.  Can be absolute or relative to the current working "
                     "directory.");
@@ -218,6 +221,7 @@ class CHIPCommand : public Command
     chip::Optional<chip::NodeId> mCommissionerNodeId;
     chip::Optional<chip::VendorId> mCommissionerVendorId;
     chip::Optional<uint16_t> mBleAdapterId;
+    chip::Optional<char *> mRevocationSetPath;
     chip::Optional<char *> mPaaTrustStorePath;
     chip::Optional<char *> mCDTrustStorePath;
     chip::Optional<bool> mUseMaxSizedCerts;
@@ -226,6 +230,7 @@ class CHIPCommand : public Command
     // Cached trust store so commands other than the original startup command
     // can spin up commissioners as needed.
     static const chip::Credentials::AttestationTrustStore * sTrustStore;
+    static const chip::Credentials::RevocationSet * sRevocationSet;
 
     static void RunQueuedCommand(intptr_t commandArg);
     typedef decltype(RunQueuedCommand) MatterWorkCallback;
diff --git a/examples/chip-tool/commands/common/CredentialIssuerCommands.h b/examples/chip-tool/commands/common/CredentialIssuerCommands.h
@@ -59,7 +59,8 @@ class CredentialIssuerCommands
      * @return CHIP_ERROR CHIP_NO_ERROR on success, or corresponding error code.
      */
     virtual CHIP_ERROR SetupDeviceAttestation(chip::Controller::SetupParams & setupParams,
-                                              const chip::Credentials::AttestationTrustStore * trustStore) = 0;
+                                              const chip::Credentials::AttestationTrustStore * trustStore,
+                                              const chip::Credentials::RevocationSet * revocationSet) = 0;
 
     /**
      * @brief Add a list of additional non-default CD verifying keys (by certificate)
diff --git a/examples/chip-tool/commands/example/ExampleCredentialIssuerCommands.h b/examples/chip-tool/commands/example/ExampleCredentialIssuerCommands.h
@@ -34,11 +34,12 @@ class ExampleCredentialIssuerCommands : public CredentialIssuerCommands
         return mOpCredsIssuer.Initialize(storage);
     }
     CHIP_ERROR SetupDeviceAttestation(chip::Controller::SetupParams & setupParams,
-                                      const chip::Credentials::AttestationTrustStore * trustStore) override
+                                      const chip::Credentials::AttestationTrustStore * trustStore,
+                                      const chip::Credentials::RevocationSet * revocationSet) override
     {
         chip::Credentials::SetDeviceAttestationCredentialsProvider(chip::Credentials::Examples::GetExampleDACProvider());
 
-        mDacVerifier                          = chip::Credentials::GetDefaultDACVerifier(trustStore);
+        mDacVerifier                          = chip::Credentials::GetDefaultDACVerifier(trustStore, revocationSet);
         setupParams.deviceAttestationVerifier = mDacVerifier;
         mDacVerifier->EnableCdTestKeySupport(mAllowTestCdSigningKey);
 
diff --git a/src/controller/python/BUILD.gn b/src/controller/python/BUILD.gn
@@ -136,6 +136,7 @@ shared_library("ChipDeviceCtrl") {
     public_deps += [
       "${chip_root}/src/controller/data_model",
       "${chip_root}/src/credentials:file_attestation_trust_store",
+      "${chip_root}/src/credentials:json_file_revocation_set",
       "${chip_root}/src/lib/support:testing",
       "${chip_root}/src/tracing/json",
       "${chip_root}/src/tracing/perfetto",
diff --git a/src/credentials/BUILD.gn b/src/credentials/BUILD.gn
@@ -185,3 +185,18 @@ static_library("file_attestation_trust_store") {
     "${nlassert_root}:nlassert",
   ]
 }
+
+static_library("json_file_revocation_set") {
+  output_name = "libJSONFileRevocationSet"
+
+  sources = [
+    "attestation_verifier/JSONFileRevocationSet.cpp",
+    "attestation_verifier/JSONFileRevocationSet.h",
+  ]
+
+  public_deps = [
+    ":credentials",
+    "${chip_root}/third_party/jsoncpp",
+    "${nlassert_root}:nlassert",
+  ]
+}
diff --git a/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp b/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
@@ -458,6 +458,50 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
         VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess, attestationError = attestationError);
     }
 
+    {
+        uint8_t issuerBuf[kMaxCertificateDistinguishedNameLength] = { 0 };
+        MutableByteSpan paaIssuer(issuerBuf);
+        MutableByteSpan paiIssuer(issuerBuf);
+        MutableByteSpan dacIssuer(issuerBuf);
+        uint8_t akidBuf[kAuthorityKeyIdentifierLength];
+        MutableByteSpan akid(akidBuf);
+        uint8_t serialNumberBuf[kMaxCertificateSerialNumberLength];
+        MutableByteSpan serialNumber(serialNumberBuf);
+
+        VerifyOrExit(ExtractIssuerFromX509Cert(paaDerBuffer, paaIssuer) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaaFormatInvalid);
+        VerifyOrExit(ExtractAKIDFromX509Cert(paaDerBuffer, akid) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaaFormatInvalid);
+        VerifyOrExit(ExtractSerialNumberFromX509Cert(paaDerBuffer, serialNumber) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaaFormatInvalid);
+
+        attestationError = IsCertificateRevoked(true, paaVidPid, paaIssuer, akid, serialNumber);
+        VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess,
+                     attestationError = AttestationVerificationResult::kPaaRevoked);
+
+        VerifyOrExit(ExtractIssuerFromX509Cert(info.paiDerBuffer, paiIssuer) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
+        VerifyOrExit(ExtractAKIDFromX509Cert(info.paiDerBuffer, akid) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
+        VerifyOrExit(ExtractSerialNumberFromX509Cert(info.paiDerBuffer, serialNumber) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
+
+        attestationError = IsCertificateRevoked(false, paiVidPid, paiIssuer, akid, serialNumber);
+        VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess,
+                     attestationError = AttestationVerificationResult::kPaiRevoked);
+
+        VerifyOrExit(ExtractIssuerFromX509Cert(info.dacDerBuffer, dacIssuer) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kDacFormatInvalid);
+        VerifyOrExit(ExtractAKIDFromX509Cert(info.dacDerBuffer, akid) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kDacFormatInvalid);
+        VerifyOrExit(ExtractSerialNumberFromX509Cert(info.dacDerBuffer, serialNumber) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kDacFormatInvalid);
+
+        attestationError = IsCertificateRevoked(false, dacVidPid, dacIssuer, akid, serialNumber);
+        VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess,
+                     attestationError = AttestationVerificationResult::kDacRevoked);
+    }
+
 exit:
     onCompletion->mCall(onCompletion->mContext, info, attestationError);
 }
@@ -607,6 +651,15 @@ CHIP_ERROR DefaultDACVerifier::VerifyNodeOperationalCSRInformation(const ByteSpa
     return CHIP_NO_ERROR;
 }
 
+AttestationVerificationResult DefaultDACVerifier::IsCertificateRevoked(bool isPaa, AttestationCertVidPid vidPidUnderTest,
+                                                                       ByteSpan issuer, ByteSpan authorityKeyId,
+                                                                       ByteSpan serialNumber)
+{
+    VerifyOrReturnError(mRevocationSet != nullptr, AttestationVerificationResult::kNotImplemented);
+
+    return mRevocationSet->IsCertificateRevoked(isPaa, vidPidUnderTest, issuer, authorityKeyId, serialNumber);
+}
+
 bool CsaCdKeysTrustStore::IsCdTestKey(const ByteSpan & kid) const
 {
     return kid.data_equal(ByteSpan{ gTestCdPubkeyKid });
@@ -683,9 +736,9 @@ const AttestationTrustStore * GetTestAttestationTrustStore()
     return &gTestAttestationTrustStore.get();
 }
 
-DeviceAttestationVerifier * GetDefaultDACVerifier(const AttestationTrustStore * paaRootStore)
+DeviceAttestationVerifier * GetDefaultDACVerifier(const AttestationTrustStore * paaRootStore, const RevocationSet * revocationSet)
 {
-    static DefaultDACVerifier defaultDACVerifier{ paaRootStore };
+    static DefaultDACVerifier defaultDACVerifier{ paaRootStore, revocationSet };
 
     return &defaultDACVerifier;
 }
diff --git a/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.h b/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.h
@@ -57,7 +57,9 @@ class CsaCdKeysTrustStore : public WellKnownKeysTrustStore
 class DefaultDACVerifier : public DeviceAttestationVerifier
 {
 public:
-    DefaultDACVerifier(const AttestationTrustStore * paaRootStore) : mAttestationTrustStore(paaRootStore) {}
+    DefaultDACVerifier(const AttestationTrustStore * paaRootStore, const RevocationSet * revocationSet) :
+        mAttestationTrustStore(paaRootStore), mRevocationSet(revocationSet)
+    {}
 
     void VerifyAttestationInformation(const DeviceAttestationVerifier::AttestationInfo & info,
                                       Callback::Callback<OnAttestationInformationVerification> * onCompletion) override;
@@ -74,13 +76,17 @@ class DefaultDACVerifier : public DeviceAttestationVerifier
                                                    const ByteSpan & attestationSignatureBuffer,
                                                    const Crypto::P256PublicKey & dacPublicKey, const ByteSpan & csrNonce) override;
 
+    AttestationVerificationResult IsCertificateRevoked(bool isPaa, Crypto::AttestationCertVidPid vidPidUnderTest, ByteSpan issuer,
+                                                       ByteSpan authorityKeyId, ByteSpan serialNumber) override;
+
     CsaCdKeysTrustStore * GetCertificationDeclarationTrustStore() override { return &mCdKeysTrustStore; }
 
 protected:
     DefaultDACVerifier() {}
 
     CsaCdKeysTrustStore mCdKeysTrustStore;
     const AttestationTrustStore * mAttestationTrustStore;
+    const RevocationSet * mRevocationSet;
 };
 
 /**
@@ -109,7 +115,7 @@ const AttestationTrustStore * GetTestAttestationTrustStore();
  *          process lifetime.  In particular, after the first call it's not
  *          possible to change which AttestationTrustStore is used by this verifier.
  */
-DeviceAttestationVerifier * GetDefaultDACVerifier(const AttestationTrustStore * paaRootStore);
+DeviceAttestationVerifier * GetDefaultDACVerifier(const AttestationTrustStore * paaRootStore, const RevocationSet * revocationSet);
 
 } // namespace Credentials
 } // namespace chip
diff --git a/src/credentials/attestation_verifier/DeviceAttestationVerifier.cpp b/src/credentials/attestation_verifier/DeviceAttestationVerifier.cpp
@@ -69,6 +69,12 @@ class UnimplementedDACVerifier : public DeviceAttestationVerifier
         (void) csrNonce;
         return CHIP_ERROR_NOT_IMPLEMENTED;
     }
+
+    AttestationVerificationResult IsCertificateRevoked(bool isPaa, Crypto::AttestationCertVidPid vidPidUnderTest, ByteSpan issuer,
+                                                       ByteSpan authorityKeyId, ByteSpan serialNumber) override
+    {
+        return AttestationVerificationResult::kNotImplemented;
+    }
 };
 
 // Default to avoid nullptr on getter and cleanly handle new products/clients before
diff --git a/src/credentials/attestation_verifier/DeviceAttestationVerifier.h b/src/credentials/attestation_verifier/DeviceAttestationVerifier.h
@@ -259,6 +259,25 @@ class ArrayAttestationTrustStore : public AttestationTrustStore
     const size_t mNumCerts;
 };
 
+/**
+ * @brief Helper utility to model a basic Revocation Set usable for device attestation verifiers.
+ *
+ */
+class RevocationSet
+{
+public:
+    RevocationSet()          = default;
+    virtual ~RevocationSet() = default;
+
+    // Not copyable
+    RevocationSet(const RevocationSet &)             = delete;
+    RevocationSet & operator=(const RevocationSet &) = delete;
+
+    virtual AttestationVerificationResult IsCertificateRevoked(bool isPaa, Crypto::AttestationCertVidPid vidPidUnderTest,
+                                                               ByteSpan issuer, ByteSpan authorityKeyId,
+                                                               ByteSpan serialNumber) const = 0;
+};
+
 class DeviceAttestationVerifier
 {
 public:
@@ -386,6 +405,9 @@ class DeviceAttestationVerifier
                                                            const Crypto::P256PublicKey & dacPublicKey,
                                                            const ByteSpan & csrNonce) = 0;
 
+    virtual AttestationVerificationResult IsCertificateRevoked(bool isPaa, Crypto::AttestationCertVidPid vidPidUnderTest,
+                                                               ByteSpan issuer, ByteSpan authorityKeyId, ByteSpan serialNumber) = 0;
+
     /**
      * @brief Get the trust store used for the attestation verifier.
      *
diff --git a/src/credentials/attestation_verifier/JSONFileRevocationSet.cpp b/src/credentials/attestation_verifier/JSONFileRevocationSet.cpp
diff --git a/src/credentials/attestation_verifier/JSONFileRevocationSet.h b/src/credentials/attestation_verifier/JSONFileRevocationSet.h

Original file line number	Diff line number	Diff line change
`@@ -34,11 +34,12 @@ class ExampleCredentialIssuerCommands : public CredentialIssuerCommands`
`34`	`34`	`return mOpCredsIssuer.Initialize(storage);`
`35`	`35`	`}`
`36`	`36`	`CHIP_ERROR SetupDeviceAttestation(chip::Controller::SetupParams & setupParams,`
`37`		`- const chip::Credentials::AttestationTrustStore * trustStore) override`
	`37`	`+ const chip::Credentials::AttestationTrustStore * trustStore,`
	`38`	`+ const chip::Credentials::RevocationSet * revocationSet) override`
`38`	`39`	`{`
`39`	`40`	`chip::Credentials::SetDeviceAttestationCredentialsProvider(chip::Credentials::Examples::GetExampleDACProvider());`
`40`	`41`
`41`		`- mDacVerifier = chip::Credentials::GetDefaultDACVerifier(trustStore);`
	`42`	`+ mDacVerifier = chip::Credentials::GetDefaultDACVerifier(trustStore, revocationSet);`
`42`	`43`	`setupParams.deviceAttestationVerifier = mDacVerifier;`
`43`	`44`	`mDacVerifier->EnableCdTestKeySupport(mAllowTestCdSigningKey);`
`44`	`45`