blob: 887fd20dba9e1f3d6104518df0060156769ddbf9 [file] [log] [blame]
/**
*
* Copyright (c) 2021-2023 Project CHIP Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <algorithm>
#import "MTROperationalCredentialsDelegate.h"
#import <Security/Security.h>
#import "MTRCertificates.h"
#import "MTRDeviceController_Internal.h"
#import "MTRLogging_Internal.h"
#import "NSDataSpanConversion.h"
#include <controller/CommissioningDelegate.h>
#include <credentials/CHIPCert.h>
#include <credentials/DeviceAttestationConstructor.h>
#include <credentials/DeviceAttestationVendorReserved.h>
#include <crypto/CHIPCryptoPAL.h>
#include <lib/core/Optional.h>
#include <lib/core/TLV.h>
#include <lib/support/PersistentStorageMacros.h>
#include <lib/support/SafeInt.h>
#include <lib/support/TimeUtils.h>
#include <platform/LockTracker.h>
using namespace chip;
using namespace TLV;
using namespace Credentials;
using namespace Crypto;
MTROperationalCredentialsDelegate::MTROperationalCredentialsDelegate(MTRDeviceController * deviceController)
: mWeakController(deviceController)
{
}
CHIP_ERROR MTROperationalCredentialsDelegate::Init(MTRPersistentStorageDelegateBridge * storage, ChipP256KeypairPtr nocSigner,
NSData * ipk, NSData * rootCert, NSData * _Nullable icaCert)
{
if (storage == nil || ipk == nil || rootCert == nil) {
return CHIP_ERROR_INVALID_ARGUMENT;
}
mStorage = storage;
mIssuerKey = nocSigner;
if ([ipk length] != mIPK.Length()) {
MTR_LOG_ERROR("MTROperationalCredentialsDelegate::init provided IPK is wrong size");
return CHIP_ERROR_INVALID_ARGUMENT;
}
memcpy(mIPK.Bytes(), [ipk bytes], [ipk length]);
// Make copies of the certificates, just in case the API consumer
// has them as MutableData.
mRootCert = [NSData dataWithData:rootCert];
if (mRootCert == nil) {
return CHIP_ERROR_NO_MEMORY;
}
if (icaCert != nil) {
mIntermediateCert = [NSData dataWithData:icaCert];
if (mIntermediateCert == nil) {
return CHIP_ERROR_NO_MEMORY;
}
}
return CHIP_NO_ERROR;
}
CHIP_ERROR MTROperationalCredentialsDelegate::GenerateNOC(
NodeId nodeId, FabricId fabricId, const chip::CATValues & cats, const Crypto::P256PublicKey & pubkey, MutableByteSpan & noc)
{
if (!mIssuerKey) {
return CHIP_ERROR_INCORRECT_STATE;
}
auto * validityPeriod = [[NSDateInterval alloc] initWithStartDate:[NSDate now] endDate:[NSDate distantFuture]];
return GenerateNOC(*mIssuerKey, (mIntermediateCert != nil) ? mIntermediateCert : mRootCert, nodeId, fabricId, cats, pubkey,
validityPeriod, noc);
}
CHIP_ERROR MTROperationalCredentialsDelegate::GenerateNOC(P256Keypair & signingKeypair, NSData * signingCertificate, NodeId nodeId,
FabricId fabricId, const CATValues & cats, const P256PublicKey & pubkey, NSDateInterval * validityPeriod, MutableByteSpan & noc)
{
uint32_t validityStart, validityEnd;
if (!ToChipEpochTime(validityPeriod.startDate, validityStart)) {
MTR_LOG_ERROR("Failed in computing certificate validity start date");
return CHIP_ERROR_INTERNAL;
}
if (!ToChipNotAfterEpochTime(validityPeriod.endDate, validityEnd)) {
MTR_LOG_ERROR("Failed in computing certificate validity end date");
return CHIP_ERROR_INTERNAL;
}
ChipDN signerSubject;
ReturnErrorOnFailure(ExtractSubjectDNFromX509Cert(AsByteSpan(signingCertificate), signerSubject));
ChipDN noc_dn;
ReturnErrorOnFailure(noc_dn.AddAttribute_MatterFabricId(fabricId));
ReturnErrorOnFailure(noc_dn.AddAttribute_MatterNodeId(nodeId));
ReturnErrorOnFailure(noc_dn.AddCATs(cats));
X509CertRequestParams noc_request = { 1, validityStart, validityEnd, noc_dn, signerSubject };
return NewNodeOperationalX509Cert(noc_request, pubkey, signingKeypair, noc);
}
CHIP_ERROR MTROperationalCredentialsDelegate::GenerateNOCChain(const chip::ByteSpan & csrElements, const chip::ByteSpan & csrNonce,
const chip::ByteSpan & attestationSignature, const chip::ByteSpan & attestationChallenge, const chip::ByteSpan & DAC,
const chip::ByteSpan & PAI, chip::Callback::Callback<chip::Controller::OnNOCChainGeneration> * onCompletion)
{
if (mOperationalCertificateIssuer != nil) {
return ExternalGenerateNOCChain(csrElements, csrNonce, attestationSignature, attestationChallenge, DAC, PAI, onCompletion);
} else {
return LocalGenerateNOCChain(csrElements, csrNonce, attestationSignature, attestationChallenge, DAC, PAI, onCompletion);
}
}
CHIP_ERROR MTROperationalCredentialsDelegate::ExternalGenerateNOCChain(const chip::ByteSpan & csrElements,
const chip::ByteSpan & csrNonce, const chip::ByteSpan & csrElementsSignature, const chip::ByteSpan & attestationChallenge,
const chip::ByteSpan & DAC, const chip::ByteSpan & PAI,
chip::Callback::Callback<chip::Controller::OnNOCChainGeneration> * onCompletion)
{
assertChipStackLockedByCurrentThread();
VerifyOrReturnError(mCppCommissioner != nullptr, CHIP_ERROR_INCORRECT_STATE);
MTRDeviceController * strongController = mWeakController;
VerifyOrReturnError(strongController != nil, CHIP_ERROR_INCORRECT_STATE);
mOnNOCCompletionCallback = onCompletion;
auto * csrInfo = [[MTROperationalCSRInfo alloc] initWithCSRNonce:AsData(csrNonce)
csrElementsTLV:AsData(csrElements)
attestationSignature:AsData(csrElementsSignature)];
chip::ByteSpan certificationDeclarationSpan;
chip::ByteSpan attestationNonceSpan;
uint32_t timestampDeconstructed;
chip::ByteSpan firmwareInfoSpan;
chip::Credentials::DeviceAttestationVendorReservedDeconstructor vendorReserved;
chip::Optional<chip::Controller::CommissioningParameters> commissioningParameters
= mCppCommissioner->GetCommissioningParameters();
VerifyOrReturnError(commissioningParameters.HasValue(), CHIP_ERROR_INCORRECT_STATE);
// Attestation Elements, nonce and signature will have a value in Commissioning Params as the CSR needs a signature or else we
// cannot trust it
ReturnErrorOnFailure(
chip::Credentials::DeconstructAttestationElements(commissioningParameters.Value().GetAttestationElements().Value(),
certificationDeclarationSpan, attestationNonceSpan, timestampDeconstructed, firmwareInfoSpan, vendorReserved));
NSData * firmwareInfo = nil;
if (!firmwareInfoSpan.empty()) {
firmwareInfo = AsData(firmwareInfoSpan);
}
MTRDeviceAttestationInfo * attestationInfo = [[MTRDeviceAttestationInfo alloc]
initWithDeviceAttestationChallenge:AsData(attestationChallenge)
nonce:AsData(commissioningParameters.Value().GetAttestationNonce().Value())
elementsTLV:AsData(commissioningParameters.Value().GetAttestationElements().Value())
elementsSignature:AsData(commissioningParameters.Value().GetAttestationSignature().Value())
deviceAttestationCertificate:AsData(DAC)
productAttestationIntermediateCertificate:AsData(PAI)
certificationDeclaration:AsData(certificationDeclarationSpan)
firmwareInfo:firmwareInfo];
MTRDeviceController * __weak weakController = mWeakController;
dispatch_async(mOperationalCertificateIssuerQueue, ^{
[mOperationalCertificateIssuer
issueOperationalCertificateForRequest:csrInfo
attestationInfo:attestationInfo
controller:strongController
completion:^(MTROperationalCertificateChain * _Nullable chain, NSError * _Nullable error) {
MTRDeviceController * strongController = weakController;
if (strongController == nil || !strongController.isRunning) {
// No longer safe to touch "this"
return;
}
this->ExternalNOCChainGenerated(chain, error);
}];
});
return CHIP_NO_ERROR;
}
void MTROperationalCredentialsDelegate::ExternalNOCChainGenerated(
MTROperationalCertificateChain * _Nullable chain, NSError * _Nullable error)
{
// Dispatch will only happen if the controller is still running, which means we
// are safe to touch our members.
[mWeakController
asyncGetCommissionerOnMatterQueue:^(Controller::DeviceCommissioner * commissioner) {
assertChipStackLockedByCurrentThread();
if (mOnNOCCompletionCallback == nullptr) {
return;
}
auto * onCompletion = mOnNOCCompletionCallback;
mOnNOCCompletionCallback = nullptr;
if (mCppCommissioner != commissioner) {
// Quite unexpected!
return;
}
if (chain == nil) {
onCompletion->mCall(onCompletion->mContext, [MTRError errorToCHIPErrorCode:error], ByteSpan(), ByteSpan(),
ByteSpan(), NullOptional, NullOptional);
return;
}
auto commissioningParameters = commissioner->GetCommissioningParameters();
if (!commissioningParameters.HasValue()) {
return;
}
IdentityProtectionKeySpan ipk = commissioningParameters.Value().GetIpk().ValueOr(GetIPK());
Optional<NodeId> adminSubject;
if (chain.adminSubject != nil) {
adminSubject.SetValue(chain.adminSubject.unsignedLongLongValue);
} else {
adminSubject = commissioningParameters.Value().GetAdminSubject();
}
ByteSpan intermediateCertificate;
if (chain.intermediateCertificate != nil) {
intermediateCertificate = AsByteSpan(chain.intermediateCertificate);
}
onCompletion->mCall(onCompletion->mContext, CHIP_NO_ERROR, AsByteSpan(chain.operationalCertificate),
intermediateCertificate, AsByteSpan(chain.rootCertificate), MakeOptional(ipk), adminSubject);
}
// If we can't run the block, we're torn down and should
// just do nothing.
errorHandler:nil];
}
CHIP_ERROR MTROperationalCredentialsDelegate::LocalGenerateNOCChain(const chip::ByteSpan & csrElements,
const chip::ByteSpan & csrNonce, const chip::ByteSpan & attestationSignature, const chip::ByteSpan & attestationChallenge,
const chip::ByteSpan & DAC, const chip::ByteSpan & PAI,
chip::Callback::Callback<chip::Controller::OnNOCChainGeneration> * onCompletion)
{
chip::NodeId assignedId;
if (mNodeIdRequested) {
assignedId = mNextRequestedNodeId;
mNodeIdRequested = false;
} else {
if (mDeviceBeingPaired == chip::kUndefinedNodeId) {
return CHIP_ERROR_INCORRECT_STATE;
}
assignedId = mDeviceBeingPaired;
}
TLVReader reader;
reader.Init(csrElements);
if (reader.GetType() == kTLVType_NotSpecified) {
ReturnErrorOnFailure(reader.Next());
}
VerifyOrReturnError(reader.GetType() == kTLVType_Structure, CHIP_ERROR_WRONG_TLV_TYPE);
VerifyOrReturnError(reader.GetTag() == AnonymousTag(), CHIP_ERROR_UNEXPECTED_TLV_ELEMENT);
TLVType containerType;
ReturnErrorOnFailure(reader.EnterContainer(containerType));
ReturnErrorOnFailure(reader.Next(kTLVType_ByteString, TLV::ContextTag(1)));
ByteSpan csr(reader.GetReadPoint(), reader.GetLength());
reader.ExitContainer(containerType);
chip::Crypto::P256PublicKey pubkey;
ReturnErrorOnFailure(chip::Crypto::VerifyCertificateSigningRequest(csr.data(), csr.size(), pubkey));
NSMutableData * nocBuffer = [[NSMutableData alloc] initWithLength:chip::Controller::kMaxCHIPDERCertLength];
MutableByteSpan noc((uint8_t *) [nocBuffer mutableBytes], chip::Controller::kMaxCHIPDERCertLength);
ReturnErrorOnFailure(GenerateNOC(assignedId, mNextFabricId, chip::kUndefinedCATs, pubkey, noc));
onCompletion->mCall(onCompletion->mContext, CHIP_NO_ERROR, noc, IntermediateCertSpan(), RootCertSpan(), MakeOptional(GetIPK()),
Optional<NodeId>());
return CHIP_NO_ERROR;
}
ByteSpan MTROperationalCredentialsDelegate::RootCertSpan() const { return AsByteSpan(mRootCert); }
ByteSpan MTROperationalCredentialsDelegate::IntermediateCertSpan() const
{
if (mIntermediateCert == nil) {
return ByteSpan();
}
return AsByteSpan(mIntermediateCert);
}
bool MTROperationalCredentialsDelegate::ToChipNotAfterEpochTime(NSDate * date, uint32_t & epoch)
{
if ([date isEqualToDate:[NSDate distantFuture]]) {
epoch = kNullCertTime;
return true;
}
return ToChipEpochTime(date, epoch);
}
bool MTROperationalCredentialsDelegate::ToChipEpochTime(NSDate * date, uint32_t & epoch)
{
NSCalendar * calendar = [[NSCalendar alloc] initWithCalendarIdentifier:NSCalendarIdentifierGregorian];
NSDateComponents * components = [calendar componentsInTimeZone:[NSTimeZone timeZoneForSecondsFromGMT:0] fromDate:date];
if (CanCastTo<uint16_t>(components.year)) {
uint16_t year = static_cast<uint16_t>([components year]);
uint8_t month = static_cast<uint8_t>([components month]);
uint8_t day = static_cast<uint8_t>([components day]);
uint8_t hour = static_cast<uint8_t>([components hour]);
uint8_t minute = static_cast<uint8_t>([components minute]);
uint8_t second = static_cast<uint8_t>([components second]);
if (chip::CalendarToChipEpochTime(year, month, day, hour, minute, second, epoch)) {
return true;
}
}
MTR_LOG_ERROR(
"Year %lu is out of range for Matter epoch time. Please use [NSDate distantFuture] to represent \"never expires\".",
static_cast<unsigned long>(components.year));
return false;
}
namespace {
uint64_t GetIssuerId(NSNumber * _Nullable providedIssuerId)
{
if (providedIssuerId != nil) {
return [providedIssuerId unsignedLongLongValue];
}
return (uint64_t(arc4random()) << 32) | arc4random();
}
} // anonymous namespace
CHIP_ERROR MTROperationalCredentialsDelegate::GenerateRootCertificate(id<MTRKeypair> keypair, NSNumber * _Nullable issuerId,
NSNumber * _Nullable fabricId, NSDateInterval * validityPeriod, NSData * _Nullable __autoreleasing * _Nonnull rootCert)
{
*rootCert = nil;
MTRP256KeypairBridge keypairBridge;
ReturnErrorOnFailure(keypairBridge.Init(keypair));
ChipDN rcac_dn;
ReturnErrorOnFailure(rcac_dn.AddAttribute_MatterRCACId(GetIssuerId(issuerId)));
if (fabricId != nil) {
FabricId fabric = [fabricId unsignedLongLongValue];
VerifyOrReturnError(IsValidFabricId(fabric), CHIP_ERROR_INVALID_ARGUMENT);
ReturnErrorOnFailure(rcac_dn.AddAttribute_MatterFabricId(fabric));
}
uint32_t validityStart, validityEnd;
if (!ToChipEpochTime(validityPeriod.startDate, validityStart)) {
MTR_LOG_ERROR("Failed in computing certificate validity start date");
return CHIP_ERROR_INTERNAL;
}
if (!ToChipNotAfterEpochTime(validityPeriod.endDate, validityEnd)) {
MTR_LOG_ERROR("Failed in computing certificate validity end date");
return CHIP_ERROR_INTERNAL;
}
uint8_t rcacBuffer[Controller::kMaxCHIPDERCertLength];
MutableByteSpan rcac(rcacBuffer);
X509CertRequestParams rcac_request = { 0, validityStart, validityEnd, rcac_dn, rcac_dn };
ReturnErrorOnFailure(NewRootX509Cert(rcac_request, keypairBridge, rcac));
*rootCert = AsData(rcac);
return CHIP_NO_ERROR;
}
CHIP_ERROR MTROperationalCredentialsDelegate::GenerateIntermediateCertificate(id<MTRKeypair> rootKeypair, NSData * rootCertificate,
SecKeyRef intermediatePublicKey, NSNumber * _Nullable issuerId, NSNumber * _Nullable fabricId, NSDateInterval * validityPeriod,
NSData * _Nullable __autoreleasing * _Nonnull intermediateCert)
{
*intermediateCert = nil;
// Verify that the provided root certificate public key matches the root keypair.
if ([MTRCertificates keypair:rootKeypair matchesCertificate:rootCertificate] == NO) {
return CHIP_ERROR_INVALID_ARGUMENT;
}
MTRP256KeypairBridge keypairBridge;
ReturnErrorOnFailure(keypairBridge.Init(rootKeypair));
ByteSpan rcac = AsByteSpan(rootCertificate);
P256PublicKey pubKey;
ReturnErrorOnFailure(MTRP256KeypairBridge::MatterPubKeyFromSecKeyRef(intermediatePublicKey, &pubKey));
ChipDN rcac_dn;
ReturnErrorOnFailure(ExtractSubjectDNFromX509Cert(rcac, rcac_dn));
ChipDN icac_dn;
ReturnErrorOnFailure(icac_dn.AddAttribute_MatterICACId(GetIssuerId(issuerId)));
if (fabricId != nil) {
FabricId fabric = [fabricId unsignedLongLongValue];
VerifyOrReturnError(IsValidFabricId(fabric), CHIP_ERROR_INVALID_ARGUMENT);
ReturnErrorOnFailure(icac_dn.AddAttribute_MatterFabricId(fabric));
}
uint32_t validityStart, validityEnd;
if (!ToChipEpochTime(validityPeriod.startDate, validityStart)) {
MTR_LOG_ERROR("Failed in computing certificate validity start date");
return CHIP_ERROR_INTERNAL;
}
if (!ToChipNotAfterEpochTime(validityPeriod.endDate, validityEnd)) {
MTR_LOG_ERROR("Failed in computing certificate validity end date");
return CHIP_ERROR_INTERNAL;
}
uint8_t icacBuffer[Controller::kMaxCHIPDERCertLength];
MutableByteSpan icac(icacBuffer);
X509CertRequestParams icac_request = { 0, validityStart, validityEnd, icac_dn, rcac_dn };
ReturnErrorOnFailure(NewICAX509Cert(icac_request, pubKey, keypairBridge, icac));
*intermediateCert = AsData(icac);
return CHIP_NO_ERROR;
}
CHIP_ERROR MTROperationalCredentialsDelegate::GenerateOperationalCertificate(id<MTRKeypair> signingKeypair,
NSData * signingCertificate, SecKeyRef operationalPublicKey, NSNumber * fabricId, NSNumber * nodeId,
NSSet<NSNumber *> * _Nullable caseAuthenticatedTags, NSDateInterval * validityPeriod,
NSData * _Nullable __autoreleasing * _Nonnull operationalCert)
{
*operationalCert = nil;
// Verify that the provided signing certificate public key matches the signing keypair.
if ([MTRCertificates keypair:signingKeypair matchesCertificate:signingCertificate] == NO) {
return CHIP_ERROR_INVALID_ARGUMENT;
}
if ([caseAuthenticatedTags count] > kMaxSubjectCATAttributeCount) {
return CHIP_ERROR_INVALID_ARGUMENT;
}
FabricId fabric = [fabricId unsignedLongLongValue];
VerifyOrReturnError(IsValidFabricId(fabric), CHIP_ERROR_INVALID_ARGUMENT);
NodeId node = [nodeId unsignedLongLongValue];
VerifyOrReturnError(IsOperationalNodeId(node), CHIP_ERROR_INVALID_ARGUMENT);
MTRP256KeypairBridge keypairBridge;
ReturnErrorOnFailure(keypairBridge.Init(signingKeypair));
P256PublicKey pubKey;
ReturnErrorOnFailure(MTRP256KeypairBridge::MatterPubKeyFromSecKeyRef(operationalPublicKey, &pubKey));
CATValues cats;
if (caseAuthenticatedTags != nil) {
size_t idx = 0;
for (NSNumber * cat in [caseAuthenticatedTags.allObjects sortedArrayUsingSelector:@selector(compare:)]) {
cats.values[idx++] = [cat unsignedIntValue];
}
}
uint8_t nocBuffer[Controller::kMaxCHIPDERCertLength];
MutableByteSpan noc(nocBuffer);
ReturnErrorOnFailure(GenerateNOC(keypairBridge, signingCertificate, node, fabric, cats, pubKey, validityPeriod, noc));
*operationalCert = AsData(noc);
return CHIP_NO_ERROR;
}