From 1ae2e6eb78555d249e3c63870e93c55dbbded067 Mon Sep 17 00:00:00 2001 From: Justin Wood Date: Thu, 17 Oct 2024 13:23:05 -0700 Subject: [PATCH] Adding accessory for publicKeyData (#36129) * Adding accessory for publicKeyData * Update src/darwin/Framework/CHIP/MTRCertificateInfo.mm * Restyled by whitespace * Restyled by clang-format * braces for multi-line conditional statement --------- Co-authored-by: Restyled.io Co-authored-by: Kiel Oleson --- src/darwin/Framework/CHIP/MTRCertificateInfo.h | 13 +++++++++---- .../Framework/CHIP/MTRCertificateInfo.mm | 18 ++++++++++++++++++ .../CHIPTests/MTRCertificateInfoTests.m | 1 + 3 files changed, 28 insertions(+), 4 deletions(-) diff --git a/src/darwin/Framework/CHIP/MTRCertificateInfo.h b/src/darwin/Framework/CHIP/MTRCertificateInfo.h index 20e907466c74f2..eba7aec83073e1 100644 --- a/src/darwin/Framework/CHIP/MTRCertificateInfo.h +++ b/src/darwin/Framework/CHIP/MTRCertificateInfo.h @@ -55,15 +55,20 @@ MTR_AVAILABLE(ios(16.4), macos(13.3), watchos(9.4), tvos(16.4)) * Matter root certificates are self-signed, i.e. the issuer and the subject are * the same. */ -@property (readonly) MTRDistinguishedNameInfo * issuer; +@property (readonly, retain) MTRDistinguishedNameInfo * issuer; /** * The Distinguished Name of the entity represented by the certificate. */ -@property (readonly) MTRDistinguishedNameInfo * subject; +@property (readonly, retain) MTRDistinguishedNameInfo * subject; -@property (readonly) NSDate * notBefore; -@property (readonly) NSDate * notAfter; +@property (readonly, retain) NSDate * notBefore; +@property (readonly, retain) NSDate * notAfter; + +/** + * Public key data for this certificate + */ +@property (nullable, readonly, retain) NSData * publicKeyData; @end diff --git a/src/darwin/Framework/CHIP/MTRCertificateInfo.mm b/src/darwin/Framework/CHIP/MTRCertificateInfo.mm index f3aacb9dd51f24..43c4117231a2e9 100644 --- a/src/darwin/Framework/CHIP/MTRCertificateInfo.mm +++ b/src/darwin/Framework/CHIP/MTRCertificateInfo.mm @@ -21,9 +21,15 @@ #include +#import "NSDataSpanConversion.h" + +#include +#include + NS_ASSUME_NONNULL_BEGIN using namespace chip; +using namespace chip::Crypto; using namespace chip::Credentials; using namespace chip::ASN1; @@ -65,6 +71,18 @@ - (NSDate *)notBefore return MatterEpochSecondsAsDate(_data.mNotBeforeTime); } +- (nullable NSData *)publicKeyData +{ + P256PublicKeySpan publicKeySpan; + CHIP_ERROR err = ExtractPublicKeyFromChipCert(AsByteSpan(_bytes), publicKeySpan); + + if (err != CHIP_NO_ERROR) { + return nil; + } + + return AsData(publicKeySpan); +} + - (NSDate *)notAfter { // "no expiry" is encoded as kNullCertTime (see ChipEpochToASN1Time) diff --git a/src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m b/src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m index bdf52e33d37b43..8a532a8e3300dc 100644 --- a/src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m +++ b/src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m @@ -117,6 +117,7 @@ - (void)testParseOperationalCertificateTLV { MTRCertificateInfo * info = [[MTRCertificateInfo alloc] initWithTLVBytes:self.exampleNOCertTLV]; XCTAssertNotNil(info); + XCTAssertNotNil(info.publicKeyData); XCTAssertEqual([NSDate.now compare:info.notBefore], NSOrderedDescending); XCTAssertEqual([NSDate.now compare:info.notAfter], NSOrderedAscending);