Adding accessory for publicKeyData (#36129)

* Adding accessory for publicKeyData * Update src/darwin/Framework/CHIP/MTRCertificateInfo.mm * Restyled by whitespace * Restyled by clang-format * braces for multi-line conditional statement --------- Co-authored-by: Restyled.io <commits@restyled.io> Co-authored-by: Kiel Oleson <kielo@apple.com>
project-chip · Oct 17, 2024 · 1ae2e6e · 1ae2e6e
1 parent 5fe4409
commit 1ae2e6e
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 4 deletions.
diff --git a/src/darwin/Framework/CHIP/MTRCertificateInfo.h b/src/darwin/Framework/CHIP/MTRCertificateInfo.h
@@ -55,15 +55,20 @@ MTR_AVAILABLE(ios(16.4), macos(13.3), watchos(9.4), tvos(16.4))
  * Matter root certificates are self-signed, i.e. the issuer and the subject are
  * the same.
  */
-@property (readonly) MTRDistinguishedNameInfo * issuer;
+@property (readonly, retain) MTRDistinguishedNameInfo * issuer;
 
 /**
  * The Distinguished Name of the entity represented by the certificate.
  */
-@property (readonly) MTRDistinguishedNameInfo * subject;
+@property (readonly, retain) MTRDistinguishedNameInfo * subject;
 
-@property (readonly) NSDate * notBefore;
-@property (readonly) NSDate * notAfter;
+@property (readonly, retain) NSDate * notBefore;
+@property (readonly, retain) NSDate * notAfter;
+
+/**
+ * Public key data for this certificate
+ */
+@property (nullable, readonly, retain) NSData * publicKeyData;
 
 @end
 

diff --git a/src/darwin/Framework/CHIP/MTRCertificateInfo.mm b/src/darwin/Framework/CHIP/MTRCertificateInfo.mm
@@ -21,9 +21,15 @@
 
 #include <credentials/CHIPCert.h>
 
+#import "NSDataSpanConversion.h"
+
+#include <credentials/CHIPCert.h>
+#include <crypto/CHIPCryptoPAL.h>
+
 NS_ASSUME_NONNULL_BEGIN
 
 using namespace chip;
+using namespace chip::Crypto;
 using namespace chip::Credentials;
 using namespace chip::ASN1;
 
@@ -65,6 +71,18 @@ - (NSDate *)notBefore
     return MatterEpochSecondsAsDate(_data.mNotBeforeTime);
 }
 
+- (nullable NSData *)publicKeyData
+{
+    P256PublicKeySpan publicKeySpan;
+    CHIP_ERROR err = ExtractPublicKeyFromChipCert(AsByteSpan(_bytes), publicKeySpan);
+
+    if (err != CHIP_NO_ERROR) {
+        return nil;
+    }
+
+    return AsData(publicKeySpan);
+}
+
 - (NSDate *)notAfter
 {
     // "no expiry" is encoded as kNullCertTime (see ChipEpochToASN1Time)

diff --git a/src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m b/src/darwin/Framework/CHIPTests/MTRCertificateInfoTests.m
@@ -117,6 +117,7 @@ - (void)testParseOperationalCertificateTLV
 {
     MTRCertificateInfo * info = [[MTRCertificateInfo alloc] initWithTLVBytes:self.exampleNOCertTLV];
     XCTAssertNotNil(info);
+    XCTAssertNotNil(info.publicKeyData);
     XCTAssertEqual([NSDate.now compare:info.notBefore], NSOrderedDescending);
     XCTAssertEqual([NSDate.now compare:info.notAfter], NSOrderedAscending);