Use OID constants

Author: jdomnitz

MatterDotNet/PKI/Fabric.cs

@@ -85,8 +85,8 @@ public OperationalCertificate Sign(CertificateRequest nocsr)
             signingCSR.CertificateExtensions.Add(new X509BasicConstraintsExtension(false, false, 0, true));
             signingCSR.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature, true));
             OidCollection collection = new OidCollection();
-            collection.Add(new Oid("1.3.6.1.5.5.7.3.1"));
-            collection.Add(new Oid("1.3.6.1.5.5.7.3.2"));
+            collection.Add(new Oid(OID_ServerAuth));
+            collection.Add(new Oid(OID_ClientAuth));
             signingCSR.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(collection, true));
             signingCSR.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(nocsr.PublicKey, false));
             signingCSR.CertificateExtensions.Add(X509AuthorityKeyIdentifierExtension.CreateFromCertificate(cert, true, false));
@@ -108,8 +108,8 @@ public OperationalCertificate CreateCommissioner(byte[] publicKey, byte[] privat
             signingCSR.CertificateExtensions.Add(new X509BasicConstraintsExtension(false, false, 0, true));
             signingCSR.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature, true));
             OidCollection collection = new OidCollection();
-            collection.Add(new Oid("1.3.6.1.5.5.7.3.1"));
-            collection.Add(new Oid("1.3.6.1.5.5.7.3.2"));
+            collection.Add(new Oid(OID_ServerAuth));
+            collection.Add(new Oid(OID_ClientAuth));
             signingCSR.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(collection, true));
             signingCSR.CertificateExtensions.Add(new X509SubjectKeyIdentifierExtension(key.ExportSubjectPublicKeyInfo(), false));
             signingCSR.CertificateExtensions.Add(X509AuthorityKeyIdentifierExtension.CreateFromCertificate(cert, true, false));

MatterDotNet/PKI/OperationalCertificate.cs

@@ -34,6 +34,8 @@ public class OperationalCertificate
         protected const string OID_NOCCat = "1.3.6.1.4.1.37244.1.6";
         protected const string OID_VendorID = "1.3.6.1.4.1.37244.2.1";
         protected const string OID_ProductID = "1.3.6.1.4.1.37244.2.2";
+        protected const string OID_ServerAuth = "1.3.6.1.5.5.7.3.1";
+        protected const string OID_ClientAuth = "1.3.6.1.5.5.7.3.2";
 
         protected OperationalCertificate() { }
 
@@ -152,8 +154,10 @@ private byte[] GetSignature(AsnEncodingRules encodingRules = AsnEncodingRules.DE
             BigInteger part2 = AsnDecoder.ReadInteger(signatureSequence.AsSpan(sigOffset + intLen), encodingRules, out _);
 
             byte[] signature = new byte[64];
-            Array.Copy(part1.ToByteArray(true, true), 0, signature, 0, 32);
-            Array.Copy(part2.ToByteArray(true, true), 0, signature, 32, 32);
+            byte[] part1bytes = part1.ToByteArray(true, true);
+            Array.Copy(part1bytes, 0, signature, 32 - part1bytes.Length, part1bytes.Length);
+            byte[] part2bytes = part2.ToByteArray(true, true);
+            Array.Copy(part2bytes, 0, signature, 64 - part2bytes.Length, part2bytes.Length);
             return signature;
         }
 

Test/ECTests.cs

@@ -44,6 +44,7 @@ public void TestSigning()
             byte[] msg = RandomNumberGenerator.GetBytes(32);
             var keypair = Crypto.GenerateKeypair();
             byte[] signature = Crypto.Sign(keypair.Private, msg);
+            Assert.That(signature.Length, Is.EqualTo(Crypto.GROUP_SIZE_BYTES * 2));
             Assert.That(Crypto.Verify(keypair.Public, msg, signature), Is.True);
         }
 

Test/MatterCertTests.cs

@@ -71,6 +71,7 @@ public void NOCEncoding()
             PayloadWriter output = new PayloadWriter(400);
             tlv.Serialize(new TLVWriter(output));
             Assert.That(nocTLV, Is.EqualTo(output.GetPayload().Span.ToArray()).AsCollection);
+            Assert.That(cert.PublicKey, Is.EqualTo(tlv.EcPubKey));
         }
 
         [Test]