From 33e56ab464ebba508406e6eebc65df8aefdbae72 Mon Sep 17 00:00:00 2001
From: Evgeny Margolis <emargolis@google.com>
Date: Mon, 4 Apr 2022 11:11:07 -0700
Subject: [PATCH] Support New VID/PID Encoding in the Subject of Attestation
 Certs DN. (#16900)

* Updated OpenSSL and mbedTLS implementations to support that.
 * Updated chip-cert tool to support new format in addition to the old one.
 * Added new test verctors:
  -- Updated Matter Development DAC (PIDs 0x8010-0x8014) to use
     Fallback methods to encode VID and PID in the SubjectDN.
  -- Added new Matter Test DAC/PAI vectors that use Fallback methods
     to encode VID and PID in the SubjectDN.
---
 .../Matter-Development-DAC-8010-Cert.der      | Bin 492 -> 491 bytes
 .../Matter-Development-DAC-8010-Cert.pem      |  10 +-
 .../Matter-Development-DAC-8011-Cert.der      | Bin 492 -> 493 bytes
 .../Matter-Development-DAC-8011-Cert.pem      |  10 +-
 .../Matter-Development-DAC-8012-Cert.der      | Bin 493 -> 493 bytes
 .../Matter-Development-DAC-8012-Cert.pem      |  10 +-
 .../Matter-Development-DAC-8013-Cert.der      | Bin 491 -> 492 bytes
 .../Matter-Development-DAC-8013-Cert.pem      |  10 +-
 .../Matter-Development-DAC-8014-Cert.der      | Bin 491 -> 492 bytes
 .../Matter-Development-DAC-8014-Cert.pem      |  10 +-
 .../Chip-Test-DAC-FFF2-8003-0018-FB-Cert.der  | Bin 0 -> 436 bytes
 .../Chip-Test-DAC-FFF2-8003-0018-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8003-0018-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8003-0018-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8003-0019-FB-Cert.der  | Bin 0 -> 435 bytes
 .../Chip-Test-DAC-FFF2-8003-0019-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8003-0019-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8003-0019-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8003-001A-FB-Cert.der  | Bin 0 -> 435 bytes
 .../Chip-Test-DAC-FFF2-8003-001A-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8003-001A-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8003-001A-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8003-001B-FB-Cert.der  | Bin 0 -> 435 bytes
 .../Chip-Test-DAC-FFF2-8003-001B-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8003-001B-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8003-001B-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8004-001C-FB-Cert.der  | Bin 0 -> 445 bytes
 .../Chip-Test-DAC-FFF2-8004-001C-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8004-001C-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8004-001C-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8004-001D-FB-Cert.der  | Bin 0 -> 446 bytes
 .../Chip-Test-DAC-FFF2-8004-001D-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8004-001D-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8004-001D-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8004-001E-FB-Cert.der  | Bin 0 -> 445 bytes
 .../Chip-Test-DAC-FFF2-8004-001E-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8004-001E-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8004-001E-FB-Key.pem   |   5 +
 .../Chip-Test-DAC-FFF2-8004-001F-FB-Cert.der  | Bin 0 -> 445 bytes
 .../Chip-Test-DAC-FFF2-8004-001F-FB-Cert.pem  |  12 +
 .../Chip-Test-DAC-FFF2-8004-001F-FB-Key.der   | Bin 0 -> 121 bytes
 .../Chip-Test-DAC-FFF2-8004-001F-FB-Key.pem   |   5 +
 .../Chip-Test-PAI-FFF2-8004-FB-Cert.der       | Bin 0 -> 426 bytes
 .../Chip-Test-PAI-FFF2-8004-FB-Cert.pem       |  11 +
 .../Chip-Test-PAI-FFF2-8004-FB-Key.der        | Bin 0 -> 121 bytes
 .../Chip-Test-PAI-FFF2-8004-FB-Key.pem        |   5 +
 .../Chip-Test-PAI-FFF2-NoPID-FB-Cert.der      | Bin 0 -> 416 bytes
 .../Chip-Test-PAI-FFF2-NoPID-FB-Cert.pem      |  11 +
 .../Chip-Test-PAI-FFF2-NoPID-FB-Key.der       | Bin 0 -> 121 bytes
 .../Chip-Test-PAI-FFF2-NoPID-FB-Key.pem       |   5 +
 .../test/gen-test-attestation-certs.sh        |  52 +-
 .../DefaultDeviceAttestationVerifier.cpp      |  70 ++-
 src/credentials/examples/ExampleDACs.cpp      |  86 +--
 src/credentials/examples/ExampleDACs.h        |   8 +-
 .../tests/CHIPAttCert_test_vectors.cpp        | 525 +++++++++++++++++-
 .../tests/CHIPAttCert_test_vectors.h          |  52 +-
 src/crypto/CHIPCryptoPAL.cpp                  |  69 +++
 src/crypto/CHIPCryptoPAL.h                    |  47 +-
 src/crypto/CHIPCryptoPALOpenSSL.cpp           |  76 ++-
 src/crypto/CHIPCryptoPALmbedTLS.cpp           |  88 ++-
 src/crypto/tests/CHIPCryptoPALTest.cpp        | 193 +++++--
 src/tools/chip-cert/CertUtils.cpp             | 149 +++--
 src/tools/chip-cert/Cmd_GenAttCert.cpp        |  21 +-
 src/tools/chip-cert/Cmd_ValidateAttCert.cpp   |  43 +-
 src/tools/chip-cert/chip-cert.h               |   5 +-
 src/tools/chip-cert/dacs.py                   |   9 +-
 66 files changed, 1389 insertions(+), 322 deletions(-)
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.pem
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.der
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.pem
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.der
 create mode 100644 credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.pem

diff --git a/credentials/development/attestation/Matter-Development-DAC-8010-Cert.der b/credentials/development/attestation/Matter-Development-DAC-8010-Cert.der
index e75c01e812512cdfe1b670aa1cf883503db344bd..f4a394a75182de7d3c81a53e06d5a11852b0192c 100644
GIT binary patch
delta 112
zcmV-$0FVFd1M349FoFT+FoFS&paTK{0s;s|e^+A2+>q6g7g7T=GcmDjHvvdT05C)X
zAa4<}1q;*C<7^~hFbHfS0kDkuomzLYI*<hb`|k-8vH~CzYPO)ei`4Y3_zDs<&+oQ>
S3j1?a@!X_x+7_%zHe}`1LM?Rw

delta 113
zcmV-%0FM9b1MCAAFoFT-FoFS&paTK{0s;s@5?{F;Dz$-;7g7T<FgCGlHvvgV05C-Y
zAap1>;<$rl;(P*3k#B8d_sN(8NzFZFRnMo!QQT?0^#UOPj$3A1cBFx%Cn86s-o1L=
TVRBeDNfIft-$W!-K4mHl$3H51

diff --git a/credentials/development/attestation/Matter-Development-DAC-8010-Cert.pem b/credentials/development/attestation/Matter-Development-DAC-8010-Cert.pem
index 18c22d10306df1..89d702a6db1474 100644
--- a/credentials/development/attestation/Matter-Development-DAC-8010-Cert.pem
+++ b/credentials/development/attestation/Matter-Development-DAC-8010-Cert.pem
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB6DCCAY6gAwIBAgIIQRJfuR0qtYEwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
+MIIB5zCCAY6gAwIBAgIIRn9XYsjckNUwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
 TWF0dGVyIERldiBQQUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZG
-RjEwIBcNMjIwMjA2MDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
+RjEwIBcNMjIwMzMxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
 HE1hdHRlciBEZXYgREFDIDB4RkZGMS8weDgwMTAxFDASBgorBgEEAYKifAIBDARG
 RkYxMRQwEgYKKwYBBAGConwCAgwEODAxMDBZMBMGByqGSM49AgEGCCqGSM49AwEH
 A0IABDnvbJ2cmXuixzGaTHPJv0fbzbxCxUE+7BRSdbiPwRqxrQvDPvFMJ5QEQp8v
 XucKBRty5se55zVO2vkqtP/4hC+jYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
 BAQDAgeAMB0GA1UdDgQWBBQy/CfR71NDovNk8Cz0cMtnR4DlqjAfBgNVHSMEGDAW
-gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNIADBFAiB0KDniuINl
-4nwCTJFvbWP3yZgDSc09ZVXPp8ZR3Gm99QIhAI5bZlt2pIGkJyJHpd69et1hclg2
-SRIpst9EJFQ+ZSoM
+gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNHADBEAiBvEbIFC9PS
+42wkYTAIbCIBsIz5nVp3sjqQBQD77wkTsgIgE2q2oLuL1PSt+AoSNM/vtn8K+3NV
+8dykctoWrEo2ZOU=
 -----END CERTIFICATE-----
diff --git a/credentials/development/attestation/Matter-Development-DAC-8011-Cert.der b/credentials/development/attestation/Matter-Development-DAC-8011-Cert.der
index 3348a88de7b5008eac9f69ac5e8a31f159630c78..53ee6d35f446eaa94e9bbb3ebe0f149609d3478d 100644
GIT binary patch
delta 114
zcmV-&0FD3b1MLGBFoFT;FoFS&paTK{0s;sQT!_pS<J#qs7g7T=GcmDjHvvjX05C=Z
zApn!+oT_jcAtWG6QQBOm2g;uIxxL_L5beBKBd&18PNo7O0L4sMc-o>KQz(4J^>f8Y
U$f$wTv-x`I#&M$Zx0bU6y^qH+lmGw#

delta 113
zcmV-%0FM9d1MCAAFoFT-FoFS&paTK{0s;s`*ForAC{PTM7g7T<FgCGlHvvgV05C-Y
zApp{CrjpD^f+Z*dd21W=D2w9{FUK!sG>*1rf4Zw8c2WW$O<Y3a_1MkeY?Fs#-cFn^
Tv)i$QFb`p6*5*1bi6xUsp+hU9

diff --git a/credentials/development/attestation/Matter-Development-DAC-8011-Cert.pem b/credentials/development/attestation/Matter-Development-DAC-8011-Cert.pem
index 872b7703875d28..605ab1201eeb2f 100644
--- a/credentials/development/attestation/Matter-Development-DAC-8011-Cert.pem
+++ b/credentials/development/attestation/Matter-Development-DAC-8011-Cert.pem
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB6DCCAY6gAwIBAgIIRNdB6F0oUAwwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
+MIIB6TCCAY6gAwIBAgIIDlyIzBXj2uUwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
 TWF0dGVyIERldiBQQUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZG
-RjEwIBcNMjIwMjA2MDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
+RjEwIBcNMjIwMzMxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
 HE1hdHRlciBEZXYgREFDIDB4RkZGMS8weDgwMTExFDASBgorBgEEAYKifAIBDARG
 RkYxMRQwEgYKKwYBBAGConwCAgwEODAxMTBZMBMGByqGSM49AgEGCCqGSM49AwEH
 A0IABFi0dfQbWeJeZuGKwmELisK+0oAQ8oS/WJNbIKzbvVXP6ZqFcr/KDSi2Yy/0
 iD9JxpHa2Z3cqq2kHlwZGkwfkLSjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
 BAQDAgeAMB0GA1UdDgQWBBSWEIV/WCCgXxAs+9bk8mvO0iBvVDAfBgNVHSMEGDAW
-gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNIADBFAiEA0m2mksxI
-giUoAnlrG/Qoi+MPL8cvZTSOtmZ/uqsidlICIE1cQuL12M3gbJOHYt5OnC+z27GD
-MA9hZdbmOi2JJZNJ
+gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNJADBGAiEAk+acqnAZ
+ISQgS1HaXKcHyp72ub3gZxDtvFkjrnDFTqYCIQDFTFl42qIeUyh8xfVzxUjIqIHU
+s/l66cZxovK3lrMEvQ==
 -----END CERTIFICATE-----
diff --git a/credentials/development/attestation/Matter-Development-DAC-8012-Cert.der b/credentials/development/attestation/Matter-Development-DAC-8012-Cert.der
index 28c27c21cc5b24cfb2f24e37d6ec25c56f2d8915..ee63a0ea29345557b0fba171b5f41e4d323a6c84 100644
GIT binary patch
delta 107
zcmV-x0F?jj1MLGBFoFT;FoFS&paTK{0s;s@Eyt7P6+oPk7g7T=GcmDjJ^@3~=Xli3
z9wx5ek4X!TSXW?R1pO?FQ*_DLEM|RC&8jE@Apqz*%ApUuVSvT%%XQhGo-&p6GNhN<
NCFc>~aljEfb+fQTE&~7n

delta 107
zcmV-x0F?jj1MLGBFoFT;FoFS&paTK{0s;su2oF@5?m`}s7g7T<FgCGlJ^@3otEw3;
z%~CX|qy`2AdP(cknp^OcLTnkqB~}$3M@DD@ApnB2rHApq1(GkOLnJEJRlq35>BMa2
Nux<Qv7FfAyKf<?0DSZF{

diff --git a/credentials/development/attestation/Matter-Development-DAC-8012-Cert.pem b/credentials/development/attestation/Matter-Development-DAC-8012-Cert.pem
index c7f568a8b613a6..5825bf5d363664 100644
--- a/credentials/development/attestation/Matter-Development-DAC-8012-Cert.pem
+++ b/credentials/development/attestation/Matter-Development-DAC-8012-Cert.pem
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB6TCCAY6gAwIBAgIILAgPVJnuQh4wCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
+MIIB6TCCAY6gAwIBAgIIQS3Hk+UVQJwwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
 TWF0dGVyIERldiBQQUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZG
-RjEwIBcNMjIwMjA2MDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
+RjEwIBcNMjIwMzMxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
 HE1hdHRlciBEZXYgREFDIDB4RkZGMS8weDgwMTIxFDASBgorBgEEAYKifAIBDARG
 RkYxMRQwEgYKKwYBBAGConwCAgwEODAxMjBZMBMGByqGSM49AgEGCCqGSM49AwEH
 A0IABNwswWxNgInGBjczlqKGKgXvhReZ2fXucOYRUidpt9F8z5rUJ5YsLzK4qyIn
 onYkHaCLbPZlcc6fKOLnVwNjd7OjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
 BAQDAgeAMB0GA1UdDgQWBBS3SLLL9TrJvHzqhAV869e1BNcE6jAfBgNVHSMEGDAW
-gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNJADBGAiEAr6uqGS7N
-UjSopAYGBHpJ69OaW/CUQmwZwSVWFR1HRmgCIQCCs6WH8b8Fki+mQyQq1lXAKMbp
-xGzmsG38cxZYuWk/wg==
+gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNJADBGAiEA0ed41M0e
+Jq7fj0kLjlhXYGAE/SyLU3TJ2CxmfVHNqigCIQDoO8qhD7xhgMXuy3XZn54ylfQy
+pJfaJecR4HHAETt1sw==
 -----END CERTIFICATE-----
diff --git a/credentials/development/attestation/Matter-Development-DAC-8013-Cert.der b/credentials/development/attestation/Matter-Development-DAC-8013-Cert.der
index c88927d83cedb047a58fdaf233063b1f0a39b2ad..e04a96732b857c2b46106995c07aa98997071454 100644
GIT binary patch
delta 113
zcmV-%0FM9b1MCAAFoFT-FoFS&paTK{0s;toO-C*Tn#T)~7g7T=GcmDjHvvgV05C-Y
zAbk}J@I~#b(FqhPuC(Bn*sA#&oZ)`yIHhhRCMKvuNdh4N=nOGSbB~Cxj20=?^`u}a
TR#3GEcMQVJJH*;3dMzxUodqg+

delta 112
zcmV-$0FVFd1M349FoFT+FoFS&paTK{0s;sU!i(t+&|8X;7g7T<FgCGlHvvdT05C)X
zAprQK7^{BA@HXLLpT9{SNH`dRdFk`O;a73%_(pJQhI9fSclXzdNg%uw5eaqnY1mZo
S1B$Q{TF-}KeR#FT<G><C@h=Sk

diff --git a/credentials/development/attestation/Matter-Development-DAC-8013-Cert.pem b/credentials/development/attestation/Matter-Development-DAC-8013-Cert.pem
index 78f866350c9e49..5cd9f4fe0cf345 100644
--- a/credentials/development/attestation/Matter-Development-DAC-8013-Cert.pem
+++ b/credentials/development/attestation/Matter-Development-DAC-8013-Cert.pem
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB5zCCAY6gAwIBAgIIEsKL6Q7QW4owCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
+MIIB6DCCAY6gAwIBAgIIe01HLgWaxwswCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
 TWF0dGVyIERldiBQQUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZG
-RjEwIBcNMjIwMjA2MDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
+RjEwIBcNMjIwMzMxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
 HE1hdHRlciBEZXYgREFDIDB4RkZGMS8weDgwMTMxFDASBgorBgEEAYKifAIBDARG
 RkYxMRQwEgYKKwYBBAGConwCAgwEODAxMzBZMBMGByqGSM49AgEGCCqGSM49AwEH
 A0IABDH7NK5PCcBb0LyvN7X6vk1Wfu0a6BSwDfhJxR6GbRqC+ckUH8fHzC+L09rs
 MGJoxK1jv7/EzZG6VJ754/apenqjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
 BAQDAgeAMB0GA1UdDgQWBBRrg74NBV8oc8rAuhUhHd8WPZXLBTAfBgNVHSMEGDAW
-gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNHADBEAiEA+KQYq37H
-8DbhYZ+/SR5IOBiCeenzwOFXcev4RnBqhnQCH3f314pJILwUEQl19mnYVPADirAT
-Ws+HYn14tcbjwCI=
+gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNIADBFAiB9FQvwRe2r
+0QkUKq604JfYqvkanOF+6TilbiQmJqhDSQIhAOgMMUtzj4ivjBYp1fWkYClWULUH
+dwzCzDvE2ih6LSyf
 -----END CERTIFICATE-----
diff --git a/credentials/development/attestation/Matter-Development-DAC-8014-Cert.der b/credentials/development/attestation/Matter-Development-DAC-8014-Cert.der
index 0879ca1a47f2535ac52f54a32a12b7d25c6696de..ada7d5524a289e4e55a7d574c2d57c4be4bf0173 100644
GIT binary patch
delta 113
zcmV-%0FM9b1MCAAFoFT-FoFS&paTK{0s;tWkOkoFs8C0d7g7T=GcmDjHvvgV05C-Y
zAZM7dQ4(+yM~C9il|U)qvHFkbP~p8KH&(Df6QmTw2?8Mi+U04K^C)<L)?Kv|8k@bl
T8nsQO5Xb>8zJg+N@C}*dC44PO

delta 112
zcmV-$0FVFd1M349FoFT+FoFS&paTK{0s;tmncMq0nCUZ-7g7T<FgCGlHvvdT05C)X
zAY%Q~l$HIW+0q-e`i*7CN4lstHwsaNQ7!L}!2f?02?8K@vD}as_F{uDOn^6}51+A5
S&?9@XAW8fn*KxLhbh#nI0xx<1

diff --git a/credentials/development/attestation/Matter-Development-DAC-8014-Cert.pem b/credentials/development/attestation/Matter-Development-DAC-8014-Cert.pem
index eeeda7353a7e29..d106d3fd11364a 100644
--- a/credentials/development/attestation/Matter-Development-DAC-8014-Cert.pem
+++ b/credentials/development/attestation/Matter-Development-DAC-8014-Cert.pem
@@ -1,13 +1,13 @@
 -----BEGIN CERTIFICATE-----
-MIIB5zCCAY6gAwIBAgIIeZnb+zmY6TMwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
+MIIB6DCCAY6gAwIBAgIIaZAF4O2oUEcwCgYIKoZIzj0EAwIwPTElMCMGA1UEAwwc
 TWF0dGVyIERldiBQQUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZG
-RjEwIBcNMjIwMjA2MDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
+RjEwIBcNMjIwMzMxMDAwMDAwWhgPOTk5OTEyMzEyMzU5NTlaMFMxJTAjBgNVBAMM
 HE1hdHRlciBEZXYgREFDIDB4RkZGMS8weDgwMTQxFDASBgorBgEEAYKifAIBDARG
 RkYxMRQwEgYKKwYBBAGConwCAgwEODAxNDBZMBMGByqGSM49AgEGCCqGSM49AwEH
 A0IABLceKQyrhzHIn5ldUczEoYmb80KiDtbdI0xOks4KeEMJpQHT1kD/Fp4TTN5a
 x3ez2uZqVKMpR7kHBDhMUUSjxVCjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/
 BAQDAgeAMB0GA1UdDgQWBBTD7MC2Ctky6YO1evTBTpp5vYVhHTAfBgNVHSMEGDAW
-gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNHADBEAiBi/dOUlf2i
-2dIbtfqNZchHuqg3NwpRhFEt74/A/38VCQIgd7HckBf2YoMwTIA3pA+fsU/QI3ux
-IEn8INdxtoB0uSE=
+gBRjVA5H9kscONE4hKRi0WwZXY/7PDAKBggqhkjOPQQDAgNIADBFAiBnmLFREnAT
+R4fiz5VAKd+x+o/oUOG9JDdWsEATpBTDCQIhANrlaZTzKHiA1l21ExqbvbsatU2l
+EMgBLr6CYnPwDZnk
 -----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..d8e0ddaa12f3476009e0612299d453926d3b9b05
GIT binary patch
literal 436
zcmXqLV%%WR#2C7OnTe5!i9=HB#=VO3o7Na`v2kd%d7QIlVP-N=F;p^8U}FwtVdjza
zO)M!%Em8<cEiO?AaP(C0Ez3-?a&vPtGEflbH8M0XGqNx=F)}tWj*{TF1Oh`NV<0lM
zG_{N}Fg7$a(1)0#fozV8qqBm6fuRM$Fa_TNps^MP2F3=F2EuIYV5cxKLfyp7$j<D<
zz!Lm!#V=;5ti2nI=KF>xSFW%)yw}WO`|K>!(&Lx)8;Vw0>3B(&N^$s?pV_#6?LO%$
zv&rxOne315z366{|E!k%@8Sf5I0GJ_dt`+f8UM2|888^|fq48N9?;+H4F<9xJ|Bx1
zi^zjmGh0J`=YHD{VQ()V5lYVdKEcR99we>IB4HrbAhJ061H+~AxtDq;c9px_i>?=Z
z;;W7vip-u225wA>42N|3beG!w_TuQ*QZlZU-W@V!s)3lvvJJME59}3OY`6xfq>;aW
i-?!~4@4XG;X0bVye>$GnBg5L=BksT9;j10-0_y;->4>`k

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.pem
new file mode 100644
index 00000000000000..92a7b199b4bdec
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBsDCCAVWgAwIBAgIIGSrY3njPsqwwCgYIKoZIzj0EAwIwJDEiMCAGA1UEAwwZ
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMjAgFw0yMTA2MjgxNDIzNDNaGA85OTk5
+MTIzMTIzNTk1OVowMzExMC8GA1UEAwwoTWF0dGVyIFRlc3QgREFDIDAwMTggTXZp
+ZDpGRkYyIE1waWQ6ODAwMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFPuqPoD
+Gmq9sDKfTVdjeag4w702QLebajV1x9MvgHKqOixKGXUaCE93zLGvrb4bejaT7/40
+v1uN0UY5b+Z9B/2jYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMB0G
+A1UdDgQWBBTgXTY9MQ9Djz3wVu3TxBJjafeQMjAfBgNVHSMEGDAWgBSjW/AA0ned
+0o2RindE3lt/EeRNJzAKBggqhkjOPQQDAgNJADBGAiEAwiyOLaU++0oIjyoiM30b
+u1SUlTAWNKawPdPAvRGjMawCIQCBD4++9rdk70swXpoGQnfyx2GMHAWLjBdPsOHq
+uF8Qrg==
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..6091fe1a69ee0ab0b4ebb2d676b7a4151b40032f
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R$F1_KyaZJ>6bI<D!qs>alO8Fg&%k3p9XF)4Z;^=ro`T1_&yK
zNX|V20SBQ(13~}<Q|_qx0~%_*uri-bS7UjoIK#a*K)0J}HFd|+FMx8YIxI>Vbs7jy
bcg(S`t-c$2Hk0rEG{0Mo(MCCM=6whKOpY~u

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.pem
new file mode 100644
index 00000000000000..c7fda4acda6ccb
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIJrs9o8Glj3dXkPjoo/K6rFvpjA8tbYLNIBP07yuueg0oAoGCCqGSM49
+AwEHoUQDQgAEU+6o+gMaar2wMp9NV2N5qDjDvTZAt5tqNXXH0y+Acqo6LEoZdRoI
+T3fMsa+tvht6NpPv/jS/W43RRjlv5n0H/Q==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..04970610ca039b146ac78158d1b571782c1973d5
GIT binary patch
literal 435
zcmXqLVq9;~#2C7OnTe5!i6eH`3Y*ll<XHw>Y#dr`9_MUXn3)Vz43!KN*qB3En0X|9
z6H7``ixfgqi%S#&96c3$%Q91}+}zxZ3>3t9jSLOUj4TXIjEqf;qa^q(fxytn7>G<Q
zO)aAgj13J9^daVGAe-aj=&WF1U}%XjOu@GRXsm^Sfw4iPfiN38*eOhmP&Y9%vNJm|
zu-I`NiQChrcF|X0<^S*reg~Rb8>F9E-&pU>YP#pkzN(yy=hA;IIdE>7Vo+cUd+saw
zkI#=q-wN$EX;`sgp?$39&&3G_aRxj<_s9w}GX7^_GGH*^1M&DlJfOeX8w_MYd_ER2
z77>}o)s=}CJyvMhFN%0MVWF+H^zLg0@*rtt76}8f29d?l9~dr`&%M+;v8&wWUUa?S
z6JK@YP-OOCFmPp3WawINRQNhA)8+oc9ad6%wbpD>WLP)VXj1$!P4jjx-v_Ih6qv7G
km2r6+V1Mk*l{~$VPlfwd9v52q^HeRvyC<2UI}Zv10G8K{=l}o!

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.pem
new file mode 100644
index 00000000000000..f1f41a714e129d
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBrzCCAVWgAwIBAgIIXbqoPGVmY5owCgYIKoZIzj0EAwIwJDEiMCAGA1UEAwwZ
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMjAgFw0yMTA2MjgxNDIzNDNaGA85OTk5
+MTIzMTIzNTk1OVowMzExMC8GA1UEAwwoTWF0dGVyIFRlc3QgREFDIDAwMTkgTXZp
+ZDpGRkYyIE1waWQ6ODAwMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD4IxF68
+hibRTRCp/1eQTsCChYAb5jvYr0sFNbz0vnps0c5n+qTAzqYhUlGEB23qH/Hnxlva
+VYs0gKiwoT9dSfmjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMB0G
+A1UdDgQWBBQcgat5YdFIqCo/oljpkKE9Oxu71jAfBgNVHSMEGDAWgBSjW/AA0ned
+0o2RindE3lt/EeRNJzAKBggqhkjOPQQDAgNIADBFAiEAiq8ycetmaUTfobg6Gr0q
+rLIhAK6VMpJfxik3hwpN4KoCIAPV1RxE7VA/xuzUbi7x5ROOqccSqfnKfQDu5GlV
+ucER
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..29b487142c82b9e90f0ed4fa2613e0379d777dc3
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1Rx79qRKKil^4mGFC(gJ@;z0CQsVWz#4D5&j~CIOlh~jN1_&yK
zNX|V20SBQ(13~}<J_y8KyoM&xO%SR7SCCG?f`xz^<~!K0O9eH&^uBs*(avZ3q`=Om
bAyQF<2W{#f@#n@{+Et4*fT*ycKV3=rkB>Fy

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.pem
new file mode 100644
index 00000000000000..363e1239e3a8c4
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIAsvosoyN5UXyZkvI6pr8j1VhlLi9bzEK5QTjxfRn5PYoAoGCCqGSM49
+AwEHoUQDQgAEPgjEXryGJtFNEKn/V5BOwIKFgBvmO9ivSwU1vPS+emzRzmf6pMDO
+piFSUYQHbeof8efGW9pVizSAqLChP11J+Q==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..f5fb338018467b599a0d6a0e5e7e390a2f1f4471
GIT binary patch
literal 435
zcmXqLVq9;~#2C7OnTe5!i9@Af2fy=q-!=m-HV&;ek8`#x%uEI<hDrtsY|No7%si65
zi6teeMG7IQ#U%;>j-Cp>Wtk~fZf<Ty1`6W5MurAvMiz!9M#d(_Q4;)?KwxNO3`C}u
zrj}6##)gIl`Vez8kj-&%bXG7hFmyy1rr=uuG}gkvz}O(tK$wjk>=Y(OsGFD>*_oXf
zSPa#_^BJt18B+UlX0ETKUoCS;_sfj6=B)48UZl9cjPu!X@>9P-Q^Azeh6R@S*F#;y
zZ*@q-`pDgyqJLJI^T*mFixUju40wR<krifS{LjK<z+k`!;_-ucK!3A07|4S7d@N!t
zB3!#J?b{joYSA(7tLc|6?e1Q7c!j8eJV;uZMZ!R=L1c0C2Zl@Kb1(Hy>?(J;7hNy-
z#8(|T6q!933|yHM%u>rwE0w7RKQ53ixzKsyahktox~lEZ%eg*PtAEwo`7kLmyo-*T
jJIz_BIB(JapQrBiE$a{6>o|4h^h2LDijLWPl{EnX8v~5I

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.pem
new file mode 100644
index 00000000000000..b51573eb45085d
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBrzCCAVWgAwIBAgIIJIC4D0PPTYYwCgYIKoZIzj0EAwIwJDEiMCAGA1UEAwwZ
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMjAgFw0yMTA2MjgxNDIzNDNaGA85OTk5
+MTIzMTIzNTk1OVowMzExMC8GA1UEAwwoTWF0dGVyIFRlc3QgREFDIDAwMUEgTXZp
+ZDpGRkYyIE1waWQ6ODAwMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDEn9w4w
+qZlUfemZbU0ZTn0DVIvpaK03Be8G6GRH6V5MuMnyjzCCcJTLMXA5b9dVRVfaiBhd
+TB7alC/NIwn4rcSjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMB0G
+A1UdDgQWBBQKutK+uVnqosYL1WfS0ruLpsOoFTAfBgNVHSMEGDAWgBSjW/AA0ned
+0o2RindE3lt/EeRNJzAKBggqhkjOPQQDAgNIADBFAiA2ZXfLInYlU+NwG3TQicjj
+Zk8pZyU9+dNtTHqr+n8+TAIhAO5bXp2WQxJzbqL/+crejqaPVb1BlZmXwvMocsY/
+SnaC
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..5a1e01c21af8ae4841f806605be14689cdc3a2c5
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R$wz)Xs7{`glPqFmqDf!}8_g<@#B*+ZJw&sM9%XLUy1E1_&yK
zNX|V20SBQ(13~}<F(>y9FsYeTed(EPO&Lyo15}IYXstH|?*`~(N9kTnxXJR5FoJND
b%Q0{{Z`V~tSK5deT}&R@lrPOA3HYtVK~*%+

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.pem
new file mode 100644
index 00000000000000..700ba6552faff4
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKlv1M5yO/p4QSowc1Ldw/Ll4uX6WbXbFm6MqNM5a0J2oAoGCCqGSM49
+AwEHoUQDQgAEMSf3DjCpmVR96ZltTRlOfQNUi+lorTcF7wboZEfpXky4yfKPMIJw
+lMsxcDlv11VFV9qIGF1MHtqUL80jCfitxA==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..82be84f34b4f4a26f00d6e9663add81ace822d65
GIT binary patch
literal 435
zcmXqLVq9;~#2C7OnTe5!iG$B?e^0SiQoaEf8;4e#$2nUTW+np_LnQ+RHs(+kW*$l3
z#FCQKB88CD;u3`bM^6Rcvdk1KH#avU0|jwjBSQl-BMU<lBV!ZeC<%T`ATTsC1|m~S
zQ_Cm=V?#p&eTX?4$mX~>Ix83$7&;*gQ}8VS8f#%-U~CX+Ak4-Nb_x?C)J@Ec?95IK
zEU7JmelzqV;%XlD-8=ToUb2KGD&bkU-rxG9p8-dhv==`&f0x*@{e9U-eiMn3qO2`F
zW_-pCx$hX>m^fT;SL<tBoL~@VzyoxTtS}?ve-<VK1_M42j~~PX`kTGMKo-R3V-aH!
zNsF64i*@(@C+jq=E}qCa6`3g6C1xNGl2&GsFc51HSseX=;ZphBOT81j%3bb7*9$)J
zRYwj*W)B7fS0;sm`~^l$`*szYZAw$oNxgoP`@-dy_g_xhpZ&Y6vTm#2FD6BXwY_pL
iN?bm=aPVt|G}=bYS^u`i?^lM)r^#zis+D_IO9KEIkBWc*

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.pem
new file mode 100644
index 00000000000000..31dcf525905c04
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBrzCCAVWgAwIBAgIIDk6/jHMqYm8wCgYIKoZIzj0EAwIwJDEiMCAGA1UEAwwZ
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMjAgFw0yMTA2MjgxNDIzNDNaGA85OTk5
+MTIzMTIzNTk1OVowMzExMC8GA1UEAwwoTWF0dGVyIFRlc3QgREFDIDAwMUIgTXZp
+ZDpGRkYyIE1waWQ6ODAwMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGWEEU6Y
+L1hefOGO3sbmPxl0BFpg5lcu/X9i+VDEAiuj5zfuYYS373bxDzQYdHJqtIw2DjOA
+be4A7DRA0EcmjoGjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMB0G
+A1UdDgQWBBRmXpeaBbu/5K4pOtHIbMpZYRmKFjAfBgNVHSMEGDAWgBSjW/AA0ned
+0o2RindE3lt/EeRNJzAKBggqhkjOPQQDAgNIADBFAiBwb6Aygr66cTayZiQsZdfZ
+C9DT6d/pkr9r+3Z5frVO+gIhAK2NHuh0RPFECA8qVIE9WJyv7XxO+mhE8pOtySZ3
+SXsb
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..c73df5cd82ed828718d21f8f9dbbecf617b08fd2
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R!tY;RwX?88&Z@hpB#EilsW#y^5Z=T|Mr<l;=Unnj)YI1_&yK
zNX|V20SBQ(13~}<WrPt<m@imfeBqAX#^yg6bOc&p=2tHLe`5Ji!~!d$=Qr+QgtzZ@
b@eec@baHC6j5ZE4fNkyo>@+~oM<$MeDH}9D

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.pem
new file mode 100644
index 00000000000000..be7a60b2db9f5d
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIG/j4QjE8hk2b46HqX5eiqU61L2KnrhdPe6/lOdByJoioAoGCCqGSM49
+AwEHoUQDQgAEZYQRTpgvWF584Y7exuY/GXQEWmDmVy79f2L5UMQCK6PnN+5hhLfv
+dvEPNBh0cmq0jDYOM4Bt7gDsNEDQRyaOgQ==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..4beed9afe35168452d5f4402a684c7a8ceec8831
GIT binary patch
literal 445
zcmXqLV%%xa#2CMTnTe5!iNl^nr?%ywd9wi*8;4e#$2nUTW+nqYLmdMxHs(+kW*%kV
z#FCQKB88CD;u3`bM^6Rcvdk1KH#avU1>XW7%fi6G#6Uru*T~So%*evf#K_phI7))w
z5(o^9jDg71($q4_z}V2xKp$eF2C|7Rj?M}O28Pa9jg2%AW@86Ciir{GI%Y<8W+w)g
zOIPyFc`vCdmwkWN)I<1r<~r;33pVkwf6<6|b<;cX`6932tc81j%d+GiFki7f%jEow
z%lFMRX5QUotNy7&xolF;;sk>@10JAzWQ7?S|FbX|Fc|QGc>Ew9Fa+2e3}iukJ{B<+
zk%g?~r)2;1ZT`-4^XoNNlSQhl8j1|$LDI@B5(Z)oB91e7eZ;vtFBB#>=f)jg!LZZf
zaXWH&GJ7x>xH2g+tUUGFk?W64=N18u$K6x(VzQt9_RI3L++i0~dd|P@-DxHT-6Z?J
i$KG@vF5J!IaOrkT?LFB`A_5cF{d>YvB=>LayO{tW9FUX%

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.pem
new file mode 100644
index 00000000000000..4b16a19a89b272
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBuTCCAV+gAwIBAgIIPwQsfYTBN4MwCgYIKoZIzj0EAwIwLjEsMCoGA1UEAwwj
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMiBNcGlkOjgwMDQwIBcNMjEwNjI4MTQy
+MzQzWhgPOTk5OTEyMzEyMzU5NTlaMDMxMTAvBgNVBAMMKE1hdHRlciBUZXN0IERB
+QyAwMDFDIE12aWQ6RkZGMiBNcGlkOjgwMDQwWTATBgcqhkjOPQIBBggqhkjOPQMB
+BwNCAATS1G7OS6R6dx3v3TVIE+dprjuvoLIOB/QoWOrZS2HnokpTaqG9+x0EbcA3
+qLdqNM+Y0982KJndsj0n8ogjdpKMo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
+/wQEAwIHgDAdBgNVHQ4EFgQUoQV3yh38jrP3DNn11kU0oiWqgHIwHwYDVR0jBBgw
+FoAUQZgNTBcLidBxY4NtXsOoALk444cwCgYIKoZIzj0EAwIDSAAwRQIhAKnK60EK
+/ByJtBAI44uULlxr5ftOakk5uD5Sdc5Pfu7LAiAtYj/9xuyJw3G7DEDS21x93h3S
+FBCRrv7kBHIe/q3umQ==
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..60c8c14d2022e692320eca85380ce60d81988491
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R&qH=<lk&H*01e9Zl(r6dM9qka-6Xp_6w~AZsADMsA=A1_&yK
zNX|V20SBQ(13~}<($sFwOQd>t9q-*WNE7F2t~;-wvJMCIC|K&*OJV1tN>gf~z55*m
bZNN9Ew`w%cnA6`jD4E@|Jty*rBX*LEB1$u5

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.pem
new file mode 100644
index 00000000000000..baa4a3dcfd7be0
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIN+36O+qvjdrZh8dTemLFBsCWJB5BxChk3dSIGsgtkZuoAoGCCqGSM49
+AwEHoUQDQgAE0tRuzkukencd7901SBPnaa47r6CyDgf0KFjq2Uth56JKU2qhvfsd
+BG3AN6i3ajTPmNPfNiiZ3bI9J/KII3aSjA==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..5ca6f349390b13b82747f30f807c5ba90a8481c6
GIT binary patch
literal 446
zcmXqLV%%lW#2CMTnTe5!iNn1|;<56#i<SmlY#dr`9_MUXn3)Xp40Q~&*qB3En0b_a
z6H7``ixfgqi%S#&96c3$%Q91}+}zxZ6nqPSEDHkz69WZtUL!*TGb0N_6C-02<0uJ!
zOCT^bG6o`3OH<1z17kx&1AT~z8ptNPI65mB7#O->H8#>fn2jCmC?-az>zEnYnVlF|
zcAh*VboN^M#H&G14u>f%%V1EPzE-)n$8tKmt!c1T2-l7SA{DRNEStC$IUoOLI?#9^
z=kw;9+C>|d+<2;8)y#2jae_gd0T0kUvcimv|5=y}7!3G8Jbn-l7y|4K2C^VNABz}^
z$kYorPJW#7Xx5>gGWp|1)^RJER$3UygQS&NBn-qFL>y=E`iOIPUMNg%&W$^~f?=n{
z<96imWcFk*aAQ(rxN>8OrOd>2b5GW%{Cu-z$?=qkE%)5K3?F)1*1X}`J5vUzq~TxX
j8^_DOTmHOV@Ue28+@9p@#C>1<3zPnJY_*xgdu|N?hRTy1

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.pem
new file mode 100644
index 00000000000000..d4c0dcda3f830f
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBujCCAV+gAwIBAgIIR4wY4yP20TkwCgYIKoZIzj0EAwIwLjEsMCoGA1UEAwwj
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMiBNcGlkOjgwMDQwIBcNMjEwNjI4MTQy
+MzQzWhgPOTk5OTEyMzEyMzU5NTlaMDMxMTAvBgNVBAMMKE1hdHRlciBUZXN0IERB
+QyAwMDFEIE12aWQ6RkZGMiBNcGlkOjgwMDQwWTATBgcqhkjOPQIBBggqhkjOPQMB
+BwNCAAS5ycwSzdZnkdVS5MNWIqZoACGXrSONjDmXBz01UzpUCrjAFHjqhjmCCyEJ
+4/8CwIHAbPOz2StysKTY5St6gwjOo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
+/wQEAwIHgDAdBgNVHQ4EFgQUldDYyfGU4prCjHYfxzI7XqiCqTgwHwYDVR0jBBgw
+FoAUQZgNTBcLidBxY4NtXsOoALk444cwCgYIKoZIzj0EAwIDSQAwRgIhANTYpDkc
+ka6dyX9k+ey0pMdkWLTeRkox4Us5fOwKvZkcAiEAgP557EHTTbT87aDxea4evGNr
+Yb70T3Fi/oi1PJwNzqw=
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..00bd888f754d3ddc7337025748813ec3030e6435
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R&@G33rYZam__m%r9N}Q11Mf>RmHXpV2(u<Z#%xad@B#1_&yK
zNX|V20SBQ(13~}<xyj5D&DLj;)l%fcRwAZo03nyHBaMtXmj^vHQ#w=%xWE*6>V`Rj
b3n2;P{{p~)z-;rg*(-9eq}b&vdV>hg^>;M!

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.pem
new file mode 100644
index 00000000000000..1d6bf7ae69cdc2
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOgDCXeOFHHNRVbML135UO78l+pdM1Cf0Tzf5HDYt3F4oAoGCCqGSM49
+AwEHoUQDQgAEucnMEs3WZ5HVUuTDViKmaAAhl60jjYw5lwc9NVM6VAq4wBR46oY5
+ggshCeP/AsCBwGzzs9krcrCk2OUreoMIzg==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..826e3c24c533a26b0b43507eb46fe8749d732bc6
GIT binary patch
literal 445
zcmXqLV%%xa#2CMTnTe5!i9_2XE6MFhXRiSl8;4e#$2nUTW+nqYLmdMxHs(+kW*%kV
z#FCQKB88CD;u3`bM^6Rcvdk1KH#avU1>XW7%fi6G#6Uru*T~So%*evf#K_phI7))w
z5(o^9jDg71($q4_z}V2xKp$eF2C|7Rj?M}O28OO!jg2%AW@86Ciir{GI%Y<8W+w)g
zYBAU6U$;BTpW*6kO;mo-H`zz0=j4?nsSRh>cO>N8+rwXI^KH>P&N~NA%cUrMc8OJd
zls7|db<Qc<PVW5j2Pah)Cm6&T@BrN-E6m9FpM}YQ!GI6M;|KA8A;8{XAPeI2v52vV
z7`dlR=bj-Znpd~iPUdz-*xav@5eD)gX=N4(1F;4X#~Hjn;@q7V3X_|2;|{N2*lF>&
z9XULiJs1pJnG{rS@5tFUSMJdomNN+oM>k$eGv;b$oFyF^z51=>R52YxCPjwD=TA3Y
i*>~y4kuWc}kJAo5pUUC5CTPZ^n`cgLHT&r*kpTc!wv1r_

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.pem
new file mode 100644
index 00000000000000..4dd4cfd45e7c30
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBuTCCAV+gAwIBAgIIK0hqYkbEiY0wCgYIKoZIzj0EAwIwLjEsMCoGA1UEAwwj
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMiBNcGlkOjgwMDQwIBcNMjEwNjI4MTQy
+MzQzWhgPOTk5OTEyMzEyMzU5NTlaMDMxMTAvBgNVBAMMKE1hdHRlciBUZXN0IERB
+QyAwMDFFIE12aWQ6RkZGMiBNcGlkOjgwMDQwWTATBgcqhkjOPQIBBggqhkjOPQMB
+BwNCAAR7FkXn9bdBH8wKiYVhI+iOk0wsjMnUYhqwza+IYGzevA9xPPai7gncwMse
+ZCDzRF0h4m6YJqtsyj2JC2934Mkko2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
+/wQEAwIHgDAdBgNVHQ4EFgQUMkdklwuYFhVufr0+HNtoVp31GVgwHwYDVR0jBBgw
+FoAUQZgNTBcLidBxY4NtXsOoALk444cwCgYIKoZIzj0EAwIDSAAwRQIgJdu4bLad
+HuKsBMxgIMWx1mYzCoMBmhtVW6vtGZUWLDECIQCjz8uB1L7SxMRWSkbxlsHnlQhB
+rFKY4tnMybU2+UUYaA==
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..6f157bfe610ea641d4d57fd20f69f17e5bda83a8
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R#?~ziP=8N=~V|U=y^c{E`Iuy`bX_<ja4Kl8DMBM%$nY1_&yK
zNX|V20SBQ(13~}<dlp6K^|wJE%nFHxVI$~{lT0j($<$&Ru+6WCU~JyJ4{<#9qV5UY
bz{?(FAoE0BA>wYBCaY}9J&6l%ci_n+K~^>y

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.pem
new file mode 100644
index 00000000000000..2ef97d59d3f1ff
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIJNHv2rJFEpOqbpgE7So/JIE+b2g4w3ky3+OkojKJUbboAoGCCqGSM49
+AwEHoUQDQgAEexZF5/W3QR/MComFYSPojpNMLIzJ1GIasM2viGBs3rwPcTz2ou4J
+3MDLHmQg80RdIeJumCarbMo9iQtvd+DJJA==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..0767a015ebcfb8d600f9d0261306e339f69a5792
GIT binary patch
literal 445
zcmXqLV%%xa#2CMTnTe5!iKD!Y>t}sFKZ5}m8;4e#$2nUTW+nqYLmdMxHs(+kW*%kV
z#FCQKB88CD;u3`bM^6Rcvdk1KH#avU1>XW7%fi6G#6Uru*T~So%*evf#K_phI7))w
z5(o^9jDg71($q4_z}V2xKp$eF2C|7Rj?M}O28M1}jg2%AW@86Ciir{GI%Y<8W+w)g
zk6h0pFO~hs5j|Ax`)74Ii?w3tf6kH@9uuN!X7yNUp168LWa7W2a_+yJ^>jY$Gi}xr
z%jT2ZTfp$JQ}E%#yF1n{PB4fw-~qZvR+y3TKMRuqg8?6i#}DEGLx8=(Ko-R3V-aH!
zVf_8&Xkj#?@l^i_b?m9ZXU>)6XB)_aq?K7D48$5l9B1(Qh;w&dC`@k7jXS)8VW-98
zcI5D6_Fyn@Wl~UFP!n-u&YPmDz}KhB_Ha*p_RZm8LxipKsT-c^S;rr8Gbu7GaK8~D
h**$ancCIta4fjL`<SucqS^6|}lTT-9ER)FIeE@xwjG+Jk

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.pem
new file mode 100644
index 00000000000000..2aafc0ed12cf04
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBuTCCAV+gAwIBAgIId4YK+X9vDwAwCgYIKoZIzj0EAwIwLjEsMCoGA1UEAwwj
+TWF0dGVyIFRlc3QgUEFJIE12aWQ6RkZGMiBNcGlkOjgwMDQwIBcNMjEwNjI4MTQy
+MzQzWhgPOTk5OTEyMzEyMzU5NTlaMDMxMTAvBgNVBAMMKE1hdHRlciBUZXN0IERB
+QyAwMDFGIE12aWQ6RkZGMiBNcGlkOjgwMDQwWTATBgcqhkjOPQIBBggqhkjOPQMB
+BwNCAATxCuZZ0nb4bBXCe038q3cEOyFV/wl06EiQWnyajDopyNXYFJH+pR5H+kMu
+LPC+NYMuFmsOGb1wAOGJEeHh3bito2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
+/wQEAwIHgDAdBgNVHQ4EFgQUAfv0xXFbATOVT5B+B2VTzM50b2swHwYDVR0jBBgw
+FoAUQZgNTBcLidBxY4NtXsOoALk444cwCgYIKoZIzj0EAwIDSAAwRQIgIaB8WNic
+7HJ6UevKdrwLkeb2QOGAWD1DythJJ2rH4QsCIQCgR9hYGYuZt7cKzKcxvFtQbaRH
+fKXlZbJMiXVdAhS9vg==
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.der b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..4033cfb1e8510e134ee6f0fed8b227075316e0cc
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R%PJ?^a|kTol9K8O}4mzbEWY4lCZ%Uu|qNlAgs|#p|F71_&yK
zNX|V20SBQ(13~}<@e1Zy(suZ46~cQ>{Hu2aJ0Vs733TX4kXn42j5;aE)z}n~{-qvA
b`a>=(@V+&JE*5JJ8NF}-;fWF9;oZ2c;zTsk

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.pem b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.pem
new file mode 100644
index 00000000000000..9a9758a98a2622
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEILqJ71ZkLlwUw98ZzjO/vyfsTg4r3tNfbWwzkp7FW8XroAoGCCqGSM49
+AwEHoUQDQgAE8QrmWdJ2+GwVwntN/Kt3BDshVf8JdOhIkFp8mow6KcjV2BSR/qUe
+R/pDLizwvjWDLhZrDhm9cADhiRHh4d24rQ==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.der b/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..b548e5e52359077d7bc4ce2eb1ad3771307d0b66
GIT binary patch
literal 426
zcmXqLVq9j>#OSktnTe5!i9@61o4CUimRSZ|Y#dr`9_MUXn3)Wu3?&T2*qB3En0fep
z6H7``ixfgqi%S#&932f5#CeSj4a|%z3{8xTO^l-?_$`6J(8w5wOf5|<qYU&6bqus1
zx|LCNdn)*rWu{oUxw#oB_!a<J76t|;29XBBZ0umWnHZstU}j`zc4A=p*SzSP**O9J
zJ|E_FOMADyzvt&1Ze(M$q4(P)-~CUXtgbaHXStwjqqgtBG-Ig+-j}+x4)Q7Ap7vbb
ze~Tn%d+MUaX$C0<LO`d;3NtePXW=kl15!+k3<i84F@BI3(7TLm2C^VNABz}^h~o@i
zA93!^3x&zexp9YAFzmE=+-@Kbl2&E`21<j-gFn|lDHW{VbR|8)UEu4J_Oga5HRQl!
z_Fyn@Wm05V%6R;8T>jhFhR+XM7zl@!xHuX_YzX+UY|^s?{^=a<@0b+0L}$PL(QN(x
dU-T-g#o0D<IA@pj-t?L2cyIdM1$~x`tN{JvhA;pC

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.pem b/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.pem
new file mode 100644
index 00000000000000..16cc4b58836446
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBpjCCAUygAwIBAgIIKIT2F0CUBJowCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwP
+TWF0dGVyIFRlc3QgUEFBMCAXDTIxMDYyODE0MjM0M1oYDzk5OTkxMjMxMjM1OTU5
+WjAuMSwwKgYDVQQDDCNNYXR0ZXIgVGVzdCBQQUkgTXZpZDpGRkYyIE1waWQ6ODAw
+NDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABP6DovY2zhAPjkwDrqWNtu/eTkNX
+MjwysI32kk2/5OSrfTZ3BNAtPCa+wJYzGqBL0ooqwQ4j25bnJ0+0GQmHZaKjZjBk
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRB
+mA1MFwuJ0HFjg21ew6gAuTjjhzAfBgNVHSMEGDAWgBTg/NfyInCrstRnWEcQ9eSH
+doB6JjAKBggqhkjOPQQDAgNIADBFAiEApQHH015v7esx58M4MBNVdERBMFiwUPCm
+kuZgD5cIR+4CIAoVm+v4gzvv/luqOqNrPJwJm3aN2UyZQd6X3aCOOQEF
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.der b/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..2858ece5104039f08cc2ca8f7877b3f09a3a171e
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R$XZq2(u1=T;30?aQRqT`7Wiu#9rx29R^tt>U8i;tHS&1_&yK
zNX|V20SBQ(13~}<{)3|SHqH<aj!XltrH!`l-cCbTGCVS{jrNjFzvSereKvOl&@DVB
bzQC3<8lX$kiYmblBiokeCr`8)35R8(Dl;^{

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.pem b/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.pem
new file mode 100644
index 00000000000000..bb3372675fc720
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKEIoeUnUudWDQrty6TVXSmCeLCMcuAGkHPXreKi+OIKoAoGCCqGSM49
+AwEHoUQDQgAE/oOi9jbOEA+OTAOupY22795OQ1cyPDKwjfaSTb/k5Kt9NncE0C08
+Jr7AljMaoEvSiirBDiPblucnT7QZCYdlog==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.der b/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..fb79c6e2a1a0c489ba5738c566b2131a3d3a2c49
GIT binary patch
literal 416
zcmXqLVw_{p#OSnunTe5!i9=J>&QYhnZI1yL8;4e#$2nUTW+nqELkR;hHs(+kW*&au
z#FCQKB88CD;u3`bM@It%ab6=s12ZEFLlYxo6XPfeeoG)QG%^MvQ%h6JC<7HkB?ASB
zZb?+#o(jHYnJHFoZf-^fkp{wS>|h(27@<}(GqN)~F|g>Wc`m=PYyN?mTh19w)-YJM
zbwlOh;)VB{Lzk<cy>vS+?997|mO&Y9nsR3f<oy1B3Z1yQ|I5E=yxOO7?r5fG{5ZWh
z%^<}<2<QM=VMfOPEF1=GK#GZx!GI4W#t#w$dXkaNKo-R3V-aH!SseX=;ZphBOT81j
z%3bb7*9$)JRX30aNh`AegQ7v?!Jq4&lnPdFx{@B@F7Wk9ds#!38gh^^doUQdGAS@+
zY?#%osQB&lX+6_Ok?{A^r)~^jyEs{dx8bbWi7OoYm=qc2XUvr~b+X*ry!GvQ+dKaj
WYo0GF54@YbetzigWh))UZvy}YL5Xw#

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.pem b/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.pem
new file mode 100644
index 00000000000000..4d2b9c5eb6e03d
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBnDCCAUKgAwIBAgIIKSU+QSx/hrwwCgYIKoZIzj0EAwIwGjEYMBYGA1UEAwwP
+TWF0dGVyIFRlc3QgUEFBMCAXDTIxMDYyODE0MjM0M1oYDzk5OTkxMjMxMjM1OTU5
+WjAkMSIwIAYDVQQDDBlNYXR0ZXIgVGVzdCBQQUkgTXZpZDpGRkYyMFkwEwYHKoZI
+zj0CAQYIKoZIzj0DAQcDQgAELSZJp9i6n8CZtM4wkygwprWwecNzod+DVacnzdLb
+XlbM7uE5UmiGKR7McB5O//JVkbOP9P6WDSvKbNwpZ2j4y6NmMGQwEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFKNb8ADSd53SjZGK
+d0TeW38R5E0nMB8GA1UdIwQYMBaAFOD81/IicKuy1GdYRxD15Id2gHomMAoGCCqG
+SM49BAMCA0gAMEUCIAJosJqDISH2y8suNVkUV++XlbFQBtGTFA2AzTbI1Ai+AiEA
+n2idHTVCObWDte3PPdz+oynPdndR3Wuvn1W7pqlBF9s=
+-----END CERTIFICATE-----
diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.der b/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.der
new file mode 100644
index 0000000000000000000000000000000000000000..a1f145df54688e5219a9c57d50698b91b7d816dc
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1R(c}pb6Qefp&Rf-d&iNCCo())S}D9Y4_fdb{~+(e-5Au1_&yK
zNX|V20SBQ(13~}<Ehb5)*t(y<nY7L@lPEBzwXk`^bD`gZRi`J-(%W8E%<kbiQfP)L
b9?WnaPXF>%k+YBV{+10Z%52;zXK47#txh>x

literal 0
HcmV?d00001

diff --git a/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.pem b/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.pem
new file mode 100644
index 00000000000000..d6425210d6eda6
--- /dev/null
+++ b/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIPeMoAnZpIF2eWLeXZiXJcxFDdSiy8Vp996Rdh+Qx38OoAoGCCqGSM49
+AwEHoUQDQgAELSZJp9i6n8CZtM4wkygwprWwecNzod+DVacnzdLbXlbM7uE5UmiG
+KR7McB5O//JVkbOP9P6WDSvKbNwpZ2j4yw==
+-----END EC PRIVATE KEY-----
diff --git a/credentials/test/gen-test-attestation-certs.sh b/credentials/test/gen-test-attestation-certs.sh
index c9d793ff6ef8c8..f9cf92d8bfec8b 100755
--- a/credentials/test/gen-test-attestation-certs.sh
+++ b/credentials/test/gen-test-attestation-certs.sh
@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
 #
-# Copyright (c) 2021 Project CHIP Authors
+# Copyright (c) 2021-2022 Project CHIP Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@
 # Second example also generates C-Style file with those certificates/keys to be use by the SDK tests:
 #     ./credentials/test/gen-test-attestation-certs.sh ./out/debug/standalone/chip-cert src/credentials/tests/CHIPAttCert_test_vectors
 #
-# In addision to the DER/PEM files this command also generates the following C-Style files:
+# In addition to the DER/PEM files this command also generates the following C-Style files:
 #     src/credentials/tests/CHIPAttCert_test_vectors.cpp
 #     src/credentials/tests/CHIPAttCert_test_vectors.h
 #
@@ -131,13 +131,55 @@ cert_lifetime=4294967295
     done
 }
 
-# In addision to PEM format also create certificates in DER form.
+# Set #4:
+#   - PAA Subject doesn't include VID (the same PAA from Set #2 is used)
+#   - PAI Subject doesn't include VID and PID encoded using fallback method
+#   - DAC Subject VID and PID are encoded using fallback method
+{
+    pid=8003
+    dac_ids=(0018 0019 001A 001B)
+
+    pai_key_file="$dest_dir/Chip-Test-PAI-$vid-NoPID-FB-Key"
+    pai_cert_file="$dest_dir/Chip-Test-PAI-$vid-NoPID-FB-Cert"
+
+    "$chip_cert_tool" gen-att-cert --type i --subject-cn "Matter Test PAI" --subject-vid "$vid" --vid-pid-as-cn --valid-from "$cert_valid_from" --lifetime "$cert_lifetime" --ca-key "$paa_key_file".pem --ca-cert "$paa_cert_file".pem --out-key "$pai_key_file".pem --out "$pai_cert_file".pem
+
+    for dac in "${dac_ids[@]}"; do
+        dac_key_file="$dest_dir/Chip-Test-DAC-$vid-$pid-$dac-FB-Key"
+        dac_cert_file="$dest_dir/Chip-Test-DAC-$vid-$pid-$dac-FB-Cert"
+
+        "$chip_cert_tool" gen-att-cert --type d --subject-cn "Matter Test DAC $dac" --subject-vid "$vid" --subject-pid "$pid" --vid-pid-as-cn --valid-from "$cert_valid_from" --lifetime "$cert_lifetime" --ca-key "$pai_key_file".pem --ca-cert "$pai_cert_file".pem --out-key "$dac_key_file".pem --out "$dac_cert_file".pem
+    done
+}
+
+# Set #5:
+#   - PAA Subject doesn't include VID (the same PAA from Set #2 is used)
+#   - PAI Subject includes PID and both VID and PID are encoded using fallback method
+#   - DAC Subject VID and PID are encoded using fallback method
+{
+    pid=8004
+    dac_ids=(001C 001D 001E 001F)
+
+    pai_key_file="$dest_dir/Chip-Test-PAI-$vid-$pid-FB-Key"
+    pai_cert_file="$dest_dir/Chip-Test-PAI-$vid-$pid-FB-Cert"
+
+    "$chip_cert_tool" gen-att-cert --type i --subject-cn "Matter Test PAI" --subject-vid "$vid" --subject-pid "$pid" --vid-pid-as-cn --valid-from "$cert_valid_from" --lifetime "$cert_lifetime" --ca-key "$paa_key_file".pem --ca-cert "$paa_cert_file".pem --out-key "$pai_key_file".pem --out "$pai_cert_file".pem
+
+    for dac in "${dac_ids[@]}"; do
+        dac_key_file="$dest_dir/Chip-Test-DAC-$vid-$pid-$dac-FB-Key"
+        dac_cert_file="$dest_dir/Chip-Test-DAC-$vid-$pid-$dac-FB-Cert"
+
+        "$chip_cert_tool" gen-att-cert --type d --subject-cn "Matter Test DAC $dac" --subject-vid "$vid" --subject-pid "$pid" --vid-pid-as-cn --valid-from "$cert_valid_from" --lifetime "$cert_lifetime" --ca-key "$pai_key_file".pem --ca-cert "$pai_cert_file".pem --out-key "$dac_key_file".pem --out "$dac_cert_file".pem
+    done
+}
+
+# In addition to PEM format also create certificates in DER form.
 for cert_file_pem in "$dest_dir"/*Cert.pem; do
     cert_file_der="${cert_file_pem/.pem/.der}"
     "$chip_cert_tool" convert-cert "$cert_file_pem" "$cert_file_der" --x509-der
 done
 
-# In addision to PEM format also create private key in DER form.
+# In addition to PEM format also create private key in DER form.
 for key_file_pem in "$dest_dir"/*Key.pem; do
     key_file_der="${key_file_pem/.pem/.der}"
     "$chip_cert_tool" convert-key "$key_file_pem" "$key_file_der" --x509-der
@@ -148,7 +190,7 @@ if [ ! -z "$output_cstyle_file" ]; then
 
     copyright_note='/*
  *
- *    Copyright (c) 2021 Project CHIP Authors
+ *    Copyright (c) 2021-2022 Project CHIP Authors
  *    All rights reserved.
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp b/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
index 459bf8f64aca6a..896cfe9f3a0138 100644
--- a/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
+++ b/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2021 Project CHIP Authors
+ *    Copyright (c) 2021-2022 Project CHIP Authors
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -173,9 +173,11 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
 {
     AttestationVerificationResult attestationError = AttestationVerificationResult::kSuccess;
 
-    VendorId dacVendorId = VendorId::NotSpecified;
     Platform::ScopedMemoryBuffer<uint8_t> paaCert;
     MutableByteSpan paaDerBuffer;
+    AttestationCertVidPid dacVidPid;
+    AttestationCertVidPid paiVidPid;
+    AttestationCertVidPid paaVidPid;
 
     VerifyOrExit(!info.attestationElementsBuffer.empty() && !info.attestationChallengeBuffer.empty() &&
                      !info.attestationSignatureBuffer.empty() && !info.paiDerBuffer.empty() && !info.dacDerBuffer.empty() &&
@@ -184,16 +186,18 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
 
     // match DAC and PAI VIDs
     {
-        uint16_t paiVid = VendorId::NotSpecified;
-        uint16_t dacVid = VendorId::NotSpecified;
-
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, info.paiDerBuffer, paiVid) == CHIP_NO_ERROR,
-                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, info.dacDerBuffer, dacVid) == CHIP_NO_ERROR,
+        VerifyOrExit(ExtractVIDPIDFromX509Cert(info.dacDerBuffer, dacVidPid) == CHIP_NO_ERROR,
                      attestationError = AttestationVerificationResult::kDacFormatInvalid);
-
-        VerifyOrExit(paiVid == dacVid, attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
-        dacVendorId = static_cast<VendorId>(dacVid);
+        VerifyOrExit(ExtractVIDPIDFromX509Cert(info.paiDerBuffer, paiVidPid) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
+        VerifyOrExit(paiVidPid.mVendorId.HasValue() && paiVidPid.mVendorId == dacVidPid.mVendorId,
+                     attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
+        VerifyOrExit(dacVidPid.mProductId.HasValue(), attestationError = AttestationVerificationResult::kDacProductIdMismatch);
+        if (paiVidPid.mProductId.HasValue())
+        {
+            VerifyOrExit(paiVidPid.mProductId == dacVidPid.mProductId,
+                         attestationError = AttestationVerificationResult::kDacProductIdMismatch);
+        }
     }
 
     {
@@ -226,6 +230,17 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
         paaDerBuffer = MutableByteSpan(paaCert.Get(), paaCertAllocatedLen);
         VerifyOrExit(mAttestationTrustStore->GetProductAttestationAuthorityCert(akid, paaDerBuffer) == CHIP_NO_ERROR,
                      attestationError = AttestationVerificationResult::kPaaNotFound);
+
+        VerifyOrExit(ExtractVIDPIDFromX509Cert(paaDerBuffer, paaVidPid) == CHIP_NO_ERROR,
+                     attestationError = AttestationVerificationResult::kPaaFormatInvalid);
+
+        if (paaVidPid.mVendorId.HasValue())
+        {
+            VerifyOrExit(paaVidPid.mVendorId == paiVidPid.mVendorId,
+                         attestationError = AttestationVerificationResult::kPaiVendorIdMismatch);
+        }
+
+        VerifyOrExit(!paaVidPid.mProductId.HasValue(), attestationError = AttestationVerificationResult::kPaaFormatInvalid);
     }
 
 #if !defined(CURRENT_TIME_NOT_IMPLEMENTED)
@@ -245,20 +260,7 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
                                           chainValidationResult) == CHIP_NO_ERROR,
                  attestationError = MapError(chainValidationResult));
 
-    // if PAA contains VID, see if matches with DAC's VID.
-    {
-        uint16_t paaVid  = VendorId::NotSpecified;
-        CHIP_ERROR error = ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, paaDerBuffer, paaVid);
-        VerifyOrExit(error == CHIP_NO_ERROR || error == CHIP_ERROR_KEY_NOT_FOUND,
-                     attestationError = AttestationVerificationResult::kPaaFormatInvalid);
-        if (error != CHIP_ERROR_KEY_NOT_FOUND)
-        {
-            VerifyOrExit(paaVid == dacVendorId, attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
-        }
-    }
-
     {
-        CHIP_ERROR error = CHIP_NO_ERROR;
         ByteSpan certificationDeclarationSpan;
         ByteSpan attestationNonceSpan;
         uint32_t timestampDeconstructed;
@@ -267,10 +269,13 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
         ByteSpan certificationDeclarationPayload;
 
         DeviceInfoForAttestation deviceInfo{
-            .vendorId    = info.vendorId,
-            .productId   = info.productId,
-            .dacVendorId = dacVendorId,
-            .paiVendorId = dacVendorId,
+            .vendorId     = info.vendorId,
+            .productId    = info.productId,
+            .dacVendorId  = dacVidPid.mVendorId.Value(),
+            .dacProductId = dacVidPid.mProductId.Value(),
+            .paiVendorId  = paiVidPid.mVendorId.Value(),
+            .paiProductId = paiVidPid.mProductId.ValueOr(0),
+            .paaVendorId  = paaVidPid.mVendorId.ValueOr(VendorId::NotSpecified),
         };
 
         VerifyOrExit(DeconstructAttestationElements(info.attestationElementsBuffer, certificationDeclarationSpan,
@@ -285,15 +290,6 @@ void DefaultDACVerifier::VerifyAttestationInformation(const DeviceAttestationVer
         attestationError = ValidateCertificationDeclarationSignature(certificationDeclarationSpan, certificationDeclarationPayload);
         VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess, attestationError = attestationError);
 
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kProductId, info.dacDerBuffer, deviceInfo.dacProductId) ==
-                         CHIP_NO_ERROR,
-                     attestationError = AttestationVerificationResult::kDacFormatInvalid);
-        // If PID is missing from PAI, the next method call will return CHIP_ERROR_KEY_NOT_FOUND.
-        // Valid return values are then CHIP_NO_ERROR or CHIP_ERROR_KEY_NOT_FOUND.
-        error = ExtractDNAttributeFromX509Cert(MatterOid::kProductId, info.paiDerBuffer, deviceInfo.paiProductId);
-        VerifyOrExit(error == CHIP_NO_ERROR || error == CHIP_ERROR_KEY_NOT_FOUND,
-                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
-
         attestationError = ValidateCertificateDeclarationPayload(certificationDeclarationPayload, firmwareInfoSpan, deviceInfo);
         VerifyOrExit(attestationError == AttestationVerificationResult::kSuccess, attestationError = attestationError);
     }
diff --git a/src/credentials/examples/ExampleDACs.cpp b/src/credentials/examples/ExampleDACs.cpp
index afeea01c140f15..027a619bbebe36 100644
--- a/src/credentials/examples/ExampleDACs.cpp
+++ b/src/credentials/examples/ExampleDACs.cpp
@@ -681,13 +681,13 @@ ByteSpan kDacPrivateKey = ByteSpan(kDevelopmentDAC_PrivateKey_FFF1_800F);
 ByteSpan kDacPublicKey  = ByteSpan(kDevelopmentDAC_PublicKey_FFF1_800F);
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8010
-const uint8_t kDevelopmentDAC_Cert_FFF1_8010[492] = {
-    0x30, 0x82, 0x01, 0xe8, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x41, 0x12, 0x5f, 0xb9, 0x1d, 0x2a,
-    0xb5, 0x81, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
+const uint8_t kDevelopmentDAC_Cert_FFF1_8010[491] = {
+    0x30, 0x82, 0x01, 0xe7, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x46, 0x7f, 0x57, 0x62, 0xc8, 0xdc,
+    0x90, 0xd5, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
     0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20,
     0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06,
     0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30,
-    0x32, 0x30, 0x36, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
+    0x33, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
     0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x53, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61,
     0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x2f, 0x30,
     0x78, 0x38, 0x30, 0x31, 0x30, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01,
@@ -701,11 +701,11 @@ const uint8_t kDevelopmentDAC_Cert_FFF1_8010[492] = {
     0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x32, 0xfc, 0x27, 0xd1,
     0xef, 0x53, 0x43, 0xa2, 0xf3, 0x64, 0xf0, 0x2c, 0xf4, 0x70, 0xcb, 0x67, 0x47, 0x80, 0xe5, 0xaa, 0x30, 0x1f, 0x06, 0x03, 0x55,
     0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x63, 0x54, 0x0e, 0x47, 0xf6, 0x4b, 0x1c, 0x38, 0xd1, 0x38, 0x84, 0xa4, 0x62,
-    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48,
-    0x00, 0x30, 0x45, 0x02, 0x20, 0x74, 0x28, 0x39, 0xe2, 0xb8, 0x83, 0x65, 0xe2, 0x7c, 0x02, 0x4c, 0x91, 0x6f, 0x6d, 0x63, 0xf7,
-    0xc9, 0x98, 0x03, 0x49, 0xcd, 0x3d, 0x65, 0x55, 0xcf, 0xa7, 0xc6, 0x51, 0xdc, 0x69, 0xbd, 0xf5, 0x02, 0x21, 0x00, 0x8e, 0x5b,
-    0x66, 0x5b, 0x76, 0xa4, 0x81, 0xa4, 0x27, 0x22, 0x47, 0xa5, 0xde, 0xbd, 0x7a, 0xdd, 0x61, 0x72, 0x58, 0x36, 0x49, 0x12, 0x29,
-    0xb2, 0xdf, 0x44, 0x24, 0x54, 0x3e, 0x65, 0x2a, 0x0c,
+    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47,
+    0x00, 0x30, 0x44, 0x02, 0x20, 0x6f, 0x11, 0xb2, 0x05, 0x0b, 0xd3, 0xd2, 0xe3, 0x6c, 0x24, 0x61, 0x30, 0x08, 0x6c, 0x22, 0x01,
+    0xb0, 0x8c, 0xf9, 0x9d, 0x5a, 0x77, 0xb2, 0x3a, 0x90, 0x05, 0x00, 0xfb, 0xef, 0x09, 0x13, 0xb2, 0x02, 0x20, 0x13, 0x6a, 0xb6,
+    0xa0, 0xbb, 0x8b, 0xd4, 0xf4, 0xad, 0xf8, 0x0a, 0x12, 0x34, 0xcf, 0xef, 0xb6, 0x7f, 0x0a, 0xfb, 0x73, 0x55, 0xf1, 0xdc, 0xa4,
+    0x72, 0xda, 0x16, 0xac, 0x4a, 0x36, 0x64, 0xe5,
 };
 const uint8_t kDevelopmentDAC_PublicKey_FFF1_8010[65] = {
     0x04, 0x39, 0xef, 0x6c, 0x9d, 0x9c, 0x99, 0x7b, 0xa2, 0xc7, 0x31, 0x9a, 0x4c, 0x73, 0xc9, 0xbf, 0x47,
@@ -722,13 +722,13 @@ ByteSpan kDacPrivateKey = ByteSpan(kDevelopmentDAC_PrivateKey_FFF1_8010);
 ByteSpan kDacPublicKey  = ByteSpan(kDevelopmentDAC_PublicKey_FFF1_8010);
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8011
-const uint8_t kDevelopmentDAC_Cert_FFF1_8011[492] = {
-    0x30, 0x82, 0x01, 0xe8, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x44, 0xd7, 0x41, 0xe8, 0x5d, 0x28,
-    0x50, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
+const uint8_t kDevelopmentDAC_Cert_FFF1_8011[493] = {
+    0x30, 0x82, 0x01, 0xe9, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x0e, 0x5c, 0x88, 0xcc, 0x15, 0xe3,
+    0xda, 0xe5, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
     0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20,
     0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06,
     0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30,
-    0x32, 0x30, 0x36, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
+    0x33, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
     0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x53, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61,
     0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x2f, 0x30,
     0x78, 0x38, 0x30, 0x31, 0x31, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01,
@@ -742,11 +742,11 @@ const uint8_t kDevelopmentDAC_Cert_FFF1_8011[492] = {
     0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x96, 0x10, 0x85, 0x7f,
     0x58, 0x20, 0xa0, 0x5f, 0x10, 0x2c, 0xfb, 0xd6, 0xe4, 0xf2, 0x6b, 0xce, 0xd2, 0x20, 0x6f, 0x54, 0x30, 0x1f, 0x06, 0x03, 0x55,
     0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x63, 0x54, 0x0e, 0x47, 0xf6, 0x4b, 0x1c, 0x38, 0xd1, 0x38, 0x84, 0xa4, 0x62,
-    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48,
-    0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xd2, 0x6d, 0xa6, 0x92, 0xcc, 0x48, 0x82, 0x25, 0x28, 0x02, 0x79, 0x6b, 0x1b, 0xf4, 0x28,
-    0x8b, 0xe3, 0x0f, 0x2f, 0xc7, 0x2f, 0x65, 0x34, 0x8e, 0xb6, 0x66, 0x7f, 0xba, 0xab, 0x22, 0x76, 0x52, 0x02, 0x20, 0x4d, 0x5c,
-    0x42, 0xe2, 0xf5, 0xd8, 0xcd, 0xe0, 0x6c, 0x93, 0x87, 0x62, 0xde, 0x4e, 0x9c, 0x2f, 0xb3, 0xdb, 0xb1, 0x83, 0x30, 0x0f, 0x61,
-    0x65, 0xd6, 0xe6, 0x3a, 0x2d, 0x89, 0x25, 0x93, 0x49,
+    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x49,
+    0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0x93, 0xe6, 0x9c, 0xaa, 0x70, 0x19, 0x21, 0x24, 0x20, 0x4b, 0x51, 0xda, 0x5c, 0xa7, 0x07,
+    0xca, 0x9e, 0xf6, 0xb9, 0xbd, 0xe0, 0x67, 0x10, 0xed, 0xbc, 0x59, 0x23, 0xae, 0x70, 0xc5, 0x4e, 0xa6, 0x02, 0x21, 0x00, 0xc5,
+    0x4c, 0x59, 0x78, 0xda, 0xa2, 0x1e, 0x53, 0x28, 0x7c, 0xc5, 0xf5, 0x73, 0xc5, 0x48, 0xc8, 0xa8, 0x81, 0xd4, 0xb3, 0xf9, 0x7a,
+    0xe9, 0xc6, 0x71, 0xa2, 0xf2, 0xb7, 0x96, 0xb3, 0x04, 0xbd,
 };
 const uint8_t kDevelopmentDAC_PublicKey_FFF1_8011[65] = {
     0x04, 0x58, 0xb4, 0x75, 0xf4, 0x1b, 0x59, 0xe2, 0x5e, 0x66, 0xe1, 0x8a, 0xc2, 0x61, 0x0b, 0x8a, 0xc2,
@@ -764,12 +764,12 @@ ByteSpan kDacPublicKey  = ByteSpan(kDevelopmentDAC_PublicKey_FFF1_8011);
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8012
 const uint8_t kDevelopmentDAC_Cert_FFF1_8012[493] = {
-    0x30, 0x82, 0x01, 0xe9, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x2c, 0x08, 0x0f, 0x54, 0x99, 0xee,
-    0x42, 0x1e, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
+    0x30, 0x82, 0x01, 0xe9, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x41, 0x2d, 0xc7, 0x93, 0xe5, 0x15,
+    0x40, 0x9c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
     0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20,
     0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06,
     0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30,
-    0x32, 0x30, 0x36, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
+    0x33, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
     0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x53, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61,
     0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x2f, 0x30,
     0x78, 0x38, 0x30, 0x31, 0x32, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01,
@@ -784,10 +784,10 @@ const uint8_t kDevelopmentDAC_Cert_FFF1_8012[493] = {
     0xf5, 0x3a, 0xc9, 0xbc, 0x7c, 0xea, 0x84, 0x05, 0x7c, 0xeb, 0xd7, 0xb5, 0x04, 0xd7, 0x04, 0xea, 0x30, 0x1f, 0x06, 0x03, 0x55,
     0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x63, 0x54, 0x0e, 0x47, 0xf6, 0x4b, 0x1c, 0x38, 0xd1, 0x38, 0x84, 0xa4, 0x62,
     0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x49,
-    0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xaf, 0xab, 0xaa, 0x19, 0x2e, 0xcd, 0x52, 0x34, 0xa8, 0xa4, 0x06, 0x06, 0x04, 0x7a, 0x49,
-    0xeb, 0xd3, 0x9a, 0x5b, 0xf0, 0x94, 0x42, 0x6c, 0x19, 0xc1, 0x25, 0x56, 0x15, 0x1d, 0x47, 0x46, 0x68, 0x02, 0x21, 0x00, 0x82,
-    0xb3, 0xa5, 0x87, 0xf1, 0xbf, 0x05, 0x92, 0x2f, 0xa6, 0x43, 0x24, 0x2a, 0xd6, 0x55, 0xc0, 0x28, 0xc6, 0xe9, 0xc4, 0x6c, 0xe6,
-    0xb0, 0x6d, 0xfc, 0x73, 0x16, 0x58, 0xb9, 0x69, 0x3f, 0xc2,
+    0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xd1, 0xe7, 0x78, 0xd4, 0xcd, 0x1e, 0x26, 0xae, 0xdf, 0x8f, 0x49, 0x0b, 0x8e, 0x58, 0x57,
+    0x60, 0x60, 0x04, 0xfd, 0x2c, 0x8b, 0x53, 0x74, 0xc9, 0xd8, 0x2c, 0x66, 0x7d, 0x51, 0xcd, 0xaa, 0x28, 0x02, 0x21, 0x00, 0xe8,
+    0x3b, 0xca, 0xa1, 0x0f, 0xbc, 0x61, 0x80, 0xc5, 0xee, 0xcb, 0x75, 0xd9, 0x9f, 0x9e, 0x32, 0x95, 0xf4, 0x32, 0xa4, 0x97, 0xda,
+    0x25, 0xe7, 0x11, 0xe0, 0x71, 0xc0, 0x11, 0x3b, 0x75, 0xb3,
 };
 const uint8_t kDevelopmentDAC_PublicKey_FFF1_8012[65] = {
     0x04, 0xdc, 0x2c, 0xc1, 0x6c, 0x4d, 0x80, 0x89, 0xc6, 0x06, 0x37, 0x33, 0x96, 0xa2, 0x86, 0x2a, 0x05,
@@ -804,13 +804,13 @@ ByteSpan kDacPrivateKey = ByteSpan(kDevelopmentDAC_PrivateKey_FFF1_8012);
 ByteSpan kDacPublicKey  = ByteSpan(kDevelopmentDAC_PublicKey_FFF1_8012);
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8013
-const uint8_t kDevelopmentDAC_Cert_FFF1_8013[491] = {
-    0x30, 0x82, 0x01, 0xe7, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x12, 0xc2, 0x8b, 0xe9, 0x0e, 0xd0,
-    0x5b, 0x8a, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
+const uint8_t kDevelopmentDAC_Cert_FFF1_8013[492] = {
+    0x30, 0x82, 0x01, 0xe8, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x7b, 0x4d, 0x47, 0x2e, 0x05, 0x9a,
+    0xc7, 0x0b, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
     0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20,
     0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06,
     0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30,
-    0x32, 0x30, 0x36, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
+    0x33, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
     0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x53, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61,
     0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x2f, 0x30,
     0x78, 0x38, 0x30, 0x31, 0x33, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01,
@@ -824,11 +824,11 @@ const uint8_t kDevelopmentDAC_Cert_FFF1_8013[491] = {
     0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x6b, 0x83, 0xbe, 0x0d,
     0x05, 0x5f, 0x28, 0x73, 0xca, 0xc0, 0xba, 0x15, 0x21, 0x1d, 0xdf, 0x16, 0x3d, 0x95, 0xcb, 0x05, 0x30, 0x1f, 0x06, 0x03, 0x55,
     0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x63, 0x54, 0x0e, 0x47, 0xf6, 0x4b, 0x1c, 0x38, 0xd1, 0x38, 0x84, 0xa4, 0x62,
-    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47,
-    0x00, 0x30, 0x44, 0x02, 0x21, 0x00, 0xf8, 0xa4, 0x18, 0xab, 0x7e, 0xc7, 0xf0, 0x36, 0xe1, 0x61, 0x9f, 0xbf, 0x49, 0x1e, 0x48,
-    0x38, 0x18, 0x82, 0x79, 0xe9, 0xf3, 0xc0, 0xe1, 0x57, 0x71, 0xeb, 0xf8, 0x46, 0x70, 0x6a, 0x86, 0x74, 0x02, 0x1f, 0x77, 0xf7,
-    0xd7, 0x8a, 0x49, 0x20, 0xbc, 0x14, 0x11, 0x09, 0x75, 0xf6, 0x69, 0xd8, 0x54, 0xf0, 0x03, 0x8a, 0xb0, 0x13, 0x5a, 0xcf, 0x87,
-    0x62, 0x7d, 0x78, 0xb5, 0xc6, 0xe3, 0xc0, 0x22,
+    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48,
+    0x00, 0x30, 0x45, 0x02, 0x20, 0x7d, 0x15, 0x0b, 0xf0, 0x45, 0xed, 0xab, 0xd1, 0x09, 0x14, 0x2a, 0xae, 0xb4, 0xe0, 0x97, 0xd8,
+    0xaa, 0xf9, 0x1a, 0x9c, 0xe1, 0x7e, 0xe9, 0x38, 0xa5, 0x6e, 0x24, 0x26, 0x26, 0xa8, 0x43, 0x49, 0x02, 0x21, 0x00, 0xe8, 0x0c,
+    0x31, 0x4b, 0x73, 0x8f, 0x88, 0xaf, 0x8c, 0x16, 0x29, 0xd5, 0xf5, 0xa4, 0x60, 0x29, 0x56, 0x50, 0xb5, 0x07, 0x77, 0x0c, 0xc2,
+    0xcc, 0x3b, 0xc4, 0xda, 0x28, 0x7a, 0x2d, 0x2c, 0x9f,
 };
 const uint8_t kDevelopmentDAC_PublicKey_FFF1_8013[65] = {
     0x04, 0x31, 0xfb, 0x34, 0xae, 0x4f, 0x09, 0xc0, 0x5b, 0xd0, 0xbc, 0xaf, 0x37, 0xb5, 0xfa, 0xbe, 0x4d,
@@ -845,13 +845,13 @@ ByteSpan kDacPrivateKey = ByteSpan(kDevelopmentDAC_PrivateKey_FFF1_8013);
 ByteSpan kDacPublicKey  = ByteSpan(kDevelopmentDAC_PublicKey_FFF1_8013);
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8014
-const uint8_t kDevelopmentDAC_Cert_FFF1_8014[491] = {
-    0x30, 0x82, 0x01, 0xe7, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x79, 0x99, 0xdb, 0xfb, 0x39, 0x98,
-    0xe9, 0x33, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
+const uint8_t kDevelopmentDAC_Cert_FFF1_8014[492] = {
+    0x30, 0x82, 0x01, 0xe8, 0x30, 0x82, 0x01, 0x8e, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x69, 0x90, 0x05, 0xe0, 0xed, 0xa8,
+    0x50, 0x47, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x06,
     0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20,
     0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06,
     0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01, 0x0c, 0x04, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x32, 0x30,
-    0x32, 0x30, 0x36, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
+    0x33, 0x33, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32,
     0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x53, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x1c, 0x4d, 0x61,
     0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x2f, 0x30,
     0x78, 0x38, 0x30, 0x31, 0x34, 0x31, 0x14, 0x30, 0x12, 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa2, 0x7c, 0x02, 0x01,
@@ -865,11 +865,11 @@ const uint8_t kDevelopmentDAC_Cert_FFF1_8014[491] = {
     0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xc3, 0xec, 0xc0, 0xb6,
     0x0a, 0xd9, 0x32, 0xe9, 0x83, 0xb5, 0x7a, 0xf4, 0xc1, 0x4e, 0x9a, 0x79, 0xbd, 0x85, 0x61, 0x1d, 0x30, 0x1f, 0x06, 0x03, 0x55,
     0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x63, 0x54, 0x0e, 0x47, 0xf6, 0x4b, 0x1c, 0x38, 0xd1, 0x38, 0x84, 0xa4, 0x62,
-    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x47,
-    0x00, 0x30, 0x44, 0x02, 0x20, 0x62, 0xfd, 0xd3, 0x94, 0x95, 0xfd, 0xa2, 0xd9, 0xd2, 0x1b, 0xb5, 0xfa, 0x8d, 0x65, 0xc8, 0x47,
-    0xba, 0xa8, 0x37, 0x37, 0x0a, 0x51, 0x84, 0x51, 0x2d, 0xef, 0x8f, 0xc0, 0xff, 0x7f, 0x15, 0x09, 0x02, 0x20, 0x77, 0xb1, 0xdc,
-    0x90, 0x17, 0xf6, 0x62, 0x83, 0x30, 0x4c, 0x80, 0x37, 0xa4, 0x0f, 0x9f, 0xb1, 0x4f, 0xd0, 0x23, 0x7b, 0xb1, 0x20, 0x49, 0xfc,
-    0x20, 0xd7, 0x71, 0xb6, 0x80, 0x74, 0xb9, 0x21,
+    0xd1, 0x6c, 0x19, 0x5d, 0x8f, 0xfb, 0x3c, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48,
+    0x00, 0x30, 0x45, 0x02, 0x20, 0x67, 0x98, 0xb1, 0x51, 0x12, 0x70, 0x13, 0x47, 0x87, 0xe2, 0xcf, 0x95, 0x40, 0x29, 0xdf, 0xb1,
+    0xfa, 0x8f, 0xe8, 0x50, 0xe1, 0xbd, 0x24, 0x37, 0x56, 0xb0, 0x40, 0x13, 0xa4, 0x14, 0xc3, 0x09, 0x02, 0x21, 0x00, 0xda, 0xe5,
+    0x69, 0x94, 0xf3, 0x28, 0x78, 0x80, 0xd6, 0x5d, 0xb5, 0x13, 0x1a, 0x9b, 0xbd, 0xbb, 0x1a, 0xb5, 0x4d, 0xa5, 0x10, 0xc8, 0x01,
+    0x2e, 0xbe, 0x82, 0x62, 0x73, 0xf0, 0x0d, 0x99, 0xe4,
 };
 const uint8_t kDevelopmentDAC_PublicKey_FFF1_8014[65] = {
     0x04, 0xb7, 0x1e, 0x29, 0x0c, 0xab, 0x87, 0x31, 0xc8, 0x9f, 0x99, 0x5d, 0x51, 0xcc, 0xc4, 0xa1, 0x89,
diff --git a/src/credentials/examples/ExampleDACs.h b/src/credentials/examples/ExampleDACs.h
index f00600bfdf8890..f380fda46c3bf3 100644
--- a/src/credentials/examples/ExampleDACs.h
+++ b/src/credentials/examples/ExampleDACs.h
@@ -108,12 +108,12 @@ extern const uint8_t kDevelopmentDAC_PublicKey_FFF1_800F[65];
 extern const uint8_t kDevelopmentDAC_PrivateKey_FFF1_800F[32];
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8010
-extern const uint8_t kDevelopmentDAC_Cert_FFF1_8010[492];
+extern const uint8_t kDevelopmentDAC_Cert_FFF1_8010[491];
 extern const uint8_t kDevelopmentDAC_PublicKey_FFF1_8010[65];
 extern const uint8_t kDevelopmentDAC_PrivateKey_FFF1_8010[32];
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8011
-extern const uint8_t kDevelopmentDAC_Cert_FFF1_8011[492];
+extern const uint8_t kDevelopmentDAC_Cert_FFF1_8011[493];
 extern const uint8_t kDevelopmentDAC_PublicKey_FFF1_8011[65];
 extern const uint8_t kDevelopmentDAC_PrivateKey_FFF1_8011[32];
 #endif
@@ -123,12 +123,12 @@ extern const uint8_t kDevelopmentDAC_PublicKey_FFF1_8012[65];
 extern const uint8_t kDevelopmentDAC_PrivateKey_FFF1_8012[32];
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8013
-extern const uint8_t kDevelopmentDAC_Cert_FFF1_8013[491];
+extern const uint8_t kDevelopmentDAC_Cert_FFF1_8013[492];
 extern const uint8_t kDevelopmentDAC_PublicKey_FFF1_8013[65];
 extern const uint8_t kDevelopmentDAC_PrivateKey_FFF1_8013[32];
 #endif
 #if CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID == 0x8014
-extern const uint8_t kDevelopmentDAC_Cert_FFF1_8014[491];
+extern const uint8_t kDevelopmentDAC_Cert_FFF1_8014[492];
 extern const uint8_t kDevelopmentDAC_PublicKey_FFF1_8014[65];
 extern const uint8_t kDevelopmentDAC_PrivateKey_FFF1_8014[32];
 #endif
diff --git a/src/credentials/tests/CHIPAttCert_test_vectors.cpp b/src/credentials/tests/CHIPAttCert_test_vectors.cpp
index 2bca7d167f7086..1babcbc8920886 100644
--- a/src/credentials/tests/CHIPAttCert_test_vectors.cpp
+++ b/src/credentials/tests/CHIPAttCert_test_vectors.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2021 Project CHIP Authors
+ *    Copyright (c) 2021-2022 Project CHIP Authors
  *    All rights reserved.
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
@@ -1334,6 +1334,426 @@ constexpr uint8_t sTestCert_DAC_FFF2_8002_0017_PrivateKey_Array[] = {
 
 extern const ByteSpan sTestCert_DAC_FFF2_8002_0017_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8002_0017_PrivateKey_Array);
 
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0018_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xb0, 0x30, 0x82, 0x01, 0x55, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x19, 0x2a, 0xd8, 0xde, 0x78, 0xcf,
+    0xb2, 0xac, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x24, 0x31, 0x22, 0x30, 0x20, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x19, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31,
+    0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35,
+    0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72,
+    0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x30, 0x31, 0x38, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46,
+    0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x33, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x53, 0xee,
+    0xa8, 0xfa, 0x03, 0x1a, 0x6a, 0xbd, 0xb0, 0x32, 0x9f, 0x4d, 0x57, 0x63, 0x79, 0xa8, 0x38, 0xc3, 0xbd, 0x36, 0x40, 0xb7, 0x9b,
+    0x6a, 0x35, 0x75, 0xc7, 0xd3, 0x2f, 0x80, 0x72, 0xaa, 0x3a, 0x2c, 0x4a, 0x19, 0x75, 0x1a, 0x08, 0x4f, 0x77, 0xcc, 0xb1, 0xaf,
+    0xad, 0xbe, 0x1b, 0x7a, 0x36, 0x93, 0xef, 0xfe, 0x34, 0xbf, 0x5b, 0x8d, 0xd1, 0x46, 0x39, 0x6f, 0xe6, 0x7d, 0x07, 0xfd, 0xa3,
+    0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03,
+    0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
+    0x04, 0x14, 0xe0, 0x5d, 0x36, 0x3d, 0x31, 0x0f, 0x43, 0x8f, 0x3d, 0xf0, 0x56, 0xed, 0xd3, 0xc4, 0x12, 0x63, 0x69, 0xf7, 0x90,
+    0x32, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xa3, 0x5b, 0xf0, 0x00, 0xd2, 0x77, 0x9d,
+    0xd2, 0x8d, 0x91, 0x8a, 0x77, 0x44, 0xde, 0x5b, 0x7f, 0x11, 0xe4, 0x4d, 0x27, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xc2, 0x2c, 0x8e, 0x2d, 0xa5, 0x3e, 0xfb, 0x4a, 0x08,
+    0x8f, 0x2a, 0x22, 0x33, 0x7d, 0x1b, 0xbb, 0x54, 0x94, 0x95, 0x30, 0x16, 0x34, 0xa6, 0xb0, 0x3d, 0xd3, 0xc0, 0xbd, 0x11, 0xa3,
+    0x31, 0xac, 0x02, 0x21, 0x00, 0x81, 0x0f, 0x8f, 0xbe, 0xf6, 0xb7, 0x64, 0xef, 0x4b, 0x30, 0x5e, 0x9a, 0x06, 0x42, 0x77, 0xf2,
+    0xc7, 0x61, 0x8c, 0x1c, 0x05, 0x8b, 0x8c, 0x17, 0x4f, 0xb0, 0xe1, 0xea, 0xb8, 0x5f, 0x10, 0xae,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8003_0018_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0018_FB_SKID_Array[] = {
+    0xE0, 0x5D, 0x36, 0x3D, 0x31, 0x0F, 0x43, 0x8F, 0x3D, 0xF0, 0x56, 0xED, 0xD3, 0xC4, 0x12, 0x63, 0x69, 0xF7, 0x90, 0x32,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8003_0018_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0018-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0018_FB_PublicKey_Array[] = {
+    0x04, 0x53, 0xee, 0xa8, 0xfa, 0x03, 0x1a, 0x6a, 0xbd, 0xb0, 0x32, 0x9f, 0x4d, 0x57, 0x63, 0x79, 0xa8,
+    0x38, 0xc3, 0xbd, 0x36, 0x40, 0xb7, 0x9b, 0x6a, 0x35, 0x75, 0xc7, 0xd3, 0x2f, 0x80, 0x72, 0xaa, 0x3a,
+    0x2c, 0x4a, 0x19, 0x75, 0x1a, 0x08, 0x4f, 0x77, 0xcc, 0xb1, 0xaf, 0xad, 0xbe, 0x1b, 0x7a, 0x36, 0x93,
+    0xef, 0xfe, 0x34, 0xbf, 0x5b, 0x8d, 0xd1, 0x46, 0x39, 0x6f, 0xe6, 0x7d, 0x07, 0xfd,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8003_0018_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0018_FB_PrivateKey_Array[] = {
+    0x9a, 0xec, 0xf6, 0x8f, 0x06, 0x96, 0x3d, 0xdd, 0x5e, 0x43, 0xe3, 0xa2, 0x8f, 0xca, 0xea, 0xb1,
+    0x6f, 0xa6, 0x30, 0x3c, 0xb5, 0xb6, 0x0b, 0x34, 0x80, 0x4f, 0xd3, 0xbc, 0xae, 0xb9, 0xe8, 0x34,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8003_0018_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0019_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xaf, 0x30, 0x82, 0x01, 0x55, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x5d, 0xba, 0xa8, 0x3c, 0x65, 0x66,
+    0x63, 0x9a, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x24, 0x31, 0x22, 0x30, 0x20, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x19, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31,
+    0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35,
+    0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72,
+    0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x30, 0x31, 0x39, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46,
+    0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x33, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x3e, 0x08,
+    0xc4, 0x5e, 0xbc, 0x86, 0x26, 0xd1, 0x4d, 0x10, 0xa9, 0xff, 0x57, 0x90, 0x4e, 0xc0, 0x82, 0x85, 0x80, 0x1b, 0xe6, 0x3b, 0xd8,
+    0xaf, 0x4b, 0x05, 0x35, 0xbc, 0xf4, 0xbe, 0x7a, 0x6c, 0xd1, 0xce, 0x67, 0xfa, 0xa4, 0xc0, 0xce, 0xa6, 0x21, 0x52, 0x51, 0x84,
+    0x07, 0x6d, 0xea, 0x1f, 0xf1, 0xe7, 0xc6, 0x5b, 0xda, 0x55, 0x8b, 0x34, 0x80, 0xa8, 0xb0, 0xa1, 0x3f, 0x5d, 0x49, 0xf9, 0xa3,
+    0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03,
+    0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
+    0x04, 0x14, 0x1c, 0x81, 0xab, 0x79, 0x61, 0xd1, 0x48, 0xa8, 0x2a, 0x3f, 0xa2, 0x58, 0xe9, 0x90, 0xa1, 0x3d, 0x3b, 0x1b, 0xbb,
+    0xd6, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xa3, 0x5b, 0xf0, 0x00, 0xd2, 0x77, 0x9d,
+    0xd2, 0x8d, 0x91, 0x8a, 0x77, 0x44, 0xde, 0x5b, 0x7f, 0x11, 0xe4, 0x4d, 0x27, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0x8a, 0xaf, 0x32, 0x71, 0xeb, 0x66, 0x69, 0x44, 0xdf,
+    0xa1, 0xb8, 0x3a, 0x1a, 0xbd, 0x2a, 0xac, 0xb2, 0x21, 0x00, 0xae, 0x95, 0x32, 0x92, 0x5f, 0xc6, 0x29, 0x37, 0x87, 0x0a, 0x4d,
+    0xe0, 0xaa, 0x02, 0x20, 0x03, 0xd5, 0xd5, 0x1c, 0x44, 0xed, 0x50, 0x3f, 0xc6, 0xec, 0xd4, 0x6e, 0x2e, 0xf1, 0xe5, 0x13, 0x8e,
+    0xa9, 0xc7, 0x12, 0xa9, 0xf9, 0xca, 0x7d, 0x00, 0xee, 0xe4, 0x69, 0x55, 0xb9, 0xc1, 0x11,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8003_0019_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0019_FB_SKID_Array[] = {
+    0x1C, 0x81, 0xAB, 0x79, 0x61, 0xD1, 0x48, 0xA8, 0x2A, 0x3F, 0xA2, 0x58, 0xE9, 0x90, 0xA1, 0x3D, 0x3B, 0x1B, 0xBB, 0xD6,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8003_0019_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-0019-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0019_FB_PublicKey_Array[] = {
+    0x04, 0x3e, 0x08, 0xc4, 0x5e, 0xbc, 0x86, 0x26, 0xd1, 0x4d, 0x10, 0xa9, 0xff, 0x57, 0x90, 0x4e, 0xc0,
+    0x82, 0x85, 0x80, 0x1b, 0xe6, 0x3b, 0xd8, 0xaf, 0x4b, 0x05, 0x35, 0xbc, 0xf4, 0xbe, 0x7a, 0x6c, 0xd1,
+    0xce, 0x67, 0xfa, 0xa4, 0xc0, 0xce, 0xa6, 0x21, 0x52, 0x51, 0x84, 0x07, 0x6d, 0xea, 0x1f, 0xf1, 0xe7,
+    0xc6, 0x5b, 0xda, 0x55, 0x8b, 0x34, 0x80, 0xa8, 0xb0, 0xa1, 0x3f, 0x5d, 0x49, 0xf9,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8003_0019_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_0019_FB_PrivateKey_Array[] = {
+    0x0b, 0x2f, 0xa2, 0xca, 0x32, 0x37, 0x95, 0x17, 0xc9, 0x99, 0x2f, 0x23, 0xaa, 0x6b, 0xf2, 0x3d,
+    0x55, 0x86, 0x52, 0xe2, 0xf5, 0xbc, 0xc4, 0x2b, 0x94, 0x13, 0x8f, 0x17, 0xd1, 0x9f, 0x93, 0xd8,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8003_0019_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001A_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xaf, 0x30, 0x82, 0x01, 0x55, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x24, 0x80, 0xb8, 0x0f, 0x43, 0xcf,
+    0x4d, 0x86, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x24, 0x31, 0x22, 0x30, 0x20, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x19, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31,
+    0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35,
+    0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72,
+    0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x30, 0x31, 0x41, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46,
+    0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x33, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x31, 0x27,
+    0xf7, 0x0e, 0x30, 0xa9, 0x99, 0x54, 0x7d, 0xe9, 0x99, 0x6d, 0x4d, 0x19, 0x4e, 0x7d, 0x03, 0x54, 0x8b, 0xe9, 0x68, 0xad, 0x37,
+    0x05, 0xef, 0x06, 0xe8, 0x64, 0x47, 0xe9, 0x5e, 0x4c, 0xb8, 0xc9, 0xf2, 0x8f, 0x30, 0x82, 0x70, 0x94, 0xcb, 0x31, 0x70, 0x39,
+    0x6f, 0xd7, 0x55, 0x45, 0x57, 0xda, 0x88, 0x18, 0x5d, 0x4c, 0x1e, 0xda, 0x94, 0x2f, 0xcd, 0x23, 0x09, 0xf8, 0xad, 0xc4, 0xa3,
+    0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03,
+    0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
+    0x04, 0x14, 0x0a, 0xba, 0xd2, 0xbe, 0xb9, 0x59, 0xea, 0xa2, 0xc6, 0x0b, 0xd5, 0x67, 0xd2, 0xd2, 0xbb, 0x8b, 0xa6, 0xc3, 0xa8,
+    0x15, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xa3, 0x5b, 0xf0, 0x00, 0xd2, 0x77, 0x9d,
+    0xd2, 0x8d, 0x91, 0x8a, 0x77, 0x44, 0xde, 0x5b, 0x7f, 0x11, 0xe4, 0x4d, 0x27, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x36, 0x65, 0x77, 0xcb, 0x22, 0x76, 0x25, 0x53, 0xe3, 0x70,
+    0x1b, 0x74, 0xd0, 0x89, 0xc8, 0xe3, 0x66, 0x4f, 0x29, 0x67, 0x25, 0x3d, 0xf9, 0xd3, 0x6d, 0x4c, 0x7a, 0xab, 0xfa, 0x7f, 0x3e,
+    0x4c, 0x02, 0x21, 0x00, 0xee, 0x5b, 0x5e, 0x9d, 0x96, 0x43, 0x12, 0x73, 0x6e, 0xa2, 0xff, 0xf9, 0xca, 0xde, 0x8e, 0xa6, 0x8f,
+    0x55, 0xbd, 0x41, 0x95, 0x99, 0x97, 0xc2, 0xf3, 0x28, 0x72, 0xc6, 0x3f, 0x4a, 0x76, 0x82,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8003_001A_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001A_FB_SKID_Array[] = {
+    0x0A, 0xBA, 0xD2, 0xBE, 0xB9, 0x59, 0xEA, 0xA2, 0xC6, 0x0B, 0xD5, 0x67, 0xD2, 0xD2, 0xBB, 0x8B, 0xA6, 0xC3, 0xA8, 0x15,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8003_001A_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001A-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001A_FB_PublicKey_Array[] = {
+    0x04, 0x31, 0x27, 0xf7, 0x0e, 0x30, 0xa9, 0x99, 0x54, 0x7d, 0xe9, 0x99, 0x6d, 0x4d, 0x19, 0x4e, 0x7d,
+    0x03, 0x54, 0x8b, 0xe9, 0x68, 0xad, 0x37, 0x05, 0xef, 0x06, 0xe8, 0x64, 0x47, 0xe9, 0x5e, 0x4c, 0xb8,
+    0xc9, 0xf2, 0x8f, 0x30, 0x82, 0x70, 0x94, 0xcb, 0x31, 0x70, 0x39, 0x6f, 0xd7, 0x55, 0x45, 0x57, 0xda,
+    0x88, 0x18, 0x5d, 0x4c, 0x1e, 0xda, 0x94, 0x2f, 0xcd, 0x23, 0x09, 0xf8, 0xad, 0xc4,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8003_001A_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001A_FB_PrivateKey_Array[] = {
+    0xa9, 0x6f, 0xd4, 0xce, 0x72, 0x3b, 0xfa, 0x78, 0x41, 0x2a, 0x30, 0x73, 0x52, 0xdd, 0xc3, 0xf2,
+    0xe5, 0xe2, 0xe5, 0xfa, 0x59, 0xb5, 0xdb, 0x16, 0x6e, 0x8c, 0xa8, 0xd3, 0x39, 0x6b, 0x42, 0x76,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8003_001A_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001B_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xaf, 0x30, 0x82, 0x01, 0x55, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x0e, 0x4e, 0xbf, 0x8c, 0x73, 0x2a,
+    0x62, 0x6f, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x24, 0x31, 0x22, 0x30, 0x20, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x19, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31,
+    0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35,
+    0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72,
+    0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30, 0x30, 0x31, 0x42, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46,
+    0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x33, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x65, 0x84,
+    0x11, 0x4e, 0x98, 0x2f, 0x58, 0x5e, 0x7c, 0xe1, 0x8e, 0xde, 0xc6, 0xe6, 0x3f, 0x19, 0x74, 0x04, 0x5a, 0x60, 0xe6, 0x57, 0x2e,
+    0xfd, 0x7f, 0x62, 0xf9, 0x50, 0xc4, 0x02, 0x2b, 0xa3, 0xe7, 0x37, 0xee, 0x61, 0x84, 0xb7, 0xef, 0x76, 0xf1, 0x0f, 0x34, 0x18,
+    0x74, 0x72, 0x6a, 0xb4, 0x8c, 0x36, 0x0e, 0x33, 0x80, 0x6d, 0xee, 0x00, 0xec, 0x34, 0x40, 0xd0, 0x47, 0x26, 0x8e, 0x81, 0xa3,
+    0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03,
+    0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07, 0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16,
+    0x04, 0x14, 0x66, 0x5e, 0x97, 0x9a, 0x05, 0xbb, 0xbf, 0xe4, 0xae, 0x29, 0x3a, 0xd1, 0xc8, 0x6c, 0xca, 0x59, 0x61, 0x19, 0x8a,
+    0x16, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xa3, 0x5b, 0xf0, 0x00, 0xd2, 0x77, 0x9d,
+    0xd2, 0x8d, 0x91, 0x8a, 0x77, 0x44, 0xde, 0x5b, 0x7f, 0x11, 0xe4, 0x4d, 0x27, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x70, 0x6f, 0xa0, 0x32, 0x82, 0xbe, 0xba, 0x71, 0x36, 0xb2,
+    0x66, 0x24, 0x2c, 0x65, 0xd7, 0xd9, 0x0b, 0xd0, 0xd3, 0xe9, 0xdf, 0xe9, 0x92, 0xbf, 0x6b, 0xfb, 0x76, 0x79, 0x7e, 0xb5, 0x4e,
+    0xfa, 0x02, 0x21, 0x00, 0xad, 0x8d, 0x1e, 0xe8, 0x74, 0x44, 0xf1, 0x44, 0x08, 0x0f, 0x2a, 0x54, 0x81, 0x3d, 0x58, 0x9c, 0xaf,
+    0xed, 0x7c, 0x4e, 0xfa, 0x68, 0x44, 0xf2, 0x93, 0xad, 0xc9, 0x26, 0x77, 0x49, 0x7b, 0x1b,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8003_001B_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001B_FB_SKID_Array[] = {
+    0x66, 0x5E, 0x97, 0x9A, 0x05, 0xBB, 0xBF, 0xE4, 0xAE, 0x29, 0x3A, 0xD1, 0xC8, 0x6C, 0xCA, 0x59, 0x61, 0x19, 0x8A, 0x16,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8003_001B_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8003-001B-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001B_FB_PublicKey_Array[] = {
+    0x04, 0x65, 0x84, 0x11, 0x4e, 0x98, 0x2f, 0x58, 0x5e, 0x7c, 0xe1, 0x8e, 0xde, 0xc6, 0xe6, 0x3f, 0x19,
+    0x74, 0x04, 0x5a, 0x60, 0xe6, 0x57, 0x2e, 0xfd, 0x7f, 0x62, 0xf9, 0x50, 0xc4, 0x02, 0x2b, 0xa3, 0xe7,
+    0x37, 0xee, 0x61, 0x84, 0xb7, 0xef, 0x76, 0xf1, 0x0f, 0x34, 0x18, 0x74, 0x72, 0x6a, 0xb4, 0x8c, 0x36,
+    0x0e, 0x33, 0x80, 0x6d, 0xee, 0x00, 0xec, 0x34, 0x40, 0xd0, 0x47, 0x26, 0x8e, 0x81,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8003_001B_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8003_001B_FB_PrivateKey_Array[] = {
+    0x6f, 0xe3, 0xe1, 0x08, 0xc4, 0xf2, 0x19, 0x36, 0x6f, 0x8e, 0x87, 0xa9, 0x7e, 0x5e, 0x8a, 0xa5,
+    0x3a, 0xd4, 0xbd, 0x8a, 0x9e, 0xb8, 0x5d, 0x3d, 0xee, 0xbf, 0x94, 0xe7, 0x41, 0xc8, 0x9a, 0x22,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8003_001B_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001C_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xb9, 0x30, 0x82, 0x01, 0x5f, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x3f, 0x04, 0x2c, 0x7d, 0x84, 0xc1,
+    0x37, 0x83, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x2e, 0x31, 0x2c, 0x30, 0x2a, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x34, 0x30,
+    0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39,
+    0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55,
+    0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30,
+    0x30, 0x31, 0x43, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30,
+    0x30, 0x34, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xd2, 0xd4, 0x6e, 0xce, 0x4b, 0xa4, 0x7a, 0x77, 0x1d, 0xef, 0xdd, 0x35, 0x48,
+    0x13, 0xe7, 0x69, 0xae, 0x3b, 0xaf, 0xa0, 0xb2, 0x0e, 0x07, 0xf4, 0x28, 0x58, 0xea, 0xd9, 0x4b, 0x61, 0xe7, 0xa2, 0x4a, 0x53,
+    0x6a, 0xa1, 0xbd, 0xfb, 0x1d, 0x04, 0x6d, 0xc0, 0x37, 0xa8, 0xb7, 0x6a, 0x34, 0xcf, 0x98, 0xd3, 0xdf, 0x36, 0x28, 0x99, 0xdd,
+    0xb2, 0x3d, 0x27, 0xf2, 0x88, 0x23, 0x76, 0x92, 0x8c, 0xa3, 0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
+    0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07,
+    0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xa1, 0x05, 0x77, 0xca, 0x1d, 0xfc, 0x8e, 0xb3, 0xf7,
+    0x0c, 0xd9, 0xf5, 0xd6, 0x45, 0x34, 0xa2, 0x25, 0xaa, 0x80, 0x72, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
+    0x16, 0x80, 0x14, 0x41, 0x98, 0x0d, 0x4c, 0x17, 0x0b, 0x89, 0xd0, 0x71, 0x63, 0x83, 0x6d, 0x5e, 0xc3, 0xa8, 0x00, 0xb9, 0x38,
+    0xe3, 0x87, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21,
+    0x00, 0xa9, 0xca, 0xeb, 0x41, 0x0a, 0xfc, 0x1c, 0x89, 0xb4, 0x10, 0x08, 0xe3, 0x8b, 0x94, 0x2e, 0x5c, 0x6b, 0xe5, 0xfb, 0x4e,
+    0x6a, 0x49, 0x39, 0xb8, 0x3e, 0x52, 0x75, 0xce, 0x4f, 0x7e, 0xee, 0xcb, 0x02, 0x20, 0x2d, 0x62, 0x3f, 0xfd, 0xc6, 0xec, 0x89,
+    0xc3, 0x71, 0xbb, 0x0c, 0x40, 0xd2, 0xdb, 0x5c, 0x7d, 0xde, 0x1d, 0xd2, 0x14, 0x10, 0x91, 0xae, 0xfe, 0xe4, 0x04, 0x72, 0x1e,
+    0xfe, 0xad, 0xee, 0x99,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8004_001C_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001C_FB_SKID_Array[] = {
+    0xA1, 0x05, 0x77, 0xCA, 0x1D, 0xFC, 0x8E, 0xB3, 0xF7, 0x0C, 0xD9, 0xF5, 0xD6, 0x45, 0x34, 0xA2, 0x25, 0xAA, 0x80, 0x72,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8004_001C_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001C-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001C_FB_PublicKey_Array[] = {
+    0x04, 0xd2, 0xd4, 0x6e, 0xce, 0x4b, 0xa4, 0x7a, 0x77, 0x1d, 0xef, 0xdd, 0x35, 0x48, 0x13, 0xe7, 0x69,
+    0xae, 0x3b, 0xaf, 0xa0, 0xb2, 0x0e, 0x07, 0xf4, 0x28, 0x58, 0xea, 0xd9, 0x4b, 0x61, 0xe7, 0xa2, 0x4a,
+    0x53, 0x6a, 0xa1, 0xbd, 0xfb, 0x1d, 0x04, 0x6d, 0xc0, 0x37, 0xa8, 0xb7, 0x6a, 0x34, 0xcf, 0x98, 0xd3,
+    0xdf, 0x36, 0x28, 0x99, 0xdd, 0xb2, 0x3d, 0x27, 0xf2, 0x88, 0x23, 0x76, 0x92, 0x8c,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8004_001C_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001C_FB_PrivateKey_Array[] = {
+    0xdf, 0xb7, 0xe8, 0xef, 0xaa, 0xbe, 0x37, 0x6b, 0x66, 0x1f, 0x1d, 0x4d, 0xe9, 0x8b, 0x14, 0x1b,
+    0x02, 0x58, 0x90, 0x79, 0x07, 0x10, 0xa1, 0x93, 0x77, 0x52, 0x20, 0x6b, 0x20, 0xb6, 0x46, 0x6e,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8004_001C_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001D_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xba, 0x30, 0x82, 0x01, 0x5f, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x47, 0x8c, 0x18, 0xe3, 0x23, 0xf6,
+    0xd1, 0x39, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x2e, 0x31, 0x2c, 0x30, 0x2a, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x34, 0x30,
+    0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39,
+    0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55,
+    0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30,
+    0x30, 0x31, 0x44, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30,
+    0x30, 0x34, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xb9, 0xc9, 0xcc, 0x12, 0xcd, 0xd6, 0x67, 0x91, 0xd5, 0x52, 0xe4, 0xc3, 0x56,
+    0x22, 0xa6, 0x68, 0x00, 0x21, 0x97, 0xad, 0x23, 0x8d, 0x8c, 0x39, 0x97, 0x07, 0x3d, 0x35, 0x53, 0x3a, 0x54, 0x0a, 0xb8, 0xc0,
+    0x14, 0x78, 0xea, 0x86, 0x39, 0x82, 0x0b, 0x21, 0x09, 0xe3, 0xff, 0x02, 0xc0, 0x81, 0xc0, 0x6c, 0xf3, 0xb3, 0xd9, 0x2b, 0x72,
+    0xb0, 0xa4, 0xd8, 0xe5, 0x2b, 0x7a, 0x83, 0x08, 0xce, 0xa3, 0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
+    0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07,
+    0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x95, 0xd0, 0xd8, 0xc9, 0xf1, 0x94, 0xe2, 0x9a, 0xc2,
+    0x8c, 0x76, 0x1f, 0xc7, 0x32, 0x3b, 0x5e, 0xa8, 0x82, 0xa9, 0x38, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
+    0x16, 0x80, 0x14, 0x41, 0x98, 0x0d, 0x4c, 0x17, 0x0b, 0x89, 0xd0, 0x71, 0x63, 0x83, 0x6d, 0x5e, 0xc3, 0xa8, 0x00, 0xb9, 0x38,
+    0xe3, 0x87, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21,
+    0x00, 0xd4, 0xd8, 0xa4, 0x39, 0x1c, 0x91, 0xae, 0x9d, 0xc9, 0x7f, 0x64, 0xf9, 0xec, 0xb4, 0xa4, 0xc7, 0x64, 0x58, 0xb4, 0xde,
+    0x46, 0x4a, 0x31, 0xe1, 0x4b, 0x39, 0x7c, 0xec, 0x0a, 0xbd, 0x99, 0x1c, 0x02, 0x21, 0x00, 0x80, 0xfe, 0x79, 0xec, 0x41, 0xd3,
+    0x4d, 0xb4, 0xfc, 0xed, 0xa0, 0xf1, 0x79, 0xae, 0x1e, 0xbc, 0x63, 0x6b, 0x61, 0xbe, 0xf4, 0x4f, 0x71, 0x62, 0xfe, 0x88, 0xb5,
+    0x3c, 0x9c, 0x0d, 0xce, 0xac,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8004_001D_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001D_FB_SKID_Array[] = {
+    0x95, 0xD0, 0xD8, 0xC9, 0xF1, 0x94, 0xE2, 0x9A, 0xC2, 0x8C, 0x76, 0x1F, 0xC7, 0x32, 0x3B, 0x5E, 0xA8, 0x82, 0xA9, 0x38,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8004_001D_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001D-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001D_FB_PublicKey_Array[] = {
+    0x04, 0xb9, 0xc9, 0xcc, 0x12, 0xcd, 0xd6, 0x67, 0x91, 0xd5, 0x52, 0xe4, 0xc3, 0x56, 0x22, 0xa6, 0x68,
+    0x00, 0x21, 0x97, 0xad, 0x23, 0x8d, 0x8c, 0x39, 0x97, 0x07, 0x3d, 0x35, 0x53, 0x3a, 0x54, 0x0a, 0xb8,
+    0xc0, 0x14, 0x78, 0xea, 0x86, 0x39, 0x82, 0x0b, 0x21, 0x09, 0xe3, 0xff, 0x02, 0xc0, 0x81, 0xc0, 0x6c,
+    0xf3, 0xb3, 0xd9, 0x2b, 0x72, 0xb0, 0xa4, 0xd8, 0xe5, 0x2b, 0x7a, 0x83, 0x08, 0xce,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8004_001D_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001D_FB_PrivateKey_Array[] = {
+    0xe8, 0x03, 0x09, 0x77, 0x8e, 0x14, 0x71, 0xcd, 0x45, 0x56, 0xcc, 0x2f, 0x5d, 0xf9, 0x50, 0xee,
+    0xfc, 0x97, 0xea, 0x5d, 0x33, 0x50, 0x9f, 0xd1, 0x3c, 0xdf, 0xe4, 0x70, 0xd8, 0xb7, 0x71, 0x78,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8004_001D_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001E_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xb9, 0x30, 0x82, 0x01, 0x5f, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x2b, 0x48, 0x6a, 0x62, 0x46, 0xc4,
+    0x89, 0x8d, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x2e, 0x31, 0x2c, 0x30, 0x2a, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x34, 0x30,
+    0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39,
+    0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55,
+    0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30,
+    0x30, 0x31, 0x45, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30,
+    0x30, 0x34, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x7b, 0x16, 0x45, 0xe7, 0xf5, 0xb7, 0x41, 0x1f, 0xcc, 0x0a, 0x89, 0x85, 0x61,
+    0x23, 0xe8, 0x8e, 0x93, 0x4c, 0x2c, 0x8c, 0xc9, 0xd4, 0x62, 0x1a, 0xb0, 0xcd, 0xaf, 0x88, 0x60, 0x6c, 0xde, 0xbc, 0x0f, 0x71,
+    0x3c, 0xf6, 0xa2, 0xee, 0x09, 0xdc, 0xc0, 0xcb, 0x1e, 0x64, 0x20, 0xf3, 0x44, 0x5d, 0x21, 0xe2, 0x6e, 0x98, 0x26, 0xab, 0x6c,
+    0xca, 0x3d, 0x89, 0x0b, 0x6f, 0x77, 0xe0, 0xc9, 0x24, 0xa3, 0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
+    0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07,
+    0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x32, 0x47, 0x64, 0x97, 0x0b, 0x98, 0x16, 0x15, 0x6e,
+    0x7e, 0xbd, 0x3e, 0x1c, 0xdb, 0x68, 0x56, 0x9d, 0xf5, 0x19, 0x58, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
+    0x16, 0x80, 0x14, 0x41, 0x98, 0x0d, 0x4c, 0x17, 0x0b, 0x89, 0xd0, 0x71, 0x63, 0x83, 0x6d, 0x5e, 0xc3, 0xa8, 0x00, 0xb9, 0x38,
+    0xe3, 0x87, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20,
+    0x25, 0xdb, 0xb8, 0x6c, 0xb6, 0x9d, 0x1e, 0xe2, 0xac, 0x04, 0xcc, 0x60, 0x20, 0xc5, 0xb1, 0xd6, 0x66, 0x33, 0x0a, 0x83, 0x01,
+    0x9a, 0x1b, 0x55, 0x5b, 0xab, 0xed, 0x19, 0x95, 0x16, 0x2c, 0x31, 0x02, 0x21, 0x00, 0xa3, 0xcf, 0xcb, 0x81, 0xd4, 0xbe, 0xd2,
+    0xc4, 0xc4, 0x56, 0x4a, 0x46, 0xf1, 0x96, 0xc1, 0xe7, 0x95, 0x08, 0x41, 0xac, 0x52, 0x98, 0xe2, 0xd9, 0xcc, 0xc9, 0xb5, 0x36,
+    0xf9, 0x45, 0x18, 0x68,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8004_001E_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001E_FB_SKID_Array[] = {
+    0x32, 0x47, 0x64, 0x97, 0x0B, 0x98, 0x16, 0x15, 0x6E, 0x7E, 0xBD, 0x3E, 0x1C, 0xDB, 0x68, 0x56, 0x9D, 0xF5, 0x19, 0x58,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8004_001E_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001E-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001E_FB_PublicKey_Array[] = {
+    0x04, 0x7b, 0x16, 0x45, 0xe7, 0xf5, 0xb7, 0x41, 0x1f, 0xcc, 0x0a, 0x89, 0x85, 0x61, 0x23, 0xe8, 0x8e,
+    0x93, 0x4c, 0x2c, 0x8c, 0xc9, 0xd4, 0x62, 0x1a, 0xb0, 0xcd, 0xaf, 0x88, 0x60, 0x6c, 0xde, 0xbc, 0x0f,
+    0x71, 0x3c, 0xf6, 0xa2, 0xee, 0x09, 0xdc, 0xc0, 0xcb, 0x1e, 0x64, 0x20, 0xf3, 0x44, 0x5d, 0x21, 0xe2,
+    0x6e, 0x98, 0x26, 0xab, 0x6c, 0xca, 0x3d, 0x89, 0x0b, 0x6f, 0x77, 0xe0, 0xc9, 0x24,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8004_001E_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001E_FB_PrivateKey_Array[] = {
+    0x93, 0x47, 0xbf, 0x6a, 0xc9, 0x14, 0x4a, 0x4e, 0xa9, 0xba, 0x60, 0x13, 0xb4, 0xa8, 0xfc, 0x92,
+    0x04, 0xf9, 0xbd, 0xa0, 0xe3, 0x0d, 0xe4, 0xcb, 0x7f, 0x8e, 0x92, 0x88, 0xca, 0x25, 0x46, 0xdb,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8004_001E_FB_PrivateKey_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Cert.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001F_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xb9, 0x30, 0x82, 0x01, 0x5f, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x77, 0x86, 0x0a, 0xf9, 0x7f, 0x6f,
+    0x0f, 0x00, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x2e, 0x31, 0x2c, 0x30, 0x2a, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49,
+    0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x34, 0x30,
+    0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39, 0x39,
+    0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x33, 0x31, 0x31, 0x30, 0x2f, 0x06, 0x03, 0x55,
+    0x04, 0x03, 0x0c, 0x28, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x44, 0x41, 0x43, 0x20, 0x30,
+    0x30, 0x31, 0x46, 0x20, 0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30,
+    0x30, 0x34, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+    0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xf1, 0x0a, 0xe6, 0x59, 0xd2, 0x76, 0xf8, 0x6c, 0x15, 0xc2, 0x7b, 0x4d, 0xfc,
+    0xab, 0x77, 0x04, 0x3b, 0x21, 0x55, 0xff, 0x09, 0x74, 0xe8, 0x48, 0x90, 0x5a, 0x7c, 0x9a, 0x8c, 0x3a, 0x29, 0xc8, 0xd5, 0xd8,
+    0x14, 0x91, 0xfe, 0xa5, 0x1e, 0x47, 0xfa, 0x43, 0x2e, 0x2c, 0xf0, 0xbe, 0x35, 0x83, 0x2e, 0x16, 0x6b, 0x0e, 0x19, 0xbd, 0x70,
+    0x00, 0xe1, 0x89, 0x11, 0xe1, 0xe1, 0xdd, 0xb8, 0xad, 0xa3, 0x60, 0x30, 0x5e, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01,
+    0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x07,
+    0x80, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x01, 0xfb, 0xf4, 0xc5, 0x71, 0x5b, 0x01, 0x33, 0x95,
+    0x4f, 0x90, 0x7e, 0x07, 0x65, 0x53, 0xcc, 0xce, 0x74, 0x6f, 0x6b, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30,
+    0x16, 0x80, 0x14, 0x41, 0x98, 0x0d, 0x4c, 0x17, 0x0b, 0x89, 0xd0, 0x71, 0x63, 0x83, 0x6d, 0x5e, 0xc3, 0xa8, 0x00, 0xb9, 0x38,
+    0xe3, 0x87, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20,
+    0x21, 0xa0, 0x7c, 0x58, 0xd8, 0x9c, 0xec, 0x72, 0x7a, 0x51, 0xeb, 0xca, 0x76, 0xbc, 0x0b, 0x91, 0xe6, 0xf6, 0x40, 0xe1, 0x80,
+    0x58, 0x3d, 0x43, 0xca, 0xd8, 0x49, 0x27, 0x6a, 0xc7, 0xe1, 0x0b, 0x02, 0x21, 0x00, 0xa0, 0x47, 0xd8, 0x58, 0x19, 0x8b, 0x99,
+    0xb7, 0xb7, 0x0a, 0xcc, 0xa7, 0x31, 0xbc, 0x5b, 0x50, 0x6d, 0xa4, 0x47, 0x7c, 0xa5, 0xe5, 0x65, 0xb2, 0x4c, 0x89, 0x75, 0x5d,
+    0x02, 0x14, 0xbd, 0xbe,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_Cert = ByteSpan(sTestCert_DAC_FFF2_8004_001F_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001F_FB_SKID_Array[] = {
+    0x01, 0xFB, 0xF4, 0xC5, 0x71, 0x5B, 0x01, 0x33, 0x95, 0x4F, 0x90, 0x7E, 0x07, 0x65, 0x53, 0xCC, 0xCE, 0x74, 0x6F, 0x6B,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_SKID = ByteSpan(sTestCert_DAC_FFF2_8004_001F_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-DAC-FFF2-8004-001F-FB-Key.pem
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001F_FB_PublicKey_Array[] = {
+    0x04, 0xf1, 0x0a, 0xe6, 0x59, 0xd2, 0x76, 0xf8, 0x6c, 0x15, 0xc2, 0x7b, 0x4d, 0xfc, 0xab, 0x77, 0x04,
+    0x3b, 0x21, 0x55, 0xff, 0x09, 0x74, 0xe8, 0x48, 0x90, 0x5a, 0x7c, 0x9a, 0x8c, 0x3a, 0x29, 0xc8, 0xd5,
+    0xd8, 0x14, 0x91, 0xfe, 0xa5, 0x1e, 0x47, 0xfa, 0x43, 0x2e, 0x2c, 0xf0, 0xbe, 0x35, 0x83, 0x2e, 0x16,
+    0x6b, 0x0e, 0x19, 0xbd, 0x70, 0x00, 0xe1, 0x89, 0x11, 0xe1, 0xe1, 0xdd, 0xb8, 0xad,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_PublicKey = ByteSpan(sTestCert_DAC_FFF2_8004_001F_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_DAC_FFF2_8004_001F_FB_PrivateKey_Array[] = {
+    0xba, 0x89, 0xef, 0x56, 0x64, 0x2e, 0x5c, 0x14, 0xc3, 0xdf, 0x19, 0xce, 0x33, 0xbf, 0xbf, 0x27,
+    0xec, 0x4e, 0x0e, 0x2b, 0xde, 0xd3, 0x5f, 0x6d, 0x6c, 0x33, 0x92, 0x9e, 0xc5, 0x5b, 0xc5, 0xeb,
+};
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_PrivateKey = ByteSpan(sTestCert_DAC_FFF2_8004_001F_FB_PrivateKey_Array);
+
 // ${chip_root}/credentials/test/attestation/Chip-Test-PAA-FFF1-Cert.pem
 
 constexpr uint8_t sTestCert_PAA_FFF1_Cert_Array[] = {
@@ -1545,6 +1965,58 @@ constexpr uint8_t sTestCert_PAI_FFF2_8001_PrivateKey_Array[] = {
 
 extern const ByteSpan sTestCert_PAI_FFF2_8001_PrivateKey = ByteSpan(sTestCert_PAI_FFF2_8001_PrivateKey_Array);
 
+// ${chip_root}/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Cert.pem
+
+constexpr uint8_t sTestCert_PAI_FFF2_8004_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0xa6, 0x30, 0x82, 0x01, 0x4c, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x28, 0x84, 0xf6, 0x17, 0x40, 0x94,
+    0x04, 0x9a, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41,
+    0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39,
+    0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x2e, 0x31, 0x2c, 0x30, 0x2a, 0x06, 0x03,
+    0x55, 0x04, 0x03, 0x0c, 0x23, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49, 0x20,
+    0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x20, 0x4d, 0x70, 0x69, 0x64, 0x3a, 0x38, 0x30, 0x30, 0x34, 0x30, 0x59,
+    0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07,
+    0x03, 0x42, 0x00, 0x04, 0xfe, 0x83, 0xa2, 0xf6, 0x36, 0xce, 0x10, 0x0f, 0x8e, 0x4c, 0x03, 0xae, 0xa5, 0x8d, 0xb6, 0xef, 0xde,
+    0x4e, 0x43, 0x57, 0x32, 0x3c, 0x32, 0xb0, 0x8d, 0xf6, 0x92, 0x4d, 0xbf, 0xe4, 0xe4, 0xab, 0x7d, 0x36, 0x77, 0x04, 0xd0, 0x2d,
+    0x3c, 0x26, 0xbe, 0xc0, 0x96, 0x33, 0x1a, 0xa0, 0x4b, 0xd2, 0x8a, 0x2a, 0xc1, 0x0e, 0x23, 0xdb, 0x96, 0xe7, 0x27, 0x4f, 0xb4,
+    0x19, 0x09, 0x87, 0x65, 0xa2, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08,
+    0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03,
+    0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x41, 0x98, 0x0d, 0x4c, 0x17, 0x0b, 0x89,
+    0xd0, 0x71, 0x63, 0x83, 0x6d, 0x5e, 0xc3, 0xa8, 0x00, 0xb9, 0x38, 0xe3, 0x87, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04,
+    0x18, 0x30, 0x16, 0x80, 0x14, 0xe0, 0xfc, 0xd7, 0xf2, 0x22, 0x70, 0xab, 0xb2, 0xd4, 0x67, 0x58, 0x47, 0x10, 0xf5, 0xe4, 0x87,
+    0x76, 0x80, 0x7a, 0x26, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45,
+    0x02, 0x21, 0x00, 0xa5, 0x01, 0xc7, 0xd3, 0x5e, 0x6f, 0xed, 0xeb, 0x31, 0xe7, 0xc3, 0x38, 0x30, 0x13, 0x55, 0x74, 0x44, 0x41,
+    0x30, 0x58, 0xb0, 0x50, 0xf0, 0xa6, 0x92, 0xe6, 0x60, 0x0f, 0x97, 0x08, 0x47, 0xee, 0x02, 0x20, 0x0a, 0x15, 0x9b, 0xeb, 0xf8,
+    0x83, 0x3b, 0xef, 0xfe, 0x5b, 0xaa, 0x3a, 0xa3, 0x6b, 0x3c, 0x9c, 0x09, 0x9b, 0x76, 0x8d, 0xd9, 0x4c, 0x99, 0x41, 0xde, 0x97,
+    0xdd, 0xa0, 0x8e, 0x39, 0x01, 0x05,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_Cert = ByteSpan(sTestCert_PAI_FFF2_8004_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_PAI_FFF2_8004_FB_SKID_Array[] = {
+    0x41, 0x98, 0x0D, 0x4C, 0x17, 0x0B, 0x89, 0xD0, 0x71, 0x63, 0x83, 0x6D, 0x5E, 0xC3, 0xA8, 0x00, 0xB9, 0x38, 0xE3, 0x87,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_SKID = ByteSpan(sTestCert_PAI_FFF2_8004_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-PAI-FFF2-8004-FB-Key.pem
+
+constexpr uint8_t sTestCert_PAI_FFF2_8004_FB_PublicKey_Array[] = {
+    0x04, 0xfe, 0x83, 0xa2, 0xf6, 0x36, 0xce, 0x10, 0x0f, 0x8e, 0x4c, 0x03, 0xae, 0xa5, 0x8d, 0xb6, 0xef,
+    0xde, 0x4e, 0x43, 0x57, 0x32, 0x3c, 0x32, 0xb0, 0x8d, 0xf6, 0x92, 0x4d, 0xbf, 0xe4, 0xe4, 0xab, 0x7d,
+    0x36, 0x77, 0x04, 0xd0, 0x2d, 0x3c, 0x26, 0xbe, 0xc0, 0x96, 0x33, 0x1a, 0xa0, 0x4b, 0xd2, 0x8a, 0x2a,
+    0xc1, 0x0e, 0x23, 0xdb, 0x96, 0xe7, 0x27, 0x4f, 0xb4, 0x19, 0x09, 0x87, 0x65, 0xa2,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_PublicKey = ByteSpan(sTestCert_PAI_FFF2_8004_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_PAI_FFF2_8004_FB_PrivateKey_Array[] = {
+    0xa1, 0x08, 0xa1, 0xe5, 0x27, 0x52, 0xe7, 0x56, 0x0d, 0x0a, 0xed, 0xcb, 0xa4, 0xd5, 0x5d, 0x29,
+    0x82, 0x78, 0xb0, 0x8c, 0x72, 0xe0, 0x06, 0x90, 0x73, 0xd7, 0xad, 0xe2, 0xa2, 0xf8, 0xe2, 0x0a,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_PrivateKey = ByteSpan(sTestCert_PAI_FFF2_8004_FB_PrivateKey_Array);
+
 // ${chip_root}/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-Cert.pem
 
 constexpr uint8_t sTestCert_PAI_FFF2_NoPID_Cert_Array[] = {
@@ -1597,5 +2069,56 @@ constexpr uint8_t sTestCert_PAI_FFF2_NoPID_PrivateKey_Array[] = {
 
 extern const ByteSpan sTestCert_PAI_FFF2_NoPID_PrivateKey = ByteSpan(sTestCert_PAI_FFF2_NoPID_PrivateKey_Array);
 
+// ${chip_root}/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Cert.pem
+
+constexpr uint8_t sTestCert_PAI_FFF2_NoPID_FB_Cert_Array[] = {
+    0x30, 0x82, 0x01, 0x9c, 0x30, 0x82, 0x01, 0x42, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x08, 0x29, 0x25, 0x3e, 0x41, 0x2c, 0x7f,
+    0x86, 0xbc, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x1a, 0x31, 0x18, 0x30, 0x16, 0x06,
+    0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41,
+    0x30, 0x20, 0x17, 0x0d, 0x32, 0x31, 0x30, 0x36, 0x32, 0x38, 0x31, 0x34, 0x32, 0x33, 0x34, 0x33, 0x5a, 0x18, 0x0f, 0x39, 0x39,
+    0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x24, 0x31, 0x22, 0x30, 0x20, 0x06, 0x03,
+    0x55, 0x04, 0x03, 0x0c, 0x19, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x49, 0x20,
+    0x4d, 0x76, 0x69, 0x64, 0x3a, 0x46, 0x46, 0x46, 0x32, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+    0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x2d, 0x26, 0x49, 0xa7, 0xd8, 0xba,
+    0x9f, 0xc0, 0x99, 0xb4, 0xce, 0x30, 0x93, 0x28, 0x30, 0xa6, 0xb5, 0xb0, 0x79, 0xc3, 0x73, 0xa1, 0xdf, 0x83, 0x55, 0xa7, 0x27,
+    0xcd, 0xd2, 0xdb, 0x5e, 0x56, 0xcc, 0xee, 0xe1, 0x39, 0x52, 0x68, 0x86, 0x29, 0x1e, 0xcc, 0x70, 0x1e, 0x4e, 0xff, 0xf2, 0x55,
+    0x91, 0xb3, 0x8f, 0xf4, 0xfe, 0x96, 0x0d, 0x2b, 0xca, 0x6c, 0xdc, 0x29, 0x67, 0x68, 0xf8, 0xcb, 0xa3, 0x66, 0x30, 0x64, 0x30,
+    0x12, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x08, 0x30, 0x06, 0x01, 0x01, 0xff, 0x02, 0x01, 0x00, 0x30, 0x0e,
+    0x06, 0x03, 0x55, 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x01, 0x06, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e,
+    0x04, 0x16, 0x04, 0x14, 0xa3, 0x5b, 0xf0, 0x00, 0xd2, 0x77, 0x9d, 0xd2, 0x8d, 0x91, 0x8a, 0x77, 0x44, 0xde, 0x5b, 0x7f, 0x11,
+    0xe4, 0x4d, 0x27, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xe0, 0xfc, 0xd7, 0xf2, 0x22,
+    0x70, 0xab, 0xb2, 0xd4, 0x67, 0x58, 0x47, 0x10, 0xf5, 0xe4, 0x87, 0x76, 0x80, 0x7a, 0x26, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x02, 0x68, 0xb0, 0x9a, 0x83, 0x21, 0x21, 0xf6,
+    0xcb, 0xcb, 0x2e, 0x35, 0x59, 0x14, 0x57, 0xef, 0x97, 0x95, 0xb1, 0x50, 0x06, 0xd1, 0x93, 0x14, 0x0d, 0x80, 0xcd, 0x36, 0xc8,
+    0xd4, 0x08, 0xbe, 0x02, 0x21, 0x00, 0x9f, 0x68, 0x9d, 0x1d, 0x35, 0x42, 0x39, 0xb5, 0x83, 0xb5, 0xed, 0xcf, 0x3d, 0xdc, 0xfe,
+    0xa3, 0x29, 0xcf, 0x76, 0x77, 0x51, 0xdd, 0x6b, 0xaf, 0x9f, 0x55, 0xbb, 0xa6, 0xa9, 0x41, 0x17, 0xdb,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_Cert = ByteSpan(sTestCert_PAI_FFF2_NoPID_FB_Cert_Array);
+
+constexpr uint8_t sTestCert_PAI_FFF2_NoPID_FB_SKID_Array[] = {
+    0xA3, 0x5B, 0xF0, 0x00, 0xD2, 0x77, 0x9D, 0xD2, 0x8D, 0x91, 0x8A, 0x77, 0x44, 0xDE, 0x5B, 0x7F, 0x11, 0xE4, 0x4D, 0x27,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_SKID = ByteSpan(sTestCert_PAI_FFF2_NoPID_FB_SKID_Array);
+
+// ${chip_root}/credentials/test/attestation/Chip-Test-PAI-FFF2-NoPID-FB-Key.pem
+
+constexpr uint8_t sTestCert_PAI_FFF2_NoPID_FB_PublicKey_Array[] = {
+    0x04, 0x2d, 0x26, 0x49, 0xa7, 0xd8, 0xba, 0x9f, 0xc0, 0x99, 0xb4, 0xce, 0x30, 0x93, 0x28, 0x30, 0xa6,
+    0xb5, 0xb0, 0x79, 0xc3, 0x73, 0xa1, 0xdf, 0x83, 0x55, 0xa7, 0x27, 0xcd, 0xd2, 0xdb, 0x5e, 0x56, 0xcc,
+    0xee, 0xe1, 0x39, 0x52, 0x68, 0x86, 0x29, 0x1e, 0xcc, 0x70, 0x1e, 0x4e, 0xff, 0xf2, 0x55, 0x91, 0xb3,
+    0x8f, 0xf4, 0xfe, 0x96, 0x0d, 0x2b, 0xca, 0x6c, 0xdc, 0x29, 0x67, 0x68, 0xf8, 0xcb,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_PublicKey = ByteSpan(sTestCert_PAI_FFF2_NoPID_FB_PublicKey_Array);
+
+constexpr uint8_t sTestCert_PAI_FFF2_NoPID_FB_PrivateKey_Array[] = {
+    0xf7, 0x8c, 0xa0, 0x09, 0xd9, 0xa4, 0x81, 0x76, 0x79, 0x62, 0xde, 0x5d, 0x98, 0x97, 0x25, 0xcc,
+    0x45, 0x0d, 0xd4, 0xa2, 0xcb, 0xc5, 0x69, 0xf7, 0xde, 0x91, 0x76, 0x1f, 0x90, 0xc7, 0x7f, 0x0e,
+};
+
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_PrivateKey = ByteSpan(sTestCert_PAI_FFF2_NoPID_FB_PrivateKey_Array);
+
 } // namespace TestCerts
 } // namespace chip
diff --git a/src/credentials/tests/CHIPAttCert_test_vectors.h b/src/credentials/tests/CHIPAttCert_test_vectors.h
index 482cd9f4171426..4735e8e8c5faa4 100644
--- a/src/credentials/tests/CHIPAttCert_test_vectors.h
+++ b/src/credentials/tests/CHIPAttCert_test_vectors.h
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2021 Project CHIP Authors
+ *    Copyright (c) 2021-2022 Project CHIP Authors
  *    All rights reserved.
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
@@ -141,6 +141,46 @@ extern const ByteSpan sTestCert_DAC_FFF2_8002_0017_SKID;
 extern const ByteSpan sTestCert_DAC_FFF2_8002_0017_PublicKey;
 extern const ByteSpan sTestCert_DAC_FFF2_8002_0017_PrivateKey;
 
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0018_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_0019_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001A_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8003_001B_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001C_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001D_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001E_FB_PrivateKey;
+
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_Cert;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_SKID;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_PublicKey;
+extern const ByteSpan sTestCert_DAC_FFF2_8004_001F_FB_PrivateKey;
+
 extern const ByteSpan sTestCert_PAA_FFF1_Cert;
 extern const ByteSpan sTestCert_PAA_FFF1_SKID;
 extern const ByteSpan sTestCert_PAA_FFF1_PublicKey;
@@ -161,10 +201,20 @@ extern const ByteSpan sTestCert_PAI_FFF2_8001_SKID;
 extern const ByteSpan sTestCert_PAI_FFF2_8001_PublicKey;
 extern const ByteSpan sTestCert_PAI_FFF2_8001_PrivateKey;
 
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_Cert;
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_SKID;
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_PublicKey;
+extern const ByteSpan sTestCert_PAI_FFF2_8004_FB_PrivateKey;
+
 extern const ByteSpan sTestCert_PAI_FFF2_NoPID_Cert;
 extern const ByteSpan sTestCert_PAI_FFF2_NoPID_SKID;
 extern const ByteSpan sTestCert_PAI_FFF2_NoPID_PublicKey;
 extern const ByteSpan sTestCert_PAI_FFF2_NoPID_PrivateKey;
 
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_Cert;
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_SKID;
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_PublicKey;
+extern const ByteSpan sTestCert_PAI_FFF2_NoPID_FB_PrivateKey;
+
 } // namespace TestCerts
 } // namespace chip
diff --git a/src/crypto/CHIPCryptoPAL.cpp b/src/crypto/CHIPCryptoPAL.cpp
index 8ff43ed6a902ed..ed89f0dc50a724 100644
--- a/src/crypto/CHIPCryptoPAL.cpp
+++ b/src/crypto/CHIPCryptoPAL.cpp
@@ -24,6 +24,7 @@
 #include <lib/core/CHIPEncoding.h>
 #include <lib/support/BufferReader.h>
 #include <lib/support/BufferWriter.h>
+#include <lib/support/BytesToHex.h>
 #include <lib/support/CodeUtils.h>
 #include <lib/support/Span.h>
 #include <string.h>
@@ -800,5 +801,73 @@ CHIP_ERROR DeriveGroupSessionId(const ByteSpan & operational_key, uint16_t & ses
     return CHIP_NO_ERROR;
 }
 
+CHIP_ERROR ExtractVIDPIDFromAttributeString(DNAttrType attrType, const ByteSpan & attr,
+                                            AttestationCertVidPid & vidpidFromMatterAttr, AttestationCertVidPid & vidpidFromCNAttr)
+{
+    ReturnErrorCodeIf(attrType == DNAttrType::kUnspecified, CHIP_NO_ERROR);
+    ReturnErrorCodeIf(attr.empty(), CHIP_ERROR_INVALID_ARGUMENT);
+
+    if (attrType == DNAttrType::kMatterVID || attrType == DNAttrType::kMatterPID)
+    {
+        uint16_t matterAttr;
+        VerifyOrReturnError(attr.size() == kVIDandPIDHexLength, CHIP_ERROR_WRONG_CERT_DN);
+        VerifyOrReturnError(Encoding::UppercaseHexToUint16(reinterpret_cast<const char *>(attr.data()), attr.size(), matterAttr) ==
+                                sizeof(matterAttr),
+                            CHIP_ERROR_WRONG_CERT_DN);
+
+        if (attrType == DNAttrType::kMatterVID)
+        {
+            // Not more than one VID attribute can be present.
+            ReturnErrorCodeIf(vidpidFromMatterAttr.mVendorId.HasValue(), CHIP_ERROR_WRONG_CERT_DN);
+            vidpidFromMatterAttr.mVendorId.SetValue(static_cast<VendorId>(matterAttr));
+        }
+        else
+        {
+            // Not more than one PID attribute can be present.
+            ReturnErrorCodeIf(vidpidFromMatterAttr.mProductId.HasValue(), CHIP_ERROR_WRONG_CERT_DN);
+            vidpidFromMatterAttr.mProductId.SetValue(matterAttr);
+        }
+    }
+    // Otherwise, it is a CommonName attribute.
+    else if (!vidpidFromCNAttr.Initialized())
+    {
+        char cnAttr[kMax_CommonNameAttr_Length + 1];
+        if (attr.size() <= chip::Crypto::kMax_CommonNameAttr_Length)
+        {
+            memcpy(cnAttr, attr.data(), attr.size());
+            cnAttr[attr.size()] = 0;
+
+            char * vid = strstr(cnAttr, kVIDPrefixForCNEncoding);
+            if (vid != nullptr)
+            {
+                vid += strlen(kVIDPrefixForCNEncoding);
+                if (cnAttr + attr.size() >= vid + kVIDandPIDHexLength)
+                {
+                    uint16_t matterAttr;
+                    if (Encoding::UppercaseHexToUint16(vid, kVIDandPIDHexLength, matterAttr) == sizeof(matterAttr))
+                    {
+                        vidpidFromCNAttr.mVendorId.SetValue(static_cast<VendorId>(matterAttr));
+                    }
+                }
+            }
+
+            char * pid = strstr(cnAttr, kPIDPrefixForCNEncoding);
+            if (pid != nullptr)
+            {
+                pid += strlen(kPIDPrefixForCNEncoding);
+                if (cnAttr + attr.size() >= pid + kVIDandPIDHexLength)
+                {
+                    uint16_t matterAttr;
+                    if (Encoding::UppercaseHexToUint16(pid, kVIDandPIDHexLength, matterAttr) == sizeof(matterAttr))
+                    {
+                        vidpidFromCNAttr.mProductId.SetValue(matterAttr);
+                    }
+                }
+            }
+        }
+    }
+    return CHIP_NO_ERROR;
+}
+
 } // namespace Crypto
 } // namespace chip
diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h
index d4c15e6f640b6b..1dce7388056155 100644
--- a/src/crypto/CHIPCryptoPAL.h
+++ b/src/crypto/CHIPCryptoPAL.h
@@ -30,6 +30,7 @@
 
 #include <lib/core/CHIPError.h>
 #include <lib/core/CHIPVendorIdentifiers.hpp>
+#include <lib/core/Optional.h>
 #include <lib/support/CodeUtils.h>
 #include <lib/support/Span.h>
 
@@ -97,6 +98,11 @@ constexpr size_t kMAX_Hash_SHA256_Context_Size = CHIP_CONFIG_SHA256_CONTEXT_SIZE
 constexpr size_t kSpake2p_WS_Length                 = kP256_FE_Length + 8;
 constexpr size_t kSpake2p_VerifierSerialized_Length = kP256_FE_Length + kP256_Point_Length;
 
+constexpr char kVIDPrefixForCNEncoding[]    = "Mvid:";
+constexpr char kPIDPrefixForCNEncoding[]    = "Mpid:";
+constexpr size_t kVIDandPIDHexLength        = sizeof(uint16_t) * 2;
+constexpr size_t kMax_CommonNameAttr_Length = 64;
+
 /*
  * Overhead to encode a raw ECDSA signature in X9.62 format in ASN.1 DER
  *
@@ -1397,16 +1403,47 @@ CHIP_ERROR ExtractSKIDFromX509Cert(const ByteSpan & certificate, MutableByteSpan
  **/
 CHIP_ERROR ExtractAKIDFromX509Cert(const ByteSpan & certificate, MutableByteSpan & akid);
 
-enum class MatterOid
+/**
+ * Defines DN attribute types that can include endocing of VID/PID parameters.
+ */
+enum class DNAttrType
+{
+    kUnspecified = 0,
+    kCommonName  = 1,
+    kMatterVID   = 2,
+    kMatterPID   = 3,
+};
+
+/**
+ *  @struct AttestationCertVidPid
+ *
+ *  @brief
+ *    A data structure representing Attestation Certificate VID and PID attributes.
+ */
+struct AttestationCertVidPid
 {
-    kVendorId,
-    kProductId,
+    Optional<VendorId> mVendorId;
+    Optional<uint16_t> mProductId;
+
+    bool Initialized() const { return (mVendorId.HasValue() || mProductId.HasValue()); }
 };
 
 /**
- * @brief Extracts one of the IDs listed in MatterOid enum from an X509 Certificate.
+ * @brief Extracts VID and PID attributes from the DN Attribute string.
+ *        If attribute is not present the corresponding output value stays uninitialized.
+ *
+ * @return CHIP_ERROR_INVALID_ARGUMENT if wrong input is provided.
+ *         CHIP_ERROR_WRONG_CERT_DN if encoding of kMatterVID and kMatterPID attributes is wrong.
+ *         CHIP_NO_ERROR otherwise.
+ **/
+CHIP_ERROR ExtractVIDPIDFromAttributeString(DNAttrType attrType, const ByteSpan & attr,
+                                            AttestationCertVidPid & vidpidFromMatterAttr, AttestationCertVidPid & vidpidFromCNAttr);
+
+/**
+ * @brief Extracts VID and PID attributes from the Subject DN of an X509 Certificate.
+ *        If attribute is not present the corresponding output value stays uninitialized.
  **/
-CHIP_ERROR ExtractDNAttributeFromX509Cert(MatterOid matterOid, const ByteSpan & certificate, uint16_t & id);
+CHIP_ERROR ExtractVIDPIDFromX509Cert(const ByteSpan & x509Cert, AttestationCertVidPid & vidpid);
 
 /**
  * @brief Opaque context used to protect a symmetric key. The key operations must
diff --git a/src/crypto/CHIPCryptoPALOpenSSL.cpp b/src/crypto/CHIPCryptoPALOpenSSL.cpp
index fecd6296b1b4d4..d73bcc0684cf10 100644
--- a/src/crypto/CHIPCryptoPALOpenSSL.cpp
+++ b/src/crypto/CHIPCryptoPALOpenSSL.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2020-2021 Project CHIP Authors
+ *    Copyright (c) 2020-2022 Project CHIP Authors
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -41,6 +41,7 @@
 
 #include <lib/core/CHIPSafeCasts.h>
 #include <lib/support/BufferWriter.h>
+#include <lib/support/BytesToHex.h>
 #include <lib/support/CHIPArgParser.hpp>
 #include <lib/support/CodeUtils.h>
 #include <lib/support/SafeInt.h>
@@ -1872,20 +1873,18 @@ CHIP_ERROR ExtractAKIDFromX509Cert(const ByteSpan & certificate, MutableByteSpan
     return ExtractKIDFromX509Cert(false, certificate, akid);
 }
 
-namespace {
-
-CHIP_ERROR ExtractDNAttributeFromX509Cert(const char * oidString, const ByteSpan & certificate, uint16_t & id)
+CHIP_ERROR ExtractVIDPIDFromX509Cert(const ByteSpan & certificate, AttestationCertVidPid & vidpid)
 {
-    CHIP_ERROR err                            = CHIP_NO_ERROR;
-    X509 * x509certificate                    = nullptr;
-    const unsigned char * pCertificate        = certificate.data();
-    size_t oidStringSize                      = strlen(oidString) + 1;
-    constexpr size_t sOidStringSize           = 22;
-    char dnAttributeOidString[sOidStringSize] = { 0 };
-    X509_NAME * subject                       = nullptr;
-    int x509EntryCountIdx                     = 0;
+    ASN1_OBJECT * commonNameObj = OBJ_txt2obj("2.5.4.3", 1);
+    ASN1_OBJECT * matterVidObj  = OBJ_txt2obj("1.3.6.1.4.1.37244.2.1", 1); // Matter VID OID - taken from Spec
+    ASN1_OBJECT * matterPidObj  = OBJ_txt2obj("1.3.6.1.4.1.37244.2.2", 1); // Matter PID OID - taken from Spec
 
-    VerifyOrReturnError(oidStringSize == sOidStringSize, CHIP_ERROR_INVALID_ARGUMENT);
+    CHIP_ERROR err                     = CHIP_NO_ERROR;
+    X509 * x509certificate             = nullptr;
+    const unsigned char * pCertificate = certificate.data();
+    X509_NAME * subject                = nullptr;
+    int x509EntryCountIdx              = 0;
+    AttestationCertVidPid vidpidFromCN;
 
     x509certificate = d2i_X509(nullptr, &pCertificate, static_cast<long>(certificate.size()));
     VerifyOrExit(x509certificate != nullptr, err = CHIP_ERROR_NO_MEMORY);
@@ -1899,22 +1898,41 @@ CHIP_ERROR ExtractDNAttributeFromX509Cert(const char * oidString, const ByteSpan
         VerifyOrExit(name_entry != nullptr, err = CHIP_ERROR_INTERNAL);
         ASN1_OBJECT * object = X509_NAME_ENTRY_get_object(name_entry);
         VerifyOrExit(object != nullptr, err = CHIP_ERROR_INTERNAL);
-        VerifyOrExit(OBJ_obj2txt(dnAttributeOidString, sizeof(dnAttributeOidString), object, 0) != 0, err = CHIP_ERROR_INTERNAL);
 
-        if (strncmp(oidString, dnAttributeOidString, sizeof(dnAttributeOidString)) == 0)
+        DNAttrType attrType = DNAttrType::kUnspecified;
+        if (OBJ_cmp(object, commonNameObj) == 0)
+        {
+            attrType = DNAttrType::kCommonName;
+        }
+        else if (OBJ_cmp(object, matterVidObj) == 0)
+        {
+            attrType = DNAttrType::kMatterVID;
+        }
+        else if (OBJ_cmp(object, matterPidObj) == 0)
+        {
+            attrType = DNAttrType::kMatterPID;
+        }
+
+        if (attrType != DNAttrType::kUnspecified)
         {
             ASN1_STRING * data_entry = X509_NAME_ENTRY_get_data(name_entry);
             VerifyOrExit(data_entry != nullptr, err = CHIP_ERROR_INTERNAL);
             unsigned char * str = ASN1_STRING_data(data_entry);
             VerifyOrExit(str != nullptr, err = CHIP_ERROR_INTERNAL);
+            int len = ASN1_STRING_length(data_entry);
+            VerifyOrExit(CanCastTo<size_t>(len), err = CHIP_ERROR_INTERNAL);
 
-            VerifyOrExit(ArgParser::ParseInt(reinterpret_cast<const char *>(str), id, 16), err = CHIP_ERROR_INTERNAL);
-            break;
+            err = ExtractVIDPIDFromAttributeString(attrType, ByteSpan(str, static_cast<size_t>(len)), vidpid, vidpidFromCN);
+            SuccessOrExit(err);
         }
     }
 
-    // returning CHIP_ERROR_KEY_NOT_FOUND to indicate VID is not present in the certificate.
-    VerifyOrExit(x509EntryCountIdx < X509_NAME_entry_count(subject), err = CHIP_ERROR_KEY_NOT_FOUND);
+    // If Matter Attributes were not found use values extracted from the CN Attribute,
+    // which might be uninitialized as well.
+    if (!vidpid.Initialized())
+    {
+        vidpid = vidpidFromCN;
+    }
 
 exit:
     X509_free(x509certificate);
@@ -1922,25 +1940,5 @@ CHIP_ERROR ExtractDNAttributeFromX509Cert(const char * oidString, const ByteSpan
     return err;
 }
 
-} // namespace
-
-CHIP_ERROR ExtractDNAttributeFromX509Cert(MatterOid matterOid, const ByteSpan & certificate, uint16_t & id)
-{
-    constexpr char vidOidString[] = "1.3.6.1.4.1.37244.2.1"; // Matter VID OID - taken from Spec
-    constexpr char pidOidString[] = "1.3.6.1.4.1.37244.2.2"; // Matter PID OID - taken from Spec
-
-    switch (matterOid)
-    {
-    case MatterOid::kVendorId:
-        id = VendorId::NotSpecified;
-        return ExtractDNAttributeFromX509Cert(vidOidString, certificate, id);
-    case MatterOid::kProductId:
-        id = 0; // PID not specified value
-        return ExtractDNAttributeFromX509Cert(pidOidString, certificate, id);
-    default:
-        return CHIP_ERROR_INVALID_ARGUMENT;
-    }
-}
-
 } // namespace Crypto
 } // namespace chip
diff --git a/src/crypto/CHIPCryptoPALmbedTLS.cpp b/src/crypto/CHIPCryptoPALmbedTLS.cpp
index 5d1497630f13bf..a44bd80b0df244 100644
--- a/src/crypto/CHIPCryptoPALmbedTLS.cpp
+++ b/src/crypto/CHIPCryptoPALmbedTLS.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2020-2021 Project CHIP Authors
+ *    Copyright (c) 2020-2022 Project CHIP Authors
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -46,6 +46,7 @@
 
 #include <lib/core/CHIPSafeCasts.h>
 #include <lib/support/BufferWriter.h>
+#include <lib/support/BytesToHex.h>
 #include <lib/support/CHIPArgParser.hpp>
 #include <lib/support/CodeUtils.h>
 #include <lib/support/SafePointerCast.h>
@@ -1592,18 +1593,17 @@ CHIP_ERROR ExtractAKIDFromX509Cert(const ByteSpan & certificate, MutableByteSpan
     return ExtractKIDFromX509Cert(false, certificate, akid);
 }
 
-namespace {
-
-CHIP_ERROR ExtractDNAttributeFromX509Cert(const uint8_t * oidAttribute, size_t oidAttributeLen, const ByteSpan & certificate,
-                                          uint16_t & id)
+CHIP_ERROR ExtractVIDPIDFromX509Cert(const ByteSpan & certificate, AttestationCertVidPid & vidpid)
 {
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
+    constexpr uint8_t sOID_AttributeType_CommonName[]      = { 0x55, 0x04, 0x03 };
+    constexpr uint8_t sOID_AttributeType_MatterVendorId[]  = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0xA2, 0x7C, 0x02, 0x01 };
+    constexpr uint8_t sOID_AttributeType_MatterProductId[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0xA2, 0x7C, 0x02, 0x02 };
+
     CHIP_ERROR error = CHIP_NO_ERROR;
     mbedtls_x509_crt mbed_cert;
-    mbedtls_asn1_named_data * dnIterator    = nullptr;
-    constexpr size_t dnAttributeSize        = 4;
-    constexpr size_t dnAttributeStringSize  = dnAttributeSize + 1;
-    char dnAttribute[dnAttributeStringSize] = { 0 };
+    mbedtls_asn1_named_data * dnIterator = nullptr;
+    AttestationCertVidPid vidpidFromCN;
 
     mbedtls_x509_crt_init(&mbed_cert);
 
@@ -1613,61 +1613,53 @@ CHIP_ERROR ExtractDNAttributeFromX509Cert(const uint8_t * oidAttribute, size_t o
     for (dnIterator = &mbed_cert.CHIP_CRYPTO_PAL_PRIVATE_X509(subject); dnIterator != nullptr;
          dnIterator = dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(next))
     {
-        if (dnIterator != nullptr && dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(oid).CHIP_CRYPTO_PAL_PRIVATE_X509(p) != nullptr &&
-            dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(oid).CHIP_CRYPTO_PAL_PRIVATE_X509(len) == oidAttributeLen &&
-            memcmp(oidAttribute, dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(oid).CHIP_CRYPTO_PAL_PRIVATE_X509(p),
-                   dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(oid).CHIP_CRYPTO_PAL_PRIVATE_X509(len)) == 0 &&
-            dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(val).CHIP_CRYPTO_PAL_PRIVATE_X509(p) != nullptr &&
-            dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(val).CHIP_CRYPTO_PAL_PRIVATE_X509(len) == dnAttributeSize)
+        size_t oid_len  = dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(oid).CHIP_CRYPTO_PAL_PRIVATE_X509(len);
+        uint8_t * oid_p = dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(oid).CHIP_CRYPTO_PAL_PRIVATE_X509(p);
+        size_t val_len  = dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(val).CHIP_CRYPTO_PAL_PRIVATE_X509(len);
+        uint8_t * val_p = dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(val).CHIP_CRYPTO_PAL_PRIVATE_X509(p);
+
+        if (oid_p != nullptr && val_p != nullptr)
         {
-            // vendor id is of size 4, we should ensure the string is null terminated before passing in to strtoul to avoid
-            // undefined behavior
-            memcpy(dnAttribute, dnIterator->CHIP_CRYPTO_PAL_PRIVATE_X509(val).CHIP_CRYPTO_PAL_PRIVATE_X509(p), dnAttributeSize);
-            dnAttribute[dnAttributeSize] = 0;
-            VerifyOrExit(ArgParser::ParseInt(dnAttribute, id, 16), error = CHIP_ERROR_INTERNAL);
-            break;
+            DNAttrType attrType = DNAttrType::kUnspecified;
+            if ((oid_len == sizeof(sOID_AttributeType_CommonName)) && (memcmp(sOID_AttributeType_CommonName, oid_p, oid_len) == 0))
+            {
+                attrType = DNAttrType::kCommonName;
+            }
+            else if ((oid_len == sizeof(sOID_AttributeType_MatterVendorId)) &&
+                     (memcmp(sOID_AttributeType_MatterVendorId, oid_p, oid_len) == 0))
+            {
+                attrType = DNAttrType::kMatterVID;
+            }
+            else if ((oid_len == sizeof(sOID_AttributeType_MatterProductId)) &&
+                     (memcmp(sOID_AttributeType_MatterProductId, oid_p, oid_len) == 0))
+            {
+                attrType = DNAttrType::kMatterPID;
+            }
+
+            error = ExtractVIDPIDFromAttributeString(attrType, ByteSpan(val_p, val_len), vidpid, vidpidFromCN);
+            SuccessOrExit(error);
         }
     }
 
-    // returning CHIP_ERROR_KEY_NOT_FOUND to indicate that the DN Attribute is not present in the certificate.
-    VerifyOrExit(dnIterator != nullptr, error = CHIP_ERROR_KEY_NOT_FOUND);
+    // If Matter Attributes were not found use values extracted from the CN Attribute,
+    // which might be uninitialized as well.
+    if (!vidpid.Initialized())
+    {
+        vidpid = vidpidFromCN;
+    }
 
 exit:
     _log_mbedTLS_error(result);
     mbedtls_x509_crt_free(&mbed_cert);
 
 #else
-    (void) oidAttribute;
-    (void) oidAttributeLen;
     (void) certificate;
-    (void) id;
+    (void) vidpid;
     CHIP_ERROR error = CHIP_ERROR_NOT_IMPLEMENTED;
 #endif // defined(MBEDTLS_X509_CRT_PARSE_C)
 
     return error;
 }
 
-} // namespace
-
-CHIP_ERROR ExtractDNAttributeFromX509Cert(MatterOid matterOid, const ByteSpan & certificate, uint16_t & id)
-{
-    constexpr uint8_t sOID_AttributeType_ChipVendorId[]  = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0xA2, 0x7C, 0x02, 0x01 };
-    constexpr uint8_t sOID_AttributeType_ChipProductId[] = { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0xA2, 0x7C, 0x02, 0x02 };
-
-    switch (matterOid)
-    {
-    case MatterOid::kVendorId:
-        id = VendorId::NotSpecified;
-        return ExtractDNAttributeFromX509Cert(sOID_AttributeType_ChipVendorId, sizeof(sOID_AttributeType_ChipVendorId), certificate,
-                                              id);
-    case MatterOid::kProductId:
-        id = 0; // PID not specified value
-        return ExtractDNAttributeFromX509Cert(sOID_AttributeType_ChipProductId, sizeof(sOID_AttributeType_ChipProductId),
-                                              certificate, id);
-    default:
-        return CHIP_ERROR_INVALID_ARGUMENT;
-    }
-}
-
 } // namespace Crypto
 } // namespace chip
diff --git a/src/crypto/tests/CHIPCryptoPALTest.cpp b/src/crypto/tests/CHIPCryptoPALTest.cpp
index 011e00cea5fa19..96aa6ec4e8e2bb 100644
--- a/src/crypto/tests/CHIPCryptoPALTest.cpp
+++ b/src/crypto/tests/CHIPCryptoPALTest.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2020-2021 Project CHIP Authors
+ *    Copyright (c) 2020-2022 Project CHIP Authors
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
  *    you may not use this file except in compliance with the License.
@@ -2069,56 +2069,143 @@ static void TestAKID_x509Extraction(nlTestSuite * inSuite, void * inContext)
     }
 }
 
-static void TestVID_x509Extraction(nlTestSuite * inSuite, void * inContext)
+static void TestVIDPID_StringExtraction(nlTestSuite * inSuite, void * inContext)
 {
-    using namespace TestCerts;
-
     HeapChecker heapChecker(inSuite);
 
-    // Test scenario where Certificate does not contain a Vendor ID field
-    ByteSpan kOpCertNoVID;
-    NL_TEST_ASSERT(inSuite, GetTestCert(TestCert::kNode01_01, TestCertLoadFlags::kDERForm, kOpCertNoVID) == CHIP_NO_ERROR);
+    // Matter VID/PID Attribute examples (from the spec):
+    const char * sTestMatterAttribute01 = "FFF1";
+    const char * sTestMatterAttribute02 = "0000";
+    const char * sTestMatterAttribute03 = "ABCD";
+    const char * sTestMatterAttribute04 = "D90F";
+
+    // Matter VID/PID Attribute error cases (from the spec):
+    const char * sTestMatterAttribute05 = "12eF";
+    const char * sTestMatterAttribute06 = "12345";
+    const char * sTestMatterAttribute07 = "AB5";
+    const char * sTestMatterAttribute08 = "abct";
+    const char * sTestMatterAttribute09 = "10FH";
+    const char * sTestMatterAttribute10 = "0x1234";
+    const char * sTestMatterAttribute11 = "0x45";
+    const char * sTestMatterAttribute12 = "Mvip:1234";
+    const char * sTestMatterAttribute13 = "HELLO";
+    const char * sTestMatterAttribute14 = "12";
+
+    // Common Name (CN) VID/PID encoding examples (from the spec):
+    const char * sTestCNAttribute01 = "Mvid:FFF1";
+    const char * sTestCNAttribute02 = "Mvid:002A";
+    const char * sTestCNAttribute03 = "Mpid:C20A";
+    const char * sTestCNAttribute04 = "Mpid:03A5";
+    const char * sTestCNAttribute05 = "ACME Matter Devel DAC 5CDA9899 Mvid:FFF1 Mpid:00B1";
+    const char * sTestCNAttribute06 = "Mpid:00B1,ACME Matter Devel DAC 5CDA9899,Mvid:FFF1";
+    const char * sTestCNAttribute07 = "ACME Matter Devel DAC 5CDA9899 Mvid:FFF1Mpid:00B1";
+    const char * sTestCNAttribute08 = "Mvid:FFF1ACME Matter Devel DAC 5CDAMpid:00B19899";
+
+    // Common Name (CN) VID/PID encoding error cases (from the spec):
+    const char * sTestCNAttribute09 = "ACME Matter Devel DAC 5CDA9899 Mvid:FF1 Mpid:00B1";
+    const char * sTestCNAttribute10 = "ACME Matter Devel DAC 5CDA9899 Mvid:fff1 Mpid:00B1";
+    const char * sTestCNAttribute11 = "ACME Matter Devel DAC 5CDA9899 Mvid:FFF1 Mpid:B1";
+    const char * sTestCNAttribute12 = "ACME Matter Devel DAC 5CDA9899 Mpid: Mvid:FFF1";
+
+    // Common Name (CN) VID/PID encoding error cases (more examples):
+    const char * sTestCNAttribute13 = "Mpid:987Mvid:FFF10x";
+    const char * sTestCNAttribute14 = "MpidMvid:FFF10 Matter Test Mpid:FE67";
+    const char * sTestCNAttribute15 = "Matter Devel Mpid:Mvid:Fff1";
 
     struct TestCase
     {
-        ByteSpan cert;
-        uint16_t expectedVid;
+        DNAttrType attrType;
+        ByteSpan attr;
+        bool expectedVidPresent;
+        bool expectedPidPresent;
+        VendorId expectedVid;
+        uint16_t expectedPid;
         CHIP_ERROR expectedResult;
     };
 
+    // clang-format off
     const TestCase kTestCases[] = {
-        { sTestCert_PAA_FFF1_Cert, 0xFFF1, CHIP_NO_ERROR },
-        { sTestCert_PAI_FFF1_8000_Cert, 0xFFF1, CHIP_NO_ERROR },
-        { sTestCert_DAC_FFF1_8000_0004_Cert, 0xFFF1, CHIP_NO_ERROR },
-        { sTestCert_PAI_FFF2_8001_Cert, 0xFFF2, CHIP_NO_ERROR },
-        { sTestCert_DAC_FFF2_8001_0009_Cert, 0xFFF2, CHIP_NO_ERROR },
-        // VID not present cases:
-        { sTestCert_PAA_NoVID_Cert, 0xFFFF, CHIP_ERROR_KEY_NOT_FOUND },
-        { kOpCertNoVID, 0xFFFF, CHIP_ERROR_KEY_NOT_FOUND },
+        // Matter VID/PID Attribute examples:
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute01), strlen(sTestMatterAttribute01)), true, false, chip::VendorId::TestVendor1, 0x0000, CHIP_NO_ERROR },
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute02), strlen(sTestMatterAttribute02)), true, false, chip::VendorId::Common, 0x0000, CHIP_NO_ERROR },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute03), strlen(sTestMatterAttribute03)), false, true, chip::VendorId::NotSpecified, 0xABCD, CHIP_NO_ERROR },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute04), strlen(sTestMatterAttribute04)), false, true, chip::VendorId::NotSpecified, 0xD90F, CHIP_NO_ERROR },
+        // Matter VID/PID Attribute error cases:
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute05), strlen(sTestMatterAttribute05)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute06), strlen(sTestMatterAttribute06)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute07), strlen(sTestMatterAttribute07)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute08), strlen(sTestMatterAttribute08)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute09), strlen(sTestMatterAttribute09)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute10), strlen(sTestMatterAttribute10)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute11), strlen(sTestMatterAttribute11)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute12), strlen(sTestMatterAttribute12)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterVID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute13), strlen(sTestMatterAttribute13)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        { DNAttrType::kMatterPID, ByteSpan(reinterpret_cast<const uint8_t *>(sTestMatterAttribute14), strlen(sTestMatterAttribute14)), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_WRONG_CERT_DN },
+        // Common Name (CN) VID/PID encoding examples:
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute01), strlen(sTestCNAttribute01)), true, false, chip::VendorId::TestVendor1, 0, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute02), strlen(sTestCNAttribute02)), true, false, static_cast<chip::VendorId>(0x002A), 0, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute03), strlen(sTestCNAttribute03)), false, true, chip::VendorId::NotSpecified, 0xC20A, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute04), strlen(sTestCNAttribute04)), false, true, chip::VendorId::NotSpecified, 0x03A5, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute05), strlen(sTestCNAttribute05)), true, true, chip::VendorId::TestVendor1, 0x00B1, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute06), strlen(sTestCNAttribute06)), true, true, chip::VendorId::TestVendor1, 0x00B1, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute07), strlen(sTestCNAttribute07)), true, true, chip::VendorId::TestVendor1, 0x00B1, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute08), strlen(sTestCNAttribute08)), true, true, chip::VendorId::TestVendor1, 0x00B1, CHIP_NO_ERROR },
+        // Common Name (CN) VID/PID encoding error cases:
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute09), strlen(sTestCNAttribute09)), false, true, chip::VendorId::NotSpecified, 0x00B1, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute10), strlen(sTestCNAttribute10)), false, true, chip::VendorId::NotSpecified, 0x00B1, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute11), strlen(sTestCNAttribute11)), true, false, chip::VendorId::TestVendor1, 0, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute12), strlen(sTestCNAttribute12)), true, false, chip::VendorId::TestVendor1, 0, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute13), strlen(sTestCNAttribute13)), true, false, chip::VendorId::TestVendor1, 0, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute14), strlen(sTestCNAttribute14)), true, true, chip::VendorId::TestVendor1, 0xFE67, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute15), strlen(sTestCNAttribute15)), false, false, chip::VendorId::NotSpecified, 0, CHIP_NO_ERROR },
+        // Other input combinations:
+        { DNAttrType::kUnspecified, ByteSpan(reinterpret_cast<const uint8_t *>(sTestCNAttribute15), strlen(sTestCNAttribute15)), false, false, chip::VendorId::NotSpecified, 0, CHIP_NO_ERROR },
+        { DNAttrType::kCommonName, ByteSpan(nullptr, 0), false, false, chip::VendorId::NotSpecified, 0, CHIP_ERROR_INVALID_ARGUMENT },
     };
+    // clang-format on
 
+    int i = 1;
     for (const auto & testCase : kTestCases)
     {
-        uint16_t vid;
-        CHIP_ERROR result = ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, testCase.cert, vid);
+        fprintf(stderr, "DEBUG 01 i = %d\n", i);
+        AttestationCertVidPid vidpid;
+        AttestationCertVidPid vidpidFromCN;
+        AttestationCertVidPid vidpidToCheck;
+        CHIP_ERROR result = ExtractVIDPIDFromAttributeString(testCase.attrType, testCase.attr, vidpid, vidpidFromCN);
+        fprintf(stderr, "DEBUG 02 i = %d equal = %d\n", i++, (result == testCase.expectedResult));
         NL_TEST_ASSERT(inSuite, result == testCase.expectedResult);
 
-        // In success cases, make sure the VID matches expectation.
-        if (testCase.expectedResult == CHIP_NO_ERROR)
+        if (testCase.attrType == DNAttrType::kMatterVID || testCase.attrType == DNAttrType::kMatterPID)
         {
-            NL_TEST_ASSERT(inSuite, vid == testCase.expectedVid);
+            NL_TEST_ASSERT(inSuite, !vidpidFromCN.Initialized());
+            vidpidToCheck = vidpid;
+        }
+        else if (testCase.attrType == DNAttrType::kCommonName)
+        {
+            NL_TEST_ASSERT(inSuite, !vidpid.Initialized());
+            vidpidToCheck = vidpidFromCN;
+        }
+
+        NL_TEST_ASSERT(inSuite, vidpidToCheck.mVendorId.HasValue() == testCase.expectedVidPresent);
+        NL_TEST_ASSERT(inSuite, vidpidToCheck.mProductId.HasValue() == testCase.expectedPidPresent);
+
+        if (testCase.expectedVidPresent)
+        {
+            NL_TEST_ASSERT(inSuite, vidpidToCheck.mVendorId.Value() == testCase.expectedVid);
+        }
+
+        if (testCase.expectedPidPresent)
+        {
+            NL_TEST_ASSERT(inSuite, vidpidToCheck.mProductId.Value() == testCase.expectedPid);
         }
     }
 }
 
-static void TestPID_x509Extraction(nlTestSuite * inSuite, void * inContext)
+static void TestVIDPID_x509Extraction(nlTestSuite * inSuite, void * inContext)
 {
     using namespace TestCerts;
 
     HeapChecker heapChecker(inSuite);
-    /*
-    credentials/test/attestation/Chip-Test-DAC-FFF1-8000-0004-Cert.pem
-    */
 
     // Test scenario where Certificate does not contain a Vendor ID field
     ByteSpan kOpCertNoVID;
@@ -2127,33 +2214,53 @@ static void TestPID_x509Extraction(nlTestSuite * inSuite, void * inContext)
     struct TestCase
     {
         ByteSpan cert;
+        bool expectedVidPresent;
+        bool expectedPidPresent;
+        VendorId expectedVid;
         uint16_t expectedPid;
         CHIP_ERROR expectedResult;
     };
 
     const TestCase kTestCases[] = {
-        { sTestCert_PAI_FFF1_8000_Cert, 0x8000, CHIP_NO_ERROR },
-        { sTestCert_DAC_FFF1_8000_0004_Cert, 0x8000, CHIP_NO_ERROR },
-        { sTestCert_PAI_FFF2_8001_Cert, 0x8001, CHIP_NO_ERROR },
-        { sTestCert_DAC_FFF2_8001_0009_Cert, 0x8001, CHIP_NO_ERROR },
-        { sTestCert_DAC_FFF2_8002_0016_Cert, 0x8002, CHIP_NO_ERROR },
-        // PID not present cases:
-        { sTestCert_PAA_FFF1_Cert, 0xFFFF, CHIP_ERROR_KEY_NOT_FOUND },
-        { sTestCert_PAA_NoVID_Cert, 0xFFFF, CHIP_ERROR_KEY_NOT_FOUND },
-        { sTestCert_PAI_FFF2_NoPID_Cert, 0xFFFF, CHIP_ERROR_KEY_NOT_FOUND },
-        { kOpCertNoVID, 0xFFFF, CHIP_ERROR_KEY_NOT_FOUND },
+        // VID and PID preset cases:
+        { sTestCert_PAI_FFF1_8000_Cert, true, true, chip::VendorId::TestVendor1, 0x8000, CHIP_NO_ERROR },
+        { sTestCert_DAC_FFF1_8000_0004_Cert, true, true, chip::VendorId::TestVendor1, 0x8000, CHIP_NO_ERROR },
+        { sTestCert_PAI_FFF2_8001_Cert, true, true, chip::VendorId::TestVendor2, 0x8001, CHIP_NO_ERROR },
+        { sTestCert_DAC_FFF2_8001_0009_Cert, true, true, chip::VendorId::TestVendor2, 0x8001, CHIP_NO_ERROR },
+        { sTestCert_DAC_FFF2_8002_0016_Cert, true, true, chip::VendorId::TestVendor2, 0x8002, CHIP_NO_ERROR },
+        { sTestCert_DAC_FFF2_8003_0019_FB_Cert, true, true, chip::VendorId::TestVendor2, 0x8003, CHIP_NO_ERROR },
+        { sTestCert_DAC_FFF2_8004_001E_FB_Cert, true, true, chip::VendorId::TestVendor2, 0x8004, CHIP_NO_ERROR },
+        { sTestCert_PAI_FFF2_8004_FB_Cert, true, true, chip::VendorId::TestVendor2, 0x8004, CHIP_NO_ERROR },
+        // VID present and PID not present cases:
+        { sTestCert_PAA_FFF1_Cert, true, false, chip::VendorId::TestVendor1, 0x0000, CHIP_NO_ERROR },
+        { sTestCert_PAI_FFF2_NoPID_Cert, true, false, chip::VendorId::TestVendor2, 0x0000, CHIP_NO_ERROR },
+        { sTestCert_PAI_FFF2_NoPID_FB_Cert, true, false, chip::VendorId::TestVendor2, 0x0000, CHIP_NO_ERROR },
+        // VID and PID not present cases:
+        { sTestCert_PAA_NoVID_Cert, false, false, chip::VendorId::NotSpecified, 0x0000, CHIP_NO_ERROR },
+        { kOpCertNoVID, false, false, chip::VendorId::NotSpecified, 0x0000, CHIP_NO_ERROR },
     };
 
+    int i = 1;
     for (const auto & testCase : kTestCases)
     {
-        uint16_t pid;
-        CHIP_ERROR result = ExtractDNAttributeFromX509Cert(MatterOid::kProductId, testCase.cert, pid);
+        fprintf(stderr, "DEBUG 01 i = %d\n", i);
+        AttestationCertVidPid vidpid;
+        CHIP_ERROR result = ExtractVIDPIDFromX509Cert(testCase.cert, vidpid);
+        fprintf(stderr, "DEBUG 02 i = %d equal = %d\n", i++, (result == testCase.expectedResult));
         NL_TEST_ASSERT(inSuite, result == testCase.expectedResult);
+        NL_TEST_ASSERT(inSuite, vidpid.mVendorId.HasValue() == testCase.expectedVidPresent);
+        NL_TEST_ASSERT(inSuite, vidpid.mProductId.HasValue() == testCase.expectedPidPresent);
+
+        // If present, make sure the VID matches expectation.
+        if (testCase.expectedVidPresent)
+        {
+            NL_TEST_ASSERT(inSuite, vidpid.mVendorId.Value() == testCase.expectedVid);
+        }
 
-        // In success cases, make sure the PID matches expectation.
-        if (testCase.expectedResult == CHIP_NO_ERROR)
+        // If present, make sure the VID matches expectation.
+        if (testCase.expectedPidPresent)
         {
-            NL_TEST_ASSERT(inSuite, pid == testCase.expectedPid);
+            NL_TEST_ASSERT(inSuite, vidpid.mProductId.Value() == testCase.expectedPid);
         }
     }
 }
@@ -2291,8 +2398,8 @@ static const nlTest sTests[] = {
     NL_TEST_DEF("Test x509 Certificate Timestamp Validation", TestX509_IssuingTimestampValidation),
     NL_TEST_DEF("Test Subject Key Id Extraction from x509 Certificate", TestSKID_x509Extraction),
     NL_TEST_DEF("Test Authority Key Id Extraction from x509 Certificate", TestAKID_x509Extraction),
-    NL_TEST_DEF("Test Vendor ID Extraction from x509 Attestation Certificate", TestVID_x509Extraction),
-    NL_TEST_DEF("Test Product ID Extraction from x509 Attestation Certificate", TestPID_x509Extraction),
+    NL_TEST_DEF("Test Vendor ID and Product ID Extraction from Attribute String", TestVIDPID_StringExtraction),
+    NL_TEST_DEF("Test Vendor ID and Product ID Extraction from x509 Attestation Certificate", TestVIDPID_x509Extraction),
     NL_TEST_DEF("Test Group Operation Key Derivation", TestGroup_OperationalKeyDerivation),
     NL_TEST_DEF("Test Group Session ID Derivation", TestGroup_SessionIdDerivation),
     NL_TEST_SENTINEL()
diff --git a/src/tools/chip-cert/CertUtils.cpp b/src/tools/chip-cert/CertUtils.cpp
index 65198bef2d3a59..2b9555c6825cad 100644
--- a/src/tools/chip-cert/CertUtils.cpp
+++ b/src/tools/chip-cert/CertUtils.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2021 Project CHIP Authors
+ *    Copyright (c) 2021-2022 Project CHIP Authors
  *    Copyright (c) 2013-2017 Nest Labs, Inc.
  *    All rights reserved.
  *
@@ -27,6 +27,7 @@
 #define __STDC_FORMAT_MACROS
 
 #include "chip-cert.h"
+#include <lib/support/BytesToHex.h>
 
 #include <string>
 
@@ -69,24 +70,28 @@ bool ToolChipDN::SetCertSubjectDN(X509 * cert) const
             ExitNow(res = false);
         }
 
-        if (IsChipDNAttr(rdn[i].mAttrOID))
+        if (IsChip64bitDNAttr(rdn[i].mAttrOID))
         {
-            char chipAttrStr[17];
-            int chipAttrLen;
+            char chipAttrStr[kChip64bitAttrUTF8Length];
+            VerifyOrReturnError(Encoding::Uint64ToHex(rdn[i].mChipVal, chipAttrStr, sizeof(chipAttrStr),
+                                                      Encoding::HexFlags::kUppercase) == CHIP_NO_ERROR,
+                                false);
 
-            if (IsChip64bitDNAttr(rdn[i].mAttrOID))
-            {
-                snprintf(chipAttrStr, sizeof(chipAttrStr), "%016" PRIX64 "", rdn[i].mChipVal);
-                chipAttrLen = 16;
-            }
-            else
+            if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(cert), attrNID, MBSTRING_UTF8,
+                                            reinterpret_cast<uint8_t *>(chipAttrStr), sizeof(chipAttrStr), -1, 0))
             {
-                snprintf(chipAttrStr, sizeof(chipAttrStr), "%08" PRIX32 "", static_cast<uint32_t>(rdn[i].mChipVal));
-                chipAttrLen = 8;
+                ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
             }
+        }
+        else if (IsChip32bitDNAttr(rdn[i].mAttrOID))
+        {
+            char chipAttrStr[kChip32bitAttrUTF8Length];
+            VerifyOrReturnError(Encoding::Uint32ToHex(static_cast<uint32_t>(rdn[i].mChipVal), chipAttrStr, sizeof(chipAttrStr),
+                                                      Encoding::HexFlags::kUppercase) == CHIP_NO_ERROR,
+                                false);
 
-            if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(cert), attrNID, MBSTRING_UTF8, (unsigned char *) chipAttrStr,
-                                            chipAttrLen, -1, 0))
+            if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(cert), attrNID, MBSTRING_UTF8,
+                                            reinterpret_cast<uint8_t *>(chipAttrStr), sizeof(chipAttrStr), -1, 0))
             {
                 ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
             }
@@ -133,11 +138,12 @@ void ToolChipDN::PrintDN(FILE * file, const char * name) const
     {
         if (IsChip64bitDNAttr(rdn[i].mAttrOID))
         {
-            snprintf(valueStr, sizeof(valueStr), "%016" PRIX64, rdn[i].mChipVal);
+            Encoding::Uint64ToHex(rdn[i].mChipVal, valueStr, sizeof(valueStr), Encoding::HexFlags::kUppercaseAndNullTerminate);
         }
         else if (IsChip32bitDNAttr(rdn[i].mAttrOID))
         {
-            snprintf(valueStr, sizeof(valueStr), "%08" PRIX32, static_cast<uint32_t>(rdn[i].mChipVal));
+            Encoding::Uint32ToHex(static_cast<uint32_t>(rdn[i].mChipVal), valueStr, sizeof(valueStr),
+                                  Encoding::HexFlags::kUppercaseAndNullTerminate);
         }
         else
         {
@@ -742,8 +748,9 @@ bool ResignCert(X509 * cert, X509 * caCert, EVP_PKEY * caKey)
     return res;
 }
 
-bool MakeAttCert(AttCertType attCertType, const char * subjectCN, uint16_t subjectVID, uint16_t subjectPID, X509 * caCert,
-                 EVP_PKEY * caKey, const struct tm & validFrom, uint32_t validDays, X509 * newCert, EVP_PKEY * newKey)
+bool MakeAttCert(AttCertType attCertType, const char * subjectCN, uint16_t subjectVID, uint16_t subjectPID,
+                 bool encodeVIDandPIDasCN, X509 * caCert, EVP_PKEY * caKey, const struct tm & validFrom, uint32_t validDays,
+                 X509 * newCert, EVP_PKEY * newKey)
 {
     bool res = true;
 
@@ -773,39 +780,105 @@ bool MakeAttCert(AttCertType attCertType, const char * subjectCN, uint16_t subje
         ReportOpenSSLErrorAndExit("X509_set_pubkey", res = false);
     }
 
-    // Add common name attribute to the certificate subject DN.
-    if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(newCert), NID_commonName, MBSTRING_UTF8,
-                                    reinterpret_cast<unsigned char *>(const_cast<char *>(subjectCN)),
-                                    static_cast<int>(strlen(subjectCN)), -1, 0))
+    // Encode Common Name (CN) Attribute.
     {
-        ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
-    }
+        char cnAttrStr[chip::Crypto::kMax_CommonNameAttr_Length];
+        size_t cnAttrStrLen = 0;
+        if (subjectCN != nullptr)
+        {
+            VerifyOrReturnError(strlen(subjectCN) <= sizeof(cnAttrStr), false);
+            memcpy(cnAttrStr, subjectCN, strlen(subjectCN));
+            cnAttrStrLen += strlen(subjectCN);
+        }
 
-    // Add VID attribute to the certificate subject DN.
-    if (subjectVID != VendorId::NotSpecified)
-    {
-        char chipAttrStr[5];
+        if (encodeVIDandPIDasCN)
+        {
+            if (subjectVID != VendorId::NotSpecified)
+            {
+                // Add space to separate from the previous string.
+                if (cnAttrStrLen > 0)
+                {
+                    VerifyOrReturnError((cnAttrStrLen + 1) <= sizeof(cnAttrStr), false);
+                    cnAttrStr[cnAttrStrLen] = ' ';
+                    cnAttrStrLen++;
+                }
+
+                VerifyOrReturnError((cnAttrStrLen + strlen(chip::Crypto::kVIDPrefixForCNEncoding) +
+                                     chip::Crypto::kVIDandPIDHexLength) <= sizeof(cnAttrStr),
+                                    false);
+
+                memcpy(&cnAttrStr[cnAttrStrLen], chip::Crypto::kVIDPrefixForCNEncoding,
+                       strlen(chip::Crypto::kVIDPrefixForCNEncoding));
+                cnAttrStrLen += strlen(chip::Crypto::kVIDPrefixForCNEncoding);
+
+                VerifyOrReturnError(Encoding::Uint16ToHex(subjectVID, &cnAttrStr[cnAttrStrLen], chip::Crypto::kVIDandPIDHexLength,
+                                                          Encoding::HexFlags::kUppercase) == CHIP_NO_ERROR,
+                                    false);
+                cnAttrStrLen += chip::Crypto::kVIDandPIDHexLength;
+            }
 
-        snprintf(chipAttrStr, sizeof(chipAttrStr), "%04" PRIX16 "", subjectVID);
+            if (subjectPID != 0)
+            {
+                // Add space to separate from the previous string.
+                if (cnAttrStrLen > 0)
+                {
+                    VerifyOrReturnError((cnAttrStrLen + 1) <= sizeof(cnAttrStr), false);
+                    cnAttrStr[cnAttrStrLen++] = ' ';
+                }
+
+                VerifyOrReturnError((cnAttrStrLen + strlen(chip::Crypto::kPIDPrefixForCNEncoding) +
+                                     chip::Crypto::kVIDandPIDHexLength) <= sizeof(cnAttrStr),
+                                    false);
+
+                memcpy(&cnAttrStr[cnAttrStrLen], chip::Crypto::kPIDPrefixForCNEncoding,
+                       strlen(chip::Crypto::kPIDPrefixForCNEncoding));
+                cnAttrStrLen += strlen(chip::Crypto::kPIDPrefixForCNEncoding);
+
+                VerifyOrReturnError(Encoding::Uint16ToHex(subjectPID, &cnAttrStr[cnAttrStrLen], chip::Crypto::kVIDandPIDHexLength,
+                                                          Encoding::HexFlags::kUppercase) == CHIP_NO_ERROR,
+                                    false);
+                cnAttrStrLen += chip::Crypto::kVIDandPIDHexLength;
+            }
+        }
 
-        if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(newCert), gNIDChipAttAttrVID, MBSTRING_UTF8,
-                                        reinterpret_cast<unsigned char *>(chipAttrStr), 4, -1, 0))
+        // Add common name attribute to the certificate subject DN.
+        if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(newCert), NID_commonName, MBSTRING_UTF8,
+                                        reinterpret_cast<uint8_t *>(cnAttrStr), static_cast<int>(cnAttrStrLen), -1, 0))
         {
             ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
         }
     }
 
-    // Add PID attribute to the certificate subject DN.
-    if (subjectPID != 0)
+    if (!encodeVIDandPIDasCN)
     {
-        char chipAttrStr[5];
+        // Add VID attribute to the certificate subject DN.
+        if (subjectVID != VendorId::NotSpecified)
+        {
+            char chipAttrStr[chip::Crypto::kVIDandPIDHexLength];
+            VerifyOrReturnError(Encoding::Uint16ToHex(subjectVID, chipAttrStr, chip::Crypto::kVIDandPIDHexLength,
+                                                      Encoding::HexFlags::kUppercase) == CHIP_NO_ERROR,
+                                false);
 
-        snprintf(chipAttrStr, sizeof(chipAttrStr), "%04" PRIX16 "", subjectPID);
+            if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(newCert), gNIDChipAttAttrVID, MBSTRING_UTF8,
+                                            reinterpret_cast<unsigned char *>(chipAttrStr), sizeof(chipAttrStr), -1, 0))
+            {
+                ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
+            }
+        }
 
-        if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(newCert), gNIDChipAttAttrPID, MBSTRING_UTF8,
-                                        reinterpret_cast<unsigned char *>(chipAttrStr), 4, -1, 0))
+        // Add PID attribute to the certificate subject DN.
+        if (subjectPID != 0)
         {
-            ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
+            char chipAttrStr[chip::Crypto::kVIDandPIDHexLength];
+            VerifyOrReturnError(Encoding::Uint16ToHex(subjectPID, chipAttrStr, chip::Crypto::kVIDandPIDHexLength,
+                                                      Encoding::HexFlags::kUppercase) == CHIP_NO_ERROR,
+                                false);
+
+            if (!X509_NAME_add_entry_by_NID(X509_get_subject_name(newCert), gNIDChipAttAttrPID, MBSTRING_UTF8,
+                                            reinterpret_cast<unsigned char *>(chipAttrStr), sizeof(chipAttrStr), -1, 0))
+            {
+                ReportOpenSSLErrorAndExit("X509_NAME_add_entry_by_NID", res = false);
+            }
         }
     }
 
diff --git a/src/tools/chip-cert/Cmd_GenAttCert.cpp b/src/tools/chip-cert/Cmd_GenAttCert.cpp
index 405ef7acbac621..f2e62003bb1905 100644
--- a/src/tools/chip-cert/Cmd_GenAttCert.cpp
+++ b/src/tools/chip-cert/Cmd_GenAttCert.cpp
@@ -1,6 +1,6 @@
 /*
  *
- *    Copyright (c) 2021 Project CHIP Authors
+ *    Copyright (c) 2021-2022 Project CHIP Authors
  *    All rights reserved.
  *
  *    Licensed under the Apache License, Version 2.0 (the "License");
@@ -49,6 +49,7 @@ OptionDef gCmdOptionDefs[] =
     { "subject-cn",       kArgumentRequired, 'c' },
     { "subject-vid",      kArgumentRequired, 'V' },
     { "subject-pid",      kArgumentRequired, 'P' },
+    { "vid-pid-as-cn",    kNoArgument,       'a' },
     { "key",              kArgumentRequired, 'k' },
     { "ca-cert",          kArgumentRequired, 'C' },
     { "ca-key",           kArgumentRequired, 'K' },
@@ -79,6 +80,12 @@ const char * const gCmdOptionHelp =
     "\n"
     "       Subject DN CHIP PID attribute (in hex).\n"
     "\n"
+    "   -a, --vid-pid-as-cn\n"
+    "\n"
+    "       Encode Matter VID and PID parameters as Common Name attributes in the Subject DN.\n"
+    "       If not specified then by default the VID and PID fields are encoded using\n"
+    "       Matter specific OIDs.\n"
+    "\n"
     "   -C, --ca-cert <file>\n"
     "\n"
     "       File containing CA certificate to be used to sign the new certificate.\n"
@@ -141,6 +148,7 @@ AttCertType gAttCertType      = kAttCertType_NotSpecified;
 const char * gSubjectCN       = nullptr;
 uint16_t gSubjectVID          = VendorId::NotSpecified;
 uint16_t gSubjectPID          = 0;
+bool gEncodeVIDandPIDasCN     = false;
 const char * gCACertFileName  = nullptr;
 const char * gCAKeyFileName   = nullptr;
 const char * gInKeyFileName   = nullptr;
@@ -193,6 +201,9 @@ bool HandleOption(const char * progName, OptionSet * optSet, int id, const char
             return false;
         }
         break;
+    case 'a':
+        gEncodeVIDandPIDasCN = true;
+        break;
     case 'k':
         gInKeyFileName = arg;
         break;
@@ -354,8 +365,8 @@ bool Cmd_GenAttCert(int argc, char * argv[])
 
     if (gAttCertType == kAttCertType_PAA)
     {
-        res = MakeAttCert(gAttCertType, gSubjectCN, gSubjectVID, gSubjectPID, newCert.get(), newKey.get(), gValidFrom, gValidDays,
-                          newCert.get(), newKey.get());
+        res = MakeAttCert(gAttCertType, gSubjectCN, gSubjectVID, gSubjectPID, gEncodeVIDandPIDasCN, newCert.get(), newKey.get(),
+                          gValidFrom, gValidDays, newCert.get(), newKey.get());
         VerifyTrueOrExit(res);
     }
     else
@@ -369,8 +380,8 @@ bool Cmd_GenAttCert(int argc, char * argv[])
         res = ReadKey(gCAKeyFileName, caKey.get());
         VerifyTrueOrExit(res);
 
-        res = MakeAttCert(gAttCertType, gSubjectCN, gSubjectVID, gSubjectPID, caCert.get(), caKey.get(), gValidFrom, gValidDays,
-                          newCert.get(), newKey.get());
+        res = MakeAttCert(gAttCertType, gSubjectCN, gSubjectVID, gSubjectPID, gEncodeVIDandPIDasCN, caCert.get(), caKey.get(),
+                          gValidFrom, gValidDays, newCert.get(), newKey.get());
         VerifyTrueOrExit(res);
     }
 
diff --git a/src/tools/chip-cert/Cmd_ValidateAttCert.cpp b/src/tools/chip-cert/Cmd_ValidateAttCert.cpp
index 3c146b9673e79f..a6c9e90c8e5aa3 100644
--- a/src/tools/chip-cert/Cmd_ValidateAttCert.cpp
+++ b/src/tools/chip-cert/Cmd_ValidateAttCert.cpp
@@ -154,7 +154,6 @@ AttestationVerificationResult MapError(CertificateChainValidationResult certific
 
 bool Cmd_ValidateAttCert(int argc, char * argv[])
 {
-    CHIP_ERROR err;
     uint8_t dacBuf[kMaxDERCertLength] = { 0 };
     uint8_t paiBuf[kMaxDERCertLength] = { 0 };
     uint8_t paaBuf[kMaxDERCertLength] = { 0 };
@@ -220,39 +219,33 @@ bool Cmd_ValidateAttCert(int argc, char * argv[])
 
     // Verify that VID and PID in the certificates match.
     {
-        uint16_t dacVid = VendorId::NotSpecified;
-        uint16_t paiVid = VendorId::NotSpecified;
-        uint16_t paaVid = VendorId::NotSpecified;
-        uint16_t dacPid = 0;
-        uint16_t paiPid = 0;
-        uint16_t paaPid = 0;
-
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, dac, dacVid) == CHIP_NO_ERROR,
+        AttestationCertVidPid dacVidPid;
+        AttestationCertVidPid paiVidPid;
+        AttestationCertVidPid paaVidPid;
+
+        VerifyOrExit(ExtractVIDPIDFromX509Cert(dac, dacVidPid) == CHIP_NO_ERROR,
                      attestationError = AttestationVerificationResult::kDacFormatInvalid);
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, pai, paiVid) == CHIP_NO_ERROR,
+        VerifyOrExit(ExtractVIDPIDFromX509Cert(pai, paiVidPid) == CHIP_NO_ERROR,
                      attestationError = AttestationVerificationResult::kPaiFormatInvalid);
-        VerifyOrExit(paiVid == dacVid, attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
-
-        err = ExtractDNAttributeFromX509Cert(MatterOid::kVendorId, paa, paaVid);
-        VerifyOrExit(err == CHIP_NO_ERROR || err == CHIP_ERROR_KEY_NOT_FOUND,
+        VerifyOrExit(ExtractVIDPIDFromX509Cert(paa, paaVidPid) == CHIP_NO_ERROR,
                      attestationError = AttestationVerificationResult::kPaaFormatInvalid);
-        if (err != CHIP_ERROR_KEY_NOT_FOUND)
+
+        VerifyOrExit(dacVidPid.mVendorId.HasValue() && dacVidPid.mVendorId == paiVidPid.mVendorId,
+                     attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
+
+        if (paaVidPid.mVendorId.HasValue())
         {
-            VerifyOrExit(dacVid == paaVid, attestationError = AttestationVerificationResult::kDacVendorIdMismatch);
+            VerifyOrExit(dacVidPid.mVendorId == paaVidPid.mVendorId,
+                         attestationError = AttestationVerificationResult::kPaiVendorIdMismatch);
         }
 
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kProductId, dac, dacPid) == CHIP_NO_ERROR,
-                     attestationError = AttestationVerificationResult::kDacFormatInvalid);
-        err = ExtractDNAttributeFromX509Cert(MatterOid::kProductId, pai, paiPid);
-        VerifyOrExit(err == CHIP_NO_ERROR || err == CHIP_ERROR_KEY_NOT_FOUND,
-                     attestationError = AttestationVerificationResult::kPaiFormatInvalid);
-        if (err != CHIP_ERROR_KEY_NOT_FOUND)
+        if (paiVidPid.mProductId.HasValue())
         {
-            VerifyOrExit(dacPid == paiPid, attestationError = AttestationVerificationResult::kDacProductIdMismatch);
+            VerifyOrExit(dacVidPid.mProductId == paiVidPid.mProductId,
+                         attestationError = AttestationVerificationResult::kDacProductIdMismatch);
         }
 
-        VerifyOrExit(ExtractDNAttributeFromX509Cert(MatterOid::kProductId, paa, paaPid) == CHIP_ERROR_KEY_NOT_FOUND,
-                     attestationError = AttestationVerificationResult::kPaaFormatInvalid);
+        VerifyOrExit(!paaVidPid.mProductId.HasValue(), attestationError = AttestationVerificationResult::kPaaFormatInvalid);
     }
 
     // Validate certificate chain.
diff --git a/src/tools/chip-cert/chip-cert.h b/src/tools/chip-cert/chip-cert.h
index 9194f0925eef6a..b56aa16610e61a 100644
--- a/src/tools/chip-cert/chip-cert.h
+++ b/src/tools/chip-cert/chip-cert.h
@@ -141,8 +141,9 @@ extern bool MakeCert(uint8_t certType, const ToolChipDN * subjectDN, X509 * caCe
                      EVP_PKEY * newKey);
 extern bool ResignCert(X509 * cert, X509 * caCert, EVP_PKEY * caKey);
 
-extern bool MakeAttCert(AttCertType attCertType, const char * subjectCN, uint16_t subjectVID, uint16_t subjectPID, X509 * caCert,
-                        EVP_PKEY * caKey, const struct tm & validFrom, uint32_t validDays, X509 * newCert, EVP_PKEY * newKey);
+extern bool MakeAttCert(AttCertType attCertType, const char * subjectCN, uint16_t subjectVID, uint16_t subjectPID,
+                        bool encodeVIDandPIDasCN, X509 * caCert, EVP_PKEY * caKey, const struct tm & validFrom, uint32_t validDays,
+                        X509 * newCert, EVP_PKEY * newKey);
 
 extern bool GenerateKeyPair(EVP_PKEY * key);
 extern bool ReadKey(const char * fileName, EVP_PKEY * key);
diff --git a/src/tools/chip-cert/dacs.py b/src/tools/chip-cert/dacs.py
index 526e338b5131ec..5556d266e07a11 100755
--- a/src/tools/chip-cert/dacs.py
+++ b/src/tools/chip-cert/dacs.py
@@ -135,15 +135,22 @@ def make_certs_and_keys(self) -> None:
             subject_name = 'Matter Dev PAI 0xFFF1 no PID'
             pid_flag = ''
             type_flag = '-t i'
+            vidpid_fallback_encoding_flag = ''
         elif self.cert_type == CertType.DAC:
             subject_name = 'Matter Dev DAC 0xFFF1/0x{:X}'.format(self.pid)
             pid_flag = '-P 0x{:X}'.format(self.pid)
             type_flag = '-t d'
+            # For a subset of DACs with PIDs in a range [0x8010, 0x8014]
+            # use alternative (fallback) PID/VID encoding method.
+            if self.pid >= 0x8010 and self.pid <= 0x8014:
+                vidpid_fallback_encoding_flag = ' -a'
+            else:
+                vidpid_fallback_encoding_flag = ''
         else:
             return
 
         cmd = self.chipcert + ' gen-att-cert ' + type_flag + ' -c "' + subject_name + '" -C ' + self.signer.cert_pem + ' -K ' + \
-            self.signer.key_pem + ' -V 0xFFF1 ' + pid_flag + \
+            self.signer.key_pem + ' -V 0xFFF1 ' + pid_flag + vidpid_fallback_encoding_flag + \
             ' -l 4294967295 -o ' + self.own.cert_pem + ' -O ' + self.own.key_pem
         subprocess.run(cmd, shell=True)
         cmd = 'openssl x509 -inform pem -in ' + self.own.cert_pem + \