-
Notifications
You must be signed in to change notification settings - Fork 2.1k
/
Copy pathoperational-credentials-cluster.xml
109 lines (92 loc) · 5.72 KB
/
operational-credentials-cluster.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?xml version="1.0"?>
<!--
Copyright (c) 2021 Project CHIP Authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<configurator>
<domain name="CHIP"/>
<cluster>
<domain>General</domain>
<name>Operational Credentials</name>
<code>0x003E</code>
<define>OPERATIONAL_CREDENTIALS_CLUSTER</define>
<description>This cluster is used to add or remove Operational Credentials on a Commissionee or Node, as well as manage the associated Fabrics.</description>
<attribute side="server" code="0x0001" define="FABRICS" type="ARRAY" entryType="FabricDescriptor" length="254" writable="false" optional="false">fabrics list</attribute>
<!--
Temporary flow for fabric management until AddOpCert + fabric index are implemented:
1) When Commissioner pairs with CHIP device, store device nodeId in Admin Pairing table as NodeId
and store commissioner nodeId in Admin Pairing table as FabricId (This is temporary until AddOptCert is implemented and Fabrics are implemented correctely)
2) When pairing is complete, commissioner calls SetFabric to set the vendorId on the newly created fabric. The corresponding fabric is found by looking
in admin pairing table and finding a fabric that has the matching commissioner node ID as fabricId + device nodeId as nodeId and an uninitialized vendorId.
3) RemoveFabric uses the passed in fabricId, nodeId, vendorID to find matching entry and remove it from admin pairing table. Once fabricIndex is implemented, it should use that instead.
-->
<command source="client" code="0x09" name="UpdateFabricLabel" optional="false">
<description>This command SHALL be used by an Administrative Node to set the user-visible Label field for a given Fabric, as reflected by entries in the Fabrics attribute.</description>
<arg name="Label" type="CHAR_STRING" length="32"/>
</command>
<!-- TODO: Once FabricIndex is implemented, have RemoveFabric take an index instead of vid+fabricId+nopeId -->
<command source="client" code="0x0a" name="RemoveFabric" optional="false">
<description>This command is used by Administrative Nodes to remove a given Fabric and delete all associated
fabric-scoped data.</description>
<arg name="FabricId" type="FABRIC_ID"/>
<arg name="NodeId" type="NODE_ID"/>
<arg name="VendorId" type="INT16U"/>
</command>
<!-- TODO: Remove SetFabric + SetFabricResponse once AddOpCert command is implemented -->
<command source="client" code="0x00" name="SetFabric" optional="false">
<description>Sets the vendorID of the fabric and returns the fabricId of newly created fabric.</description>
<arg name="VendorId" type="INT16U"/>
</command>
<command source="server" code="0x01" name="SetFabricResponse" optional="false">
<description>Sender expects SetFabricResponse command if the SetFabric command was correctly received</description>
<arg name="FabricId" type="FABRIC_ID"/>
</command>
<!-- Up for discussion in Multi-Admin TT: chip-spec:#2891 -->
<command source="client" code="0x0b" name="RemoveAllFabrics" optional="false">
<description>Removes all fabrics.</description>
</command>
<command source="client" code="0x04" name="OpCSRRequest" optional="false">
<description>Sender is requesting a certificate signing request (CSR) from the receiver.</description>
<arg name="CSRNonce" type="OCTET_STRING"/>
</command>
<!-- TODO: Fix to match chip-spec:#3346 -->
<command source="server" code="0x05" name="OpCSRResponse" optional="false">
<description>A certificate signing request (CSR) from the server.</description>
<arg name="CSR" type="OCTET_STRING"/>
<arg name="CSRNonce" type="OCTET_STRING"/>
<arg name="VendorReserved1" type="OCTET_STRING"/>
<arg name="VendorReserved2" type="OCTET_STRING"/>
<arg name="VendorReserved3" type="OCTET_STRING"/>
<arg name="Signature" type="OCTET_STRING"/>
</command>
<command source="client" code="0x06" name="AddOpCert" optional="false">
<description>Sender is requesting to add the new node operational certificate.</description>
<arg name="OperationalCert" type="OCTET_STRING"/>
<arg name="IPKValue" type="OCTET_STRING"/>
<arg name="CaseAdminNode" type="NODE_ID"/>
<arg name="AdminVendorId" type="INT16U"/>
</command>
<command source="server" code="0x08" name="OpCertResponse" optional="false">
<description>Response to AddOpCert or UpdateOpCert commands.</description>
<arg name="StatusCode" type="INT8U"/>
<arg name="FabricIndex" type="INT64U"/>
<arg name="DebugText" type="CHAR_STRING" length="128"/>
</command>
<command source="client" code="0xa1" name="AddTrustedRootCertificate" optional="false">
<description>This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation.</description>
<arg name="RootCertificate" type="OCTET_STRING"/>
</command>
<command source="client" code="0xa2" name="RemoveTrustedRootCertificate" optional="false">
<description>This command SHALL remove a Trusted Root CA Certificate, provided as its CHIP Certificate representation.</description>
<arg name="TrustedRootIdentifier" type="OCTET_STRING"/>
</command>
</cluster>
</configurator>