diff --git a/config/nrfconnect/chip-module/Kconfig b/config/nrfconnect/chip-module/Kconfig index ee51bfb15f4b99..d8247813838e68 100644 --- a/config/nrfconnect/chip-module/Kconfig +++ b/config/nrfconnect/chip-module/Kconfig @@ -18,6 +18,10 @@ rsource "../../zephyr/Kconfig" if CHIP +# See config/zephyr/Kconfig for full definition +config CHIP_DEVICE_VENDOR_NAME + default "Nordic Semiconductor ASA" + config CHIP_APP_LOG_LEVEL int "Set logging level in application" default LOG_DEFAULT_LEVEL @@ -159,140 +163,6 @@ config CHIP_DEVICE_GENERATE_ROTATING_DEVICE_UID endif #CHIP_FACTORY_DATA_BUILD -# Factory data parameters -config CHIP_DEVICE_SERIAL_NUMBER - string "Serial number of device" - default "11223344556677889900" - help - A serial number parameter defines an unique number of manufactured device. - Maximum length of serial number is 32 characters. - -config CHIP_DEVICE_VENDOR_NAME - string "Human-readable vendor name" - default "Nordic Semiconductor ASA" - help - A human-readable vendor name which provides a simple string - containing identification of device's vendor for the Content APP. - This information should be included in the Matter Basic Cluster. - -config CHIP_DEVICE_PRODUCT_NAME - string "Human-readable product name" - default "not-specified" - help - A human-readable product name which provides a simple string - containing identification of the product for the Content APP. - -config CHIP_DEVICE_MANUFACTURING_DATE - string "Manufacturing date in ISO 8601" - default "2022-01-01" - help - A manufacturing date specifies the date that the device was manufactured. - The format used for providing a manufacturing date is ISO 8601 e.g. YYYY-MM-DD. - -config CHIP_DEVICE_HARDWARE_VERSION - int "Integer representation of hardware version" - default 0 - help - A hardware version number specifies the version number - of the hardware of the device. The meaning of its value, - and the versioning scheme, are vendor defined. - -config CHIP_DEVICE_HARDWARE_VERSION_STRING - string "user-friendly string representation of hardware version" - default "prerelease" - help - A hardware version string parameter specifies the version - of the hardware of the device as a more user-friendly value - than that represented by the hardware version integer value. - The meaning of its value, and the versioning scheme, are - vendor defined. - -config CHIP_DEVICE_DISCRIMINATOR - hex "Device pairing discriminator" - default 0xF00 - help - A 12-bit value matching the field of the same name in - the setup code. Discriminator is used during - a discovery process. - -config CHIP_DEVICE_SPAKE2_PASSCODE - int "Spake2+ passcode" - default 20202021 - range 1 99999998 - help - A pairing passcode is a 27-bit unsigned integer which serves - as a proof of possession during commissioning. - Its value shall be restricted to the values 0x0000001 to 0x5F5E0FE - (00000001 to 99999998 in decimal), excluding the invalid Passcode values: - - 00000000, 11111111, 22222222, 33333333, 44444444, 55555555, - 66666666, 77777777, 88888888, 99999999, 12345678, 87654321. - -config CHIP_DEVICE_SPAKE2_IT - int "Spake2+ iteration count" - default 1000 - help - The Spake2 iteration count is associated with the ephemeral - PAKE passcode verifier to be used for the commissioning. - The iteration count is used as a crypto parameter to process - spake2 verifier. - -config CHIP_DEVICE_SPAKE2_SALT - string "Spake2+ salt in string format" - default "U1BBS0UyUCBLZXkgU2FsdA==" - help - The spake2 salt is random data that is used as an additional input - to a one-way function that “hashes” data. - A new salt should be randomly generated for each password. - The minimum length of spake2 salt is 16 Bytes. - The maximum length of spake2 salt is 32 Bytes. - -config CHIP_DEVICE_SPAKE2_TEST_VERIFIER - string "Testing spake2+ verifier" - default "uWFwqugDNGiEck/po7KHwwMwwqZgN10XuyBajPGuyzUEV/iree4lOrao5GuwnlQ65CJzbeUB49s31EH+NEkg0JVI5MGCQGMMT/SRPFNRODm3wH/MBiehuFc6FJ/NH6Rmzw==" - help - The spake 2 verifier generated using default SPAKE2 salt, - iteration count and passcode. This value can be used for development - or testing purposes. - Generated with: - spake2p gen-verifier -o - -i 1000 -s "U1BBS0UyUCBLZXkgU2FsdA==" -p 20202021 - -config CHIP_DEVICE_ROTATING_DEVICE_UID - string "A rotating device id unique id" - default "91a9c12a7c80700a31ddcfa7fce63e44" - help - A device rotating id unique id which will be generated if - this config is not set in prj.conf file. - -config CHIP_DEVICE_ENABLE_KEY - string "Enable Key for triggering test actions on device" - default "00112233445566778899AABBCCDDEEFF" - help - The Enable Key is a 128-bit value that triggers test action - while invoking the TestEventTrigger Command. - Pattern: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - This value is used during Certification Tests, - and should not be present on production devices. - -config CHIP_CERTIFICATION_DECLARATION_STORAGE - bool "Enable storing Certification Declaration" - depends on CHIP_FACTORY_DATA - help - Enables storing Certification Declaration in Zephyr settings - instead of using hardcoded value from firmware. It also adds - support for including new Certification Declaration into a firmware - update image package sent via OTA Software Update. - -if CHIP_CERTIFICATION_DECLARATION_STORAGE - -config CHIP_CERTIFiCATION_DECLARATION_OTA_IMAGE_ID - int "Certification declaration OTA image id" - default 205 #0xcd - help - The image id of Certification Declaration image - for sending it via OTA Software Update purposes. - -endif - # See config/zephyr/Kconfig for full definition config CHIP_FACTORY_RESET_ERASE_NVS bool diff --git a/config/nrfconnect/chip-module/Kconfig.defaults b/config/nrfconnect/chip-module/Kconfig.defaults index e02d0d2981cc71..f24fc4608b4122 100644 --- a/config/nrfconnect/chip-module/Kconfig.defaults +++ b/config/nrfconnect/chip-module/Kconfig.defaults @@ -60,11 +60,6 @@ config SHELL bool default y -# Enable getting reboot reasons information -config HWINFO - bool - default y - # Generic networking options config NET_SOCKETS_POSIX_NAMES bool @@ -79,14 +74,6 @@ config INIT_STACKS bool default y -config CHIP_DEVICE_VENDOR_ID - int - default 65521 - -config CHIP_DEVICE_PRODUCT_ID - int - default 32768 - # Disable certain parts of Zephyr IPv6 stack config NET_IPV6_NBR_CACHE bool diff --git a/config/nrfconnect/chip-module/Kconfig.features b/config/nrfconnect/chip-module/Kconfig.features index 6ff4aa5ea62527..918a82685cad02 100644 --- a/config/nrfconnect/chip-module/Kconfig.features +++ b/config/nrfconnect/chip-module/Kconfig.features @@ -25,10 +25,6 @@ config CHIP_WIFI select WIFI_NRF700X select WIFI select WPA_SUPP - imply FLASH - imply SETTINGS - imply NVS - imply FLASH_MAP imply NORDIC_SECURITY_BACKEND imply MBEDTLS_ENTROPY_C imply MBEDTLS_PSA_CRYPTO_C @@ -85,6 +81,13 @@ config CHIP_DFU_OVER_BT_SMP imply CHIP_QSPI_NOR if BOARD_NRF5340DK_NRF5340_CPUAPP || BOARD_NRF52840DK_NRF52840 imply CHIP_SPI_NOR if BOARD_NRF7002DK_NRF5340_CPUAPP imply BOOTLOADER_MCUBOOT + select MCUMGR + select MCUMGR_SMP_BT + select MCUMGR_CMD_IMG_MGMT + select MCUMGR_CMD_OS_MGMT + # Enable custom SMP request to erase settings partition. + select MCUMGR_GRP_ZEPHYR_BASIC if SOC_SERIES_NRF53X + select MCUMGR_GRP_BASIC_CMD_STORAGE_ERASE if SOC_SERIES_NRF53X help Enables Device Firmware Upgrade over Bluetoot LE with SMP and configures set of options related to that feature. @@ -92,22 +95,6 @@ config CHIP_DFU_OVER_BT_SMP if CHIP_DFU_OVER_BT_SMP # MCU Manager and SMP configuration -config MCUMGR - bool - default y - -config MCUMGR_CMD_IMG_MGMT - bool - default y - -config MCUMGR_CMD_OS_MGMT - bool - default y - -config MCUMGR_SMP_BT - bool - default y - config MCUMGR_SMP_BT_AUTHEN bool default n @@ -137,12 +124,6 @@ config SYSTEM_WORKQUEUE_STACK_SIZE if SOC_SERIES_NRF53X -# FLASH nop device is enabled to prevent bus faults when mcumgr tries to access -# simulated partition with network core image data. -config FLASH_NOP_DEVICE - bool - default y - # Enable custom SMP request to erase settings partition. config MCUMGR_GRP_ZEPHYR_BASIC bool diff --git a/config/telink/chip-module/Kconfig b/config/telink/chip-module/Kconfig index db442126a2c14e..aa58ad3c58a8cb 100644 --- a/config/telink/chip-module/Kconfig +++ b/config/telink/chip-module/Kconfig @@ -16,6 +16,10 @@ rsource "../../zephyr/Kconfig" +# See config/zephyr/Kconfig for full definition +config CHIP_DEVICE_VENDOR_NAME + default "Telink semiconductor" + # See config/zephyr/Kconfig for full definition config CHIP_OTA_REQUESTOR bool @@ -50,11 +54,6 @@ config CHIP_EXAMPLE_DEVICE_INFO_PROVIDER bool "Include default device information provider build" default y -# Enable getting reboot reasons information -config HWINFO - bool - default y - config CHIP_FACTORY_DATA bool "Enable Factory Data support" select ZCBOR @@ -127,140 +126,6 @@ config CHIP_DEVICE_GENERATE_ROTATING_DEVICE_UID endif #CHIP_FACTORY_DATA_BUILD -# Factory data parameters -config CHIP_DEVICE_SERIAL_NUMBER - string "Serial number of device" - default "11223344556677889900" - help - A serial number parameter defines an unique number of manufactured device. - Maximum length of serial number is 32 characters. - -config CHIP_DEVICE_VENDOR_NAME - string "Human-readable vendor name" - default "Telink Semiconductor" - help - A human-readable vendor name which provides a simple string - containing identification of device's vendor for the Content APP. - This information should be included in the Matter Basic Cluster. - -config CHIP_DEVICE_PRODUCT_NAME - string "Human-readable product name" - default "not-specified" - help - A human-readable product name which provides a simple string - containing identification of the product for the Content APP. - -config CHIP_DEVICE_MANUFACTURING_DATE - string "Manufacturing date in ISO 8601" - default "2022-01-01" - help - A manufacturing date specifies the date that the device was manufactured. - The format used for providing a manufacturing date is ISO 8601 e.g. YYYY-MM-DD. - -config CHIP_DEVICE_HARDWARE_VERSION - int "Integer representation of hardware version" - default 0 - help - A hardware version number specifies the version number - of the hardware of the device. The meaning of its value, - and the versioning scheme, are vendor defined. - -config CHIP_DEVICE_HARDWARE_VERSION_STRING - string "user-friendly string representation of hardware version" - default "prerelease" - help - A hardware version string parameter specifies the version - of the hardware of the device as a more user-friendly value - than that represented by the hardware version integer value. - The meaning of its value, and the versioning scheme, are - vendor defined. - -config CHIP_DEVICE_DISCRIMINATOR - hex "Device pairing discriminator" - default 0xF00 - help - A 12-bit value matching the field of the same name in - the setup code. Discriminator is used during - a discovery process. - -config CHIP_DEVICE_SPAKE2_PASSCODE - int "Spake2+ passcode" - default 20202021 - range 1 99999998 - help - A pairing passcode is a 27-bit unsigned integer which serves - as a proof of possession during commissioning. - Its value shall be restricted to the values 0x0000001 to 0x5F5E0FE - (00000001 to 99999998 in decimal), excluding the invalid Passcode values: - - 00000000, 11111111, 22222222, 33333333, 44444444, 55555555, - 66666666, 77777777, 88888888, 99999999, 12345678, 87654321. - -config CHIP_DEVICE_SPAKE2_IT - int "Spake2+ iteration count" - default 1000 - help - The Spake2 iteration count is associated with the ephemeral - PAKE passcode verifier to be used for the commissioning. - The iteration count is used as a crypto parameter to process - spake2 verifier. - -config CHIP_DEVICE_SPAKE2_SALT - string "Spake2+ salt in string format" - default "U1BBS0UyUCBLZXkgU2FsdA==" - help - The spake2 salt is random data that is used as an additional input - to a one-way function that “hashes” data. - A new salt should be randomly generated for each password. - The minimum length of spake2 salt is 16 Bytes. - The maximum length of spake2 salt is 32 Bytes. - -config CHIP_DEVICE_SPAKE2_TEST_VERIFIER - string "Testing spake2+ verifier" - default "uWFwqugDNGiEck/po7KHwwMwwqZgN10XuyBajPGuyzUEV/iree4lOrao5GuwnlQ65CJzbeUB49s31EH+NEkg0JVI5MGCQGMMT/SRPFNRODm3wH/MBiehuFc6FJ/NH6Rmzw==" - help - The spake 2 verifier generated using default SPAKE2 salt, - iteration count and passcode. This value can be used for development - or testing purposes. - Generated with: - spake2p gen-verifier -o - -i 1000 -s "U1BBS0UyUCBLZXkgU2FsdA==" -p 20202021 - -config CHIP_DEVICE_ROTATING_DEVICE_UID - string "A rotating device id unique id" - default "91a9c12a7c80700a31ddcfa7fce63e44" - help - A device rotating id unique id which will be generated if - this config is not set in prj.conf file. - -config CHIP_DEVICE_ENABLE_KEY - string "Enable Key for triggering test actions on device" - default "00112233445566778899AABBCCDDEEFF" - help - The Enable Key is a 128-bit value that triggers test action - while invoking the TestEventTrigger Command. - Pattern: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - This value is used during Certification Tests, - and should not be present on production devices. - -config CHIP_CERTIFICATION_DECLARATION_STORAGE - bool "Enable storing Certification Declaration" - depends on CHIP_FACTORY_DATA - help - Enables storing Certification Declaration in Zephyr settings - instead of using hardcoded value from firmware. It also adds - support for including new Certification Declaration into a firmware - update image package sent via OTA Software Update. - -if CHIP_CERTIFICATION_DECLARATION_STORAGE - -config CHIP_CERTIFiCATION_DECLARATION_OTA_IMAGE_ID - int "Certification declaration OTA image id" - default 205 #0xcd - help - The image id of Certification Declaration image - for sending it via OTA Software Update purposes. - -endif - # See config/zephyr/Kconfig for full definition config CHIP_FACTORY_RESET_ERASE_NVS bool diff --git a/config/zephyr/Kconfig b/config/zephyr/Kconfig index 048855d23e2263..4fd9b7ec36d17c 100644 --- a/config/zephyr/Kconfig +++ b/config/zephyr/Kconfig @@ -30,11 +30,18 @@ menuconfig CHIP imply NET_CONFIG_NEED_IPV6 imply NET_SOCKETS imply NETWORKING + imply HWINFO + imply FLASH + imply FLASH_MAP + imply NVS + imply SETTINGS help This option enables Connected Home over IP libraries. if CHIP +# Device and firmware identifers + config CHIP_DEVICE_VENDOR_ID int "Device vendor ID" default 65521 # 0xFFF1 @@ -44,6 +51,13 @@ config CHIP_DEVICE_VENDOR_ID Alliance. It is used in various CHIP areas, such as the Basic Information cluster or OTA (Over-the-air update) image header. +config CHIP_DEVICE_VENDOR_NAME + string "Human-readable vendor name" + help + A human-readable vendor name which provides a simple string + containing identification of device's vendor for the Content APP. + This information should be included in the Matter Basic Cluster. + config CHIP_DEVICE_PRODUCT_ID int "Device product ID" default 32768 # 0x8000 @@ -53,6 +67,31 @@ config CHIP_DEVICE_PRODUCT_ID in various CHIP areas, such as the Basic Information cluster or OTA (Over-the-air update) image header. +config CHIP_DEVICE_PRODUCT_NAME + string "Human-readable product name" + default "not-specified" + help + A human-readable product name which provides a simple string + containing identification of the product for the Content APP. + +config CHIP_DEVICE_HARDWARE_VERSION + int "Integer representation of hardware version" + default 0 + help + A hardware version number specifies the version number + of the hardware of the device. The meaning of its value, + and the versioning scheme, are vendor defined. + +config CHIP_DEVICE_HARDWARE_VERSION_STRING + string "user-friendly string representation of hardware version" + default "prerelease" + help + A hardware version string parameter specifies the version + of the hardware of the device as a more user-friendly value + than that represented by the hardware version integer value. + The meaning of its value, and the versioning scheme, are + vendor defined. + config CHIP_DEVICE_SOFTWARE_VERSION int "Device software version" default 0 @@ -72,37 +111,94 @@ config CHIP_DEVICE_SOFTWARE_VERSION_STRING CHIP_DEVICE_SOFTWARE_VERSION. It is used in various CHIP areas, such as the Basic Information cluster or OTA (Over-the-air update) image header. -config CHIP_PROJECT_CONFIG - string "Project configuration file for CHIP" +config CHIP_DEVICE_MANUFACTURING_DATE + string "Manufacturing date in ISO 8601" + default "2022-01-01" help - Project configuration file for CHIP. If specified, CHIP generic - configuration files will include the project configuration file which can - be used to override any CHIP default or platform-specific settings. + A manufacturing date specifies the date that the device was manufactured. + The format used for providing a manufacturing date is ISO 8601 e.g. YYYY-MM-DD. -config CHIP_OPENTHREAD_CONFIG - string "Custom OpenThread configuration file" +config CHIP_DEVICE_SERIAL_NUMBER + string "Serial number of device" + default "11223344556677889900" help - This option can be used to replace Zephyr-supplied OpenThread - configuration file with a custom one. + A serial number parameter defines an unique number of manufactured device. + Maximum length of serial number is 32 characters. -config CHIP_LIB_SHELL - bool "Enable CHIP shell library" - default n - imply SHELL +config CHIP_DEVICE_ROTATING_DEVICE_UID + string "A rotating device id unique id" + default "91a9c12a7c80700a31ddcfa7fce63e44" help - Link the application with the library containing CHIP shell commands. + A device rotating id unique id which will be generated if + this config is not set in prj.conf file. -config CHIP_PW_RPC - bool "Enable Pigweed RPC library" - default n +config CHIP_DEVICE_TYPE + int "Device type" + default 65535 + range 0 65535 help - Link the application with the library containing Pigweed RPC functionalities. + Type of device that uses the CHIP Device Type Identifier. The default value means invalid device type. -config CHIP_BUILD_TESTS - bool "Build CHIP unit tests" - default n +config CHIP_DEVICE_DISCRIMINATOR + hex "Device pairing discriminator" + default 0xF00 help - This option enables building CHIP unit tests. + A 12-bit value matching the field of the same name in + the setup code. Discriminator is used during + a discovery process. + +config CHIP_DEVICE_SPAKE2_PASSCODE + int "Spake2+ passcode" + default 20202021 + range 1 99999998 + help + A pairing passcode is a 27-bit unsigned integer which serves + as a proof of possession during commissioning. + Its value shall be restricted to the values 0x0000001 to 0x5F5E0FE + (00000001 to 99999998 in decimal), excluding the invalid Passcode values: + - 00000000, 11111111, 22222222, 33333333, 44444444, 55555555, + 66666666, 77777777, 88888888, 99999999, 12345678, 87654321. + +config CHIP_DEVICE_SPAKE2_IT + int "Spake2+ iteration count" + default 1000 + help + The Spake2 iteration count is associated with the ephemeral + PAKE passcode verifier to be used for the commissioning. + The iteration count is used as a crypto parameter to process + spake2 verifier. + +config CHIP_DEVICE_SPAKE2_SALT + string "Spake2+ salt in string format" + default "U1BBS0UyUCBLZXkgU2FsdA==" + help + The spake2 salt is random data that is used as an additional input + to a one-way function that “hashes” data. + A new salt should be randomly generated for each password. + The minimum length of spake2 salt is 16 Bytes. + The maximum length of spake2 salt is 32 Bytes. + +config CHIP_DEVICE_SPAKE2_TEST_VERIFIER + string "Testing spake2+ verifier" + default "uWFwqugDNGiEck/po7KHwwMwwqZgN10XuyBajPGuyzUEV/iree4lOrao5GuwnlQ65CJzbeUB49s31EH+NEkg0JVI5MGCQGMMT/SRPFNRODm3wH/MBiehuFc6FJ/NH6Rmzw==" + help + The spake 2 verifier generated using default SPAKE2 salt, + iteration count and passcode. This value can be used for development + or testing purposes. + Generated with: + spake2p gen-verifier -o - -i 1000 -s "U1BBS0UyUCBLZXkgU2FsdA==" -p 20202021 + +config CHIP_DEVICE_ENABLE_KEY + string "Enable Key for triggering test actions on device" + default "00112233445566778899AABBCCDDEEFF" + help + The Enable Key is a 128-bit value that triggers test action + while invoking the TestEventTrigger Command. + Pattern: "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + This value is used during Certification Tests, + and should not be present on production devices. + +# Matter optional features and parameters config CHIP_ENABLE_PAIRING_AUTOSTART bool "Enable pairing autostart" @@ -110,6 +206,64 @@ config CHIP_ENABLE_PAIRING_AUTOSTART help Open pairing window automatically at application boot time. +config CHIP_OTA_REQUESTOR + bool "Enable OTA requestor" + help + Enables OTA (Over-the-air) Requestor role that allows a device to perform + Device Firmware Upgrade by quering and downloading a new firmware image + from an external OTA Provider node. + +config CHIP_ROTATING_DEVICE_ID + bool "Enable rotating device ID support" + help + Enables rotating device identifier that provides a non-trackable identifier + which is unique per device and rotates at pre-defined moments. + +config CHIP_COMMISSIONABLE_DEVICE_TYPE + bool "Enable the device type subtype in commissionable node discovery record" + depends on CHIP_ENABLE_DNSSD_SRP + help + Enables including device type subtype in the commissionable node discovery record, + which allows filtering of the results to find the nodes that match the device type. + +config CHIP_EXTENDED_DISCOVERY + bool "Enable extended discovery" + help + Enables the device to advertise commissionable service when not in the + commissioning mode. + +config CHIP_OPERATIONAL_TIME_SAVE_INTERVAL + int "Interval of saving node operation time to flash in hours unit" + default 10 + range 1 4294967295 + help + Interval in hours with which the node operation time is saved to the flash + memory. Selected value is a trade off between performing frequent saves to know + precisely operation time in case of device reboot and maximizing flash memory + lifetime. + +config CHIP_CRYPTO_PSA + bool "Use PSA crypto API for cryptographic operations" + help + Use the backend for the Matter crypto layer that is based on PSA crypto + API instead of the default, based on legacy mbedTLS APIs. + +config CHIP_LIB_SHELL + bool "Enable CHIP shell library" + default n + imply SHELL + help + Link the application with the library containing CHIP shell commands. + +config CHIP_PROJECT_CONFIG + string "Project configuration file for CHIP" + help + Project configuration file for CHIP. If specified, CHIP generic + configuration files will include the project configuration file which can + be used to override any CHIP default or platform-specific settings. + +# Thread network features + config CHIP_ENABLE_DNSSD_SRP bool "Enable support for service registration" default y if NET_L2_OPENTHREAD @@ -157,50 +311,35 @@ config CHIP_THREAD_SSED bool "Enable Thread Synchronized Sleepy End Device support" depends on OPENTHREAD_CSL_RECEIVER && CHIP_ENABLE_SLEEPY_END_DEVICE_SUPPORT help - Enables Thread Synchronized Sleepy End Device support in Matter. + Enables Thread Synchronized Sleepy End Device support in Matter. -config CHIP_OTA_REQUESTOR - bool "Enable OTA requestor" +config CHIP_OPENTHREAD_CONFIG + string "Custom OpenThread configuration file" help - Enables OTA (Over-the-air) Requestor role that allows a device to perform - Device Firmware Upgrade by quering and downloading a new firmware image - from an external OTA Provider node. + This option can be used to replace Zephyr-supplied OpenThread + configuration file with a custom one. -config CHIP_ROTATING_DEVICE_ID - bool "Enable rotating device ID support" - help - Enables rotating device identifier that provides a non-trackable identifier - which is unique per device and rotates at pre-defined moments. +# Platform additions and configuration -config CHIP_COMMISSIONABLE_DEVICE_TYPE - bool "Enable the device type subtype in commissionable node discovery record" - depends on CHIP_ENABLE_DNSSD_SRP +config CHIP_CERTIFICATION_DECLARATION_STORAGE + bool "Enable storing Certification Declaration" + depends on CHIP_FACTORY_DATA help - Enables including device type subtype in the commissionable node discovery record, - which allows filtering of the results to find the nodes that match the device type. + Enables storing Certification Declaration in Zephyr settings + instead of using hardcoded value from firmware. It also adds + support for including new Certification Declaration into a firmware + update image package sent via OTA Software Update. -config CHIP_DEVICE_TYPE - int "Device type" - default 65535 - range 0 65535 - help - Type of device that uses the CHIP Device Type Identifier. The default value means invalid device type. +if CHIP_CERTIFICATION_DECLARATION_STORAGE -config CHIP_OPERATIONAL_TIME_SAVE_INTERVAL - int "Interval of saving node operation time to flash in hours unit" - default 10 - range 1 4294967295 +config CHIP_CERTIFiCATION_DECLARATION_OTA_IMAGE_ID + int "Certification declaration OTA image id" + default 205 #0xcd help - Interval in hours with which the node operation time is saved to the flash - memory. Selected value is a trade off between performing frequent saves to know - precisely operation time in case of device reboot and maximizing flash memory - lifetime. + The image id of Certification Declaration image + for sending it via OTA Software Update purposes. -config CHIP_CRYPTO_PSA - bool "Use PSA crypto API for cryptographic operations" - help - Use the backend for the Matter crypto layer that is based on PSA crypto - API instead of the default, based on legacy mbedTLS APIs. +endif config CHIP_FACTORY_RESET_ERASE_NVS bool "Erase NVS flash pages on factory reset" @@ -240,6 +379,12 @@ config CHIP_MALLOC_SYS_HEAP_SIZE endif +module = MATTER +module-str = Matter +source "${ZEPHYR_BASE}/subsys/logging/Kconfig.template.log_config" + +# Build system options + config APP_LINK_WITH_CHIP bool "Link 'app' with Connected Home over IP" default y @@ -247,6 +392,18 @@ config APP_LINK_WITH_CHIP Add Connected Home over IP header files to the 'app' include path and link the 'app' with Connected Home over IP libraries. +config CHIP_PW_RPC + bool "Enable Pigweed RPC library" + default n + help + Link the application with the library containing Pigweed RPC functionalities. + +config CHIP_BUILD_TESTS + bool "Build CHIP unit tests" + default n + help + This option enables building CHIP unit tests. + config CHIP_OTA_IMAGE_BUILD bool "Generate OTA image" help @@ -268,14 +425,4 @@ config CHIP_OTA_IMAGE_EXTRA_ARGS endif -config CHIP_EXTENDED_DISCOVERY - bool "Enable extended discovery" - help - Enables the device to advertise commissionable service when not in the - commissioning mode. - -module = MATTER -module-str = Matter -source "${ZEPHYR_BASE}/subsys/logging/Kconfig.template.log_config" - endif diff --git a/examples/bridge-app/linux/main.cpp b/examples/bridge-app/linux/main.cpp index 2c7c513a2cf0b5..c7ef75c26d9928 100644 --- a/examples/bridge-app/linux/main.cpp +++ b/examples/bridge-app/linux/main.cpp @@ -39,10 +39,20 @@ #include #include #include -#include #include #include +#if CHIP_DEVICE_LAYER_TARGET_DARWIN +#include +#if CHIP_DEVICE_CONFIG_ENABLE_WIFI +#include +#endif // CHIP_DEVICE_CONFIG_ENABLE_WIFI +#endif // CHIP_DEVICE_LAYER_TARGET_DARWIN + +#if CHIP_DEVICE_LAYER_TARGET_LINUX +#include +#endif // CHIP_DEVICE_LAYER_TARGET_LINUX + #include #include @@ -74,10 +84,36 @@ EndpointId gFirstDynamicEndpointId; Device * gDevices[CHIP_DEVICE_CONFIG_DYNAMIC_ENDPOINT_COUNT]; std::vector gRooms; std::vector gActions; -#if defined(CHIP_DEVICE_CONFIG_ENABLE_WIFI) && defined(CHIP_DEVICE_LAYER_TARGET_LINUX) -DeviceLayer::NetworkCommissioning::LinuxWiFiDriver sLinuxWiFiDriver; -Clusters::NetworkCommissioning::Instance sWiFiNetworkCommissioningInstance(0, &sLinuxWiFiDriver); -#endif + +#if CHIP_DEVICE_LAYER_TARGET_LINUX +#if CHIP_DEVICE_CONFIG_ENABLE_THREAD +DeviceLayer::NetworkCommissioning::LinuxThreadDriver sThreadDriver; +#endif // CHIP_DEVICE_CONFIG_ENABLE_THREAD + +#if CHIP_DEVICE_CONFIG_ENABLE_WIFI +DeviceLayer::NetworkCommissioning::LinuxWiFiDriver sWiFiDriver; +#endif // CHIP_DEVICE_CONFIG_ENABLE_WIFI + +DeviceLayer::NetworkCommissioning::LinuxEthernetDriver sEthernetDriver; +#endif // CHIP_DEVICE_LAYER_TARGET_LINUX + +#if CHIP_DEVICE_LAYER_TARGET_DARWIN +#if CHIP_DEVICE_CONFIG_ENABLE_WIFI +DeviceLayer::NetworkCommissioning::DarwinWiFiDriver sWiFiDriver; +#endif // CHIP_DEVICE_CONFIG_ENABLE_WIFI + +DeviceLayer::NetworkCommissioning::DarwinEthernetDriver sEthernetDriver; +#endif // CHIP_DEVICE_LAYER_TARGET_DARWIN + +#if CHIP_DEVICE_CONFIG_ENABLE_WIFI +Clusters::NetworkCommissioning::Instance sWiFiNetworkCommissioningInstance(0, &sWiFiDriver); +#endif // CHIP_DEVICE_CONFIG_ENABLE_WIFI + +#if CHIP_DEVICE_CONFIG_ENABLE_THREAD +Clusters::NetworkCommissioning::Instance sThreadNetworkCommissioningInstance(0, &sThreadDriver); +#endif // CHIP_DEVICE_CONFIG_ENABLE_THREAD + +Clusters::NetworkCommissioning::Instance sEthernetNetworkCommissioningInstance(0, &sEthernetDriver); const int16_t minMeasuredValue = -27315; const int16_t maxMeasuredValue = 32766; @@ -728,9 +764,45 @@ bool emberAfActionsClusterInstantActionCallback(app::CommandHandler * commandObj void ApplicationInit() { -#if defined(CHIP_DEVICE_CONFIG_ENABLE_WIFI) && defined(CHIP_DEVICE_LAYER_TARGET_LINUX) - sWiFiNetworkCommissioningInstance.Init(); + const bool kThreadEnabled = { +#if CHIP_DEVICE_CONFIG_ENABLE_THREAD + LinuxDeviceOptions::GetInstance().mThread +#else + false +#endif + }; + + const bool kWiFiEnabled = { +#if CHIP_DEVICE_CONFIG_ENABLE_WIFI + LinuxDeviceOptions::GetInstance().mWiFi +#else + false +#endif + }; + + if (kThreadEnabled && kWiFiEnabled) + { + // Just use the Thread one. +#if CHIP_DEVICE_CONFIG_ENABLE_THREAD + sThreadNetworkCommissioningInstance.Init(); +#endif + } + else if (kThreadEnabled) + { +#if CHIP_DEVICE_CONFIG_ENABLE_THREAD + sThreadNetworkCommissioningInstance.Init(); #endif + } + else if (kWiFiEnabled) + { +#if CHIP_DEVICE_CONFIG_ENABLE_WIFI + sWiFiNetworkCommissioningInstance.Init(); +#endif + } + else + { + sEthernetNetworkCommissioningInstance.Init(); + } } const EmberAfDeviceType gBridgedOnOffDeviceTypes[] = { { DEVICE_TYPE_LO_ON_OFF_LIGHT, DEVICE_VERSION_DEFAULT }, diff --git a/src/app/clusters/door-lock-server/door-lock-server.cpp b/src/app/clusters/door-lock-server/door-lock-server.cpp index a3c75c4818ff9c..86f6b10fe7b7d4 100644 --- a/src/app/clusters/door-lock-server/door-lock-server.cpp +++ b/src/app/clusters/door-lock-server/door-lock-server.cpp @@ -2085,8 +2085,11 @@ DlStatus DoorLockServer::addCredentialToUser(chip::EndpointId endpointId, chip:: for (size_t i = 0; i < user.credentials.size(); ++i) { - // appclusters, 5.2.4.40: user should not be already associated with given credentialIndex - if (user.credentials.data()[i].CredentialIndex == credential.CredentialIndex) + // appclusters, 5.2.4.40: CredentialIndex in CredentialStruct provided SHALL be for an available credential slot. + // appclusters, 5.6.3.2: This is the index of the specific credential used to authorize + // the lock operation in the list of credentials identified by CredentialType + if (user.credentials.data()[i].CredentialIndex == credential.CredentialIndex && + user.credentials.data()[i].CredentialType == credential.CredentialType) { emberAfDoorLockClusterPrintln( "[AddCredentialToUser] Unable to add credential to user: credential with this index is already associated " diff --git a/src/test_driver/nrfconnect/prj.conf b/src/test_driver/nrfconnect/prj.conf index d50406fae0d258..3b167d03c64124 100644 --- a/src/test_driver/nrfconnect/prj.conf +++ b/src/test_driver/nrfconnect/prj.conf @@ -39,11 +39,7 @@ CONFIG_NET_IPV6_NBR_CACHE=n CONFIG_NET_IPV6_MLD=n # Configure settings -CONFIG_FLASH=y CONFIG_FLASH_SIMULATOR=y -CONFIG_FLASH_MAP=y -CONFIG_NVS=y -CONFIG_SETTINGS=y # Network buffers CONFIG_NET_PKT_RX_COUNT=16 diff --git a/src/tools/chip-cert/CertUtils.cpp b/src/tools/chip-cert/CertUtils.cpp index ed7f09d040ad26..28b6e0d3951131 100644 --- a/src/tools/chip-cert/CertUtils.cpp +++ b/src/tools/chip-cert/CertUtils.cpp @@ -567,13 +567,13 @@ bool AddAuthorityKeyId(X509 * cert, X509 * caCert, bool isAKIDLengthValid) } // namespace -bool ReadCert(const char * fileNameOrStr, X509 * cert) +bool ReadCert(const char * fileNameOrStr, std::unique_ptr & cert) { CertFormat origCertFmt; return ReadCert(fileNameOrStr, cert, origCertFmt); } -bool ReadCert(const char * fileNameOrStr, X509 * cert, CertFormat & certFmt) +bool ReadCert(const char * fileNameOrStr, std::unique_ptr & cert, CertFormat & certFmt) { bool res = true; uint32_t certLen = 0; @@ -628,7 +628,8 @@ bool ReadCert(const char * fileNameOrStr, X509 * cert, CertFormat & certFmt) std::unique_ptr certBIO( BIO_new_mem_buf(static_cast(certBuf.get()), static_cast(certLen)), &BIO_free_all); - if (PEM_read_bio_X509(certBIO.get(), &cert, nullptr, nullptr) == nullptr) + cert.reset(PEM_read_bio_X509(certBIO.get(), nullptr, nullptr, nullptr)); + if (cert.get() == nullptr) { ReportOpenSSLErrorAndExit("PEM_read_bio_X509", res = false); } @@ -639,7 +640,8 @@ bool ReadCert(const char * fileNameOrStr, X509 * cert, CertFormat & certFmt) const uint8_t * outCert = certBuf.get(); - if (d2i_X509(&cert, &outCert, static_cast(certLen)) == nullptr) + cert.reset(d2i_X509(nullptr, &outCert, static_cast(certLen))); + if (cert.get() == nullptr) { ReportOpenSSLErrorAndExit("d2i_X509", res = false); } @@ -667,7 +669,8 @@ bool ReadCert(const char * fileNameOrStr, X509 * cert, CertFormat & certFmt) VerifyOrReturnError(chip::CanCastTo(x509Cert.size()), false); - if (d2i_X509(&cert, &outCert, static_cast(x509Cert.size())) == nullptr) + cert.reset(d2i_X509(nullptr, &outCert, static_cast(x509Cert.size()))); + if (cert.get() == nullptr) { ReportOpenSSLErrorAndExit("d2i_X509", res = false); } @@ -680,9 +683,9 @@ bool ReadCert(const char * fileNameOrStr, X509 * cert, CertFormat & certFmt) bool ReadCertDER(const char * fileNameOrStr, MutableByteSpan & cert) { bool res = true; - std::unique_ptr certX509(X509_new(), &X509_free); + std::unique_ptr certX509(nullptr, &X509_free); - VerifyOrReturnError(ReadCert(fileNameOrStr, certX509.get()), false); + VerifyOrReturnError(ReadCert(fileNameOrStr, certX509), false); uint8_t * certPtr = cert.data(); int certLen = i2d_X509(certX509.get(), &certPtr); @@ -730,9 +733,9 @@ bool LoadChipCert(const char * fileNameOrStr, bool isTrused, ChipCertificateSet bool res = true; CHIP_ERROR err; BitFlags decodeFlags; - std::unique_ptr cert(X509_new(), &X509_free); + std::unique_ptr cert(nullptr, &X509_free); - res = ReadCert(fileNameOrStr, cert.get()); + res = ReadCert(fileNameOrStr, cert); VerifyTrueOrExit(res); res = X509ToChipCert(cert.get(), chipCert); diff --git a/src/tools/chip-cert/Cmd_ConvertCert.cpp b/src/tools/chip-cert/Cmd_ConvertCert.cpp index 7eba1cc2f8868c..efd5816293ebdd 100644 --- a/src/tools/chip-cert/Cmd_ConvertCert.cpp +++ b/src/tools/chip-cert/Cmd_ConvertCert.cpp @@ -178,7 +178,7 @@ bool HandleNonOptionArgs(const char * progName, int argc, char * const argv[]) bool Cmd_ConvertCert(int argc, char * argv[]) { bool res = true; - std::unique_ptr cert(X509_new(), &X509_free); + std::unique_ptr cert(nullptr, &X509_free); if (argc == 1) { @@ -192,7 +192,7 @@ bool Cmd_ConvertCert(int argc, char * argv[]) res = InitOpenSSL(); VerifyTrueOrExit(res); - res = ReadCert(gInFileNameOrStr, cert.get()); + res = ReadCert(gInFileNameOrStr, cert); VerifyTrueOrExit(res); res = WriteCert(gOutFileName, cert.get(), gOutCertFormat); diff --git a/src/tools/chip-cert/Cmd_GenAttCert.cpp b/src/tools/chip-cert/Cmd_GenAttCert.cpp index 845344860c49cd..270e42cfcbd1d6 100644 --- a/src/tools/chip-cert/Cmd_GenAttCert.cpp +++ b/src/tools/chip-cert/Cmd_GenAttCert.cpp @@ -560,10 +560,10 @@ bool Cmd_GenAttCert(int argc, char * argv[]) } else { - std::unique_ptr caCert(X509_new(), &X509_free); + std::unique_ptr caCert(nullptr, &X509_free); std::unique_ptr caKey(EVP_PKEY_new(), &EVP_PKEY_free); - res = ReadCert(gCACertFileNameOrStr, caCert.get()); + res = ReadCert(gCACertFileNameOrStr, caCert); VerifyTrueOrExit(res); res = ReadKey(gCAKeyFileNameOrStr, caKey, gCertConfig.IsErrorTestCaseEnabled()); diff --git a/src/tools/chip-cert/Cmd_GenCD.cpp b/src/tools/chip-cert/Cmd_GenCD.cpp index a338e19ea6e835..77f77471d93ffa 100644 --- a/src/tools/chip-cert/Cmd_GenCD.cpp +++ b/src/tools/chip-cert/Cmd_GenCD.cpp @@ -485,8 +485,8 @@ bool HandleOption(const char * progName, OptionSet * optSet, int id, const char } { const char * fileNameOrStr = arg; - std::unique_ptr cert(X509_new(), &X509_free); - VerifyOrReturnError(ReadCert(fileNameOrStr, cert.get()), false); + std::unique_ptr cert(nullptr, &X509_free); + VerifyOrReturnError(ReadCert(fileNameOrStr, cert), false); ByteSpan skid; VerifyOrReturnError(ExtractSKIDFromX509Cert(cert.get(), skid), false); @@ -1144,10 +1144,10 @@ bool Cmd_GenCD(int argc, char * argv[]) } { - std::unique_ptr cert(X509_new(), &X509_free); + std::unique_ptr cert(nullptr, &X509_free); std::unique_ptr key(EVP_PKEY_new(), &EVP_PKEY_free); - VerifyOrReturnError(ReadCert(gCertFileNameOrStr, cert.get()), false); + VerifyOrReturnError(ReadCert(gCertFileNameOrStr, cert), false); VerifyOrReturnError(ReadKey(gKeyFileNameOrStr, key), false); // Extract the subject key id from the X509 certificate. diff --git a/src/tools/chip-cert/Cmd_GenCert.cpp b/src/tools/chip-cert/Cmd_GenCert.cpp index c17780eec584d4..07317d414c673f 100644 --- a/src/tools/chip-cert/Cmd_GenCert.cpp +++ b/src/tools/chip-cert/Cmd_GenCert.cpp @@ -992,7 +992,7 @@ bool Cmd_GenCert(int argc, char * argv[]) uint8_t certType = kCertType_NotSpecified; std::unique_ptr newCert(X509_new(), &X509_free); std::unique_ptr newKey(EVP_PKEY_new(), &EVP_PKEY_free); - std::unique_ptr caCert(X509_new(), &X509_free); + std::unique_ptr caCert(nullptr, &X509_free); std::unique_ptr caKey(EVP_PKEY_new(), &EVP_PKEY_free); X509 * caCertPtr = nullptr; EVP_PKEY * caKeyPtr = nullptr; @@ -1162,7 +1162,7 @@ bool Cmd_GenCert(int argc, char * argv[]) } else { - res = ReadCert(gCACertFileNameOrStr, caCert.get()); + res = ReadCert(gCACertFileNameOrStr, caCert); VerifyTrueOrExit(res); res = ReadKey(gCAKeyFileNameOrStr, caKey); diff --git a/src/tools/chip-cert/Cmd_PrintCert.cpp b/src/tools/chip-cert/Cmd_PrintCert.cpp index 76110b8dca5981..0c7f696bdb8a5d 100644 --- a/src/tools/chip-cert/Cmd_PrintCert.cpp +++ b/src/tools/chip-cert/Cmd_PrintCert.cpp @@ -1,6 +1,6 @@ /* * - * Copyright (c) 2021 Project CHIP Authors + * Copyright (c) 2021-2022 Project CHIP Authors * Copyright (c) 2013-2017 Nest Labs, Inc. * All rights reserved. * @@ -371,7 +371,7 @@ bool PrintCert(const char * fileName, X509 * cert) bool Cmd_PrintCert(int argc, char * argv[]) { bool res = true; - std::unique_ptr cert(X509_new(), &X509_free); + std::unique_ptr cert(nullptr, &X509_free); if (argc == 1) { @@ -382,7 +382,7 @@ bool Cmd_PrintCert(int argc, char * argv[]) res = ParseArgs(CMD_NAME, argc, argv, gCmdOptionSets, HandleNonOptionArgs); VerifyTrueOrExit(res); - res = ReadCert(gInFileNameOrStr, cert.get()); + res = ReadCert(gInFileNameOrStr, cert); VerifyTrueOrExit(res); res = PrintCert(gOutFileName, cert.get()); diff --git a/src/tools/chip-cert/Cmd_ResignCert.cpp b/src/tools/chip-cert/Cmd_ResignCert.cpp index 053b5ff917d0b9..425d295c918170 100644 --- a/src/tools/chip-cert/Cmd_ResignCert.cpp +++ b/src/tools/chip-cert/Cmd_ResignCert.cpp @@ -137,7 +137,7 @@ bool Cmd_ResignCert(int argc, char * argv[]) { bool res = true; CertFormat inCertFmt; - std::unique_ptr cert(X509_new(), &X509_free); + std::unique_ptr cert(nullptr, &X509_free); std::unique_ptr caKey(EVP_PKEY_new(), &EVP_PKEY_free); if (argc == 1) @@ -192,7 +192,7 @@ bool Cmd_ResignCert(int argc, char * argv[]) res = InitOpenSSL(); VerifyTrueOrExit(res); - res = ReadCert(gInCertFileNameOrStr, cert.get(), inCertFmt); + res = ReadCert(gInCertFileNameOrStr, cert, inCertFmt); VerifyTrueOrExit(res); res = ReadKey(gCAKeyFileNameOrStr, caKey); @@ -200,9 +200,9 @@ bool Cmd_ResignCert(int argc, char * argv[]) if (!gSelfSign) { - std::unique_ptr caCert(X509_new(), &X509_free); + std::unique_ptr caCert(nullptr, &X509_free); - res = ReadCert(gCACertFileNameOrStr, caCert.get()); + res = ReadCert(gCACertFileNameOrStr, caCert); VerifyTrueOrExit(res); res = ResignCert(cert.get(), caCert.get(), caKey.get()); diff --git a/src/tools/chip-cert/KeyUtils.cpp b/src/tools/chip-cert/KeyUtils.cpp index 9cc7fc484cdc80..fcc2e567724a9a 100644 --- a/src/tools/chip-cert/KeyUtils.cpp +++ b/src/tools/chip-cert/KeyUtils.cpp @@ -264,9 +264,8 @@ bool ReadKey(const char * fileNameOrStr, std::unique_ptr & cert); +extern bool ReadCert(const char * fileNameOrStr, std::unique_ptr & cert, CertFormat & origCertFmt); extern bool ReadCertDER(const char * fileNameOrStr, chip::MutableByteSpan & cert); extern bool LoadChipCert(const char * fileNameOrStr, bool isTrused, chip::Credentials::ChipCertificateSet & certSet, chip::MutableByteSpan & chipCert);