[TC-DA-1.2]chip-tool-Device Attestation Request Validation not supported #14395
Comments
woody-apple
added
spec
|
Logs are not the way to determine CD and AttestationElements validity. The elements can only be validated with some automation, since there are too many rules to reliably determine the outcome purely by inspection, and making the software log in a human readable way all the traffic is unwieldy. The approach I suggested in the past to @vivien-apple to support this is to have the YAML framework be able to save/store a given command response and some attribute values previously read (e.g. the device attestation certificate chain), and then run a named tool or procedure on the saved data. This would allow using some of the tools we already have (such as chip-cert) to be expanded to do the necessary validation and provide a report, without changing SDK core code. The approach is also compatible with The above would work for test cases that relate both to AttestationRequest/Response, and CSRRequest/Response and AddNOC test cases. |
|
My understanding of this issue is that we need 2 things:
Is there anything else that I missed ? |
|
@vivien-apple I am not sure if this question is addressed to me. If so please attach a example log for device attestation and script so that we are able to analyze the output and do the logical mapping with the test plan expected result |
|
Cert Blocker Review: Assigning with @vivien-apple |
|
should be fixed by Vivien's PR #18893. @sumaky can you please verify and close this issue? |
|
I would assume that this is done. It I'm wrong please reopen a separate issue with the specific parts that are missing. thanks! |
Problem:
1.The logs obtained from CHIP tool does not allow to validate the following:
Test Plan Link:
(https://github.com/CHIP-Specifications/chip-test-plans/blob/master/src/deviceattestation.adocl)
Proposed Solution:
CONT_TC-DA.txt
The text was updated successfully, but these errors were encountered: