[Feature] We'll need a way to programmatically/dynamically generate certs for various VID/PID (VendorID/ ProductID) for extended testing with ota-requester app. #25504
Comments
|
@vinay-apple We already have different example DA certs for different product ids. Would simply adding some for a few different vendor ids be sufficient here? What set of (VID, PID) pairs would you want to be supported? |
|
OK, so generating new DAC/PAI stuff is doable. The hard part is the Certification Declaration. That is also hardcoded to VID=0xFFF1, and it needs to be signed by one of the alliance private keys, so generating a new one is somewhat complicated. @tcarmelveilleux @emargolis is there some way we could also get CDs for VIDs 0xFFF2 and 0xFFF3 generated? Also of note: the CDs for VID=0xFFF1 in |
bzbarsky-apple
added a commit
to bzbarsky-apple/connectedhomeip
that referenced
this issue
Mar 8, 2023
bzbarsky-apple
added a commit
to bzbarsky-apple/connectedhomeip
that referenced
this issue
Mar 8, 2023
bzbarsky-apple
added a commit
to bzbarsky-apple/connectedhomeip
that referenced
this issue
Mar 8, 2023
… 0xFFF1.
The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by:
1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw.
2) Running
chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile
and the same with -V FFF3 to generate the certification declaration.
3) Opening up that file in a text editor and:
a) Lower-casing the text.
b) Doing a regexp replace of "(..)" with "0x\1, ".
Fixes project-chip#25504
bzbarsky-apple
added a commit
that referenced
this issue
Mar 9, 2023
… 0xFFF1. (#25559) The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by: 1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw. 2) Running chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile and the same with -V FFF3 to generate the certification declaration. 3) Opening up that file in a text editor and: a) Lower-casing the text. b) Doing a regexp replace of "(..)" with "0x\1, ". Fixes #25504
kkasperczyk-no
pushed a commit
to kkasperczyk-no/sdk-connectedhomeip
that referenced
this issue
Mar 15, 2023
… 0xFFF1. (#25559)
The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by:
1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw.
2) Running
chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile
and the same with -V FFF3 to generate the certification declaration.
3) Opening up that file in a text editor and:
a) Lower-casing the text.
b) Doing a regexp replace of "(..)" with "0x\1, ".
Fixes project-chip/connectedhomeip#25504
lecndav
pushed a commit
to lecndav/connectedhomeip
that referenced
this issue
Mar 22, 2023
… 0xFFF1. (project-chip#25559) The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by: 1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw. 2) Running chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile and the same with -V FFF3 to generate the certification declaration. 3) Opening up that file in a text editor and: a) Lower-casing the text. b) Doing a regexp replace of "(..)" with "0x\1, ". Fixes project-chip#25504
mwswartwout
pushed a commit
to mwswartwout/connectedhomeip
that referenced
this issue
Mar 27, 2023
… 0xFFF1. (project-chip#25559) The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by: 1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw. 2) Running chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile and the same with -V FFF3 to generate the certification declaration. 3) Opening up that file in a text editor and: a) Lower-casing the text. b) Doing a regexp replace of "(..)" with "0x\1, ". Fixes project-chip#25504
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature description
...
SHA: df4ad95
We'll need a way to programmatically/dynamically generate certs for various VID/PID (VendorID/ ProductID) for extended testing with ota-requester app.
We're getting the vid/pid from the certificate now. The test certificate used is hardcoded to have a VendorID of 0xFFF1.
So if we try to change the value at below location to 0xFFF0 (#define CHIP_DEVICE_CONFIG_DEVICE_VENDOR_ID 0xFFF0) for testing this would still use the hardcoded value of 0xFFF1 on the compiled certificate on the ota-requester app hence we get unexpected results on the testing.
connectedhomeip/src/include/platform/CHIPDeviceConfig.h
Line 200 in a7cc2cf
ota-requester-hard-coded-VID-0xFFF1.txt
Platform
darwin
Platform Version(s)
13.2
Anything else?
No response
The text was updated successfully, but these errors were encountered: