Generate test DAC/PAI bits for vendor ids 0xFFF2 and 0xFFF3, not just 0xFFF1 #25559

bzbarsky-apple · 2023-03-08T04:35:42Z

REVIEW NOTES:

All the new bits under Credentials/development/attestation/ were generated by running src/tools/chip-cert/dacs.py after making the changes to it that this PR makes.
Existing der/pem files under Credentials/development/attestation/ were just renamed to the new names the script expects, to minimize changes to the ExampleDACs/ExamplePAI files.
The manual changes are to src/app/tests/suites/credentials/TestHarnessDACProvider.cpp, src/credentials/examples/DeviceAttestationCredsExample.cpp, and src/tools/chip-cert/dacs.py. Everything else is then generated by running dacs.py.

The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by:

Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw.

Running

chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile

and the same with -V FFF3 to generate the certification declaration.

Opening up that file in a text editor and:
a) Lower-casing the text.
b) Doing a regexp replace of "(..)" with "0x\1, ".

Fixes #25504

github-actions · 2023-03-08T04:52:11Z

PR #25559: Size comparison from 6bb8917 to 53b67a5

Full report (2 builds for cc32xx, mbed)

platform	target	config	section	`6bb8917`	`53b67a5`
cc32xx	lock	CC3235SF_LAUNCHXL		0	0
			(read only)	644425	644425
			(read/write)	203688	203688
			.ARM.attributes	44	44
			.ARM.exidx	8	8
			.bss	197088	197088
			.comment	194	194
			.data	1480	1480
			.debug_abbrev	930235	930235
			.debug_aranges	87344	87344
			.debug_frame	300044	300044
			.debug_info	20267388	20267388
			.debug_line	`2659771`	`2659771`
			.debug_loc	2802807	2802807
			.debug_ranges	282960	282960
			.debug_str	3024017	3024017
			.ramVecs	780	780
			.resetVecs	64	64
			.rodata	105929	105929
			.shstrtab	232	232
			.stab	204	204
			.stabstr	441	441
			.stack	2048	2048
			.strtab	378514	378514
			.symtab	256624	256624
			.text	536372	536372
mbed	lock-app	CY8CPROTO_062_4343W+release	(read only)	6224	6224
			(read/write)	2467600	2467600
			.bss	215804	215804
			.data	5880	5880
			.text	1430244	1430244

… 0xFFF1. The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by: 1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw. 2) Running chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile and the same with -V FFF3 to generate the certification declaration. 3) Opening up that file in a text editor and: a) Lower-casing the text. b) Doing a regexp replace of "(..)" with "0x\1, ". Fixes project-chip#25504

cecille

Feel free to ignore my suggestion if it's going to be annoying to change. This looks fine. Thanks.

src/credentials/examples/DeviceAttestationCredsExample.cpp

github-actions · 2023-03-08T15:57:40Z

PR #25559: Size comparison from 8a12695 to 5e8568e

Increases (1 build for cc32xx)

platform	target	config	section	`8a12695`	`5e8568e`	change	% change
cc32xx	lock	CC3235SF_LAUNCHXL	.debug_info	20267469	20267470	1	0.0

Full report (1 build for cc32xx)

platform	target	config	section	`8a12695`	`5e8568e`	change
cc32xx	lock	CC3235SF_LAUNCHXL		0	0	0
			(read only)	644425	644425	0
			(read/write)	203688	203688	0
			.ARM.attributes	44	44	0
			.ARM.exidx	8	8	0
			.bss	197088	197088	0
			.comment	194	194	0
			.data	1480	1480	0
			.debug_abbrev	930235	930235	0
			.debug_aranges	87344	87344	0
			.debug_frame	300044	300044	0
			.debug_info	20267469	20267470	1
			.debug_line	2659770	2659770	0
			.debug_loc	`2802853`	`2802853`	0
			.debug_ranges	282960	282960	0
			.debug_str	3024079	3024079	0
			.ramVecs	780	780	0
			.resetVecs	64	64	0
			.rodata	105929	105929	0
			.shstrtab	232	232	0
			.stab	204	204	0
			.stabstr	441	441	0
			.stack	2048	2048	0
			.strtab	378571	378571	0
			.symtab	256624	256624	0
			.text	536372	536372	0

… 0xFFF1. (project-chip#25559) The test CDs for VIDs 0xFFF2 and 0xFFF3 were generated by: 1) Modifying src/tools/chip-cert/Cmd_GenCD.cpp to use kDataFormat_Hex, not kDataFormat_Raw. 2) Running chip-cert gen-cd -f 1 -V FFF2 -d 0016 -c "CSA00000SWC00000-00" -l 0 -i 0 -n 1 -t 0 -p 8000 -p 8001 -p 8002 -p 8003 -p 8004 -p 8005 -p 8006 -p 8007 -p 8008 -p 8009 -p 800A -p 800B -p 800C -p 800D -p 800E -p 800F -p 8010 -p 8011 -p 8012 -p 8013 -p 8014 -p 8015 -p 8016 -p 8017 -p 8018 -p 8019 -p 801A -p 801B -p 801C -p 801D -p 801E -p 801F -p 8020 -p 8021 -p 8022 -p 8023 -p 8024 -p 8025 -p 8026 -p 8027 -p 8028 -p 8029 -p 802A -p 802B -p 802C -p 802D -p 802E -p 802F -p 8030 -p 8031 -p 8032 -p 8033 -p 8034 -p 8035 -p 8036 -p 8037 -p 8038 -p 8039 -p 803A -p 803B -p 803C -p 803D -p 803E -p 803F -p 8040 -p 8041 -p 8042 -p 8043 -p 8044 -p 8045 -p 8046 -p 8047 -p 8048 -p 8049 -p 804A -p 804B -p 804C -p 804D -p 804E -p 804F -p 8050 -p 8051 -p 8052 -p 8053 -p 8054 -p 8055 -p 8056 -p 8057 -p 8058 -p 8059 -p 805A -p 805B -p 805C -p 805D -p 805E -p 805F -p 8060 -p 8061 -p 8062 -p 8063 --key ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --cert ./credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem --out somefile and the same with -V FFF3 to generate the certification declaration. 3) Opening up that file in a text editor and: a) Lower-casing the text. b) Doing a regexp replace of "(..)" with "0x\1, ". Fixes project-chip#25504

bzbarsky-apple marked this pull request as draft March 8, 2023 04:35

github-actions bot added the tools label Mar 8, 2023

bzbarsky-apple force-pushed the generate-more-dacs branch from 53b67a5 to ad769f8 Compare March 8, 2023 06:07

bzbarsky-apple force-pushed the generate-more-dacs branch from ad769f8 to 5e8568e Compare March 8, 2023 15:41

github-actions bot added app tests labels Mar 8, 2023

bzbarsky-apple marked this pull request as ready for review March 8, 2023 15:44

pullapprove bot requested review from msandstedt, mspang, nivi-apple, pjzander-signify, saurabhst, selissia, sharadb-amazon, tcarmelveilleux, tecimovic, tehampson, turon, vijs, vivien-apple, woody-apple, xylophone21, younghak-hwang and yunhanw-google March 8, 2023 15:45

pullapprove bot added the review - pending label Mar 8, 2023

cecille approved these changes Mar 8, 2023

View reviewed changes

src/credentials/examples/DeviceAttestationCredsExample.cpp Show resolved Hide resolved

yufengwangca approved these changes Mar 8, 2023

View reviewed changes

emargolis approved these changes Mar 8, 2023

View reviewed changes

msandstedt approved these changes Mar 9, 2023

View reviewed changes

pullapprove bot added review - approved and removed review - pending labels Mar 9, 2023

bzbarsky-apple merged commit ecd60f3 into project-chip:master Mar 9, 2023

bzbarsky-apple deleted the generate-more-dacs branch March 9, 2023 04:25

s07641069 mentioned this pull request Mar 13, 2023

[Telink] Fix Factory Data build and handle it by CI #25655

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Generate test DAC/PAI bits for vendor ids 0xFFF2 and 0xFFF3, not just 0xFFF1 #25559

Generate test DAC/PAI bits for vendor ids 0xFFF2 and 0xFFF3, not just 0xFFF1 #25559

bzbarsky-apple commented Mar 8, 2023 •

edited

Loading

github-actions bot commented Mar 8, 2023

cecille left a comment

github-actions bot commented Mar 8, 2023

Generate test DAC/PAI bits for vendor ids 0xFFF2 and 0xFFF3, not just 0xFFF1 #25559

Generate test DAC/PAI bits for vendor ids 0xFFF2 and 0xFFF3, not just 0xFFF1 #25559

Conversation

bzbarsky-apple commented Mar 8, 2023 • edited Loading

github-actions bot commented Mar 8, 2023

cecille left a comment

Choose a reason for hiding this comment

github-actions bot commented Mar 8, 2023

bzbarsky-apple commented Mar 8, 2023 •

edited

Loading