| # Copyright (c) 2021 Project CHIP Authors |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # Auto-generated scripts for harness use only, please review before automation. The endpoints and cluster names are currently set to default |
| |
| name: 4.1.7. [TC-DA-1.7] Validate CertificateChainRequest [DUT-Commissionee] |
| |
| PICS: |
| - MCORE.ROLE.COMMISSIONEE |
| |
| config: |
| nodeId: 0x12344321 |
| cluster: "Basic" |
| endpoint: 0 |
| |
| tests: |
| - label: "Pre-Conditions TH only has official PAAs from DCL" |
| verification: | |
| verification step to be updated. |
| disabled: true |
| |
| - label: "Commission DUT1 to TH fabric" |
| verification: | |
| sudo ./chip-all-clusters-app --wifi |
| |
| TH side: |
| ./chip-tool pairing ble-wifi 1 zigbeehome matter123 20202021 3841 --trace_decode 1 |
| |
| [1650455358.501816][4366:4371] CHIP:TOO: Device commissioning completed with success |
| disabled: true |
| |
| - label: |
| "TH sends CertificateChainRequest Command to DUT1 with the |
| CertificateType set to PAICertificate" |
| verification: | |
| To get DAC value, send below command. |
| ./chip-tool operationalcredentials certificate-chain-request 1 1 0 |
| |
| "Verify in TH log: |
| |
| [1657774717.721972][7956:7961] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1657774717.722019][7956:7961] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Command 0x0000_0003 |
| [1657774717.722135][7956:7961] CHIP:TOO: CertificateChainResponse: { |
| [1657774717.722181][7956:7961] CHIP:TOO: certificate: 308201E73082018EA003020102020869CDF10DE9E54ED1300A06082A8648CE3D040302303D3125302306035504030C1C4D6174746572204465762050414920307846464631206E6F2050494431143012060A2B0601040182A27C02010C04464646313020170D3232303230353030303030305A180F39393939313233313233353935395A30533125302306035504030C1C4D61747465722044657620444143203078464646312F30783830303131143012060A2B0601040182A27C02010C044646463131143012060A2B0601040182A27C02020C04383030313059301306072A8648CE3D020106082A8648CE3D03010703420004463AC69342910A0E5588FC6FF56BB63E62ECCECB148F7D4EB03EE552601415767D16A5C663F793E49123260B8297A7CD7E7CFC7B316B39D98E90D29377738E82A360305E300C0603551D130101FF04023000300E0603551D0F0101FF040403020780301D0603551D0E0416041488DDE7B300382932CFF734C04624810F44168A6F301F0603551D2304183016801463540E47F64B1C38D13884A462D16C195D8FFB3C300A06082A8648CE3D040302 |
| [1657774717.722269][7956:7961] CHIP:TOO: ...........: 034700304402200127A27B4B44610EE2FCDC4D2B7885563660BC0F76F17219ED6A08DFB2B3C1CD02206B59E0AF45F3EB2A85B919D35731528C6028C415239545E108E4E54E70971353 |
| [1657774717.722297][7956:7961] CHIP:TOO: } |
| |
| |
| To get PAI value, send below command. |
| ./chip-tool operationalcredentials certificate-chain-request 2 1 0 |
| |
| "Verify in TH log: |
| |
| [1657774756.281112][7964:7969] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1657774756.281164][7964:7969] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Command 0x0000_0003 |
| [1657774756.281236][7964:7969] CHIP:TOO: CertificateChainResponse: { |
| [1657774756.281289][7964:7969] CHIP:TOO: certificate: 308201CB30820171A003020102020856AD8222AD945B64300A06082A8648CE3D04030230303118301606035504030C0F4D617474657220546573742050414131143012060A2B0601040182A27C02010C04464646313020170D3232303230353030303030305A180F39393939313233313233353935395A303D3125302306035504030C1C4D6174746572204465762050414920307846464631206E6F2050494431143012060A2B0601040182A27C02010C04464646313059301306072A8648CE3D020106082A8648CE3D03010703420004419A9315C2173E0C8C876D03CCFC944852647F7FEC5E5082F4059928ECA894C594151309AC631E4CB03392AF684B0BAFB7E65B3B8162C2F52BF931B8E77AAA82A366306430120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020106301D0603551D0E0416041463540E47F64B1C38D13884A462D16C195D8FFB3C301F0603551D230418301680146AFD22771F511FECBF1641976710DCDC31A1717E300A06082A8648CE3D0403020348003045022100B2EF27F49AE9B50FB91EEAC94C4D0BDBB8D7929C6C |
| [1657774756.281357][7964:7969] CHIP:TOO: ...........: B88FACE529368D12054C0C0220655DC92B86BD909882A6C62177B825D7D05EDBE7C22F9FEA71220E7EA703F891 |
| [1657774756.281388][7964:7969] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH sends CertificateChainRequest Command to DUT1 with the |
| CertificateType set to DACCertificate" |
| verification: | |
| See above |
| disabled: true |
| |
| - label: "TH extracts the Authority Key Identifier from the PAI certificate" |
| verification: | |
| During commissioning we will get PAI certificate, see in below log: |
| |
| [1659415376.883870][2666:2671] CHIP:CTL: Performing next commissioning step "SendPAICertificateRequest" |
| [1659415376.883925][2666:2671] CHIP:CTL: Sending request for PAI certificate |
| [1659415376.884015][2666:2671] CHIP:CTL: Sending Certificate Chain request to 0xffffa0000b60 device |
| [1659415376.884167][2666:2671] CHIP:DMG: ICR moving to [AddingComm] |
| [1659415376.884302][2666:2671] CHIP:DMG: ICR moving to [AddedComma] |
| [1659415376.884867][2666:2671] CHIP:IN: Prepared secure message 0xffffb37ec8d8 to 0xFFFFFFFB00000000 (0) of type 0x8 and protocolId (0, 1) on exchange 61632i with MessageCounter:72933899. |
| [1659415376.884965][2666:2671] CHIP:IN: Sending encrypted msg 0xffffb37ec8d8 with MessageCounter:72933899 to 0xFFFFFFFB00000000 (0) at monotonic time: 0000000000161D55 msec |
| [1659415376.885796][2666:2671] CHIP:DMG: >> to BLE | 72933899 | [Interaction Model (1) / InvokeCommandRequest (0x08) / Session = 384 / Exchange = 61632] |
| [1659415376.885890][2666:2671] CHIP:DMG: Header Flags = |
| [1659415376.885944][2666:2671] CHIP:DMG: { |
| [1659415376.886028][2666:2671] CHIP:DMG: Exchange (0x01) = |
| [1659415376.886081][2666:2671] CHIP:DMG: { |
| [1659415376.886154][2666:2671] CHIP:DMG: Initiator = true |
| [1659415376.886206][2666:2671] CHIP:DMG: } |
| [1659415376.886296][2666:2671] CHIP:DMG: } |
| [1659415376.886350][2666:2671] CHIP:DMG: |
| [1659415376.886438][2666:2671] CHIP:DMG: Encrypted Payload (62 bytes) = |
| [1659415376.886492][2666:2671] CHIP:DMG: { |
| [1659415376.886542][2666:2671] CHIP:DMG: data = 008001000be258046e751fb56b97dabcc7ee6b6611ede33a66461e188834bb1fe5b6332edb4a3896d32bce2eb59dee722e070c4426af77c82dfca14619bb |
| [1659415376.886616][2666:2671] CHIP:DMG: buffer_ptr = 281473366182720 |
| [1659415376.886666][2666:2671] CHIP:DMG: } |
| [1659415376.886714][2666:2671] CHIP:DMG: |
| [1659415376.886900][2666:2671] CHIP:DMG: InvokeRequestMessage = |
| [1659415376.886962][2666:2671] CHIP:DMG: { |
| [1659415376.887039][2666:2671] CHIP:DMG: suppressResponse = false, |
| [1659415376.887103][2666:2671] CHIP:DMG: timedRequest = false, |
| [1659415376.887162][2666:2671] CHIP:DMG: InvokeRequests = |
| [1659415376.887234][2666:2671] CHIP:DMG: [ |
| [1659415376.887312][2666:2671] CHIP:DMG: CommandDataIB = |
| [1659415376.887380][2666:2671] CHIP:DMG: { |
| [1659415376.887442][2666:2671] CHIP:DMG: CommandPathIB = |
| [1659415376.887538][2666:2671] CHIP:DMG: { |
| [1659415376.887633][2666:2671] CHIP:DMG: EndpointId = 0x0, |
| [1659415376.887874][2666:2671] CHIP:DMG: ClusterId = 0x3e, |
| [1659415376.888039][2666:2671] CHIP:DMG: CommandId = 0x2, |
| [1659415376.888125][2666:2671] CHIP:DMG: }, |
| [1659415376.888225][2666:2671] CHIP:DMG: |
| [1659415376.888289][2666:2671] CHIP:DMG: CommandFields = |
| [1659415376.888384][2666:2671] CHIP:DMG: { |
| [1659415376.888478][2666:2671] CHIP:DMG: 0x0 = 2, |
| [1659415376.888560][2666:2671] CHIP:DMG: }, |
| [1659415376.888655][2666:2671] CHIP:DMG: }, |
| [1659415376.888728][2666:2671] CHIP:DMG: |
| [1659415376.888806][2666:2671] CHIP:DMG: ], |
| [1659415376.888877][2666:2671] CHIP:DMG: |
| [1659415376.888955][2666:2671] CHIP:DMG: InteractionModelRevision = 1 |
| [1659415376.889012][2666:2671] CHIP:DMG: }, |
| [1659415376.889086][2666:2671] CHIP:DMG: |
| [1659415376.889368][2666:2671] CHIP:DMG: ICR moving to [CommandSen] |
| [1659415376.889523][2666:2671] CHIP:DMG: ICR moving to [AwaitingDe] |
| [1659415376.972895][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16387 |
| [1659415377.021227][2666:2669] CHIP:DL: Indication received, conn = 0xffffa803b9b0 |
| [1659415377.021488][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16389 |
| [1659415377.122119][2666:2669] CHIP:DL: Indication received, conn = 0xffffa803b9b0 |
| [1659415377.122505][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16389 |
| [1659415377.217641][2666:2669] CHIP:DL: Indication received, conn = 0xffffa803b9b0 |
| [1659415377.217905][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16389 |
| [1659415377.219135][2666:2671] CHIP:DMG: << from BLE | 199585160 | [Interaction Model (1) / InvokeCommandResponse (0x09) / Session = 46479 / Exchange = 61632] |
| [1659415377.219238][2666:2671] CHIP:DMG: Header Flags = |
| [1659415377.219295][2666:2671] CHIP:DMG: { |
| [1659415377.219391][2666:2671] CHIP:DMG: } |
| [1659415377.219446][2666:2671] CHIP:DMG: |
| [1659415377.219518][2666:2671] CHIP:DMG: Encrypted Payload (527 bytes) = |
| [1659415377.219573][2666:2671] CHIP:DMG: { |
| [1659415377.219626][2666:2671] CHIP:DMG: data = 008fb500886de50b9dd1c80f8f48187dc9457d6066ed57c1f15550aefb6a675573c3fcff99cc266b26bdbd97c5ac460ff50e513fd8ef02f39294c2e79b507b0d7b6342caea806048b1c64804aae7bb9d4cdb04d4c7c4d345788e332256c05e7ea38eddd7693e4a39cdfe625688f0101cf16af6f5281049b25e47e6931b06c832d9a014a8248d7cfe31d8b75ebb7805b511293591caa108030939b43b951ad2a164692b051201f9c777e769b9632f05b94bc1990718ec3d2e0fa0161da28ec39bc51017c519e994e9fbbc68693e86ae9fa72618a5a0bc9a133e919bf61ca0805a90a09807c5c4b88329bd1d99149788c5464650dc3b7223e11f4d5a487c0b589453f725b035b543b0159801bee756dcd835832af45402931d73f4977371c90a3fd406905b278fefccf607e0699cac0b082d062b563f17d6e9438720a885f6b5d0dd035d652fd9b88790b1e79995030977f4423139eff3d2e36915065474ea1996705bd63b40395344e402c191e54c1c136c4daa31040ea09cc39c5804dd4203763d05e30d2cfd50ed84e12fd01ecf9c49a4bf7fe73c13416af1cc8bed4f5f2e8919f5724d698990115f97c08f43f9dd463883b53d09e6f888ac8a8d8ba91bd65b242ae049cccd4af6fdcfa402877ba10fb560008d07054deb1e9f1a39fd9110930e1e620fc64f999255a52f8064dc1c83fe6aa35de56c44850e932c82919c1f1af174afa75f3ef77c8b08fcace33883 |
| [1659415377.219729][2666:2671] CHIP:DMG: buffer_ptr = 281473366176768 |
| [1659415377.219780][2666:2671] CHIP:DMG: } |
| [1659415377.219830][2666:2671] CHIP:DMG: |
| [1659415377.220104][2666:2671] CHIP:DMG: DAC/PAI (463) = |
| [1659415377.220220][2666:2671] CHIP:DMG: { |
| -----BEGIN CERTIFICATE----- |
| MIIByzCCAXGgAwIBAgIIVq2CIq2UW2QwCgYIKoZIzj0EAwIwMDEYMBYGA1UEAwwP |
| TWF0dGVyIFRlc3QgUEFBMRQwEgYKKwYBBAGConwCAQwERkZGMTAgFw0yMjAyMDUw |
| MDAwMDBaGA85OTk5MTIzMTIzNTk1OVowPTElMCMGA1UEAwwcTWF0dGVyIERldiBQ |
| QUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZGRjEwWTATBgcqhkjO |
| PQIBBggqhkjOPQMBBwNCAARBmpMVwhc+DIyHbQPM/JRIUmR/f+xeUIL0BZko7KiU |
| xZQVEwmsYx5MsDOSr2hLC6+35ls7gWLC9Sv5MbjneqqCo2YwZDASBgNVHRMBAf8E |
| CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUY1QOR/ZLHDjROISk |
| YtFsGV2P+zwwHwYDVR0jBBgwFoAUav0idx9RH+y/FkGXZxDc3DGhcX4wCgYIKoZI |
| zj0EAwIDSAAwRQIhALLvJ/Sa6bUPuR7qyUxNC9u415KcbLiPrOUpNo0SBUwMAiBl |
| Xckrhr2QmIKmxiF3uCXX0F7b58Ivn+pxIg5+pwP4kQ== |
| -----END CERTIFICATE----- |
| [1659415377.220439][2666:2671] CHIP:DMG: } |
| [1659415377.220490][2666:2671] CHIP:DMG: |
| [1659415377.220553][2666:2671] CHIP:DMG: |
| [1659415377.220635][2666:2671] CHIP:DMG: Additional Fields = |
| [1659415377.220689][2666:2671] CHIP:DMG: { |
| [1659415377.220748][2666:2671] CHIP:DMG: peer_address = BLE |
| [1659415377.220801][2666:2671] CHIP:DMG: } |
| [1659415377.220850][2666:2671] CHIP:DMG: |
| [1659415377.220914][2666:2671] CHIP:EM: Received message of type 0x9 with protocolId (0, 1) and MessageCounter:199585160 on exchange 61632i |
| [1659415377.220977][2666:2671] CHIP:EM: Found matching exchange: 61632i, Delegate: 0xffffa803c898 |
| [1659415377.221071][2666:2671] CHIP:DMG: ICR moving to [ResponseRe] |
| [1659415377.221162][2666:2671] CHIP:DMG: InvokeResponseMessage = |
| [1659415377.221222][2666:2671] CHIP:DMG: { |
| [1659415377.221279][2666:2671] CHIP:DMG: suppressResponse = false, |
| [1659415377.221339][2666:2671] CHIP:DMG: InvokeResponseIBs = |
| [1659415377.221413][2666:2671] CHIP:DMG: [ |
| [1659415377.221473][2666:2671] CHIP:DMG: InvokeResponseIB = |
| [1659415377.221551][2666:2671] CHIP:DMG: { |
| [1659415377.221615][2666:2671] CHIP:DMG: CommandDataIB = |
| [1659415377.221691][2666:2671] CHIP:DMG: { |
| [1659415377.221764][2666:2671] CHIP:DMG: CommandPathIB = |
| [1659415377.221855][2666:2671] CHIP:DMG: { |
| [1659415377.221949][2666:2671] CHIP:DMG: EndpointId = 0x0, |
| [1659415377.222037][2666:2671] CHIP:DMG: ClusterId = 0x3e, |
| [1659415377.222125][2666:2671] CHIP:DMG: CommandId = 0x3, |
| [1659415377.222216][2666:2671] CHIP:DMG: }, |
| [1659415377.222303][2666:2671] CHIP:DMG: |
| [1659415377.222377][2666:2671] CHIP:DMG: CommandFields = |
| [1659415377.222476][2666:2671] CHIP:DMG: { |
| [1659415377.222570][2666:2671] CHIP:DMG: 0x0 = [ |
| [1659415377.222896][2666:2671] CHIP:DMG: 0x30, 0x82, 0x1, 0xcb, 0x30, 0x82, 0x1, 0x71, 0xa0, 0x3, 0x2, 0x1, 0x2, 0x2, 0x8, 0x56, 0xad, 0x82, 0x22, 0xad, 0x94, 0x5b, 0x64, 0x30, 0xa, 0x6, 0x8, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x4, 0x3, 0x2, 0x30, 0x30, 0x31, 0x18, 0x30, 0x16, 0x6, 0x3, 0x55, 0x4, 0x3, 0xc, 0xf, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41, 0x31, 0x14, 0x30, 0x12, 0x6, 0xa, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0xa2, 0x7c, 0x2, 0x1, 0xc, 0x4, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0xd, 0x32, 0x32, 0x30, 0x32, 0x30, 0x35, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0xf, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x6, 0x3, 0x55, 0x4, 0x3, 0xc, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x6, 0xa, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0xa2, 0x7c, 0x2, 0x1, 0xc, 0x4, 0x46, 0x46, 0x46, 0x31, 0x30, 0x59, 0x30, 0x13, 0x6, 0x7, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x2, 0x1, 0x6, 0x8, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x3, 0x1, 0x7, 0x3, 0x42, 0x0, 0x4, 0x41, 0x9a, 0x93, 0x15, 0xc2, 0x17, 0x3e, 0xc, 0x8c, 0x87, 0x6d, 0x3, 0xcc, 0xfc, 0x94, 0x48, 0x52, 0x64, 0x7f, 0x7f, 0xec, 0x5e, 0x50, 0x82, 0xf4, 0x5, 0x99, 0x28, 0xec, 0xa8, 0x94, 0xc5, 0x94, 0x15, 0x13, 0x9, 0xac, 0x63, 0x1e, 0x4c, 0xb0, 0x33, 0x92, 0xaf, 0x68, 0x4b, 0xb, 0xaf, 0xb7, 0xe6, 0x5b, 0x3b, 0x81, 0x62, 0xc2, 0xf5, 0x2b, 0xf9, 0x31, 0xb8, 0xe7, 0x7a, 0xaa, 0x82, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x6, 0x3, 0x55, 0x1d, 0x13, 0x1, 0x1, 0xff, 0x4, 0x8, 0x30, 0x6, 0x1, 0x1, 0xff, 0x2, 0x1, |
| [1659415377.223073][2666:2671] CHIP:DMG: ] (463 bytes) |
| [1659415377.223156][2666:2671] CHIP:DMG: }, |
| [1659415377.223230][2666:2671] CHIP:DMG: }, |
| [1659415377.223312][2666:2671] CHIP:DMG: |
| [1659415377.223374][2666:2671] CHIP:DMG: }, |
| [1659415377.223448][2666:2671] CHIP:DMG: |
| [1659415377.223505][2666:2671] CHIP:DMG: ], |
| [1659415377.223579][2666:2671] CHIP:DMG: |
| [1659415377.223637][2666:2671] CHIP:DMG: InteractionModelRevision = 1 |
| [1659415377.223694][2666:2671] CHIP:DMG: }, |
| [1659415377.223832][2666:2671] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1659415377.223908][2666:2671] CHIP:CTL: Received certificate chain from the device |
| [1659415377.224018][2666:2671] CHIP:CTL: Successfully finished commissioning step "SendPAICertificateRequest" |
| |
| |
| 1. Save the PAI value from commissioning log of TH in the file as below |
| vi pai_6.pem |
| |
| 2. Give the below command to extract the Authority key ID |
| openssl x509 -in pai_6.pem -text |
| |
| Verify that below extracted authority key is not same as the SDK"s test PAA |
| 1. 78:5C:E7:05:B8:6B:8F:4E:6F:C7:93:AA:60:CB:43:EA:69:68:82:D5 |
| 2. 6A:FD:22:77:1F:51:1F:EC:BF:16:41:97:67:10:DC:DC:31:A1:71:7E |
| |
| Below certificate has been extracted using the sample DUT, hence the Authority key ID is same as SDK"s test PAA |
| |
| grl@grl-ThinkPad-L480:~/jul14_2ndcntrl/connectedhomeip$ openssl x509 -in pai_6.pem -text |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 4498223361705918669 (0x3e6ce6509ad840cd) |
| Signature Algorithm: ecdsa-with-SHA256 |
| Issuer: CN = Matter Test PAA, 1.3.6.1.4.1.37244.2.1 = FFF1 |
| Validity |
| Not Before: Jun 28 14:23:43 2021 GMT |
| Not After : Dec 31 23:59:59 9999 GMT |
| Subject: CN = Matter Test PAI, 1.3.6.1.4.1.37244.2.1 = FFF1, 1.3.6.1.4.1.37244.2.2 = 8000 |
| Subject Public Key Info: |
| Public Key Algorithm: id-ecPublicKey |
| Public-Key: (256 bit) |
| pub: |
| 04:80:dd:f1:1b:22:8f:3e:31:f6:3b:cf:57:98:da: |
| 14:62:3a:eb:bd:e8:2e:f3:78:ee:ad:bf:b1:8f:e1: |
| ab:ce:31:d0:8e:d4:b2:06:04:b6:cc:c6:d9:b5:fa: |
| b6:4e:7d:e1:0c:b7:4b:e0:17:c9:ec:15:16:05:6d: |
| 70:f2:cd:0b:22 |
| ASN1 OID: prime256v1 |
| NIST CURVE: P-256 |
| X509v3 extensions: |
| X509v3 Basic Constraints: critical |
| CA:TRUE, pathlen:0 |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Subject Key Identifier: |
| AF:42:B7:09:4D:EB:D5:15:EC:6E:CF:33:B8:11:15:22:5F:32:52:88 |
| X509v3 Authority Key Identifier: |
| keyid:6A:FD:22:77:1F:51:1F:EC:BF:16:41:97:67:10:DC:DC:31:A1:71:7E |
| |
| Signature Algorithm: ecdsa-with-SHA256 |
| 30:45:02:21:00:96:c9:c8:cf:2e:01:88:60:05:d8:f5:bc:72: |
| c0:7b:75:fd:9a:57:69:5a:c4:91:11:31:13:8b:ea:03:3c:e5: |
| 03:02:20:25:54:94:3b:e5:7d:53:d6:c4:75:f7:d2:3e:bf:cf: |
| c2:03:6c:d2:9b:a6:39:3e:c7:ef:ad:87:14:ab:71:82:19 |
| -----BEGIN CERTIFICATE----- |
| MIIB1DCCAXqgAwIBAgIIPmzmUJrYQM0wCgYIKoZIzj0EAwIwMDEYMBYGA1UEAwwP |
| TWF0dGVyIFRlc3QgUEFBMRQwEgYKKwYBBAGConwCAQwERkZGMTAgFw0yMTA2Mjgx |
| NDIzNDNaGA85OTk5MTIzMTIzNTk1OVowRjEYMBYGA1UEAwwPTWF0dGVyIFRlc3Qg |
| UEFJMRQwEgYKKwYBBAGConwCAQwERkZGMTEUMBIGCisGAQQBgqJ8AgIMBDgwMDAw |
| WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA3fEbIo8+MfY7z1eY2hRiOuu96C7z |
| eO6tv7GP4avOMdCO1LIGBLbMxtm1+rZOfeEMt0vgF8nsFRYFbXDyzQsio2YwZDAS |
| BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUr0K3 |
| CU3r1RXsbs8zuBEVIl8yUogwHwYDVR0jBBgwFoAUav0idx9RH+y/FkGXZxDc3DGh |
| cX4wCgYIKoZIzj0EAwIDSAAwRQIhAJbJyM8uAYhgBdj1vHLAe3X9mldpWsSRETET |
| i+oDPOUDAiAlVJQ75X1T1sR199I+v8/CA2zSm6Y5PsfvrYcUq3GCGQ== |
| -----END CERTIFICATE----- |
| disabled: true |
| |
| - label: "TH extracts the public key from the DAC and saves as pk_1" |
| verification: | |
| To commission DUT2 to TH |
| |
| "sudo ./chip-all-clusters-app --wifi --discriminator 3844 |
| |
| TH side: |
| ./chip-tool pairing ble-wifi 1 zigbeehome matter123 20202021 3844 --trace_decode 1 |
| |
| [1650455358.501816][4366:4371] CHIP:TOO: Device commissioning completed with success" |
| |
| |
| Verify in TH log: |
| |
| ./chip-tool operationalcredentials certificate-chain-request 1 1 0 |
| [1657774717.721972][7956:7961] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1657774717.722019][7956:7961] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Command 0x0000_0003 |
| [1657774717.722135][7956:7961] CHIP:TOO: CertificateChainResponse: { |
| [1657774717.722181][7956:7961] CHIP:TOO: certificate: 308201E73082018EA003020102020869CDF10DE9E54ED1300A06082A8648CE3D040302303D3125302306035504030C1C4D6174746572204465762050414920307846464631206E6F2050494431143012060A2B0601040182A27C02010C04464646313020170D3232303230353030303030305A180F39393939313233313233353935395A30533125302306035504030C1C4D61747465722044657620444143203078464646312F30783830303131143012060A2B0601040182A27C02010C044646463131143012060A2B0601040182A27C02020C04383030313059301306072A8648CE3D020106082A8648CE3D03010703420004463AC69342910A0E5588FC6FF56BB63E62ECCECB148F7D4EB03EE552601415767D16A5C663F793E49123260B8297A7CD7E7CFC7B316B39D98E90D29377738E82A360305E300C0603551D130101FF04023000300E0603551D0F0101FF040403020780301D0603551D0E0416041488DDE7B300382932CFF734C04624810F44168A6F301F0603551D2304183016801463540E47F64B1C38D13884A462D16C195D8FFB3C300A06082A8648CE3D040302 |
| [1657774717.722269][7956:7961] CHIP:TOO: ...........: 034700304402200127A27B4B44610EE2FCDC4D2B7885563660BC0F76F17219ED6A08DFB2B3C1CD02206B59E0AF45F3EB2A85B919D35731528C6028C415239545E108E4E54E70971353 |
| [1657774717.722297][7956:7961] CHIP:TOO: } |
| |
| |
| |
| ./chip-tool operationalcredentials certificate-chain-request 2 1 0 |
| |
| [1657774756.281112][7964:7969] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1657774756.281164][7964:7969] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Command 0x0000_0003 |
| [1657774756.281236][7964:7969] CHIP:TOO: CertificateChainResponse: { |
| [1657774756.281289][7964:7969] CHIP:TOO: certificate: 308201CB30820171A003020102020856AD8222AD945B64300A06082A8648CE3D04030230303118301606035504030C0F4D617474657220546573742050414131143012060A2B0601040182A27C02010C04464646313020170D3232303230353030303030305A180F39393939313233313233353935395A303D3125302306035504030C1C4D6174746572204465762050414920307846464631206E6F2050494431143012060A2B0601040182A27C02010C04464646313059301306072A8648CE3D020106082A8648CE3D03010703420004419A9315C2173E0C8C876D03CCFC944852647F7FEC5E5082F4059928ECA894C594151309AC631E4CB03392AF684B0BAFB7E65B3B8162C2F52BF931B8E77AAA82A366306430120603551D130101FF040830060101FF020100300E0603551D0F0101FF040403020106301D0603551D0E0416041463540E47F64B1C38D13884A462D16C195D8FFB3C301F0603551D230418301680146AFD22771F511FECBF1641976710DCDC31A1717E300A06082A8648CE3D0403020348003045022100B2EF27F49AE9B50FB91EEAC94C4D0BDBB8D7929C6C |
| [1657774756.281357][7964:7969] CHIP:TOO: ...........: B88FACE529368D12054C0C0220655DC92B86BD909882A6C62177B825D7D05EDBE7C22F9FEA71220E7EA703F891 |
| [1657774756.281388][7964:7969] CHIP:TOO: } |
| |
| |
| During commissioning we will get PAI certificate, see in below log: |
| |
| [1659415376.883870][2666:2671] CHIP:CTL: Performing next commissioning step "SendPAICertificateRequest" |
| [1659415376.883925][2666:2671] CHIP:CTL: Sending request for PAI certificate |
| [1659415376.884015][2666:2671] CHIP:CTL: Sending Certificate Chain request to 0xffffa0000b60 device |
| [1659415376.884167][2666:2671] CHIP:DMG: ICR moving to [AddingComm] |
| [1659415376.884302][2666:2671] CHIP:DMG: ICR moving to [AddedComma] |
| [1659415376.884867][2666:2671] CHIP:IN: Prepared secure message 0xffffb37ec8d8 to 0xFFFFFFFB00000000 (0) of type 0x8 and protocolId (0, 1) on exchange 61632i with MessageCounter:72933899. |
| [1659415376.884965][2666:2671] CHIP:IN: Sending encrypted msg 0xffffb37ec8d8 with MessageCounter:72933899 to 0xFFFFFFFB00000000 (0) at monotonic time: 0000000000161D55 msec |
| [1659415376.885796][2666:2671] CHIP:DMG: >> to BLE | 72933899 | [Interaction Model (1) / InvokeCommandRequest (0x08) / Session = 384 / Exchange = 61632] |
| [1659415376.885890][2666:2671] CHIP:DMG: Header Flags = |
| [1659415376.885944][2666:2671] CHIP:DMG: { |
| [1659415376.886028][2666:2671] CHIP:DMG: Exchange (0x01) = |
| [1659415376.886081][2666:2671] CHIP:DMG: { |
| [1659415376.886154][2666:2671] CHIP:DMG: Initiator = true |
| [1659415376.886206][2666:2671] CHIP:DMG: } |
| [1659415376.886296][2666:2671] CHIP:DMG: } |
| [1659415376.886350][2666:2671] CHIP:DMG: |
| [1659415376.886438][2666:2671] CHIP:DMG: Encrypted Payload (62 bytes) = |
| [1659415376.886492][2666:2671] CHIP:DMG: { |
| [1659415376.886542][2666:2671] CHIP:DMG: data = 008001000be258046e751fb56b97dabcc7ee6b6611ede33a66461e188834bb1fe5b6332edb4a3896d32bce2eb59dee722e070c4426af77c82dfca14619bb |
| [1659415376.886616][2666:2671] CHIP:DMG: buffer_ptr = 281473366182720 |
| [1659415376.886666][2666:2671] CHIP:DMG: } |
| [1659415376.886714][2666:2671] CHIP:DMG: |
| [1659415376.886900][2666:2671] CHIP:DMG: InvokeRequestMessage = |
| [1659415376.886962][2666:2671] CHIP:DMG: { |
| [1659415376.887039][2666:2671] CHIP:DMG: suppressResponse = false, |
| [1659415376.887103][2666:2671] CHIP:DMG: timedRequest = false, |
| [1659415376.887162][2666:2671] CHIP:DMG: InvokeRequests = |
| [1659415376.887234][2666:2671] CHIP:DMG: [ |
| [1659415376.887312][2666:2671] CHIP:DMG: CommandDataIB = |
| [1659415376.887380][2666:2671] CHIP:DMG: { |
| [1659415376.887442][2666:2671] CHIP:DMG: CommandPathIB = |
| [1659415376.887538][2666:2671] CHIP:DMG: { |
| [1659415376.887633][2666:2671] CHIP:DMG: EndpointId = 0x0, |
| [1659415376.887874][2666:2671] CHIP:DMG: ClusterId = 0x3e, |
| [1659415376.888039][2666:2671] CHIP:DMG: CommandId = 0x2, |
| [1659415376.888125][2666:2671] CHIP:DMG: }, |
| [1659415376.888225][2666:2671] CHIP:DMG: |
| [1659415376.888289][2666:2671] CHIP:DMG: CommandFields = |
| [1659415376.888384][2666:2671] CHIP:DMG: { |
| [1659415376.888478][2666:2671] CHIP:DMG: 0x0 = 2, |
| [1659415376.888560][2666:2671] CHIP:DMG: }, |
| [1659415376.888655][2666:2671] CHIP:DMG: }, |
| [1659415376.888728][2666:2671] CHIP:DMG: |
| [1659415376.888806][2666:2671] CHIP:DMG: ], |
| [1659415376.888877][2666:2671] CHIP:DMG: |
| [1659415376.888955][2666:2671] CHIP:DMG: InteractionModelRevision = 1 |
| [1659415376.889012][2666:2671] CHIP:DMG: }, |
| [1659415376.889086][2666:2671] CHIP:DMG: |
| [1659415376.889368][2666:2671] CHIP:DMG: ICR moving to [CommandSen] |
| [1659415376.889523][2666:2671] CHIP:DMG: ICR moving to [AwaitingDe] |
| [1659415376.972895][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16387 |
| [1659415377.021227][2666:2669] CHIP:DL: Indication received, conn = 0xffffa803b9b0 |
| [1659415377.021488][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16389 |
| [1659415377.122119][2666:2669] CHIP:DL: Indication received, conn = 0xffffa803b9b0 |
| [1659415377.122505][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16389 |
| [1659415377.217641][2666:2669] CHIP:DL: Indication received, conn = 0xffffa803b9b0 |
| [1659415377.217905][2666:2671] CHIP:DL: HandlePlatformSpecificBLEEvent 16389 |
| [1659415377.219135][2666:2671] CHIP:DMG: << from BLE | 199585160 | [Interaction Model (1) / InvokeCommandResponse (0x09) / Session = 46479 / Exchange = 61632] |
| [1659415377.219238][2666:2671] CHIP:DMG: Header Flags = |
| [1659415377.219295][2666:2671] CHIP:DMG: { |
| [1659415377.219391][2666:2671] CHIP:DMG: } |
| [1659415377.219446][2666:2671] CHIP:DMG: |
| [1659415377.219518][2666:2671] CHIP:DMG: Encrypted Payload (527 bytes) = |
| [1659415377.219573][2666:2671] CHIP:DMG: { |
| [1659415377.219626][2666:2671] CHIP:DMG: data = 008fb500886de50b9dd1c80f8f48187dc9457d6066ed57c1f15550aefb6a675573c3fcff99cc266b26bdbd97c5ac460ff50e513fd8ef02f39294c2e79b507b0d7b6342caea806048b1c64804aae7bb9d4cdb04d4c7c4d345788e332256c05e7ea38eddd7693e4a39cdfe625688f0101cf16af6f5281049b25e47e6931b06c832d9a014a8248d7cfe31d8b75ebb7805b511293591caa108030939b43b951ad2a164692b051201f9c777e769b9632f05b94bc1990718ec3d2e0fa0161da28ec39bc51017c519e994e9fbbc68693e86ae9fa72618a5a0bc9a133e919bf61ca0805a90a09807c5c4b88329bd1d99149788c5464650dc3b7223e11f4d5a487c0b589453f725b035b543b0159801bee756dcd835832af45402931d73f4977371c90a3fd406905b278fefccf607e0699cac0b082d062b563f17d6e9438720a885f6b5d0dd035d652fd9b88790b1e79995030977f4423139eff3d2e36915065474ea1996705bd63b40395344e402c191e54c1c136c4daa31040ea09cc39c5804dd4203763d05e30d2cfd50ed84e12fd01ecf9c49a4bf7fe73c13416af1cc8bed4f5f2e8919f5724d698990115f97c08f43f9dd463883b53d09e6f888ac8a8d8ba91bd65b242ae049cccd4af6fdcfa402877ba10fb560008d07054deb1e9f1a39fd9110930e1e620fc64f999255a52f8064dc1c83fe6aa35de56c44850e932c82919c1f1af174afa75f3ef77c8b08fcace33883 |
| [1659415377.219729][2666:2671] CHIP:DMG: buffer_ptr = 281473366176768 |
| [1659415377.219780][2666:2671] CHIP:DMG: } |
| [1659415377.219830][2666:2671] CHIP:DMG: |
| [1659415377.220104][2666:2671] CHIP:DMG: DAC/PAI (463) = |
| [1659415377.220220][2666:2671] CHIP:DMG: { |
| -----BEGIN CERTIFICATE----- |
| MIIByzCCAXGgAwIBAgIIVq2CIq2UW2QwCgYIKoZIzj0EAwIwMDEYMBYGA1UEAwwP |
| TWF0dGVyIFRlc3QgUEFBMRQwEgYKKwYBBAGConwCAQwERkZGMTAgFw0yMjAyMDUw |
| MDAwMDBaGA85OTk5MTIzMTIzNTk1OVowPTElMCMGA1UEAwwcTWF0dGVyIERldiBQ |
| QUkgMHhGRkYxIG5vIFBJRDEUMBIGCisGAQQBgqJ8AgEMBEZGRjEwWTATBgcqhkjO |
| PQIBBggqhkjOPQMBBwNCAARBmpMVwhc+DIyHbQPM/JRIUmR/f+xeUIL0BZko7KiU |
| xZQVEwmsYx5MsDOSr2hLC6+35ls7gWLC9Sv5MbjneqqCo2YwZDASBgNVHRMBAf8E |
| CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUY1QOR/ZLHDjROISk |
| YtFsGV2P+zwwHwYDVR0jBBgwFoAUav0idx9RH+y/FkGXZxDc3DGhcX4wCgYIKoZI |
| zj0EAwIDSAAwRQIhALLvJ/Sa6bUPuR7qyUxNC9u415KcbLiPrOUpNo0SBUwMAiBl |
| Xckrhr2QmIKmxiF3uCXX0F7b58Ivn+pxIg5+pwP4kQ== |
| -----END CERTIFICATE----- |
| [1659415377.220439][2666:2671] CHIP:DMG: } |
| [1659415377.220490][2666:2671] CHIP:DMG: |
| [1659415377.220553][2666:2671] CHIP:DMG: |
| [1659415377.220635][2666:2671] CHIP:DMG: Additional Fields = |
| [1659415377.220689][2666:2671] CHIP:DMG: { |
| [1659415377.220748][2666:2671] CHIP:DMG: peer_address = BLE |
| [1659415377.220801][2666:2671] CHIP:DMG: } |
| [1659415377.220850][2666:2671] CHIP:DMG: |
| [1659415377.220914][2666:2671] CHIP:EM: Received message of type 0x9 with protocolId (0, 1) and MessageCounter:199585160 on exchange 61632i |
| [1659415377.220977][2666:2671] CHIP:EM: Found matching exchange: 61632i, Delegate: 0xffffa803c898 |
| [1659415377.221071][2666:2671] CHIP:DMG: ICR moving to [ResponseRe] |
| [1659415377.221162][2666:2671] CHIP:DMG: InvokeResponseMessage = |
| [1659415377.221222][2666:2671] CHIP:DMG: { |
| [1659415377.221279][2666:2671] CHIP:DMG: suppressResponse = false, |
| [1659415377.221339][2666:2671] CHIP:DMG: InvokeResponseIBs = |
| [1659415377.221413][2666:2671] CHIP:DMG: [ |
| [1659415377.221473][2666:2671] CHIP:DMG: InvokeResponseIB = |
| [1659415377.221551][2666:2671] CHIP:DMG: { |
| [1659415377.221615][2666:2671] CHIP:DMG: CommandDataIB = |
| [1659415377.221691][2666:2671] CHIP:DMG: { |
| [1659415377.221764][2666:2671] CHIP:DMG: CommandPathIB = |
| [1659415377.221855][2666:2671] CHIP:DMG: { |
| [1659415377.221949][2666:2671] CHIP:DMG: EndpointId = 0x0, |
| [1659415377.222037][2666:2671] CHIP:DMG: ClusterId = 0x3e, |
| [1659415377.222125][2666:2671] CHIP:DMG: CommandId = 0x3, |
| [1659415377.222216][2666:2671] CHIP:DMG: }, |
| [1659415377.222303][2666:2671] CHIP:DMG: |
| [1659415377.222377][2666:2671] CHIP:DMG: CommandFields = |
| [1659415377.222476][2666:2671] CHIP:DMG: { |
| [1659415377.222570][2666:2671] CHIP:DMG: 0x0 = [ |
| [1659415377.222896][2666:2671] CHIP:DMG: 0x30, 0x82, 0x1, 0xcb, 0x30, 0x82, 0x1, 0x71, 0xa0, 0x3, 0x2, 0x1, 0x2, 0x2, 0x8, 0x56, 0xad, 0x82, 0x22, 0xad, 0x94, 0x5b, 0x64, 0x30, 0xa, 0x6, 0x8, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x4, 0x3, 0x2, 0x30, 0x30, 0x31, 0x18, 0x30, 0x16, 0x6, 0x3, 0x55, 0x4, 0x3, 0xc, 0xf, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x50, 0x41, 0x41, 0x31, 0x14, 0x30, 0x12, 0x6, 0xa, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0xa2, 0x7c, 0x2, 0x1, 0xc, 0x4, 0x46, 0x46, 0x46, 0x31, 0x30, 0x20, 0x17, 0xd, 0x32, 0x32, 0x30, 0x32, 0x30, 0x35, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a, 0x18, 0xf, 0x39, 0x39, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5a, 0x30, 0x3d, 0x31, 0x25, 0x30, 0x23, 0x6, 0x3, 0x55, 0x4, 0x3, 0xc, 0x1c, 0x4d, 0x61, 0x74, 0x74, 0x65, 0x72, 0x20, 0x44, 0x65, 0x76, 0x20, 0x50, 0x41, 0x49, 0x20, 0x30, 0x78, 0x46, 0x46, 0x46, 0x31, 0x20, 0x6e, 0x6f, 0x20, 0x50, 0x49, 0x44, 0x31, 0x14, 0x30, 0x12, 0x6, 0xa, 0x2b, 0x6, 0x1, 0x4, 0x1, 0x82, 0xa2, 0x7c, 0x2, 0x1, 0xc, 0x4, 0x46, 0x46, 0x46, 0x31, 0x30, 0x59, 0x30, 0x13, 0x6, 0x7, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x2, 0x1, 0x6, 0x8, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x3, 0x1, 0x7, 0x3, 0x42, 0x0, 0x4, 0x41, 0x9a, 0x93, 0x15, 0xc2, 0x17, 0x3e, 0xc, 0x8c, 0x87, 0x6d, 0x3, 0xcc, 0xfc, 0x94, 0x48, 0x52, 0x64, 0x7f, 0x7f, 0xec, 0x5e, 0x50, 0x82, 0xf4, 0x5, 0x99, 0x28, 0xec, 0xa8, 0x94, 0xc5, 0x94, 0x15, 0x13, 0x9, 0xac, 0x63, 0x1e, 0x4c, 0xb0, 0x33, 0x92, 0xaf, 0x68, 0x4b, 0xb, 0xaf, 0xb7, 0xe6, 0x5b, 0x3b, 0x81, 0x62, 0xc2, 0xf5, 0x2b, 0xf9, 0x31, 0xb8, 0xe7, 0x7a, 0xaa, 0x82, 0xa3, 0x66, 0x30, 0x64, 0x30, 0x12, 0x6, 0x3, 0x55, 0x1d, 0x13, 0x1, 0x1, 0xff, 0x4, 0x8, 0x30, 0x6, 0x1, 0x1, 0xff, 0x2, 0x1, |
| [1659415377.223073][2666:2671] CHIP:DMG: ] (463 bytes) |
| [1659415377.223156][2666:2671] CHIP:DMG: }, |
| [1659415377.223230][2666:2671] CHIP:DMG: }, |
| [1659415377.223312][2666:2671] CHIP:DMG: |
| [1659415377.223374][2666:2671] CHIP:DMG: }, |
| [1659415377.223448][2666:2671] CHIP:DMG: |
| [1659415377.223505][2666:2671] CHIP:DMG: ], |
| [1659415377.223579][2666:2671] CHIP:DMG: |
| [1659415377.223637][2666:2671] CHIP:DMG: InteractionModelRevision = 1 |
| [1659415377.223694][2666:2671] CHIP:DMG: }, |
| [1659415377.223832][2666:2671] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1659415377.223908][2666:2671] CHIP:CTL: Received certificate chain from the device |
| [1659415377.224018][2666:2671] CHIP:CTL: Successfully finished commissioning step "SendPAICertificateRequest" |
| |
| |
| "1. Save the PAI value from commissioning log of TH in the file as below |
| vi pai_6.pem |
| |
| 2. Give the below command to extract the Authority key ID |
| openssl x509 -in pai_6.pem -text |
| |
| Below certificate has been extracted using the sample DUT, hence the Authority key ID is same as SDK"s test PAA |
| |
| grl@grl-ThinkPad-L480:~/jul14_2ndcntrl/connectedhomeip$ openssl x509 -in pai_6.pem -text |
| Certificate: |
| Data: |
| Version: 3 (0x2) |
| Serial Number: 4498223361705918669 (0x3e6ce6509ad840cd) |
| Signature Algorithm: ecdsa-with-SHA256 |
| Issuer: CN = Matter Test PAA, 1.3.6.1.4.1.37244.2.1 = FFF1 |
| Validity |
| Not Before: Jun 28 14:23:43 2021 GMT |
| Not After : Dec 31 23:59:59 9999 GMT |
| Subject: CN = Matter Test PAI, 1.3.6.1.4.1.37244.2.1 = FFF1, 1.3.6.1.4.1.37244.2.2 = 8000 |
| Subject Public Key Info: |
| Public Key Algorithm: id-ecPublicKey |
| Public-Key: (256 bit) |
| pub: |
| 04:80:dd:f1:1b:22:8f:3e:31:f6:3b:cf:57:98:da: |
| 14:62:3a:eb:bd:e8:2e:f3:78:ee:ad:bf:b1:8f:e1: |
| ab:ce:31:d0:8e:d4:b2:06:04:b6:cc:c6:d9:b5:fa: |
| b6:4e:7d:e1:0c:b7:4b:e0:17:c9:ec:15:16:05:6d: |
| 70:f2:cd:0b:22 |
| ASN1 OID: prime256v1 |
| NIST CURVE: P-256 |
| X509v3 extensions: |
| X509v3 Basic Constraints: critical |
| CA:TRUE, pathlen:0 |
| X509v3 Key Usage: critical |
| Certificate Sign, CRL Sign |
| X509v3 Subject Key Identifier: |
| AF:42:B7:09:4D:EB:D5:15:EC:6E:CF:33:B8:11:15:22:5F:32:52:88 |
| X509v3 Authority Key Identifier: |
| keyid:6A:FD:22:77:1F:51:1F:EC:BF:16:41:97:67:10:DC:DC:31:A1:71:7E |
| |
| Signature Algorithm: ecdsa-with-SHA256 |
| 30:45:02:21:00:96:c9:c8:cf:2e:01:88:60:05:d8:f5:bc:72: |
| c0:7b:75:fd:9a:57:69:5a:c4:91:11:31:13:8b:ea:03:3c:e5: |
| 03:02:20:25:54:94:3b:e5:7d:53:d6:c4:75:f7:d2:3e:bf:cf: |
| c2:03:6c:d2:9b:a6:39:3e:c7:ef:ad:87:14:ab:71:82:19 |
| -----BEGIN CERTIFICATE----- |
| MIIB1DCCAXqgAwIBAgIIPmzmUJrYQM0wCgYIKoZIzj0EAwIwMDEYMBYGA1UEAwwP |
| TWF0dGVyIFRlc3QgUEFBMRQwEgYKKwYBBAGConwCAQwERkZGMTAgFw0yMTA2Mjgx |
| NDIzNDNaGA85OTk5MTIzMTIzNTk1OVowRjEYMBYGA1UEAwwPTWF0dGVyIFRlc3Qg |
| UEFJMRQwEgYKKwYBBAGConwCAQwERkZGMTEUMBIGCisGAQQBgqJ8AgIMBDgwMDAw |
| WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA3fEbIo8+MfY7z1eY2hRiOuu96C7z |
| eO6tv7GP4avOMdCO1LIGBLbMxtm1+rZOfeEMt0vgF8nsFRYFbXDyzQsio2YwZDAS |
| BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUr0K3 |
| CU3r1RXsbs8zuBEVIl8yUogwHwYDVR0jBBgwFoAUav0idx9RH+y/FkGXZxDc3DGh |
| cX4wCgYIKoZIzj0EAwIDSAAwRQIhAJbJyM8uAYhgBdj1vHLAe3X9mldpWsSRETET |
| i+oDPOUDAiAlVJQ75X1T1sR199I+v8/CA2zSm6Y5PsfvrYcUq3GCGQ== |
| -----END CERTIFICATE----- |
| disabled: true |
| |
| - label: |
| "Repeat Step 1 to 4 with DUT2, saving the PAI, DAC and public key as |
| pk_2" |
| verification: | |
| verification step to be updated. |
| disabled: true |