| # |
| # Copyright (c) 2024-2025 Project CHIP Authors |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # |
| |
| if CHIP |
| |
| config CHIP_FACTORY_DATA |
| bool "Factory data provider" |
| help |
| Enables the default NXP factory data provider implementation that |
| supports reading the factory data encoded in the KLV format from the |
| flash memory partition. This option requires a fixed partition named |
| "factory_partition" declared on the device tree. Factory data partition |
| can be generated during build process, see CHIP_FACTORY_DATA_BUILD Kconfig. |
| |
| config CHIP_FACTORY_DATA_CUSTOM_BACKEND |
| bool "Custom factory data provider" |
| depends on !CHIP_FACTORY_DATA |
| help |
| Enables user's custom factory data provider implementation. This option |
| cannot be used with the CHIP_FACTORY_DATA, which enables the default NXP |
| factory data provider implementation. |
| |
| config CHIP_FACTORY_DATA_BUILD |
| bool "Generate factory data contents" |
| imply CHIP_FACTORY_DATA |
| help |
| Enables generation of the factory data contents during the building. This |
| option requires a fixed partition named "factory_partition" declared on the |
| device tree. |
| |
| config CHIP_FACTORY_DATA_VERSION |
| int |
| default 1 |
| help |
| Provides the version of the generated factory data parameter set. This is |
| a hidden configuration option that the user cannot change. You can use |
| this value in the factory data provider implementation to verify that the |
| factory data saved in the flash memory has the expected version. |
| |
| config CHIP_FACTORY_DATA_ROTATING_DEVICE_UID_MAX_LEN |
| int "Maximum length of rotating device ID unique ID in bytes" |
| default 16 |
| depends on CHIP_FACTORY_DATA |
| help |
| Maximum acceptable length of rotating device ID unique ID in bytes. |
| |
| config CHIP_DEVICE_USE_TEST_PAIRING_CODE |
| string "Use a default pairing code" |
| default "CHIPUS" |
| depends on !CHIP_PLAT_LOAD_REAL_FACTORY_DATA |
| help |
| Use a default pairing code if one hasn't been provisioned in flash. |
| (Macro value is in quotes.) |
| |
| if CHIP_FACTORY_DATA |
| |
| config CHIP_ENCRYPTED_FACTORY_DATA_AES128_KEY |
| string "AES128 key used to encrypt factory data." |
| default "2B7E151628AED2A6ABF7158809CF4F3C" |
| help |
| AES128 key used to encrypt factory data. |
| (Macro value is in quotes.) |
| |
| config CHIP_ENCRYPTED_FACTORY_DATA |
| bool "Encrypt factory data with AES128 ECB." |
| default y |
| help |
| If enabled, the factory data partition will be encrypted with AES128 ECB. |
| |
| config CHIP_DEVICE_PRODUCT_URL |
| string "Product URL" |
| help |
| Provides the URL to the product page. The URL is exposed as an attribute |
| of the Basic Information cluster. |
| (Macro value is in quotes.) |
| |
| config CHIP_DEVICE_PRODUCT_LABEL |
| string "Product label" |
| help |
| Provides the product label. The label is exposed as an attribute |
| of the Basic Information cluster. |
| (Macro value is in quotes.) |
| |
| config CHIP_DEVICE_PART_NUMBER |
| string "Part number" |
| help |
| Provides the part number. The part number is exposed as an attribute |
| of the Basic Information cluster. |
| (Macro value is in quotes.) |
| |
| config CHIP_PLAT_LOAD_REAL_FACTORY_DATA |
| bool "Load real factory data" |
| help |
| Allows to load the factory data provisioned in flash. |
| |
| config CHIP_ENABLE_EL2GO_FACTORY_DATA |
| bool "Secure DAC private key storage using El2Go provisioning" |
| help |
| Enable DAC private key storage using El2Go provisioning. |
| |
| config CHIP_ENABLE_SECURE_WHOLE_FACTORY_DATA |
| bool "Secure whole factory data" |
| help |
| This mode allows to protect the matter factory dataset with a AES key protected in the secure element. |
| |
| config CHIP_FACTORY_DATA_PROVIDER_CUSTOM_SINGLETON_IMPL |
| bool "Custom factory data provider singleton implementation" |
| default y if CHIP_SE05X_SPAKE_VERIFIER_USE_TP_VALUES || CHIP_SE05X_DEVICE_ATTESTATION |
| help |
| Allows to use a custom factory data provider singleton implementation. |
| If enabled, the user must define a custom singleton implementation. |
| Such feature is useful when an application needs to customize the factory data provider behavior. |
| The application can provide its own singleton, for example by creating |
| a class that inherits from FactoryDataProviderImpl and overrides only the methods that need customization. |
| |
| endif |
| |
| if CHIP_FACTORY_DATA_BUILD |
| |
| # Factory data definitions |
| config CHIP_FACTORY_DATA_GENERATE_ONBOARDING_CODES |
| bool "Generate onboarding codes during the generation of a factory data set" |
| help |
| Enables generation of onboarding codes (manual pairing code and QR code) |
| during the generation of a factory data set. You can provide the |
| onboarding codes a Matter controller to commission a device to a Matter |
| network. |
| |
| # Select source of the certificates |
| choice CHIP_FACTORY_DATA_CERT_SOURCE |
| prompt "Attestation certificate file source" |
| default CHIP_FACTORY_DATA_USE_DEFAULT_CERTS |
| |
| config CHIP_FACTORY_DATA_USE_DEFAULT_CERTS |
| bool "Use pre-generated development certificates" |
| help |
| Uses pre-generated certificate files from the |
| credentials/development/attestation/ directory that match the |
| configured Product ID. This can be used for development purpose. |
| |
| config CHIP_FACTORY_DATA_CERT_SOURCE_GENERATED |
| bool "Auto-generate certificates" |
| help |
| Generates new certificates instead of using pre-generated ones. The |
| certificates are generated on every build. |
| |
| config CHIP_FACTORY_DATA_CERT_SOURCE_USER |
| bool "Use user-provided certificate files" |
| help |
| Uses user-provided certificate files. The user needs to specify the |
| absolute paths to all necessary files. |
| |
| endchoice |
| |
| if CHIP_FACTORY_DATA_CERT_SOURCE_USER |
| |
| config CHIP_FACTORY_DATA_USER_CERTS_CD_CERT |
| string "Path to the CD certificate (DER format)" |
| help |
| Provides the absolute path to the CD certificate file in the DER format. |
| |
| config CHIP_FACTORY_DATA_USER_CERTS_DAC_CERT |
| string "Path to the DAC certificate (DER format)" |
| help |
| Provides the absolute path to the DAC certificate file in the DER format. |
| |
| config CHIP_FACTORY_DATA_USER_CERTS_DAC_KEY |
| string "Path to the DAC private key (DER format)" |
| help |
| Provides the absolute path to the DAC keypair file in the DER format. Both |
| public and private keys must be present (the private key will be extracted |
| automatically). |
| |
| config CHIP_FACTORY_DATA_USER_CERTS_PAI_CERT |
| string "Path to the PAI certificate (DER format)" |
| help |
| Provides the absolute path to the PAI certificate in the DER format. |
| endif |
| |
| # Configs for SPAKE2+ generation |
| config CHIP_FACTORY_DATA_GENERATE_SPAKE2_VERIFIER |
| bool "Generate SPAKE2+ verifier" |
| help |
| Enables the generation of the SPAKE2+ verifier for the configured SPAKE2+ |
| passcode, iteration count and salt. |
| |
| config CHIP_DEVICE_GENERATE_ROTATING_DEVICE_UID |
| bool "Generate Rotating device ID unique ID" |
| default y |
| help |
| Enables the generation of a random Rotating device ID unique ID. |
| |
| endif #CHIP_FACTORY_DATA_BUILD |
| |
| endif # CHIP |
