Google Git
Sign in
pigweed / third_party / github / project-chip / connectedhomeip / HEAD / . / src / app / tests / suites / certification / Test_TC_OPCREDS_3_7.yaml
blob: f6751e03c3e283d04194222bcc08a356ecccf460 [file] [log] [blame]
# Copyright (c) 2023 Project CHIP Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: 15.2.6. [TC-OPCREDS-3.7] Add Second Fabric over CASE [DUT-Server]
PICS:
- OPCREDS.S
config:
nodeId: 0x12344321
cluster: "Operational Credentials"
endpoint: 0
tests:
- label: "Precondition"
verification: |
TH1 and TH2 are 2 clients that trust each other
disabled: true
- label: "Wait for the alpha device to be retrieved"
cluster: "DelayCommands"
command: "WaitForCommissionee"
arguments:
values:
- name: "nodeId"
value: nodeId
- label:
"Step 1: Factory Reset DUT (to ensure NOC list is empty at the
beginning of the following steps)"
# verification: ""
# Disabling this step, because the test starts with a DUT device that has just been commissioned by the TH1 commissioner
disabled: true
- label:
"Step 2: Start the commissioning process of DUT by TH1 on the first
Fabric."
# PICS: ""
# verification: "Verify that TH1 successfully completes commissioning, including establishing a CASE session on the operational network and issuing a CommissioningComplete command."
# Disabling this step, because the test starts with a DUT device that has just been commissioned by the TH1 commissioner
disabled: true
- label:
"Step 3.1: Save the FabricIndex for TH1 as TH1_Fabric_Index for future
use."
identity: "alpha"
command: "readAttribute"
cluster: "Operational Credentials"
attribute: "CurrentFabricIndex"
response:
saveAs: TH1_Fabric_Index
- label:
"Step 3.2: TH1 does a non-fabric-filtered read of the Fabrics
attribute from the Node Operational Credentials cluster. Save the
FabricIndex for TH1 as TH1_Fabric_Index for future use."
identity: "alpha"
command: "readAttribute"
cluster: "Operational Credentials"
attribute: "Fabrics"
fabricFiltered: false
response:
value: [{ "FabricIndex": TH1_Fabric_Index, "Label": "" }]
constraints:
type: list
# verification: "Verify that there is a single entry in the list and the FabricIndex for that entry matches TH1_Fabric_Index."
- label:
"Step 4: TH1 sends ArmFailSafe command to the DUT with the
ExpiryLengthSeconds field set to 60 seconds"
identity: "alpha"
cluster: "General Commissioning"
command: "ArmFailSafe"
arguments:
values:
- name: "ExpiryLengthSeconds"
value: 60
- name: "Breadcrumb"
value: 0
response:
values:
- name: "ErrorCode"
value: 0 # OK
# verification: "Verify that the DUT sends ArmFailSafeResponse command to TH1 with field ErrorCode as OK(0)"
- label: "Step 5: TH1 Sends CSRRequest command with a random 32-byte nonce."
identity: "alpha"
command: "CSRRequest"
cluster: "Operational Credentials"
arguments:
values:
- name: CSRNonce
value: "\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07"
response:
values:
- name: "NOCSRElements"
saveAs: NOCSRElements
- name: "AttestationSignature"
saveAs: attestationSignature
# verification: "Step 5: Verify that the DUT responds with the CSRResponse command."
- label:
"Step 6.1: Read the commissioner root certificate from TH2's fabric.
Save RCAC as Root_CA_Certificate_TH2"
identity: "beta"
cluster: "CommissionerCommands"
command: "GetCommissionerRootCertificate"
response:
values:
- name: "RCAC"
saveAs: Root_CA_Certificate_TH2
# verification: ""
- label:
"Step 6.2: TH2 generates the NOC, the Root CA Certificate and ICAC
using the CSR elements from Step 5 and selects an IPK, all for use by
TH2. Save ICAC as Intermediate_Certificate_TH2. Save NOC as
Node_Operational_Certificate_TH2. Save IPK as IPK_TH2. Extract the
RCAC public key and save as Root_Public_Key_TH2."
identity: "beta"
cluster: "CommissionerCommands"
command: "IssueNocChain"
arguments:
values:
- name: "Elements"
value: NOCSRElements
- name: "nodeId"
value: 0x43211234
response:
values:
- name: "NOC"
saveAs: Node_Operational_Certificate_TH2
- name: "ICAC"
saveAs: Intermediate_Certificate_TH2
- name: "IPK"
saveAs: IPK_TH2
# verification: ""
- label: "Step 7.1: Read the commissioner node ID from TH2"
identity: "beta"
cluster: "CommissionerCommands"
command: "GetCommissionerNodeId"
response:
values:
- name: "nodeId"
saveAs: Commissioner_Node_Id_TH2
# verification: ""
- label:
"Step 7.2: TH1 sends AddTrustedRootCertificate command to DUT with
RootCACertificate set to Root_CA_Certificate_TH2"
identity: "alpha"
command: "AddTrustedRootCertificate"
cluster: "Operational Credentials"
arguments:
values:
- name: "RootCACertificate"
value: Root_CA_Certificate_TH2
# verification: "Verify that AddTrustedRootCertificate command succeeds by sending the status code as SUCCESS"
- label:
"Step 8: TH1 sends the AddNOC command to DUT with the following
fields: NOCValue as Node_Operational_Certificate_TH2. ICACValue as
Intermediate_Certificate_TH2. IpkValue as IPK_TH2. CaseAdminSubject as
the NodeID of TH2. AdminVendorId as the Vendor ID of TH2."
identity: "alpha"
command: "AddNOC"
cluster: "Operational Credentials"
arguments:
values:
- name: "NOCValue"
value: Node_Operational_Certificate_TH2
- name: "ICACValue"
value: Intermediate_Certificate_TH2
- name: "IPKValue"
value: IPK_TH2
- name: "CaseAdminSubject"
value: Commissioner_Node_Id_TH2
- name: "AdminVendorId"
value: 0xFFF1
response:
values:
- name: "StatusCode"
value: 0
# verification: "Verify that DUT responds with NOCResponse with status code OK"
- label: "Step 9: TH2 starts discovery of DUT using Operational Discovery"
# verification: ""
# Disabling this step as this occurs from the AddNOC command being run
disabled: true
- label:
"Step 10: TH2 opens a CASE session with DUT over operational network."
identity: "beta"
cluster: "DelayCommands"
command: "WaitForCommissionee"
arguments:
values:
- name: "nodeId"
value: 0x43211234
# verification: "DUT is able to open the CASE session with TH2"
- label: "Step 11: TH2 sends CommissioningComplete command"
nodeId: 0x43211234
identity: "beta"
cluster: "General Commissioning"
command: "CommissioningComplete"
response:
values:
- name: "ErrorCode"
value: 0 # SUCCESS
# verification: "DUT respond with SUCCESS at CommissioningComplete command sent by TH2"
- label:
"Step 12: TH2 reads the Current Fabric Index attribute from the Node
Operational Credentials cluster. Save the FabricIndex for TH2 as
TH2_Fabric_Index."
identity: "beta"
nodeId: 0x43211234
command: "readAttribute"
cluster: "Operational Credentials"
attribute: "CurrentFabricIndex"
response:
saveAs: TH2_Fabric_Index
# verification: ""
- label:
"Step 13: TH2 does a non-fabric-filtered read of the Fabrics attribute
from the Node Operational Credentials cluster"
identity: "beta"
nodeId: 0x43211234
command: "readAttribute"
cluster: "Operational Credentials"
attribute: "Fabrics"
fabricFiltered: false
response:
value:
[
{ "FabricIndex": TH1_Fabric_Index, "Label": "" },
{ "FabricIndex": TH2_Fabric_Index, "Label": "" },
]
constraints:
type: list
# verification: "Verify that there are 2 entries in the list where one entry matches TH1_Fabric_Index and the other matches TH2_Fabric_Index."
- label:
"Step 14: TH1 sends RemoveFabric command to DUT with the FabricIndex
field set to TH2_Fabric_Index."
identity: "alpha"
command: "RemoveFabric"
cluster: "Operational Credentials"
arguments:
values:
- name: "FabricIndex"
value: TH2_Fabric_Index
response:
values:
- name: "StatusCode"
value: 0
# verification: "Verify that DUT sends NOCResponse command with status code OK"