| # Copyright (c) 2021 Project CHIP Authors |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| # Auto-generated scripts for harness use only, please review before automation. The endpoints and cluster names are currently set to default |
| |
| name: 4.1.5. [TC-DA-1.5] NOCSR Procedure Validation [DUT - Commissionee] |
| |
| PICS: |
| - MCORE.ROLE.COMMISSIONEE |
| |
| config: |
| nodeId: 0x12344321 |
| cluster: "Basic Information" |
| endpoint: 0 |
| |
| tests: |
| - label: "TH1 fully commissions the DUT" |
| verification: | |
| sudo ./chip-all-clusters-app --wifi --trace_decode 1 |
| |
| Verify in TH log: |
| ./chip-tool pairing ble-wifi 1 zigbeehome matter123 20202021 3841 --trace_decode 1 |
| |
| [1650455358.501816][4366:4371] CHIP:TOO: Device commissioning completed with success |
| disabled: true |
| |
| - label: |
| "TH1 establishes a CASE session to the DUT and saves the attestation |
| challenge as attestation_challenge" |
| verification: | |
| Verify case session is established on TH(chip-tool) log: |
| |
| [1657081321.112631][2354:2359] CHIP:CTL: Operational credentials provisioned on device 0xffff68000b60 |
| [1657081321.112706][2354:2359] CHIP:TOO: Secure Pairing Success |
| [1657081321.112756][2354:2359] CHIP:TOO: CASE establishment successful |
| disabled: true |
| |
| - label: |
| "TH1 sends a CertificateChainRequest command with the CertificateType |
| field set to DACCertificate." |
| verification: | |
| ./chip-tool operationalcredentials certificate-chain-request 1 1 0 |
| |
| Verify CertificateChainResponse on TH(chip-tool) log: |
| |
| [1658393690.991117][3329:3334] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0003 |
| [1658393690.991168][3329:3334] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Command 0x0000_0003 |
| [1658393690.991226][3329:3334] CHIP:TOO: CertificateChainResponse: { |
| [1658393690.991273][3329:3334] CHIP:TOO: certificate: 308201E73082018EA003020102020869CDF10DE9E54ED1300A06082A8648CE3D040302303D3125302306035504030C1C4D6174746572204465762050414920307846464631206E6F2050494431143012060A2B0601040182A27C02010C04464646313020170D3232303230353030303030305A180F39393939313233313233353935395A30533125302306035504030C1C4D61747465722044657620444143203078464646312F30783830303131143012060A2B0601040182A27C02010C044646463131143012060A2B0601040182A27C02020C04383030313059301306072A8648CE3D020106082A8648CE3D03010703420004463AC69342910A0E5588FC6FF56BB63E62ECCECB148F7D4EB03EE552601415767D16A5C663F793E49123260B8297A7CD7E7CFC7B316B39D98E90D29377738E82A360305E300C0603551D130101FF04023000300E0603551D0F0101FF040403020780301D0603551D0E0416041488DDE7B300382932CFF734C04624810F44168A6F301F0603551D2304183016801463540E47F64B1C38D13884A462D16C195D8FFB3C300A06082A8648CE3D040302 |
| [1658393690.991320][3329:3334] CHIP:TOO: ...........: 034700304402200127A27B4B44610EE2FCDC4D2B7885563660BC0F76F17219ED6A08DFB2B3C1CD02206B59E0AF45F3EB2A85B919D35731528C6028C415239545E108E4E54E70971353 |
| [1658393690.991346][3329:3334] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH1 sends an ArmFailSafe command to the General Commissioning cluster |
| with the ExpiryLengthSeconds field set to 900" |
| verification: | |
| ./chip-tool generalcommissioning arm-fail-safe 900 0 1 0 |
| |
| Verify ArmFailSafeResponse on TH(chip-tool) log : |
| [1658393763.804225][3345:3350] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_0030 Command=0x0000_0001 |
| [1658393763.804288][3345:3350] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_0030 Command 0x0000_0001 |
| [1658393763.804376][3345:3350] CHIP:TOO: ArmFailSafeResponse: { |
| [1658393763.804424][3345:3350] CHIP:TOO: errorCode: 0 |
| [1658393763.804459][3345:3350] CHIP:TOO: debugText: |
| [1658393763.804491][3345:3350] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH1 sends a CSRRequest command to the Node Operational Credentials |
| cluster with the CSRNonce set to a random 32-bit value. The nonce is |
| saved as csr_nonce" |
| verification: | |
| To get csr nonce give below command 2 times |
| echo hex:$(hexdump -vn32 -e"4/4 "%08X" " /dev/urandom) |
| |
| ./chip-tool operationalcredentials csrrequest hex:AFB3070A828B7A9CABEE888688F867683C084E6E4B3F13CDEDF17EEF05A9F352 1 0 |
| |
| Verify CSRResponse on TH(chip-tool) log: |
| [1658393935.238621][3359:3364] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_003E Command=0x0000_0005 |
| [1658393935.238726][3359:3364] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Command 0x0000_0005 |
| [1658393935.238839][3359:3364] CHIP:TOO: CSRResponse: { |
| [1658393935.238934][3359:3364] CHIP:TOO: NOCSRElements: 153001CA3081C73070020100300E310C300A060355040A0C034353523059301306072A8648CE3D020106082A8648CE3D030107034200042FBE8D29DDEE1E3D50CD0FA26973E48139D926BA24935135D74754C253B5EE3BC8BBD5A573A1739D165B610A76E3B96ADE73077525DC5CE82D943149D993D778A000300A06082A8648CE3D040302034700304402207D15FC74935F08AD5CCB0FDBE6EF65DC82442F798643704B2E351929CB454C1302204EF3EC9727829DBDDFDF9F54D3004257C1823F02BAD7D1D792BE94929BA27068300220AFB3070A828B7A9CABEE888688F867683C084E6E4B3F13CDEDF17EEF05A9F35218 |
| [1658393935.239019][3359:3364] CHIP:TOO: attestationSignature: DE28DAD8ED0056DAD966A2E0EB53C5117E842380B64EF627F14FCE02C31022DDCBA0C5179BB1E2C65FF7FB2CDA4C0F9568D713B433F050E7E4A3AA5BEEBA5C5D |
| [1658393935.239079][3359:3364] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH1 extracts extracts the TLV-encoded nocsr_elements_message from |
| nocsr_elements and saves the following fields: csr is saved as csr |
| CSRNonce is saved as csr_nonce_returned if present, vendor_reserved |
| fields are saved as vendor1, vendor2 and vendor3" |
| verification: | |
| disabled: true |
| |
| - label: |
| "TH1 creates nocsr_tbs = nosr_elements_message || |
| attestation_challenge" |
| verification: | |
| |
| disabled: true |
| |
| - label: |
| "if vendor_reserved fields are present in the noscr_elements_message, |
| TH1 verifies that attestation_challenge does not appear in any of the |
| vendor fields" |
| verification: | |
| |
| disabled: true |
| |
| - label: |
| "TH1 sends an ArmFailSafe command to the General Commissioning cluster |
| with the ExpiryLengthSeconds field set to 0" |
| verification: | |
| ./chip-tool generalcommissioning arm-fail-safe 0 0 1 0 |
| |
| Verify ArmFailSafeResponse on TH(chip-tool) log : |
| |
| [1658394142.961248][3378:3383] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_0030 Command=0x0000_0001 |
| [1658394142.961297][3378:3383] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_0030 Command 0x0000_0001 |
| [1658394142.961363][3378:3383] CHIP:TOO: ArmFailSafeResponse: { |
| [1658394142.961401][3378:3383] CHIP:TOO: errorCode: 0 |
| [1658394142.961427][3378:3383] CHIP:TOO: debugText: |
| [1658394142.961451][3378:3383] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH1 sends an ArmFailSafe command to the General Commissioning cluster |
| with the ExpiryLengthSeconds field set to 900" |
| verification: | |
| ./chip-tool generalcommissioning arm-fail-safe 900 0 1 0 |
| |
| Verify ArmFailSafeResponse on TH(chip-tool) log : |
| |
| [1658393763.804225][3345:3350] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_0030 Command=0x0000_0001 |
| [1658393763.804288][3345:3350] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_0030 Command 0x0000_0001 |
| [1658393763.804376][3345:3350] CHIP:TOO: ArmFailSafeResponse: { |
| [1658393763.804424][3345:3350] CHIP:TOO: errorCode: 0 |
| [1658393763.804459][3345:3350] CHIP:TOO: debugText: |
| [1658393763.804491][3345:3350] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH1 sends a CSRRequest command to the Node Operational Credentials |
| cluster with the CSRNonce set to a random 31-bit value." |
| verification: | |
| ./chip-tool operationalcredentials csrrequest hex:AFB3070A828B7A9CABEE888688F867683C084E6E4B3F13CDEDF17EEF05A9 1 0 |
| |
| Verify General error INVALID_COMMAND in TH(chip-tool) log: |
| [1658394196.798739][3387:3392] CHIP:EM: Removed CHIP MessageCounter:192677922 from RetransTable on exchange 13029i |
| [1658394196.798787][3387:3392] CHIP:DMG: ICR moving to [ResponseRe] |
| [1658394196.798859][3387:3392] CHIP:DMG: InvokeResponseMessage = |
| [1658394196.798899][3387:3392] CHIP:DMG: { |
| [1658394196.798939][3387:3392] CHIP:DMG: suppressResponse = false, |
| [1658394196.798980][3387:3392] CHIP:DMG: InvokeResponseIBs = |
| [1658394196.799031][3387:3392] CHIP:DMG: [ |
| [1658394196.799071][3387:3392] CHIP:DMG: InvokeResponseIB = |
| [1658394196.799123][3387:3392] CHIP:DMG: { |
| [1658394196.799166][3387:3392] CHIP:DMG: CommandStatusIB = |
| [1658394196.799220][3387:3392] CHIP:DMG: { |
| [1658394196.799269][3387:3392] CHIP:DMG: CommandPathIB = |
| [1658394196.799324][3387:3392] CHIP:DMG: { |
| [1658394196.799378][3387:3392] CHIP:DMG: EndpointId = 0x0, |
| [1658394196.799436][3387:3392] CHIP:DMG: ClusterId = 0x3e, |
| [1658394196.799487][3387:3392] CHIP:DMG: CommandId = 0x4, |
| [1658394196.799540][3387:3392] CHIP:DMG: }, |
| [1658394196.799597][3387:3392] CHIP:DMG: |
| [1658394196.799646][3387:3392] CHIP:DMG: StatusIB = |
| [1658394196.799705][3387:3392] CHIP:DMG: { |
| [1658394196.799760][3387:3392] CHIP:DMG: status = 0x85 (INVALID_COMMAND), |
| [1658394196.799809][3387:3392] CHIP:DMG: }, |
| [1658394196.799863][3387:3392] CHIP:DMG: |
| [1658394196.799907][3387:3392] CHIP:DMG: }, |
| [1658394196.799962][3387:3392] CHIP:DMG: |
| [1658394196.800003][3387:3392] CHIP:DMG: }, |
| [1658394196.800048][3387:3392] CHIP:DMG: |
| [1658394196.800089][3387:3392] CHIP:DMG: ], |
| [1658394196.800138][3387:3392] CHIP:DMG: |
| [1658394196.800179][3387:3392] CHIP:DMG: InteractionModelRevision = 1 |
| [1658394196.800218][3387:3392] CHIP:DMG: }, |
| [1658394196.800310][3387:3392] CHIP:DMG: Received Command Response Status for Endpoint=0 Cluster=0x0000_003E Command=0x0000_0004 Status=0x85 |
| [1658394196.800362][3387:3392] CHIP:TOO: Error: IM Error 0x00000585: General error: 0x85 (INVALID_COMMAND) |
| disabled: true |
| |
| - label: |
| "TH1 sends an ArmFailSafe command to the General Commissioning cluster |
| with the ExpiryLengthSeconds field set to 0" |
| verification: | |
| ./chip-tool generalcommissioning arm-fail-safe 0 0 1 0 |
| |
| Verify ArmFailSafeResponse in TH(chip-tool) log : |
| |
| [1658394142.961248][3378:3383] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_0030 Command=0x0000_0001 |
| [1658394142.961297][3378:3383] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_0030 Command 0x0000_0001 |
| [1658394142.961363][3378:3383] CHIP:TOO: ArmFailSafeResponse: { |
| [1658394142.961401][3378:3383] CHIP:TOO: errorCode: 0 |
| [1658394142.961427][3378:3383] CHIP:TOO: debugText: |
| [1658394142.961451][3378:3383] CHIP:TOO: } |
| disabled: true |
| |
| - label: |
| "TH1 sends the OpenCommissioningWindow command to the Administrator |
| Commissioning Cluster" |
| verification: | |
| ./chip-tool pairing open-commissioning-window 1 1 400 2000 3840 |
| |
| Verify manual pairing code on TH(chip-tool) log |
| |
| [1658394279.082812][3401:3407] CHIP:DMG: Received Command Response Status for Endpoint=0 Cluster=0x0000_003C Command=0x0000_0000 Status=0x0 |
| [1658394279.082900][3401:3407] CHIP:CTL: Successfully opened pairing window on the device |
| [1658394279.083050][3401:3407] CHIP:CTL: Manual pairing code: [34941319897] |
| [1658394279.083123][3401:3407] CHIP:CTL: SetupQRCode: [MT:-24J0AFN0046C346Q00] |
| disabled: true |
| |
| - label: "TH2 fully commissions the DUT" |
| verification: | |
| ./chip-tool pairing code 2 34941319897 --trace_decode 1 --commissioner-name beta |
| |
| Verify TH2 is commissioned successfully on TH2(chip-tool) log: |
| [1658394409.242162][2474:2479] CHIP:DMG: Received Command Response Data, Endpoint=0 Cluster=0x0000_0030 Command=0x0000_0005 |
| [1658394409.242204][2474:2479] CHIP:CTL: Received CommissioningComplete response, errorCode=0 |
| [1658394409.242237][2474:2479] CHIP:CTL: Successfully finished commissioning step "SendComplete" |
| [1658394409.242256][2474:2479] CHIP:CTL: Commissioning stage next step: "SendComplete" -> "Cleanup" |
| [1658394409.242284][2474:2479] CHIP:CTL: Performing next commissioning step "Cleanup" |
| [1658394409.242352][2474:2479] CHIP:CTL: Successfully finished commissioning step "Cleanup" |
| [1658394409.242379][2474:2479] CHIP:TOO: Device commissioning completed with success |
| disabled: true |
| |
| - label: |
| "TH2 reads the NOCs attribute from the Node Operational Credentials |
| cluster using a non-fabric-scoped read" |
| verification: | |
| ./chip-tool operationalcredentials read nocs 2 0 --commissioner-name beta |
| |
| Verify that there are two element in the list on TH2(chip-tool) log: |
| [1658394451.122862][2491:2496] CHIP:TOO: Endpoint: 0 Cluster: 0x0000_003E Attribute 0x0000_0000 DataVersion: 1660110007 |
| [1658394451.126674][2491:2496] CHIP:TOO: NOCs: 1 entries |
| [1658394451.126806][2491:2496] CHIP:TOO: [1]: { |
| [1658394451.126866][2491:2496] CHIP:TOO: Noc: 1530010101240201370324130118260480228127260580254D3A370624150124110218240701240801300941044E83053B651DE61CBF12BF9985EB9F08B6027267330A99B0C6D4908BFA69B64EE6FDCF58099E1A9A7CF1F3F78E9819B0A37DD7FA0EC681A3F0185A6963C8F440370A3501280118240201360304020401183004142FA4D652AF0AE10C2524F9B8135789067AB12C0530051471CD75125F58343AB938D5E7FFF756513202DD4718300B40E122E65E535644AEC6E925454FC5449A0D44D59F8B12E8C4F91D62D46EA36B096CD32839A069E5C6717D3E6427DDCBD3B60F269E4F9B3EDD5CA9C63248E4404318 |
| [1658394451.126920][2491:2496] CHIP:TOO: Icac: 1530010100240201370324140018260480228127260580254D3A370624130118240701240801300941042204D0536F627FA5BD614A759A1B03F12B45EF510926C6897E5EFBFC263D551800C994919D62DFEED0941808E860BF0DD5D08DD013D336A02B3F1C73EE1EE9C4370A350129011824026030041471CD75125F58343AB938D5E7FFF756513202DD47300514647BA1BD05420303B682E0DEC48CBFAD266ABD4018300B401C902597E6EE95C2A64DEC9557E569AC24F153288E06166372FC65A710C555360E279B35C62958B2F9962E9F7BFF4EFA650086B1689EA1577C4D0952A67A8B3618 |
| [1658394451.129310][2491:2496] CHIP:TOO: FabricIndex: 2 |
| [1658394451.129412][2491:2496] CHIP:TOO: } |
| disabled: true |
| |
| - label: "TH2 extracts the pubic key from noc1 and noc2" |
| verification: | |
| Verify both public key of noc1 and noc 2 are different in TH (all-clusters-app) |
| |
| To extract public key follow the below step |
| 1. Copy the NOCVALUE of TH1 in commissioning log of TH1 |
| 2. save it in a file |
| 3. give below command to get public key |
| ./out/debug/chip-cert print-cert noc_1.txt --commissioner-name beta |
| |
| ---> The extracted public key of noc1 is |
| CHIP Certificate: |
| Signature Algo : ECDSAWithSHA256 |
| Issuer : [[ MatterICACId = 0000000000000001 ]] |
| Not Before : 0x27812280 ( 2021/01/01 00:00:00 ) |
| Not After : 0x3A4D2580 ( 2030/12/30 00:00:00 ) |
| Subject : [[ MatterFabricId = 0000000000000001, |
| MatterNodeId = 0000000000000001 ]] |
| Public Key Algo : ECPublicKey |
| Curve Id : prime256v1 |
| Public Key : 04 C0 DC A5 A0 B5 83 94 6B 14 5C 8D B4 B7 99 5E |
| CA 0B B1 55 A8 1A 8B C2 C0 E0 82 48 81 C3 4E 28 |
| AC 14 AD 2E 9E 96 B1 63 4D D4 D1 1B 80 F4 5D C4 |
| 5B F5 12 33 EC 9F E7 6F 37 11 F4 EF 8E 78 54 26 |
| E9 |
| Extensions: |
| Key Usage : DigitalSignature |
| Key Purpose : ServerAuth ClientAuth |
| Subject Key Id : 8A A3 C2 61 7A D4 D9 58 8A 44 8B E4 8E D7 F0 97 00 C3 48 1E |
| Authority Key Id : F7 EC B4 D1 CB 3F 1B 16 6A 6C EE 7E 70 A9 2A 8B 3A 39 5C 60 |
| Signature : 30 49 D3 0F 18 29 E6 B6 A2 89 1E D8 DF 2A 12 33 |
| 50 C2 C8 6F 78 2D AA 37 AF A1 C9 4A 95 56 78 CD |
| BA D5 4F AC 3F F0 81 6E 0B D3 E0 BE C9 7E 8E FE |
| FB 7A 28 67 8E BA 58 8F D9 74 F1 4D C4 82 C5 F4 |
| |
| |
| |
| |
| --->Follow the same steps for noc2 |
| The generated public key for noc2 is |
| CHIP Certificate: |
| Signature Algo : ECDSAWithSHA256 |
| Issuer : [[ MatterICACId = 0000000000000001 ]] |
| Not Before : 0x27812280 ( 2021/01/01 00:00:00 ) |
| Not After : 0x3A4D2580 ( 2030/12/30 00:00:00 ) |
| Subject : [[ MatterFabricId = 0000000000000001, |
| MatterNodeId = 0000000000000002 ]] |
| Public Key Algo : ECPublicKey |
| Curve Id : prime256v1 |
| Public Key : 04 C8 25 0C E9 78 6E EC 37 84 38 37 2A 32 09 29 |
| 7D 4B 62 4B 73 35 89 0F F8 99 9E 65 ED 17 4C BE |
| 12 5F 71 FD A9 78 E2 09 CF CD 88 E4 89 32 70 DF |
| 1A 27 A7 A0 93 0F F0 99 C1 B9 74 43 B3 BC 8D B2 |
| 70 |
| Extensions: |
| Key Usage : DigitalSignature |
| Key Purpose : ServerAuth ClientAuth |
| Subject Key Id : 6E 2E D0 9A 98 D0 E4 5D 61 F1 A5 0B 6D A4 83 8D 25 84 DC 8F |
| Authority Key Id : 71 CD 75 12 5F 58 34 3A B9 38 D5 E7 FF F7 56 51 32 02 DD 47 |
| Signature : 0E 91 72 11 7F 5F 7C F5 E5 35 4C 29 80 54 CB 63 |
| 9B CC 7B B9 9D AD 1A E2 01 30 C0 F8 BA 19 30 24 |
| 35 73 D1 1C BC DA 98 35 17 4D E0 ED F1 6B 01 4D |
| 62 AC 64 A5 CE 21 CB 2D 2B D2 22 FE 52 92 30 F9 |
| disabled: true |