FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Matter Device Development - Commissioning Issue

Go to solution
AkihiroN
Associate III

‎2024-07-28 06:54 PM

・Overview

This project involves the development of Matter devices. We encountered an issue with commissioning the device using the obtained vendor ID. Despite following the necessary steps, the commissioning process fails. Below, we detail the steps taken and request assistance in resolving the issue.

・Steps Taken

  1. Registering the Device in the Test DCL
    Registered the device for commissioning on the Test DCL.
    Registered the vendor ID and device type.

  2. Modifying CHIPProjectConfig.h
    Updated CHIP_DEVICE_CONFIG_DEVICE_VENDOR_ID and CHIP_DEVICE_CONFIG_DEVICE_PRODUCT_ID in CHIPProjectConfig.h to match the information registered in the Test DCL.

  3. Creating Matter Device Test Certificates
    Followed the instructions to generate CD and DAC certificates.
    Integrated the certificates into the header file.

  4. Build and Write
    Built the modified project.
    Wrote the build to the device.

  5. Commissioning
    Attempted commissioning with a HomePod mini using an iPhone.
    Here is the error log.
    commissioning_error.log

commissioning_error.log
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
AkihiroN
Associate III
In response to AkihiroN

‎2024-08-14 11:14 PM

Sorry, I was able to read the data written in genFactoryData.py and start Advertising and commissioning. it seems that the reason is that I did not write IterationCount, Spake2pSalt and salt.

View solution in original post

0 Kudos
10 REPLIES 10
Go to solution
EPASZ.1
ST Employee

‎2024-07-29 12:55 AM

There is a python script inside the STM32CubeExpansion_MATTER_V1.0.3\Utilities\DataFactory folder which you should use to store all the necessary data in the external Flash of the WB5M-DK board.

Then you need to change #define CONFIG_STM32_FACTORY_DATA_ENABLE to 1 and create #define USE_STM32WBXX_DAC_CRYPTO inside app_conf.h.

But I'm not sure your setup will work with the Apple ecosystem, as it might not accept test certificates.

0 Kudos
Go to solution
AkihiroN
Associate III
In response to EPASZ.1

‎2024-07-29 10:29 PM

Thank you for your guidance. I understand that if CONFIG_STM32_FACTORY_DATA_ENABLE is enabled, we need to use genFactoryData.py to write the data. However, if we want to use the generated DAC, PAI, and CD without enabling CONFIG_STM32_FACTORY_DATA_ENABLE, is it correct to write each certificate in the following locations?

PAI: In the FactoryDataProvider.cpp file, in the GetProductAttestationIntermediateCert function
DAC: In the FactoryDataProvider.cpp file, in the GetDeviceAttestationCert function
CD: In the FactoryDataProvider.cpp file, in the kCdForAllExamples function

0 Kudos
Go to solution
EPASZ.1
ST Employee

‎2024-07-30 01:36 AM

Yes, that should be probably enough.

Go to solution
AkihiroN
Associate III
In response to EPASZ.1

‎2024-07-31 08:31 PM

Thank you very much.

The commissioning has been done.

You have presented us with the following

I tried using genFactoryData.py to write the certificate to Flash and set CONFIG_STM32_FACTORY_DATA_ENABLE and USE_STM32WBXX_DAC_CRYPTO to 1 respectively, but

otCksDAC_error = otCksDacSignature(messageToSign.data(), messageToSign.size(), DevelopmentCerts::kDacPublicKey.data(), &signature_bytes[0]); in I get an error that 'DevelopmentCerts' has not been declared.

Is there a solution to this problem?

0 Kudos
Go to solution
EPASZ.1
ST Employee

‎2024-08-01 12:35 AM

It seems the code does not handle correctly this situation, the signature is called with an example DAC, which is disabled by CONFIG_STM32_FACTORY_DATA_ENABLE being set to 1.

What you can do is modify the code like this to load the actual public key from flash:

#ifdef USE_STM32WBXX_DAC_CRYPTO
#if (CONFIG_STM32_FACTORY_DATA_ENABLE == 0)
    otCksDAC_error = otCksDacSignature(messageToSign.data(), messageToSign.size(), DevelopmentCerts::kDacPublicKey.data(), &signature_bytes[0]);
	memcpy(signature.Bytes(),&signature_bytes[0], Crypto::kP256_ECDSA_Signature_Length_Raw);
	signature.SetLength(Crypto::kP256_ECDSA_Signature_Length_Raw);

	if(otCksDAC_error != OT_ERROR_NONE) {
		ChipLogProgress(Crypto, "DAC signature unexpected failure");
		return CHIP_ERROR_INTERNAL;
	}

#else
	uint8_t Publickeybuffer[PUBLIC_KEY_LEN];
	uint32_t tlvDataLength; // Dummy value keys values are fix
	FACTORYDATA_StatusTypeDef err;

	err = FACTORYDATA_GetValue(TAG_ID_DEVICE_ATTESTATION_PUBLIC_KEY, Publickeybuffer, PUBLIC_KEY_LEN, &tlvDataLength);
	VerifyOrReturnError(DATAFACTORY_OK == err, MapSTM32WBError(err));

	ByteSpan Publickey = ByteSpan(Publickeybuffer);

	otCksDAC_error = otCksDacSignature(messageToSign.data(), messageToSign.size(), Publickey.data(), &signature_bytes[0]);
	memcpy(signature.Bytes(),&signature_bytes[0], Crypto::kP256_ECDSA_Signature_Length_Raw);
	signature.SetLength(Crypto::kP256_ECDSA_Signature_Length_Raw);

	if(otCksDAC_error != OT_ERROR_NONE) {
		ChipLogProgress(Crypto, "DAC signature unexpected failure");
		return CHIP_ERROR_INTERNAL;
	}
#endif

And the USE_STM32WBXX_DAC_CRYPTO flag needs to be set inside project settings to properly propagate everywhere, like this (for both GCC compiler and G++ compiler options):

EPASZ1_0-1722496933471.png

This way, it compiles ok on my side, I haven't actually tested the whole functionality.

0 Kudos
Go to solution
AkihiroN
Associate III
In response to EPASZ.1

‎2024-08-01 02:38 AM

Thank you very much.
Further CD generated using chip-cert,
DAC, if I write the private key, public key and PAI of the DAC using genFactoryData.py, is it correct to recognize that the commissioning will be successful with any VID and PID?

0 Kudos
Go to solution
EPASZ.1
ST Employee

‎2024-08-02 12:03 AM - edited ‎2024-08-02 12:04 AM

In theory (according to the specification), you cannot use any random IDs. But in practice, it has not been yet implemented in the various ecosystems.

So it is dependent on the manufacturer of your controller/OTBR. Google states (on the page you linked) that it accepts any IDs as long as they are registered on their website. When you have the corresponding keys... generated, then everything should be ok. Apple does not state this on their sites and generally they accept only the few "development" IDs if the device does not have valid certificates (registered with CSA).

But for a commercial application, you need to go through Matter certification after which you will obtain specific IDs from CSA.

0 Kudos
Go to solution
AkihiroN
Associate III
In response to EPASZ.1

‎2024-08-07 09:06 PM

 

Thank you very much.
We have already issued a vendor ID and used chip-cert to generate the CD, DAC and PAI based on that ID.
We were able to write data to Flash using genFactoryData.py.

However, one point, line 434 of genFactoryData.py needed to be changed to the following, so we share it with you.
programmer_path + "\\STM32_Programmer_CLI.exe", "-c", "port=SWD", "mode=UR", "-el", external_loader_path + "\" + external_loader + ".stldr", "- r", flashAddr, str(length), binaryOut, "-rst".

Also, I have changed some parts of the FactoryDataProvider.cpp as you provided previously, but it seems that Serial Number, Product Name, Setup Pin Code, etc. cannot be read and Advertising is not started.
Can you please help me to find the cause of this problem?

AkihiroN_0-1723089966184.png

 

0 Kudos
Go to solution
AkihiroN
Associate III
In response to AkihiroN

‎2024-08-14 11:14 PM

Sorry, I was able to read the data written in genFactoryData.py and start Advertising and commissioning. it seems that the reason is that I did not write IterationCount, Spake2pSalt and salt.

0 Kudos
Top