Skip to content

Commit

Permalink
[doc] Add example of 'chip-cert gen-cd' command. (#22516)
Browse files Browse the repository at this point in the history 
* [doc] Add example of 'chip-cert gen-cd' command.

* [spell] Add CMS acronym (RFC 6552).
  • Loading branch information
@turon @pull
turon authored and pull[bot] committed Aug 21, 2023
1 parent a45a56f commit 4bdf46d
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 0 deletions.
1 change: 1 addition & 0 deletions .github/.wordlist.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,7 @@ ClusterTestGeneration
cmake
CMakeLists
CMD
CMS
CMSIS
CMVH
cn
Expand Down
32 changes: 32 additions & 0 deletions src/tools/chip-cert/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
- [Directory Structure](#directory-structure)
- [<code>/src/tools/chip-cert</code>](#srctoolschip-cert)
- [Usage Examples](#usage-examples)
- [Building](#building)
- [Operational Certificates Usage Examples](#operational-certificates-usage-examples)
- [Attestation Certificates Usage Examples](#attestation-certificates-usage-examples)
- [Command Reference](#command-reference)
Expand All @@ -21,6 +22,7 @@
- [gen-att-cert](#gen-att-cert)
- [validate-att-cert](#validate-att-cert)
- [gen-cd](#gen-cd)
- [gen-cd example](#gen-cd-example)
- [version](#version)

## Introduction
Expand Down Expand Up @@ -57,6 +59,18 @@ Specify '--help' option for detail instructions on usage of each command:
./chip-cert gen-cert --help
```

### Building

The `chip-cert` tool will be built when `gn_build.sh` is run. To build just the
`chip-cert` tool locally:

```
. ./scripts/activate.sh
gn gen out/host
ninja -C out/host chip-cert
./out/host/chip-cert help
```

## Operational Certificates Usage Examples

Example command that can be used to generate CHIP root certificate and private
Expand Down Expand Up @@ -745,6 +759,24 @@ HELP OPTIONS
Print the version and then exit.
```

#### gen-cd example

An example of generating a Certificate Declaration (CD) follows:

```
./chip-cert gen-cd -C credentials/test/certification-declaration/Chip-Test-CD-Signing-Cert.pem -K credentials/test/certification-declaration/Chip-Test-CD-Signing-Key.pem --out cd.bin -f 1 -V FFF1 -p 8000 -d 0016 -c "ZIG0000000000000000" -l 0 -i 0 -n 0001 -t 0
```

The binary output of the CMS signed CD is written to `cd.bin`.

- Replace -V FFF1 with your VID in uppercase hex with zero padding
- Replace -p 8000 with your PID in uppercase hex with zero padding
- Replace -d 0016 with your primary device type in uppercase hex with zero
padding

NOTE: `dac-origin-vendor-id` and `dac-origin-product-id` are not included in
this example.

### version

Displays the version of the tool and copyright information.
Expand Down

0 comments on commit 4bdf46d

Please sign in to comment.