Skip to content

Commit

Permalink
Updates after review
Browse files Browse the repository at this point in the history
Signed-off-by: Michał Szablowski <[email protected]>
  • Loading branch information
doublemis1 committed Aug 17, 2023
1 parent 8a2c903 commit 64422df
Showing 1 changed file with 9 additions and 13 deletions.
22 changes: 9 additions & 13 deletions docs/guides/chip_tool_guide.md
Original file line number Diff line number Diff line change
Expand Up @@ -724,7 +724,7 @@ the command with the default fallback node ID `112233`.
**Example of commands:**
```
$ ./chip-tool pairing ble-thread 12378411096372871992 hex:0e08000000000001000035060004001fffe00708fd6be52118a6b9000410205c6257d29b2115d3065fdb6e855f830c0402a0f7f8000300000d0102adda02081111111122224589051000aa22dd445566778899aabbccddeeff030a4f70656e546872656164 20202021 3840 --commissioner-name alpha --commissioner-nodeid 999999
$ ./chip-tool pairing code-thread 1 hex:000030000150208562618342348532605109bd31cda6908667addca8789211addac0102c4a9 34970112332 --commissioner-name alpha --commissioner-nodeid 999999
```
```
Expand Down Expand Up @@ -915,33 +915,29 @@ to modify attestation-related settings:
certificates. The path can be absolute or relative to the current working
directory. With this flag, the CHIP Tool looks for the PAA certificate that
matches the PAI and the DAC certificates programmed on the device. Without
this flag, the CHIP Tool uses the test PAA certificate.
this flag, the CHIP Tool uses the built-in test PAA certificate.
- `--cd-trust-store-path` - Use to provide the path to the directory containing the key that
is used to generate Certificate Declaration. The path can be absolute or
is used to generate the Certification Declaration. The path can be absolute or
relative to the current working directory. With this flag, the CHIP tool
looks for the CD that matches other attestation data on the device. Without
this flag, the CHIP Tool uses the test CD.
looks for the public key that successfully validate device Certification Declaration's signature.
Without this flag, the CHIP Tool uses the built-in test signing key.
- `--only-allow-trusted-cd-keys` - Use to only allow the keys from `--cd-trust-store-path`
and not the built-in test key. If the flag is not provided or it is provided with the
value `false`, untrusted CD verifying keys are allowed. If it is
provided with the value `true` (`--only-allow-trusted-cd-keys true`), test
keys are disallowed and CD used for attestation will not be accepted. This
setting is parsing CD for an `int` enumeration that sets the test status of
CD.
keys are disallowed and CD signed with the test key will not be accepted.
- `--bypass-attestation-verifier` - Use to bypass the attestation verifier. If
the flag is not provided or it is provided with the value `false`, the
attestation verifier is not bypassed. If it is provided with the value `true`
(`--bypass-attestation-verifier true`), the commissioning will continue
in case of the attestation verification failure. The failure can be caused
by errors in Certification Declaration, the PAA or the PAI certificates, or
in the Device Attestation Certificate. This option can be useful if you want
to quickly commission a device with the PAI and the DAC certificates that
are based on an unknown PAA certificate, or when using a CD signing key to which we
don't have access (for example it is part of an officially certified
device).
in the Device Attestation Certificate. This option can be helpful if you want
to quickly commission a device with the PAI and the DAC certificates based on
non-test PAA and Certification Declaration signed by non-test signing key.
<hr>
Expand Down

0 comments on commit 64422df

Please sign in to comment.