From 83123f87970879edcbc170b2bbba49cb154408b9 Mon Sep 17 00:00:00 2001
From: Evgeny Margolis <emargolis@google.com>
Date: Thu, 6 Oct 2022 05:04:23 -0700
Subject: [PATCH] Updated CSA Official CD Signing Certificates (#23027)
 (#23037)

---
 .../CSA_Matter_CD_Signing_Key_001.cert.der    | Bin 0 -> 523 bytes
 .../CSA_Matter_CD_Signing_Key_001.cert.pem    |  13 ++
 .../CSA_Matter_CD_Signing_Key_002.cert.der    | Bin 0 -> 524 bytes
 .../CSA_Matter_CD_Signing_Key_002.cert.pem    |  13 ++
 .../CSA_Matter_CD_Signing_Key_003.cert.der    | Bin 0 -> 522 bytes
 .../CSA_Matter_CD_Signing_Key_003.cert.pem    |  13 ++
 .../CSA_Matter_CD_Signing_Key_004.cert.der    | Bin 0 -> 522 bytes
 .../CSA_Matter_CD_Signing_Key_004.cert.pem    |  13 ++
 .../CSA_Matter_CD_Signing_Key_005.cert.der    | Bin 0 -> 523 bytes
 .../CSA_Matter_CD_Signing_Key_005.cert.pem    |  13 ++
 ...tter_Certificate_and_Testing_Root.cert.der | Bin 0 -> 517 bytes
 ...tter_Certificate_and_Testing_Root.cert.pem |  13 ++
 .../cd-certs/Chip-Test-CD-Cert.pem            |  12 ++
 .../credentials/TestHarnessDACProvider.cpp    |  22 +--
 .../DefaultDeviceAttestationVerifier.cpp      | 155 +++++++++++++++---
 .../DeviceAttestationCredsExample.cpp         |  24 +--
 16 files changed, 248 insertions(+), 43 deletions(-)
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.der
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.pem
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.der
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.pem
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.der
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.pem
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.der
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.pem
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.der
 create mode 100644 credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.pem
 create mode 100644 credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.der
 create mode 100644 credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.pem
 create mode 100644 credentials/development/cd-certs/Chip-Test-CD-Cert.pem

diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.der b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..0bcdc2c37db44bb15611c557ddc62233c3a18d9a
GIT binary patch
literal 523
zcmXqLVq!OFVqCj`nTe5!i9NYEF*zmM(144LL#xf>oGlA8lR=On50K9s%EHCN>>TW9
zsAHf7;xY3m`zDr@q!uYSrxulDre!84mSpDVDJ15lD1@XImt^LpD>yqEiWms7acQ$L
zvM@F+s$pW}VR1HfG%!#Q=QT1iG%zqWv^26XHI0(sH!?6cGO#o<fC?BypxJ6<U;wdI
z6V*DG)a0DRB8b(&ndx~TYrRt|6$}gvao8PcAk4-N_8k)=)SJwV?95IKEN9=nv~&5f
zUHkFHl?Un+r*+Tz|9K1Zhd8m!>l>e*dY6B^(A(+xBeSV5b*?9e6fbI6m(g#&drId+
zG0mMj{l9ORsku1KAO+}M=1^H-M#ldv90qJaiiwfIfDa_b4-x|gC}W#}EQrs?BE}-}
z&%}P}O!qSD#CNWi!on7w{?BUr4CF!5$}AEFVhtkGpJZM*$|7<o|2X6Kx+&$BoW0+c
zB1aFi2ZMntlY)S0U*V-SA=x4A<?CfP#9oWqk*W8|>GH}KS?8SVKgUQjDKdOqw4=<m
hWR~*DZ7%8>kt?QUd!9bazS1oB&@HPAAv2q90s!u1qR{{V

literal 0
HcmV?d00001

diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.pem b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.pem
new file mode 100644
index 00000000000000..93697332c9f692
--- /dev/null
+++ b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_001.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICBzCCAa2gAwIBAgIHY3NhY2RrMTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTI4NTVaGA8yMDcyMDky
+MDE5Mjg1NVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMTEUMBIGCisGAQQBgqJ8AgEMBEM1
+QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATN7uk+RPi3K+PRqcB+IZaLmv/z
+tAPwXhZp17Hlyu5vx3FLQufiNpXpLNdjVHOigK5ojze7lInhFim5uU/3sJkpo2Yw
+ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+/jQ/lZlHdjth7kU5ExM4SU/mfY4wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+OQmN9qUwCgYIKoZIzj0EAwIDSAAwRQIgEDWOcdKsVGtUh3evHbBd1lq4aS7yQtOp
+6GrOQ3/zXBsCIQDxorh2RXSaI8m2RCcoWaiWa0nLzQepNm3C2jrQVJmC2Q==
+-----END CERTIFICATE-----
diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.der b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..3e6046ac47a8b08cd49421a48961ec1c952c13e4
GIT binary patch
literal 524
zcmXqLV&X7pVqCj`nTe5!i9NYEF*zmM$bgHDL#xf>oGlA8lR=On50K9s%EHCN>>TW9
zsAHf7;xY3m`zDr@q!uYSrxulDre!84mSpDVDJ15lD1@XImt^LpD>yqEiWms7acQ$L
zvM@F+s$pW}VR1HfG%!#Q=QT1iG%zqWv@|v|F^iJmH!?6cGO#o<fC?BypxJ6<U;wdI
z6V*DG)a0DRB8b(&ndx~TYrRt|6$}iFaM&GbAk4-N_8k)=)SJwV?95IKEX<PTFMc`&
zvc!HW3E%CeYWKL*uSaN|Mrdt=`pzqd!){7D^!ztc4-nrJ-_yN_RqW~st54figc^kJ
zpXr}^iD4!8;xvO4pm&)=WrZ0T|FduyumLG1Mg{{ukQhHm3>ct{Z3eO+J|Bx1i^yG;
z+Y!-<J~9!a?a#t`zqD_=dz{fg9we>IB4HrbATs?)=7pmyB8T#iGk&j|Qf|rF`)w(5
z^e}re7`QPhGR%5+UaaQwa{fQN1TJqr`&~e~XL~{5%FuQf`Qx<~zWd97N+!Q}UZ1u0
g<flzOjxYU7@88{iZ_-je=J!eyWQ%(CW%wNe0JO55wg3PC

literal 0
HcmV?d00001

diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.pem b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.pem
new file mode 100644
index 00000000000000..c25dde22d921e8
--- /dev/null
+++ b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_002.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICCDCCAa2gAwIBAgIHY3NhY2RrMjAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTM2NDZaGA8yMDcyMDky
+MDE5MzY0NlowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMjEUMBIGCisGAQQBgqJ8AgEMBEM1
+QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQDGTfo+UJRBF3ydFe7RiU+43VO
+jBKuKFV9gCe51MNW2RtAjP8yJ1AXsl+Mi6IFFtXIOvK3JBKAE9/Mj5XSAKkLo2Yw
+ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+3QTbWFshTBxYFYfmVo30h7bdxwEwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+OQmN9qUwCgYIKoZIzj0EAwIDSQAwRgIhAJruzxZ806cP/LoQ07PN9xAbjLdwUalV
+h0Qfx304Tb92AiEAk+jnf2qtyfKyTEHpT3Xf3bfekqUOA+8ikB1yjL5oTsI=
+-----END CERTIFICATE-----
diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.der b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..6fd2138beb456bd63f3b9fe63e417295f0eedf61
GIT binary patch
literal 522
zcmXqLVq!CBVqCj`nTe5!i9NYEF*zmM*no?TL#xf>oGlA8lR=On50K9s%EHCN>>TW9
zsAHf7;xY3m`zDr@q!uYSrxulDre!84mSpDVDJ15lD1@XImt^LpD>yqEiWms7acQ$L
zvM@F+s$pW}VR1HfG%!#Q=QT1iG%zqWv@|g^FpQGmH!?6cGO#o<fC?BypxJ6<U;wdI
z6V*DG)a0DRB8b(&ndx~TYrRt|6+mWVw>#26n2jCmJ0?b`H<=mPnVlF|=7+~z{kuI#
zUSP?6!w<z1wG-VnK3%Sl&YreMXMYX1;Is+hwV|<!3#KKk*wD1t@>MW@Rikd(<gNMF
zQzYV7pEdfrIL#mh=w0SeSz$)T|12B^Y(R>Mk->luB*qUC0|qE#n}IBd&&MLhBH}J!
z`uu?3sulZce0_u;KRLuXb%nQqJV;uZMZ!R=L1g-q%nL_ZL=NR2XZ&6_rQDLU_uEqB
z=wWteFmPc~Pzaxs+rM>YsPAgQzrPRhu%BO(`MpSCsu|O&wdsGXnSd%PrcQ0S#Z{Cu
dH?O|v$6v`$`fuF66q%<LaB3%{J-6k#4ggt=oJarw

literal 0
HcmV?d00001

diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.pem b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.pem
new file mode 100644
index 00000000000000..7bd98161c47728
--- /dev/null
+++ b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_003.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICBjCCAa2gAwIBAgIHY3NhY2RrMzAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQxMDFaGA8yMDcyMDky
+MDE5NDEwMVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMzEUMBIGCisGAQQBgqJ8AgEMBEM1
+QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASfV1zV/bdSHxCk3zHwc5ErYUco
+8tN/W2uWvCy/fAsRlpBXfVVdIaCWYKiwgqM56lMPeoEthpO1b9dkGF+rzTL1o2Yw
+ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+RxA158BOqqi+fE1ME+PkwgmVqEswHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+OQmN9qUwCgYIKoZIzj0EAwIDRwAwRAIgIFecbY+1mVVNqxH9+8IMB8+safdyIJU2
+AqqtZ/w7AkQCIHiVlYTaCnJsnW5/cvj9GfIv7Eb0cjdmcAkrYGbnPQzX
+-----END CERTIFICATE-----
diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.der b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..8ac5b038ed8db501c11b44922087ffc9f6ef4491
GIT binary patch
literal 522
zcmXqLVq!CBVqCj`nTe5!i9NYEF*zmM#DI&9L#xf>oGlA8lR=On50K9s%EHCN>>TW9
zsAHf7;xY3m`zDr@q!uYSrxulDre!84mSpDVDJ15lD1@XImt^LpD>yqEiWms7acQ$L
zvM@F+s$pW}VR1HfG%!#Q=QT1iG%zqWv@|g`GK`YoH!?6cGO#o<fC?BypxJ6<U;wdI
z6V*DG)a0DRB8b(&ndx~TYrRt|6$}haaM&GbAk4-N_8k)=)SJwV?95IKEH!_6I|NqD
z`SMFryyDaPHx)kutEMl0T7O7**Nu+HiE<_Xx3%njy<%Cns<Ky%X}`Jk>e;yle!^^b
z%M_MsTojYxUYur-0`x9(sH`v}<9`+o12!PV#K>U42NL54i2(zYvCTjh#OGrXV-fk*
z#=JOFZ-zjT<Gh6rS6hVaEuVVXKprHm%pzeR)*v$dN#=#4EFy>Uk28L+n^JDc+52rN
za`Z5}GZ?rqDd;VbpSasQu|3V{<n8$m)Ako`{TFuR{>sm?n{G$XuCnc8Qt;O}(fB4z
fILPO_^t~Lx<xdOS&g*K49VqAi$&$gG!T1;eKoy=&

literal 0
HcmV?d00001

diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.pem b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.pem
new file mode 100644
index 00000000000000..d2297103961672
--- /dev/null
+++ b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_004.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICBjCCAa2gAwIBAgIHY3NhY2RrNDAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQzMjFaGA8yMDcyMDky
+MDE5NDMyMVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwNDEUMBIGCisGAQQBgqJ8AgEMBEM1
+QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR8/I2IEKic9PoZF3jyr+x4+FF6
+l6Plf8ITutiI42EedP+2hL3rqKaLJSNKXDWPNzurm20wThMG3XYgpSjRFhwLo2Yw
+ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+9oYDo2kumBByQZ6h4as4VL13ldMwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+OQmN9qUwCgYIKoZIzj0EAwIDRwAwRAIgLqAfkbtLYYdmQsnbn0CWv3G1/lbE36nz
+HbLbW5t6PY4CIE8oyIHsVhNSTPcb3mwRp+Vxhs8tKhbAdwv5BGgDaAHj
+-----END CERTIFICATE-----
diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.der b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..5ca3b5a6ccbe0404fd48b524bbd2e6329f842944
GIT binary patch
literal 523
zcmXqLVq!OFVqCj`nTe5!i9NYEF*zmM)PRePL#xf>oGlA8lR=On50K9s%EHCN>>TW9
zsAHf7;xY3m`zDr@q!uYSrxulDre!84mSpDVDJ15lD1@XImt^LpD>yqEiWms7acQ$L
zvM@F+s$pW}VR1HfG%!#Q=QT1iG%zqWv@|g{G>wwrH!?6cGO#o<fC?BypxJ6<U;wdI
z6V*DG)a0DRB8b(&ndx~TYrRt|6$}haao8PcAk4-N_8k)=)SJwV?95IKEY4j)$C4H;
zyRPQ`Gj4mZaNd)3{I{)E9?Ud!%C_Z5|0!Vg{QANj?Js`_FZ+~Vw)^Z#)5#SzLghUx
zK24835~bkub8(tM3edaEp|Zk^jQ?3U4A_7a6C;BGA4rTJBnAvn#x?_45TB1lj7225
zUd?1}(yM=2-;&<%%+J5{Xa66419_0NGK++PScAy)Cz%(HvWOhYKhF5QZc4c&XYaSA
z$kD^>!C>IZq{wjA-D&m{nKj-jGSf2E7;ME7+6$64$BQvWta^L?*>*z)CWT0A&(P{6
g8sAj-6+~xd#?*U%6Eb<9r*UonvX6Op<CiM|07vkhrvLx|

literal 0
HcmV?d00001

diff --git a/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.pem b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.pem
new file mode 100644
index 00000000000000..e3dfa07a6c9291
--- /dev/null
+++ b/credentials/development/cd-certs/CSA_Matter_CD_Signing_Key_005.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICBzCCAa2gAwIBAgIHY3NhY2RrNTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQ3MTVaGA8yMDcyMDky
+MDE5NDcxNVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwNTEUMBIGCisGAQQBgqJ8AgEMBEM1
+QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARDilLGYqKm1yZH+V63UxNu5K4P
+2zqpwWkxQms9CGf5EDrn16G4h+n4E6byb3a7zak1k3h8EneMqPKXXcRaIEL5o2Yw
+ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+Y38mNK1i6v5q9mLvuW9v0vy//C8wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+OQmN9qUwCgYIKoZIzj0EAwIDSAAwRQIhAM1HQpvkHKxLJByWaSYAPRZgh3Bis18W
+AViq7c/mtzEAAiBZO0lVe6Qo9iQPIBWZaVx/S/YSNO9uKNa/pvFu3V+nIg==
+-----END CERTIFICATE-----
diff --git a/credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.der b/credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.der
new file mode 100644
index 0000000000000000000000000000000000000000..3a75a3657b03a6f775e193cc71a06fb55d9bfc73
GIT binary patch
literal 517
zcmXqLVq!FCVqCs}nTe5!i9NYEu_!;k#DI&9L#xf>oGlA8lR=On50K9s%EHCN>>TW9
zsAHf7;xY3m`zDr@q!uYSrxulDre!84mSpDVDJ15lD1@XImt^LpD>yqEiWms7acQ$L
zvM@F+s$pW}VR1HfG%!#Q=QT1iFgGwav^26XFo}}jH!=hYm>C*F1!!Vxq=7ISJJ?@L
zj8G3UGqN)~F|b&8Ssh*#yYF-n|1(8do3$QE`QHT>ESWTa?Tv&VkIMfaxF>J7&A7^>
zr8>%rHE%^B-{kUlZ{MkkGylD5%BXs}&tq|#K?=~L%%QTvjEw(TI1Jc;6cZz(0Ut<=
zA0!40N=7yVSrDI(MT|vc`jgBHM_EJ;<sWDKUN@!OlC$^QQUiIAv@(l?fmj1}1xOLY
z?7?8*%A`=a>M6VXA@%-{1@kr@SbTTNM~x-Q-QP@|_9-_Dg?Ic)VNzsxzsI1fd#8SX
dO9fkF&;!v(2~CSL^DUyg<9*HFeZCo(3jkSUn}PrU

literal 0
HcmV?d00001

diff --git a/credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.pem b/credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.pem
new file mode 100644
index 00000000000000..5a003156fd6c65
--- /dev/null
+++ b/credentials/development/cd-certs/CSA_Matter_Certificate_and_Testing_Root.cert.pem
@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIICATCCAaegAwIBAgIHY3Nhcm9vdDAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjA3MDcxOTI4MDRaGA8yMTIyMDYx
+MzE5MjgwNFowUjEMMAoGA1UECgwDQ1NBMSwwKgYDVQQDDCNNYXR0ZXIgQ2VydGlm
+aWNhdGlvbiBhbmQgVGVzdGluZyBDQTEUMBIGCisGAQQBgqJ8AgEMBEM1QTAwWTAT
+BgcqhkjOPQIBBggqhkjOPQMBBwNCAAQ4SjrDql2+y3IP5iEdPK1IYm/3EaCkkp+t
+2GD44nf/wN4fPrYzejSEe1o6BW6ocQ6Td+7t7iUXA/3ZNQEly45Io2YwZDASBgNV
+HRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUl+Rp0MUE
+FMJvxwH3fpR3OQmN9qUwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3OQmN9qUw
+CgYIKoZIzj0EAwIDSAAwRQIgearlB0fCJ49UoJ6xwKPdlPEopCOL9jVCviODEleI
++mQCIQDvvDCKi7kvj4R4BoFS4BVZGCk4zJ84W4tfTTfu89lRbQ==
+-----END CERTIFICATE-----
diff --git a/credentials/development/cd-certs/Chip-Test-CD-Cert.pem b/credentials/development/cd-certs/Chip-Test-CD-Cert.pem
new file mode 100644
index 00000000000000..0392cd2b6a5dd6
--- /dev/null
+++ b/credentials/development/cd-certs/Chip-Test-CD-Cert.pem
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBszCCAVqgAwIBAgIIRdrzneR6oI8wCgYIKoZIzj0EAwIwKzEpMCcGA1UEAwwg
+TWF0dGVyIFRlc3QgQ0QgU2lnbmluZyBBdXRob3JpdHkwIBcNMjEwNjI4MTQyMzQz
+WhgPOTk5OTEyMzEyMzU5NTlaMCsxKTAnBgNVBAMMIE1hdHRlciBUZXN0IENEIFNp
+Z25pbmcgQXV0aG9yaXR5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPDmJIkUr
+VcrzicJb0bykZWlSzLkOiGkkmthHRlMBTL+V1oeWXgNrUhxRA35rjO3vyh60QEZp
+T6CIgu7WUZ3suqNmMGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFGL6gjNZrPqplj4c+hQK3fUE83FgMB8GA1UdIwQYMBaAFGL6
+gjNZrPqplj4c+hQK3fUE83FgMAoGCCqGSM49BAMCA0cAMEQCICxUXOTkV9im8NnZ
+u+vW7OHd/n+MbZps83UyH8b6xxOEAiBUB3jodDlyUn7t669YaGIgtUB48s1OYqdq
+58u5L/VMiw==
+-----END CERTIFICATE-----
diff --git a/src/app/tests/suites/credentials/TestHarnessDACProvider.cpp b/src/app/tests/suites/credentials/TestHarnessDACProvider.cpp
index 4eece60ea37074..c9732447c8ec3d 100644
--- a/src/app/tests/suites/credentials/TestHarnessDACProvider.cpp
+++ b/src/app/tests/suites/credentials/TestHarnessDACProvider.cpp
@@ -38,7 +38,7 @@
 // 0x8048, 0x8049, 0x804A, 0x804B, 0x804C, 0x804D, 0x804E, 0x804F, 0x8050, 0x8051, 0x8052, 0x8053, 0x8054, 0x8055, 0x8056,
 // 0x8057, 0x8058, 0x8059, 0x805A, 0x805B, 0x805C, 0x805D, 0x805E, 0x805F, 0x8060, 0x8061, 0x8062, 0x8063 ]
 //-> device_type_id = 0x0016
-//-> certificate_id = "CSA00000MAT00000-00"
+//-> certificate_id = "CSA00000SWC00000-00"
 //-> security_level = 0
 //-> security_information = 0
 //-> version_number = 1
@@ -46,8 +46,8 @@
 //-> dac_origin_vendor_id is not present
 //-> dac_origin_product_id is not present
 constexpr const uint8_t kCdForAllExamples[540] = {
-    0x30, 0x82, 0x02, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0x09, 0x30, 0x82,
-    0x02, 0x05, 0x02, 0x01, 0x03, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30,
+    0x30, 0x82, 0x02, 0x17, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0x08, 0x30, 0x82,
+    0x02, 0x04, 0x02, 0x01, 0x03, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30,
     0x82, 0x01, 0x70, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x01, 0x61, 0x04, 0x82, 0x01,
     0x5d, 0x15, 0x24, 0x00, 0x01, 0x25, 0x01, 0xf1, 0xff, 0x36, 0x02, 0x05, 0x00, 0x80, 0x05, 0x01, 0x80, 0x05, 0x02, 0x80, 0x05,
     0x03, 0x80, 0x05, 0x04, 0x80, 0x05, 0x05, 0x80, 0x05, 0x06, 0x80, 0x05, 0x07, 0x80, 0x05, 0x08, 0x80, 0x05, 0x09, 0x80, 0x05,
@@ -64,14 +64,14 @@ constexpr const uint8_t kCdForAllExamples[540] = {
     0x50, 0x80, 0x05, 0x51, 0x80, 0x05, 0x52, 0x80, 0x05, 0x53, 0x80, 0x05, 0x54, 0x80, 0x05, 0x55, 0x80, 0x05, 0x56, 0x80, 0x05,
     0x57, 0x80, 0x05, 0x58, 0x80, 0x05, 0x59, 0x80, 0x05, 0x5a, 0x80, 0x05, 0x5b, 0x80, 0x05, 0x5c, 0x80, 0x05, 0x5d, 0x80, 0x05,
     0x5e, 0x80, 0x05, 0x5f, 0x80, 0x05, 0x60, 0x80, 0x05, 0x61, 0x80, 0x05, 0x62, 0x80, 0x05, 0x63, 0x80, 0x18, 0x24, 0x03, 0x16,
-    0x2c, 0x04, 0x13, 0x43, 0x53, 0x41, 0x30, 0x30, 0x30, 0x30, 0x30, 0x4d, 0x41, 0x54, 0x30, 0x30, 0x30, 0x30, 0x30, 0x2d, 0x30,
-    0x30, 0x24, 0x05, 0x00, 0x24, 0x06, 0x00, 0x24, 0x07, 0x01, 0x24, 0x08, 0x00, 0x18, 0x31, 0x7d, 0x30, 0x7b, 0x02, 0x01, 0x03,
-    0x80, 0x14, 0x83, 0xfa, 0xd7, 0x81, 0xe8, 0x2d, 0x01, 0x8b, 0x4f, 0x14, 0xf0, 0xa1, 0xc7, 0xf6, 0x84, 0x01, 0x8c, 0xc5, 0xd1,
-    0x9f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
-    0xce, 0x3d, 0x04, 0x03, 0x02, 0x04, 0x47, 0x30, 0x45, 0x02, 0x20, 0x57, 0xc4, 0xb8, 0x18, 0x3a, 0x93, 0xa6, 0xb8, 0xc3, 0x60,
-    0x3e, 0x77, 0xde, 0x8e, 0xb1, 0x94, 0x8c, 0x9c, 0xc0, 0x50, 0x60, 0xa6, 0x1a, 0xa9, 0xd7, 0x43, 0xeb, 0xea, 0xf9, 0x5f, 0x73,
-    0xc9, 0x02, 0x21, 0x00, 0xa3, 0xd5, 0xa1, 0x1f, 0xb0, 0x71, 0xf2, 0x13, 0xa5, 0xe1, 0x24, 0xed, 0xe7, 0xe1, 0xee, 0x16, 0x7e,
-    0x19, 0xc2, 0x8c, 0x3d, 0xed, 0x98, 0x4c, 0xf1, 0x03, 0x96, 0x48, 0xe8, 0x8c, 0xd8, 0x06
+    0x2c, 0x04, 0x13, 0x43, 0x53, 0x41, 0x30, 0x30, 0x30, 0x30, 0x30, 0x53, 0x57, 0x43, 0x30, 0x30, 0x30, 0x30, 0x30, 0x2d, 0x30,
+    0x30, 0x24, 0x05, 0x00, 0x24, 0x06, 0x00, 0x24, 0x07, 0x01, 0x24, 0x08, 0x00, 0x18, 0x31, 0x7c, 0x30, 0x7a, 0x02, 0x01, 0x03,
+    0x80, 0x14, 0xfe, 0x34, 0x3f, 0x95, 0x99, 0x47, 0x76, 0x3b, 0x61, 0xee, 0x45, 0x39, 0x13, 0x13, 0x38, 0x49, 0x4f, 0xe6, 0x7d,
+    0x8e, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,
+    0xce, 0x3d, 0x04, 0x03, 0x02, 0x04, 0x46, 0x30, 0x44, 0x02, 0x20, 0x4a, 0x12, 0xf8, 0xd4, 0x2f, 0x90, 0x23, 0x5c, 0x05, 0xa7,
+    0x71, 0x21, 0xcb, 0xeb, 0xae, 0x15, 0xd5, 0x90, 0x14, 0x65, 0x58, 0xe9, 0xc9, 0xb4, 0x7a, 0x1a, 0x38, 0xf7, 0xa3, 0x6a, 0x7d,
+    0xc5, 0x02, 0x20, 0x20, 0xa4, 0x74, 0x28, 0x97, 0xc3, 0x0a, 0xed, 0xa0, 0xa5, 0x6b, 0x36, 0xe1, 0x4e, 0xbb, 0xc8, 0x5b, 0xbd,
+    0xb7, 0x44, 0x93, 0xf9, 0x93, 0x58, 0x1e, 0xb0, 0x44, 0x4e, 0xd6, 0xca, 0x94, 0x0b
 };
 
 namespace chip {
diff --git a/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp b/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
index 369ba8b22256c7..07bac69978aa5c 100644
--- a/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
+++ b/src/credentials/attestation_verifier/DefaultDeviceAttestationVerifier.cpp
@@ -128,32 +128,147 @@ constexpr uint8_t gCdRootCert[517] = {
 // Official CD "Signing Key 001"
 //
 // -----BEGIN CERTIFICATE-----
-// MIICCDCCAa2gAwIBAgIHY3NhY2RzMTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+// MIICBzCCAa2gAwIBAgIHY3NhY2RrMTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
 // U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
-// MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjA4MTExOTMxMTVaGA8yMDcyMDcy
-// OTE5MzExNVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+// MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTI4NTVaGA8yMDcyMDky
+// MDE5Mjg1NVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
 // IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMTEUMBIGCisGAQQBgqJ8AgEMBEM1
-// QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARbW8Ou1rqjg/3Pm51ac/rqfmXr
-// WSfBxcArHPpLi9trm36yUlE/I/IqWDOdyK24gEYKySHTdte5cMUMO+bm0jbwo2Yw
+// QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATN7uk+RPi3K+PRqcB+IZaLmv/z
+// tAPwXhZp17Hlyu5vx3FLQufiNpXpLNdjVHOigK5ojze7lInhFim5uU/3sJkpo2Yw
 // ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
-// g/rXgegtAYtPFPChx/aEAYzF0Z8wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
-// OQmN9qUwCgYIKoZIzj0EAwIDSQAwRgIhAIbSu8KoWTj5792UxtJ/uSgQXVTLRRsm
-// 09ys2m37JxDvAiEA8WMKDbRbwOtkabIyqwDgmiR3KwkyYwaqN4GPsRKfxwQ=
+// /jQ/lZlHdjth7kU5ExM4SU/mfY4wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+// OQmN9qUwCgYIKoZIzj0EAwIDSAAwRQIgEDWOcdKsVGtUh3evHbBd1lq4aS7yQtOp
+// 6GrOQ3/zXBsCIQDxorh2RXSaI8m2RCcoWaiWa0nLzQepNm3C2jrQVJmC2Q==
 // -----END CERTIFICATE-----
 //
 constexpr uint8_t gCdSigningKey001PubkeyBytes[65] = {
-    0x04, 0x5b, 0x5b, 0xc3, 0xae, 0xd6, 0xba, 0xa3, 0x83, 0xfd, 0xcf, 0x9b, 0x9d, 0x5a, 0x73, 0xfa, 0xea,
-    0x7e, 0x65, 0xeb, 0x59, 0x27, 0xc1, 0xc5, 0xc0, 0x2b, 0x1c, 0xfa, 0x4b, 0x8b, 0xdb, 0x6b, 0x9b, 0x7e,
-    0xb2, 0x52, 0x51, 0x3f, 0x23, 0xf2, 0x2a, 0x58, 0x33, 0x9d, 0xc8, 0xad, 0xb8, 0x80, 0x46, 0x0a, 0xc9,
-    0x21, 0xd3, 0x76, 0xd7, 0xb9, 0x70, 0xc5, 0x0c, 0x3b, 0xe6, 0xe6, 0xd2, 0x36, 0xf0
+    0x04, 0xcd, 0xee, 0xe9, 0x3e, 0x44, 0xf8, 0xb7, 0x2b, 0xe3, 0xd1, 0xa9, 0xc0, 0x7e, 0x21, 0x96, 0x8b,
+    0x9a, 0xff, 0xf3, 0xb4, 0x03, 0xf0, 0x5e, 0x16, 0x69, 0xd7, 0xb1, 0xe5, 0xca, 0xee, 0x6f, 0xc7, 0x71,
+    0x4b, 0x42, 0xe7, 0xe2, 0x36, 0x95, 0xe9, 0x2c, 0xd7, 0x63, 0x54, 0x73, 0xa2, 0x80, 0xae, 0x68, 0x8f,
+    0x37, 0xbb, 0x94, 0x89, 0xe1, 0x16, 0x29, 0xb9, 0xb9, 0x4f, 0xf7, 0xb0, 0x99, 0x29
 };
 
-constexpr uint8_t gCdSigningKey001Kid[20] = { 0x83, 0xfa, 0xd7, 0x81, 0xe8, 0x2d, 0x01, 0x8b, 0x4f, 0x14,
-                                              0xf0, 0xa1, 0xc7, 0xf6, 0x84, 0x01, 0x8c, 0xc5, 0xd1, 0x9f };
+constexpr uint8_t gCdSigningKey001Kid[20] = { 0xFE, 0x34, 0x3F, 0x95, 0x99, 0x47, 0x76, 0x3B, 0x61, 0xEE,
+                                              0x45, 0x39, 0x13, 0x13, 0x38, 0x49, 0x4F, 0xE6, 0x7D, 0x8E };
 
-std::array<ByteSpan, 2> gCdKids                 = { ByteSpan{ gTestCdPubkeyKid }, ByteSpan{ gCdSigningKey001Kid } };
-std::array<Crypto::P256PublicKey, 2> gCdPubkeys = { Crypto::P256PublicKey{ gTestCdPubkeyBytes },
-                                                    Crypto::P256PublicKey{ gCdSigningKey001PubkeyBytes } };
+// Official CD "Signing Key 002"
+//
+// -----BEGIN CERTIFICATE-----
+// MIICCDCCAa2gAwIBAgIHY3NhY2RrMjAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+// U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+// MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTM2NDZaGA8yMDcyMDky
+// MDE5MzY0NlowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+// IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMjEUMBIGCisGAQQBgqJ8AgEMBEM1
+// QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQDGTfo+UJRBF3ydFe7RiU+43VO
+// jBKuKFV9gCe51MNW2RtAjP8yJ1AXsl+Mi6IFFtXIOvK3JBKAE9/Mj5XSAKkLo2Yw
+// ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+// 3QTbWFshTBxYFYfmVo30h7bdxwEwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+// OQmN9qUwCgYIKoZIzj0EAwIDSQAwRgIhAJruzxZ806cP/LoQ07PN9xAbjLdwUalV
+// h0Qfx304Tb92AiEAk+jnf2qtyfKyTEHpT3Xf3bfekqUOA+8ikB1yjL5oTsI=
+// -----END CERTIFICATE-----
+//
+constexpr uint8_t gCdSigningKey002PubkeyBytes[65] = {
+    0x04, 0x03, 0x19, 0x37, 0xe8, 0xf9, 0x42, 0x51, 0x04, 0x5d, 0xf2, 0x74, 0x57, 0xbb, 0x46, 0x25, 0x3e,
+    0xe3, 0x75, 0x4e, 0x8c, 0x12, 0xae, 0x28, 0x55, 0x7d, 0x80, 0x27, 0xb9, 0xd4, 0xc3, 0x56, 0xd9, 0x1b,
+    0x40, 0x8c, 0xff, 0x32, 0x27, 0x50, 0x17, 0xb2, 0x5f, 0x8c, 0x8b, 0xa2, 0x05, 0x16, 0xd5, 0xc8, 0x3a,
+    0xf2, 0xb7, 0x24, 0x12, 0x80, 0x13, 0xdf, 0xcc, 0x8f, 0x95, 0xd2, 0x00, 0xa9, 0x0b
+};
+
+constexpr uint8_t gCdSigningKey002Kid[20] = { 0xDD, 0x04, 0xDB, 0x58, 0x5B, 0x21, 0x4C, 0x1C, 0x58, 0x15,
+                                              0x87, 0xE6, 0x56, 0x8D, 0xF4, 0x87, 0xB6, 0xDD, 0xC7, 0x01 };
+
+// Official CD "Signing Key 003"
+//
+// -----BEGIN CERTIFICATE-----
+// MIICBjCCAa2gAwIBAgIHY3NhY2RrMzAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+// U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+// MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQxMDFaGA8yMDcyMDky
+// MDE5NDEwMVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+// IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwMzEUMBIGCisGAQQBgqJ8AgEMBEM1
+// QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASfV1zV/bdSHxCk3zHwc5ErYUco
+// 8tN/W2uWvCy/fAsRlpBXfVVdIaCWYKiwgqM56lMPeoEthpO1b9dkGF+rzTL1o2Yw
+// ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+// RxA158BOqqi+fE1ME+PkwgmVqEswHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+// OQmN9qUwCgYIKoZIzj0EAwIDRwAwRAIgIFecbY+1mVVNqxH9+8IMB8+safdyIJU2
+// AqqtZ/w7AkQCIHiVlYTaCnJsnW5/cvj9GfIv7Eb0cjdmcAkrYGbnPQzX
+// -----END CERTIFICATE-----
+//
+constexpr uint8_t gCdSigningKey003PubkeyBytes[65] = {
+    0x04, 0x9f, 0x57, 0x5c, 0xd5, 0xfd, 0xb7, 0x52, 0x1f, 0x10, 0xa4, 0xdf, 0x31, 0xf0, 0x73, 0x91, 0x2b,
+    0x61, 0x47, 0x28, 0xf2, 0xd3, 0x7f, 0x5b, 0x6b, 0x96, 0xbc, 0x2c, 0xbf, 0x7c, 0x0b, 0x11, 0x96, 0x90,
+    0x57, 0x7d, 0x55, 0x5d, 0x21, 0xa0, 0x96, 0x60, 0xa8, 0xb0, 0x82, 0xa3, 0x39, 0xea, 0x53, 0x0f, 0x7a,
+    0x81, 0x2d, 0x86, 0x93, 0xb5, 0x6f, 0xd7, 0x64, 0x18, 0x5f, 0xab, 0xcd, 0x32, 0xf5
+};
+
+constexpr uint8_t gCdSigningKey003Kid[20] = { 0x47, 0x10, 0x35, 0xE7, 0xC0, 0x4E, 0xAA, 0xA8, 0xBE, 0x7C,
+                                              0x4D, 0x4C, 0x13, 0xE3, 0xE4, 0xC2, 0x09, 0x95, 0xA8, 0x4B };
+
+// Official CD "Signing Key 004"
+//
+// -----BEGIN CERTIFICATE-----
+// MIICBjCCAa2gAwIBAgIHY3NhY2RrNDAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+// U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+// MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQzMjFaGA8yMDcyMDky
+// MDE5NDMyMVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+// IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwNDEUMBIGCisGAQQBgqJ8AgEMBEM1
+// QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR8/I2IEKic9PoZF3jyr+x4+FF6
+// l6Plf8ITutiI42EedP+2hL3rqKaLJSNKXDWPNzurm20wThMG3XYgpSjRFhwLo2Yw
+// ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+// 9oYDo2kumBByQZ6h4as4VL13ldMwHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+// OQmN9qUwCgYIKoZIzj0EAwIDRwAwRAIgLqAfkbtLYYdmQsnbn0CWv3G1/lbE36nz
+// HbLbW5t6PY4CIE8oyIHsVhNSTPcb3mwRp+Vxhs8tKhbAdwv5BGgDaAHj
+// -----END CERTIFICATE-----
+//
+constexpr uint8_t gCdSigningKey004PubkeyBytes[65] = {
+    0x04, 0x7c, 0xfc, 0x8d, 0x88, 0x10, 0xa8, 0x9c, 0xf4, 0xfa, 0x19, 0x17, 0x78, 0xf2, 0xaf, 0xec, 0x78,
+    0xf8, 0x51, 0x7a, 0x97, 0xa3, 0xe5, 0x7f, 0xc2, 0x13, 0xba, 0xd8, 0x88, 0xe3, 0x61, 0x1e, 0x74, 0xff,
+    0xb6, 0x84, 0xbd, 0xeb, 0xa8, 0xa6, 0x8b, 0x25, 0x23, 0x4a, 0x5c, 0x35, 0x8f, 0x37, 0x3b, 0xab, 0x9b,
+    0x6d, 0x30, 0x4e, 0x13, 0x06, 0xdd, 0x76, 0x20, 0xa5, 0x28, 0xd1, 0x16, 0x1c, 0x0b
+};
+
+constexpr uint8_t gCdSigningKey004Kid[20] = { 0xF6, 0x86, 0x03, 0xA3, 0x69, 0x2E, 0x98, 0x10, 0x72, 0x41,
+                                              0x9E, 0xA1, 0xE1, 0xAB, 0x38, 0x54, 0xBD, 0x77, 0x95, 0xD3 };
+
+// Official CD "Signing Key 005"
+//
+// -----BEGIN CERTIFICATE-----
+// MIICBzCCAa2gAwIBAgIHY3NhY2RrNTAKBggqhkjOPQQDAjBSMQwwCgYDVQQKDAND
+// U0ExLDAqBgNVBAMMI01hdHRlciBDZXJ0aWZpY2F0aW9uIGFuZCBUZXN0aW5nIENB
+// MRQwEgYKKwYBBAGConwCAQwEQzVBMDAgFw0yMjEwMDMxOTQ3MTVaGA8yMDcyMDky
+// MDE5NDcxNVowWDEMMAoGA1UECgwDQ1NBMTIwMAYDVQQDDClDZXJ0aWZpY2F0aW9u
+// IERlY2xhcmF0aW9uIFNpZ25pbmcgS2V5IDAwNTEUMBIGCisGAQQBgqJ8AgEMBEM1
+// QTAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARDilLGYqKm1yZH+V63UxNu5K4P
+// 2zqpwWkxQms9CGf5EDrn16G4h+n4E6byb3a7zak1k3h8EneMqPKXXcRaIEL5o2Yw
+// ZDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+// Y38mNK1i6v5q9mLvuW9v0vy//C8wHwYDVR0jBBgwFoAUl+Rp0MUEFMJvxwH3fpR3
+// OQmN9qUwCgYIKoZIzj0EAwIDSAAwRQIhAM1HQpvkHKxLJByWaSYAPRZgh3Bis18W
+// AViq7c/mtzEAAiBZO0lVe6Qo9iQPIBWZaVx/S/YSNO9uKNa/pvFu3V+nIg==
+// -----END CERTIFICATE-----
+//
+constexpr uint8_t gCdSigningKey005PubkeyBytes[65] = {
+    0x04, 0x43, 0x8a, 0x52, 0xc6, 0x62, 0xa2, 0xa6, 0xd7, 0x26, 0x47, 0xf9, 0x5e, 0xb7, 0x53, 0x13, 0x6e,
+    0xe4, 0xae, 0x0f, 0xdb, 0x3a, 0xa9, 0xc1, 0x69, 0x31, 0x42, 0x6b, 0x3d, 0x08, 0x67, 0xf9, 0x10, 0x3a,
+    0xe7, 0xd7, 0xa1, 0xb8, 0x87, 0xe9, 0xf8, 0x13, 0xa6, 0xf2, 0x6f, 0x76, 0xbb, 0xcd, 0xa9, 0x35, 0x93,
+    0x78, 0x7c, 0x12, 0x77, 0x8c, 0xa8, 0xf2, 0x97, 0x5d, 0xc4, 0x5a, 0x20, 0x42, 0xf9
+};
+
+constexpr uint8_t gCdSigningKey005Kid[20] = { 0x63, 0x7F, 0x26, 0x34, 0xAD, 0x62, 0xEA, 0xFE, 0x6A, 0xF6,
+                                              0x62, 0xEF, 0xB9, 0x6F, 0x6F, 0xD2, 0xFC, 0xBF, 0xFC, 0x2F };
+
+struct MatterCDSigningKey
+{
+    const CertificateKeyId mKid;
+    const P256PublicKeySpan mPubkey;
+};
+
+std::array<MatterCDSigningKey, 6> gCdSigningKeys = { {
+    { FixedByteSpan<20>{ gTestCdPubkeyKid }, FixedByteSpan<65>{ gTestCdPubkeyBytes } },
+    { FixedByteSpan<20>{ gCdSigningKey001Kid }, FixedByteSpan<65>{ gCdSigningKey001PubkeyBytes } },
+    { FixedByteSpan<20>{ gCdSigningKey002Kid }, FixedByteSpan<65>{ gCdSigningKey002PubkeyBytes } },
+    { FixedByteSpan<20>{ gCdSigningKey003Kid }, FixedByteSpan<65>{ gCdSigningKey003PubkeyBytes } },
+    { FixedByteSpan<20>{ gCdSigningKey004Kid }, FixedByteSpan<65>{ gCdSigningKey004PubkeyBytes } },
+    { FixedByteSpan<20>{ gCdSigningKey005Kid }, FixedByteSpan<65>{ gCdSigningKey005PubkeyBytes } },
+} };
 
 const ArrayAttestationTrustStore kTestAttestationTrustStore{ &kTestPaaRoots[0], ArraySize(kTestPaaRoots) };
 
@@ -522,11 +637,11 @@ CHIP_ERROR CsaCdKeysTrustStore::AddTrustedKey(const ByteSpan & derCertBytes)
 CHIP_ERROR CsaCdKeysTrustStore::LookupVerifyingKey(const ByteSpan & kid, Crypto::P256PublicKey & outPubKey) const
 {
     // First, search for the well known keys
-    for (size_t keyIdx = 0; keyIdx < gCdKids.size(); keyIdx++)
+    for (size_t keyIdx = 0; keyIdx < gCdSigningKeys.size(); keyIdx++)
     {
-        if (kid.data_equal(gCdKids[keyIdx]))
+        if (kid.data_equal(gCdSigningKeys[keyIdx].mKid))
         {
-            outPubKey = gCdPubkeys[keyIdx];
+            outPubKey = gCdSigningKeys[keyIdx].mPubkey;
             return CHIP_NO_ERROR;
         }
     }
diff --git a/src/credentials/examples/DeviceAttestationCredsExample.cpp b/src/credentials/examples/DeviceAttestationCredsExample.cpp
index fa1213ef294b2a..bd09e11df67623 100644
--- a/src/credentials/examples/DeviceAttestationCredsExample.cpp
+++ b/src/credentials/examples/DeviceAttestationCredsExample.cpp
@@ -72,16 +72,16 @@ CHIP_ERROR ExampleDACProvider::GetCertificationDeclaration(MutableByteSpan & out
     // 0x8048, 0x8049, 0x804A, 0x804B, 0x804C, 0x804D, 0x804E, 0x804F, 0x8050, 0x8051, 0x8052, 0x8053, 0x8054, 0x8055, 0x8056,
     // 0x8057, 0x8058, 0x8059, 0x805A, 0x805B, 0x805C, 0x805D, 0x805E, 0x805F, 0x8060, 0x8061, 0x8062, 0x8063 ]
     //-> device_type_id = 0x0016
-    //-> certificate_id = "CSA00000MAT00000-00"
+    //-> certificate_id = "CSA00000SWC00000-00"
     //-> security_level = 0
     //-> security_information = 0
     //-> version_number = 1
     //-> certification_type = 0
     //-> dac_origin_vendor_id is not present
     //-> dac_origin_product_id is not present
-    const uint8_t kCdForAllExamples[540] = {
-        0x30, 0x82, 0x02, 0x18, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0x09, 0x30,
-        0x82, 0x02, 0x05, 0x02, 0x01, 0x03, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
+    const uint8_t kCdForAllExamples[539] = {
+        0x30, 0x82, 0x02, 0x17, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02, 0xa0, 0x82, 0x02, 0x08, 0x30,
+        0x82, 0x02, 0x04, 0x02, 0x01, 0x03, 0x31, 0x0d, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02,
         0x01, 0x30, 0x82, 0x01, 0x70, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0xa0, 0x82, 0x01, 0x61,
         0x04, 0x82, 0x01, 0x5d, 0x15, 0x24, 0x00, 0x01, 0x25, 0x01, 0xf1, 0xff, 0x36, 0x02, 0x05, 0x00, 0x80, 0x05, 0x01, 0x80,
         0x05, 0x02, 0x80, 0x05, 0x03, 0x80, 0x05, 0x04, 0x80, 0x05, 0x05, 0x80, 0x05, 0x06, 0x80, 0x05, 0x07, 0x80, 0x05, 0x08,
@@ -99,14 +99,14 @@ CHIP_ERROR ExampleDACProvider::GetCertificationDeclaration(MutableByteSpan & out
         0x05, 0x52, 0x80, 0x05, 0x53, 0x80, 0x05, 0x54, 0x80, 0x05, 0x55, 0x80, 0x05, 0x56, 0x80, 0x05, 0x57, 0x80, 0x05, 0x58,
         0x80, 0x05, 0x59, 0x80, 0x05, 0x5a, 0x80, 0x05, 0x5b, 0x80, 0x05, 0x5c, 0x80, 0x05, 0x5d, 0x80, 0x05, 0x5e, 0x80, 0x05,
         0x5f, 0x80, 0x05, 0x60, 0x80, 0x05, 0x61, 0x80, 0x05, 0x62, 0x80, 0x05, 0x63, 0x80, 0x18, 0x24, 0x03, 0x16, 0x2c, 0x04,
-        0x13, 0x43, 0x53, 0x41, 0x30, 0x30, 0x30, 0x30, 0x30, 0x4d, 0x41, 0x54, 0x30, 0x30, 0x30, 0x30, 0x30, 0x2d, 0x30, 0x30,
-        0x24, 0x05, 0x00, 0x24, 0x06, 0x00, 0x24, 0x07, 0x01, 0x24, 0x08, 0x00, 0x18, 0x31, 0x7d, 0x30, 0x7b, 0x02, 0x01, 0x03,
-        0x80, 0x14, 0x83, 0xfa, 0xd7, 0x81, 0xe8, 0x2d, 0x01, 0x8b, 0x4f, 0x14, 0xf0, 0xa1, 0xc7, 0xf6, 0x84, 0x01, 0x8c, 0xc5,
-        0xd1, 0x9f, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a,
-        0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x04, 0x47, 0x30, 0x45, 0x02, 0x20, 0x57, 0xc4, 0xb8, 0x18, 0x3a, 0x93, 0xa6,
-        0xb8, 0xc3, 0x60, 0x3e, 0x77, 0xde, 0x8e, 0xb1, 0x94, 0x8c, 0x9c, 0xc0, 0x50, 0x60, 0xa6, 0x1a, 0xa9, 0xd7, 0x43, 0xeb,
-        0xea, 0xf9, 0x5f, 0x73, 0xc9, 0x02, 0x21, 0x00, 0xa3, 0xd5, 0xa1, 0x1f, 0xb0, 0x71, 0xf2, 0x13, 0xa5, 0xe1, 0x24, 0xed,
-        0xe7, 0xe1, 0xee, 0x16, 0x7e, 0x19, 0xc2, 0x8c, 0x3d, 0xed, 0x98, 0x4c, 0xf1, 0x03, 0x96, 0x48, 0xe8, 0x8c, 0xd8, 0x06
+        0x13, 0x43, 0x53, 0x41, 0x30, 0x30, 0x30, 0x30, 0x30, 0x53, 0x57, 0x43, 0x30, 0x30, 0x30, 0x30, 0x30, 0x2d, 0x30, 0x30,
+        0x24, 0x05, 0x00, 0x24, 0x06, 0x00, 0x24, 0x07, 0x01, 0x24, 0x08, 0x00, 0x18, 0x31, 0x7c, 0x30, 0x7a, 0x02, 0x01, 0x03,
+        0x80, 0x14, 0xfe, 0x34, 0x3f, 0x95, 0x99, 0x47, 0x76, 0x3b, 0x61, 0xee, 0x45, 0x39, 0x13, 0x13, 0x38, 0x49, 0x4f, 0xe6,
+        0x7d, 0x8e, 0x30, 0x0b, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x30, 0x0a, 0x06, 0x08, 0x2a,
+        0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x04, 0x46, 0x30, 0x44, 0x02, 0x20, 0x4a, 0x12, 0xf8, 0xd4, 0x2f, 0x90, 0x23,
+        0x5c, 0x05, 0xa7, 0x71, 0x21, 0xcb, 0xeb, 0xae, 0x15, 0xd5, 0x90, 0x14, 0x65, 0x58, 0xe9, 0xc9, 0xb4, 0x7a, 0x1a, 0x38,
+        0xf7, 0xa3, 0x6a, 0x7d, 0xc5, 0x02, 0x20, 0x20, 0xa4, 0x74, 0x28, 0x97, 0xc3, 0x0a, 0xed, 0xa0, 0xa5, 0x6b, 0x36, 0xe1,
+        0x4e, 0xbb, 0xc8, 0x5b, 0xbd, 0xb7, 0x44, 0x93, 0xf9, 0x93, 0x58, 0x1e, 0xb0, 0x44, 0x4e, 0xd6, 0xca, 0x94, 0x0b
     };
     return CopySpanToMutableSpan(ByteSpan{ kCdForAllExamples }, out_cd_buffer);
 }