[TC-DA-1.3]chip-tool-Device Attestation Request Validation [DUT Commissioner] is not supported

[sumaky]

Problem

1. To validate the device attestation procedure with DUT as commissioner is not supported in CHIP tool
2. Attestation NONCE validation is not supported

Proposed Solution

1. Provision of API's to support device attestation by enabling DUT as commissioner
2. Method to verify DUT generates unique nonce each time
3. API to verify with Crypto_Verify
4. API to confirm Firmware Information data matches an entry in the Distributed Compliance Ledger
   Test Plan Link
   https://github.com/CHIP-Specifications/chip-test-plans/blob/master/src/deviceattestation.adoc

[tcarmelveilleux]

The APIs all exist in the SDK to allow changing the responses during device attestation. The TH apps based on the placeholder app could have a DeviceAttestationCredentialsProvider implementation that has additional hook-ups with the interfaces between Test Harness and placeholder app itself, so that the responses can be varied to trigger different error situations at the commissioner as DUT.

Note that for Commissioner as DUT cases, chip-tool is never involved.

To achieve this testability, the work is entirely done in core SDK from my perspective, and the automation and integration relate to how the TH and DUT are orchestrated by CSG tests.

[vivien-apple]

My understanding of this issue is that we need 2 things:

• Missing app-side tracing already present in chip-tool #16846
• Have a script to decode the payload of the messages that we are interested in

Is there anything else that I missed ?

[woody-apple]

Cert Blocker Review: Assigning to @vivien-apple

[franck-apple]

should be fixed by Vivien's PR #18893. @sumaky can you please verify and close this issue?
Otherwise, please let @vivien-apple know if something is missing.

[vivien-apple]

I would assume that this is done. It I'm wrong please reopen a separate issue with the specific parts that are missing. thanks!