Cherry-pick TC-RR-1.1 (and dependencies) in SVE2 branch #22076
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* CertificateAuthority + Manager support in Python This shifts the logic in the existing FabricAdmin that manages a given Root CA to its own CertificateAuthority class. This now permits a more spec-aligned structure that has a CertificateAuthorityManager that manages a set of CertificateAuthority instances, each associated with a single Root PK. Each of those manages a list of FabricAdmins adminstering a fabric within that CA, which in turn manage a list of ChipDeviceController instances within that fabric. These now permit passing in separate PersistentStorage instances so that it is more flexible/easier to sand-box each CA's storage constructs, which makes it easier to integrate with chip-tool's INI files. The PersistentStorage construct has been updated to permit both storage to file as well as just a 'soft' cache. * Review feedback
* Python CAT Value support for Controllers * Review feedback
* Introduce initial TC-RR-1.1 - TC-RR-1.1 is a critical test to validate multi-fabric behavior is stable and actually works. The test, broadly, validates most of the minimas of the core elements of the spec, including ACL entries, certificate sizes, number of CASE sessions and subscriptions, number of paths, etc. Issue project-chip#21736 - This PR introduces the core test and all associated minor changes to infrastructure to make it work. - Still TODO: - More extensive cert size maximization (closer to 400 TLV bytes) - Add controller and commissionee CAT tags (test is 95% equivalent to test plan, but a couple ACL fields differ because of this, in ways that don't detract from proving what needs proving - Validation that local/peer session IDs have not changed. This is not technically needed with the SDK as-is based on the methodology but it would future-proof the test against some future optimizations that may change subscription behavior in a way that the test would not validate CASE sessions remain. - Clean-up more after the test, so that a factory reset before/after is not needed. Testing done: - Passes on Linux against all-clusters, all-clusters-minimal and lighting app, with both minimal mdns and Avahi. - Passes on some other platforms (not named here) To run within SDK (from scratch: the build steps can be skipped thereafter): - In one terminal: - Build chip-lighting-app linux - `clear && rm -f kvs1 && out/debug/standalone/chip-lighting-app --discriminator 1234 --KVS kvs1 --trace_decode 1` - In another terminal: - Build - `rm -rf out/python*` - `scripts/build_python.sh -m platform -i separate` - Run - `source ./out/python_env/bin/activate` - `python3 src/python_testing/TC_RR_1_1.py --commissioning-method on-network --long-discriminator 1234 --passcode 20202021` - Add `--bool-arg skip_user_label_cluster_steps:true` to the end of the command line if your DUT has broken UserLabel clusters (but if you have those, fix them :) * More work towards CAT tags * Address review comments * Fixed CAT tag testing * Update src/controller/python/chip/utils/CommissioningBuildingBlocks.py Co-authored-by: Jerry Johns <[email protected]>
andy31415
approved these changes
Aug 22, 2022
tcarmelveilleux
commented
Aug 22, 2022
| @@ -358,6 +358,12 @@ CHIP_ERROR CHIPCommand::InitializeCommissioner(std::string key, chip::FabricId f | |||
| // store the credentials in persistent storage, and | |||
| // generate when not available in the storage. | |||
| ReturnLogErrorOnFailure(mCommissionerStorage.Init(key.c_str())); | |||
| if (mUseMaxSizedCerts.HasValue()) | |||
There was a problem hiding this comment.
Hold-off on merging this PR until we have tested docker image.
|
PR #22076: Size comparison from 5471b35 to cb23aaa Increases above 0.2%:
Increases (8 builds for bl602, cyw30739, linux, telink)
Full report (43 builds for bl602, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, p6, telink)
|
mrjerryjohns
approved these changes
Aug 23, 2022
|
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
|
No need for this in SVE branch at this time. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
Fixes #21736
Change overview
Testing