diff --git a/examples/air-purifier-app/air-purifier-common/air-purifier-app.matter b/examples/air-purifier-app/air-purifier-common/air-purifier-app.matter
index 89c64d93c5fcc8..ad7771e53a4821 100644
--- a/examples/air-purifier-app/air-purifier-common/air-purifier-app.matter
+++ b/examples/air-purifier-app/air-purifier-common/air-purifier-app.matter
@@ -1228,12 +1228,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1308,6 +1310,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1324,6 +1343,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/air-quality-sensor-app/air-quality-sensor-common/air-quality-sensor-app.matter b/examples/air-quality-sensor-app/air-quality-sensor-common/air-quality-sensor-app.matter
index aad9aaf08a8c02..1bdcf77bf92869 100644
--- a/examples/air-quality-sensor-app/air-quality-sensor-common/air-quality-sensor-app.matter
+++ b/examples/air-quality-sensor-app/air-quality-sensor-common/air-quality-sensor-app.matter
@@ -1503,12 +1503,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1583,6 +1585,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1599,6 +1618,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter b/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter
index 72bf20161f9aff..34c5d04bbc92a8 100644
--- a/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter
+++ b/examples/all-clusters-app/all-clusters-common/all-clusters-app.matter
@@ -2657,12 +2657,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2737,6 +2739,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2753,6 +2772,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/all-clusters-minimal-app/all-clusters-common/all-clusters-minimal-app.matter b/examples/all-clusters-minimal-app/all-clusters-common/all-clusters-minimal-app.matter
index e7187a5e5f6c77..0bffb25558dd6d 100644
--- a/examples/all-clusters-minimal-app/all-clusters-common/all-clusters-minimal-app.matter
+++ b/examples/all-clusters-minimal-app/all-clusters-common/all-clusters-minimal-app.matter
@@ -2424,12 +2424,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2504,6 +2506,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2520,6 +2539,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/bridge-app/bridge-common/bridge-app.matter b/examples/bridge-app/bridge-common/bridge-app.matter
index f33ce16ab55ae7..0663c6a35ccca3 100644
--- a/examples/bridge-app/bridge-common/bridge-app.matter
+++ b/examples/bridge-app/bridge-common/bridge-app.matter
@@ -1913,12 +1913,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1993,6 +1995,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2009,6 +2028,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/camera-app/camera-common/camera-app.matter b/examples/camera-app/camera-common/camera-app.matter
index 0592f24c669731..c9f84a61375cb7 100644
--- a/examples/camera-app/camera-common/camera-app.matter
+++ b/examples/camera-app/camera-common/camera-app.matter
@@ -1883,12 +1883,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1963,6 +1965,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1979,6 +1998,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/noip_rootnode_dimmablelight_bCwGYSDpoe.matter b/examples/chef/devices/noip_rootnode_dimmablelight_bCwGYSDpoe.matter
index 3708f5f16df630..1d3d3a0e1c12f1 100644
--- a/examples/chef/devices/noip_rootnode_dimmablelight_bCwGYSDpoe.matter
+++ b/examples/chef/devices/noip_rootnode_dimmablelight_bCwGYSDpoe.matter
@@ -1665,12 +1665,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1745,6 +1747,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1761,6 +1780,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_airpurifier_73a6fe2651.matter b/examples/chef/devices/rootnode_airpurifier_73a6fe2651.matter
index e0e14bea72042a..6cdcf7eebf3fae 100644
--- a/examples/chef/devices/rootnode_airpurifier_73a6fe2651.matter
+++ b/examples/chef/devices/rootnode_airpurifier_73a6fe2651.matter
@@ -1337,12 +1337,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1417,6 +1419,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1433,6 +1452,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_airpurifier_airqualitysensor_temperaturesensor_humiditysensor_thermostat_56de3d5f45.matter b/examples/chef/devices/rootnode_airpurifier_airqualitysensor_temperaturesensor_humiditysensor_thermostat_56de3d5f45.matter
index d97bc10741f53d..6972ad9208a39a 100644
--- a/examples/chef/devices/rootnode_airpurifier_airqualitysensor_temperaturesensor_humiditysensor_thermostat_56de3d5f45.matter
+++ b/examples/chef/devices/rootnode_airpurifier_airqualitysensor_temperaturesensor_humiditysensor_thermostat_56de3d5f45.matter
@@ -1151,12 +1151,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1231,6 +1233,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1247,6 +1266,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_airqualitysensor_e63187f6c9.matter b/examples/chef/devices/rootnode_airqualitysensor_e63187f6c9.matter
index b5ead0bc93177c..68f7a47403b839 100644
--- a/examples/chef/devices/rootnode_airqualitysensor_e63187f6c9.matter
+++ b/examples/chef/devices/rootnode_airqualitysensor_e63187f6c9.matter
@@ -1524,12 +1524,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1604,6 +1606,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1620,6 +1639,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_basicvideoplayer_0ff86e943b.matter b/examples/chef/devices/rootnode_basicvideoplayer_0ff86e943b.matter
index 2791456702f419..77bf67dbd57c34 100644
--- a/examples/chef/devices/rootnode_basicvideoplayer_0ff86e943b.matter
+++ b/examples/chef/devices/rootnode_basicvideoplayer_0ff86e943b.matter
@@ -1462,12 +1462,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1542,6 +1544,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1558,6 +1577,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_colortemperaturelight_hbUnzYVeyn.matter b/examples/chef/devices/rootnode_colortemperaturelight_hbUnzYVeyn.matter
index c6d7688cd749ee..5060c56a7aa2f1 100644
--- a/examples/chef/devices/rootnode_colortemperaturelight_hbUnzYVeyn.matter
+++ b/examples/chef/devices/rootnode_colortemperaturelight_hbUnzYVeyn.matter
@@ -1539,12 +1539,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1619,6 +1621,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1635,6 +1654,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_contactsensor_27f76aeaf5.matter b/examples/chef/devices/rootnode_contactsensor_27f76aeaf5.matter
index 387d148dd4c6c3..a81cddf497a3d1 100644
--- a/examples/chef/devices/rootnode_contactsensor_27f76aeaf5.matter
+++ b/examples/chef/devices/rootnode_contactsensor_27f76aeaf5.matter
@@ -1524,12 +1524,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1604,6 +1606,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1620,6 +1639,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_contactsensor_lFAGG1bfRO.matter b/examples/chef/devices/rootnode_contactsensor_lFAGG1bfRO.matter
index 7218e30a773734..b12c00032847ad 100644
--- a/examples/chef/devices/rootnode_contactsensor_lFAGG1bfRO.matter
+++ b/examples/chef/devices/rootnode_contactsensor_lFAGG1bfRO.matter
@@ -1622,12 +1622,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1702,6 +1704,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1718,6 +1737,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_contactsensor_lightsensor_occupancysensor_temperaturesensor_pressuresensor_flowsensor_humiditysensor_airqualitysensor_powersource_367e7cea91.matter b/examples/chef/devices/rootnode_contactsensor_lightsensor_occupancysensor_temperaturesensor_pressuresensor_flowsensor_humiditysensor_airqualitysensor_powersource_367e7cea91.matter
index 2e8cb4fa408227..aa693a15b189a7 100644
--- a/examples/chef/devices/rootnode_contactsensor_lightsensor_occupancysensor_temperaturesensor_pressuresensor_flowsensor_humiditysensor_airqualitysensor_powersource_367e7cea91.matter
+++ b/examples/chef/devices/rootnode_contactsensor_lightsensor_occupancysensor_temperaturesensor_pressuresensor_flowsensor_humiditysensor_airqualitysensor_powersource_367e7cea91.matter
@@ -1408,12 +1408,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1488,6 +1490,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1504,6 +1523,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_dimmablelight_bCwGYSDpoe.matter b/examples/chef/devices/rootnode_dimmablelight_bCwGYSDpoe.matter
index dc1caab13daad9..62ea79ca189dba 100644
--- a/examples/chef/devices/rootnode_dimmablelight_bCwGYSDpoe.matter
+++ b/examples/chef/devices/rootnode_dimmablelight_bCwGYSDpoe.matter
@@ -1560,12 +1560,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1640,6 +1642,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1656,6 +1675,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_dimmablepluginunit_f8a9a0b9d4.matter b/examples/chef/devices/rootnode_dimmablepluginunit_f8a9a0b9d4.matter
index aaa65fd7f84cae..fb89da8108f26a 100644
--- a/examples/chef/devices/rootnode_dimmablepluginunit_f8a9a0b9d4.matter
+++ b/examples/chef/devices/rootnode_dimmablepluginunit_f8a9a0b9d4.matter
@@ -1560,12 +1560,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1640,6 +1642,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1656,6 +1675,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_dishwasher_cc105034fe.matter b/examples/chef/devices/rootnode_dishwasher_cc105034fe.matter
index f98d6437080264..40b1d2e60444d7 100644
--- a/examples/chef/devices/rootnode_dishwasher_cc105034fe.matter
+++ b/examples/chef/devices/rootnode_dishwasher_cc105034fe.matter
@@ -1219,12 +1219,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1299,6 +1301,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1315,6 +1334,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_doorlock_aNKYAreMXE.matter b/examples/chef/devices/rootnode_doorlock_aNKYAreMXE.matter
index 11c9df1bddefd0..75f78a59789147 100644
--- a/examples/chef/devices/rootnode_doorlock_aNKYAreMXE.matter
+++ b/examples/chef/devices/rootnode_doorlock_aNKYAreMXE.matter
@@ -1524,12 +1524,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1604,6 +1606,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1620,6 +1639,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_extendedcolorlight_8lcaaYJVAa.matter b/examples/chef/devices/rootnode_extendedcolorlight_8lcaaYJVAa.matter
index 67fb7e15633326..a00fb1cf21124d 100644
--- a/examples/chef/devices/rootnode_extendedcolorlight_8lcaaYJVAa.matter
+++ b/examples/chef/devices/rootnode_extendedcolorlight_8lcaaYJVAa.matter
@@ -1560,12 +1560,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1640,6 +1642,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1656,6 +1675,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_fan_7N2TobIlOX.matter b/examples/chef/devices/rootnode_fan_7N2TobIlOX.matter
index 06d050dbaf5d5c..cd53027e6c92e6 100644
--- a/examples/chef/devices/rootnode_fan_7N2TobIlOX.matter
+++ b/examples/chef/devices/rootnode_fan_7N2TobIlOX.matter
@@ -1342,12 +1342,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1422,6 +1424,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1438,6 +1457,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_flowsensor_1zVxHedlaV.matter b/examples/chef/devices/rootnode_flowsensor_1zVxHedlaV.matter
index be8c40cd8f1f92..ff5eb4bd9956b8 100644
--- a/examples/chef/devices/rootnode_flowsensor_1zVxHedlaV.matter
+++ b/examples/chef/devices/rootnode_flowsensor_1zVxHedlaV.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_genericswitch_2dfff6e516.matter b/examples/chef/devices/rootnode_genericswitch_2dfff6e516.matter
index 284c95c7da61ff..ce3f2f2fcc6470 100644
--- a/examples/chef/devices/rootnode_genericswitch_2dfff6e516.matter
+++ b/examples/chef/devices/rootnode_genericswitch_2dfff6e516.matter
@@ -1389,12 +1389,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1469,6 +1471,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1485,6 +1504,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_genericswitch_9866e35d0b.matter b/examples/chef/devices/rootnode_genericswitch_9866e35d0b.matter
index 264e0dda4a4437..aa01b0db05195c 100644
--- a/examples/chef/devices/rootnode_genericswitch_9866e35d0b.matter
+++ b/examples/chef/devices/rootnode_genericswitch_9866e35d0b.matter
@@ -1389,12 +1389,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1469,6 +1471,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1485,6 +1504,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_heatingcoolingunit_ncdGai1E5a.matter b/examples/chef/devices/rootnode_heatingcoolingunit_ncdGai1E5a.matter
index 74df51a353eb6a..29ac976ad9b5ae 100644
--- a/examples/chef/devices/rootnode_heatingcoolingunit_ncdGai1E5a.matter
+++ b/examples/chef/devices/rootnode_heatingcoolingunit_ncdGai1E5a.matter
@@ -1560,12 +1560,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1640,6 +1642,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1656,6 +1675,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_heatpump_87ivjRAECh.matter b/examples/chef/devices/rootnode_heatpump_87ivjRAECh.matter
index 1424b6e5c68316..0f1a502da0c5e7 100644
--- a/examples/chef/devices/rootnode_heatpump_87ivjRAECh.matter
+++ b/examples/chef/devices/rootnode_heatpump_87ivjRAECh.matter
@@ -1350,12 +1350,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1430,6 +1432,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1446,6 +1465,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_humiditysensor_Xyj4gda6Hb.matter b/examples/chef/devices/rootnode_humiditysensor_Xyj4gda6Hb.matter
index f9d843310cf98d..3137d781599f80 100644
--- a/examples/chef/devices/rootnode_humiditysensor_Xyj4gda6Hb.matter
+++ b/examples/chef/devices/rootnode_humiditysensor_Xyj4gda6Hb.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_laundrydryer_01796fe396.matter b/examples/chef/devices/rootnode_laundrydryer_01796fe396.matter
index 9b7d8b8d0e3fe1..49e9a62c2133d5 100644
--- a/examples/chef/devices/rootnode_laundrydryer_01796fe396.matter
+++ b/examples/chef/devices/rootnode_laundrydryer_01796fe396.matter
@@ -1219,12 +1219,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1299,6 +1301,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1315,6 +1334,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_laundrywasher_fb10d238c8.matter b/examples/chef/devices/rootnode_laundrywasher_fb10d238c8.matter
index 859cc006e54c71..0272b243da88ea 100644
--- a/examples/chef/devices/rootnode_laundrywasher_fb10d238c8.matter
+++ b/examples/chef/devices/rootnode_laundrywasher_fb10d238c8.matter
@@ -1152,12 +1152,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1232,6 +1234,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1248,6 +1267,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_lightsensor_lZQycTFcJK.matter b/examples/chef/devices/rootnode_lightsensor_lZQycTFcJK.matter
index 19df33a826bcdb..649b6e1348c740 100644
--- a/examples/chef/devices/rootnode_lightsensor_lZQycTFcJK.matter
+++ b/examples/chef/devices/rootnode_lightsensor_lZQycTFcJK.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_occupancysensor_iHyVgifZuo.matter b/examples/chef/devices/rootnode_occupancysensor_iHyVgifZuo.matter
index 33430b65a52db5..f488960339c933 100644
--- a/examples/chef/devices/rootnode_occupancysensor_iHyVgifZuo.matter
+++ b/examples/chef/devices/rootnode_occupancysensor_iHyVgifZuo.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_onofflight_bbs1b7IaOV.matter b/examples/chef/devices/rootnode_onofflight_bbs1b7IaOV.matter
index 8e51da93a88ba4..b5869fc53eb40f 100644
--- a/examples/chef/devices/rootnode_onofflight_bbs1b7IaOV.matter
+++ b/examples/chef/devices/rootnode_onofflight_bbs1b7IaOV.matter
@@ -1560,12 +1560,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1640,6 +1642,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1656,6 +1675,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_onofflight_samplemei.matter b/examples/chef/devices/rootnode_onofflight_samplemei.matter
index c9eefc528cfc02..21963e81a3bb11 100644
--- a/examples/chef/devices/rootnode_onofflight_samplemei.matter
+++ b/examples/chef/devices/rootnode_onofflight_samplemei.matter
@@ -1560,12 +1560,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1640,6 +1642,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1656,6 +1675,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_onofflightswitch_FsPlMr090Q.matter b/examples/chef/devices/rootnode_onofflightswitch_FsPlMr090Q.matter
index ec32c8fd55d42c..aa85e87ed8abe2 100644
--- a/examples/chef/devices/rootnode_onofflightswitch_FsPlMr090Q.matter
+++ b/examples/chef/devices/rootnode_onofflightswitch_FsPlMr090Q.matter
@@ -1435,12 +1435,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1515,6 +1517,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1531,6 +1550,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_onoffpluginunit_Wtf8ss5EBY.matter b/examples/chef/devices/rootnode_onoffpluginunit_Wtf8ss5EBY.matter
index 04a03a890ee85a..8f8d48dc8e139c 100644
--- a/examples/chef/devices/rootnode_onoffpluginunit_Wtf8ss5EBY.matter
+++ b/examples/chef/devices/rootnode_onoffpluginunit_Wtf8ss5EBY.matter
@@ -1435,12 +1435,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1515,6 +1517,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1531,6 +1550,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_pressuresensor_s0qC9wLH4k.matter b/examples/chef/devices/rootnode_pressuresensor_s0qC9wLH4k.matter
index 2fc51aa6d2d3e9..4a6257ad02f377 100644
--- a/examples/chef/devices/rootnode_pressuresensor_s0qC9wLH4k.matter
+++ b/examples/chef/devices/rootnode_pressuresensor_s0qC9wLH4k.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_pump_5f904818cc.matter b/examples/chef/devices/rootnode_pump_5f904818cc.matter
index 3b84270148a793..c33f70e684c356 100644
--- a/examples/chef/devices/rootnode_pump_5f904818cc.matter
+++ b/examples/chef/devices/rootnode_pump_5f904818cc.matter
@@ -1125,12 +1125,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1205,6 +1207,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1221,6 +1240,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_pump_a811bb33a0.matter b/examples/chef/devices/rootnode_pump_a811bb33a0.matter
index 02e9e66ca71ab2..7f3eca45b17441 100644
--- a/examples/chef/devices/rootnode_pump_a811bb33a0.matter
+++ b/examples/chef/devices/rootnode_pump_a811bb33a0.matter
@@ -1125,12 +1125,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1205,6 +1207,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1221,6 +1240,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_rainsensor_a7aa5d7738.matter b/examples/chef/devices/rootnode_rainsensor_a7aa5d7738.matter
index f4677e73306f05..1ff0f0572e8341 100644
--- a/examples/chef/devices/rootnode_rainsensor_a7aa5d7738.matter
+++ b/examples/chef/devices/rootnode_rainsensor_a7aa5d7738.matter
@@ -1333,12 +1333,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1413,6 +1415,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1429,6 +1448,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_refrigerator_temperaturecontrolledcabinet_temperaturecontrolledcabinet_ffdb696680.matter b/examples/chef/devices/rootnode_refrigerator_temperaturecontrolledcabinet_temperaturecontrolledcabinet_ffdb696680.matter
index 9bb5cc3e5446ec..95257480b57b06 100644
--- a/examples/chef/devices/rootnode_refrigerator_temperaturecontrolledcabinet_temperaturecontrolledcabinet_ffdb696680.matter
+++ b/examples/chef/devices/rootnode_refrigerator_temperaturecontrolledcabinet_temperaturecontrolledcabinet_ffdb696680.matter
@@ -1080,12 +1080,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1160,6 +1162,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1176,6 +1195,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_roboticvacuumcleaner_1807ff0c49.matter b/examples/chef/devices/rootnode_roboticvacuumcleaner_1807ff0c49.matter
index 0707bf56091801..5e99cb764505e6 100644
--- a/examples/chef/devices/rootnode_roboticvacuumcleaner_1807ff0c49.matter
+++ b/examples/chef/devices/rootnode_roboticvacuumcleaner_1807ff0c49.matter
@@ -1410,12 +1410,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1490,6 +1492,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1506,6 +1525,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_roomairconditioner_9cf3607804.matter b/examples/chef/devices/rootnode_roomairconditioner_9cf3607804.matter
index 4beb90738f307d..3e5faa36615ec3 100644
--- a/examples/chef/devices/rootnode_roomairconditioner_9cf3607804.matter
+++ b/examples/chef/devices/rootnode_roomairconditioner_9cf3607804.matter
@@ -1223,12 +1223,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1303,6 +1305,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1319,6 +1338,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_smokecoalarm_686fe0dcb8.matter b/examples/chef/devices/rootnode_smokecoalarm_686fe0dcb8.matter
index 4f9b45792ad70f..ceef32de847f63 100644
--- a/examples/chef/devices/rootnode_smokecoalarm_686fe0dcb8.matter
+++ b/examples/chef/devices/rootnode_smokecoalarm_686fe0dcb8.matter
@@ -1410,12 +1410,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1490,6 +1492,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1506,6 +1525,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_speaker_RpzeXdimqA.matter b/examples/chef/devices/rootnode_speaker_RpzeXdimqA.matter
index 4a84aafc9526d8..a7c03f3acfbeea 100644
--- a/examples/chef/devices/rootnode_speaker_RpzeXdimqA.matter
+++ b/examples/chef/devices/rootnode_speaker_RpzeXdimqA.matter
@@ -1483,12 +1483,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1563,6 +1565,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1579,6 +1598,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_temperaturesensor_Qy1zkNW7c3.matter b/examples/chef/devices/rootnode_temperaturesensor_Qy1zkNW7c3.matter
index 74466e8f88f617..ca6ee8e778eda6 100644
--- a/examples/chef/devices/rootnode_temperaturesensor_Qy1zkNW7c3.matter
+++ b/examples/chef/devices/rootnode_temperaturesensor_Qy1zkNW7c3.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_thermostat_bm3fb8dhYi.matter b/examples/chef/devices/rootnode_thermostat_bm3fb8dhYi.matter
index 0b130ba09bed7c..b7e3072ee356fd 100644
--- a/examples/chef/devices/rootnode_thermostat_bm3fb8dhYi.matter
+++ b/examples/chef/devices/rootnode_thermostat_bm3fb8dhYi.matter
@@ -1424,12 +1424,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1504,6 +1506,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1520,6 +1539,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_waterfreezedetector_dd94a13a16.matter b/examples/chef/devices/rootnode_waterfreezedetector_dd94a13a16.matter
index eb45f311cece37..910a50682a3f7f 100644
--- a/examples/chef/devices/rootnode_waterfreezedetector_dd94a13a16.matter
+++ b/examples/chef/devices/rootnode_waterfreezedetector_dd94a13a16.matter
@@ -1333,12 +1333,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1413,6 +1415,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1429,6 +1448,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_waterleakdetector_0b067acfa3.matter b/examples/chef/devices/rootnode_waterleakdetector_0b067acfa3.matter
index 951bd8e49c7c92..ff94acc11cd01c 100644
--- a/examples/chef/devices/rootnode_waterleakdetector_0b067acfa3.matter
+++ b/examples/chef/devices/rootnode_waterleakdetector_0b067acfa3.matter
@@ -1410,12 +1410,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1490,6 +1492,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1506,6 +1525,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_watervalve_6bb39f1f67.matter b/examples/chef/devices/rootnode_watervalve_6bb39f1f67.matter
index 4fd15cc54d26ab..0a3e9b01a2f6b0 100644
--- a/examples/chef/devices/rootnode_watervalve_6bb39f1f67.matter
+++ b/examples/chef/devices/rootnode_watervalve_6bb39f1f67.matter
@@ -1350,12 +1350,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1430,6 +1432,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1446,6 +1465,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/chef/devices/rootnode_windowcovering_RLCxaGi9Yx.matter b/examples/chef/devices/rootnode_windowcovering_RLCxaGi9Yx.matter
index 204d5974911184..7302d71d92f595 100644
--- a/examples/chef/devices/rootnode_windowcovering_RLCxaGi9Yx.matter
+++ b/examples/chef/devices/rootnode_windowcovering_RLCxaGi9Yx.matter
@@ -1363,12 +1363,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1443,6 +1445,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1459,6 +1478,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/contact-sensor-app/bouffalolab/data_model/contact-sensor-app.matter b/examples/contact-sensor-app/bouffalolab/data_model/contact-sensor-app.matter
index e746c4293ed82b..ed88efd02a8772 100644
--- a/examples/contact-sensor-app/bouffalolab/data_model/contact-sensor-app.matter
+++ b/examples/contact-sensor-app/bouffalolab/data_model/contact-sensor-app.matter
@@ -1525,12 +1525,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1605,6 +1607,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1621,6 +1640,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/contact-sensor-app/contact-sensor-common/contact-sensor-app.matter b/examples/contact-sensor-app/contact-sensor-common/contact-sensor-app.matter
index ccf3fbd10e723e..512f8ece39fb5c 100644
--- a/examples/contact-sensor-app/contact-sensor-common/contact-sensor-app.matter
+++ b/examples/contact-sensor-app/contact-sensor-common/contact-sensor-app.matter
@@ -1627,12 +1627,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1707,6 +1709,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1723,6 +1742,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter b/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter
index 6762116c46c720..e006924078cf26 100644
--- a/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter
+++ b/examples/contact-sensor-app/nxp/zap-lit/contact-sensor-app.matter
@@ -1431,12 +1431,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1511,6 +1513,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1527,6 +1546,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter b/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter
index c882626f13b96f..cc2e0e8ecab5d6 100644
--- a/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter
+++ b/examples/contact-sensor-app/nxp/zap-sit/contact-sensor-app.matter
@@ -1431,12 +1431,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1511,6 +1513,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1527,6 +1546,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/dishwasher-app/dishwasher-common/dishwasher-app.matter b/examples/dishwasher-app/dishwasher-common/dishwasher-app.matter
index 69152058d55d6a..a499ed96e0fbd0 100644
--- a/examples/dishwasher-app/dishwasher-common/dishwasher-app.matter
+++ b/examples/dishwasher-app/dishwasher-common/dishwasher-app.matter
@@ -1228,12 +1228,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1308,6 +1310,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1324,6 +1343,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/dishwasher-app/silabs/data_model/dishwasher-thread-app.matter b/examples/dishwasher-app/silabs/data_model/dishwasher-thread-app.matter
index 727f8bdfbb5639..0606fd0dae65f2 100644
--- a/examples/dishwasher-app/silabs/data_model/dishwasher-thread-app.matter
+++ b/examples/dishwasher-app/silabs/data_model/dishwasher-thread-app.matter
@@ -1539,12 +1539,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1619,6 +1621,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1635,6 +1654,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/dishwasher-app/silabs/data_model/dishwasher-wifi-app.matter b/examples/dishwasher-app/silabs/data_model/dishwasher-wifi-app.matter
index f0fbfba4bee8fe..9c4c383815af94 100644
--- a/examples/dishwasher-app/silabs/data_model/dishwasher-wifi-app.matter
+++ b/examples/dishwasher-app/silabs/data_model/dishwasher-wifi-app.matter
@@ -1450,12 +1450,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1530,6 +1532,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1546,6 +1565,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/energy-management-app/energy-management-common/energy-management-app.matter b/examples/energy-management-app/energy-management-common/energy-management-app.matter
index 19b1517be746c8..a5e5d8e1364d39 100644
--- a/examples/energy-management-app/energy-management-common/energy-management-app.matter
+++ b/examples/energy-management-app/energy-management-common/energy-management-app.matter
@@ -1527,12 +1527,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1607,6 +1609,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1623,6 +1642,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/fabric-bridge-app/fabric-bridge-common/fabric-bridge-app.matter b/examples/fabric-bridge-app/fabric-bridge-common/fabric-bridge-app.matter
index 53c3b3363b5024..c108c8b099d831 100644
--- a/examples/fabric-bridge-app/fabric-bridge-common/fabric-bridge-app.matter
+++ b/examples/fabric-bridge-app/fabric-bridge-common/fabric-bridge-app.matter
@@ -1521,12 +1521,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1601,6 +1603,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1617,6 +1636,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/fabric-sync/bridge/fabric-bridge.matter b/examples/fabric-sync/bridge/fabric-bridge.matter
index 53c3b3363b5024..c108c8b099d831 100644
--- a/examples/fabric-sync/bridge/fabric-bridge.matter
+++ b/examples/fabric-sync/bridge/fabric-bridge.matter
@@ -1521,12 +1521,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1601,6 +1603,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1617,6 +1636,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/laundry-washer-app/nxp/zap/laundry-washer-app.matter b/examples/laundry-washer-app/nxp/zap/laundry-washer-app.matter
index cd68deef8cb20d..4916cd5ef58970 100644
--- a/examples/laundry-washer-app/nxp/zap/laundry-washer-app.matter
+++ b/examples/laundry-washer-app/nxp/zap/laundry-washer-app.matter
@@ -1555,12 +1555,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1635,6 +1637,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1651,6 +1670,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/light-switch-app/light-switch-common/icd-lit-light-switch-app.matter b/examples/light-switch-app/light-switch-common/icd-lit-light-switch-app.matter
index 502636a904e60a..dc4a474f6eb3d3 100644
--- a/examples/light-switch-app/light-switch-common/icd-lit-light-switch-app.matter
+++ b/examples/light-switch-app/light-switch-common/icd-lit-light-switch-app.matter
@@ -1974,12 +1974,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2054,6 +2056,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2070,6 +2089,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/light-switch-app/light-switch-common/light-switch-app.matter b/examples/light-switch-app/light-switch-common/light-switch-app.matter
index fff39097bf0039..dc7d42bdc6ae3e 100644
--- a/examples/light-switch-app/light-switch-common/light-switch-app.matter
+++ b/examples/light-switch-app/light-switch-common/light-switch-app.matter
@@ -1974,12 +1974,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2054,6 +2056,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2070,6 +2089,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/light-switch-app/qpg/zap/switch.matter b/examples/light-switch-app/qpg/zap/switch.matter
index bb2cbe0082477b..3f89dbd48a42ae 100644
--- a/examples/light-switch-app/qpg/zap/switch.matter
+++ b/examples/light-switch-app/qpg/zap/switch.matter
@@ -2091,12 +2091,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2171,6 +2173,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2187,6 +2206,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app-data-mode-no-unique-id/lighting-common/lighting-app.matter b/examples/lighting-app-data-mode-no-unique-id/lighting-common/lighting-app.matter
index ac236688cb6029..5a30af3fcc238d 100644
--- a/examples/lighting-app-data-mode-no-unique-id/lighting-common/lighting-app.matter
+++ b/examples/lighting-app-data-mode-no-unique-id/lighting-common/lighting-app.matter
@@ -1880,12 +1880,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1960,6 +1962,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1976,6 +1995,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/bouffalolab/data_model/lighting-app-ethernet.matter b/examples/lighting-app/bouffalolab/data_model/lighting-app-ethernet.matter
index cd5c6fc7810640..b6a9ac3745136b 100644
--- a/examples/lighting-app/bouffalolab/data_model/lighting-app-ethernet.matter
+++ b/examples/lighting-app/bouffalolab/data_model/lighting-app-ethernet.matter
@@ -1581,12 +1581,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1661,6 +1663,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1677,6 +1696,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/bouffalolab/data_model/lighting-app-thread.matter b/examples/lighting-app/bouffalolab/data_model/lighting-app-thread.matter
index 888565b8e75008..dc6874fbf025a4 100644
--- a/examples/lighting-app/bouffalolab/data_model/lighting-app-thread.matter
+++ b/examples/lighting-app/bouffalolab/data_model/lighting-app-thread.matter
@@ -1705,12 +1705,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1785,6 +1787,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1801,6 +1820,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/bouffalolab/data_model/lighting-app-wifi.matter b/examples/lighting-app/bouffalolab/data_model/lighting-app-wifi.matter
index 13da89122009a6..0ef081c8a5a944 100644
--- a/examples/lighting-app/bouffalolab/data_model/lighting-app-wifi.matter
+++ b/examples/lighting-app/bouffalolab/data_model/lighting-app-wifi.matter
@@ -1616,12 +1616,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1696,6 +1698,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1712,6 +1731,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/lighting-common/lighting-app.matter b/examples/lighting-app/lighting-common/lighting-app.matter
index 3b2dde41a7e2e2..c60699d846ae39 100644
--- a/examples/lighting-app/lighting-common/lighting-app.matter
+++ b/examples/lighting-app/lighting-common/lighting-app.matter
@@ -1841,12 +1841,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1921,6 +1923,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1937,6 +1956,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/nxp/zap/lighting-on-off.matter b/examples/lighting-app/nxp/zap/lighting-on-off.matter
index b46592166c1a29..b9ddd61f52708b 100644
--- a/examples/lighting-app/nxp/zap/lighting-on-off.matter
+++ b/examples/lighting-app/nxp/zap/lighting-on-off.matter
@@ -1658,12 +1658,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1738,6 +1740,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1754,6 +1773,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/qpg/zap/light.matter b/examples/lighting-app/qpg/zap/light.matter
index 9e96a8eefb6840..cbb7aeea2194bc 100644
--- a/examples/lighting-app/qpg/zap/light.matter
+++ b/examples/lighting-app/qpg/zap/light.matter
@@ -1705,12 +1705,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1785,6 +1787,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1801,6 +1820,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/silabs/data_model/lighting-thread-app.matter b/examples/lighting-app/silabs/data_model/lighting-thread-app.matter
index 2a163472d76d96..cacaff24cbba8f 100644
--- a/examples/lighting-app/silabs/data_model/lighting-thread-app.matter
+++ b/examples/lighting-app/silabs/data_model/lighting-thread-app.matter
@@ -1621,12 +1621,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1701,6 +1703,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1717,6 +1736,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lighting-app/silabs/data_model/lighting-wifi-app.matter b/examples/lighting-app/silabs/data_model/lighting-wifi-app.matter
index edb049d5440844..7c9cc1f2d40e6a 100644
--- a/examples/lighting-app/silabs/data_model/lighting-wifi-app.matter
+++ b/examples/lighting-app/silabs/data_model/lighting-wifi-app.matter
@@ -1875,12 +1875,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1955,6 +1957,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1971,6 +1990,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lit-icd-app/lit-icd-common/lit-icd-server-app.matter b/examples/lit-icd-app/lit-icd-common/lit-icd-server-app.matter
index abe527da52d6bc..642406f5552c1f 100644
--- a/examples/lit-icd-app/lit-icd-common/lit-icd-server-app.matter
+++ b/examples/lit-icd-app/lit-icd-common/lit-icd-server-app.matter
@@ -1492,12 +1492,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1572,6 +1574,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1588,6 +1607,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lock-app/lock-common/lock-app.matter b/examples/lock-app/lock-common/lock-app.matter
index c604704bbcedab..8b4f2246f414b5 100644
--- a/examples/lock-app/lock-common/lock-app.matter
+++ b/examples/lock-app/lock-common/lock-app.matter
@@ -1835,12 +1835,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1915,6 +1917,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1931,6 +1950,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lock-app/nxp/zap/lock-app.matter b/examples/lock-app/nxp/zap/lock-app.matter
index 40ce2f9aa11bf1..75d0264b1d8562 100644
--- a/examples/lock-app/nxp/zap/lock-app.matter
+++ b/examples/lock-app/nxp/zap/lock-app.matter
@@ -1448,12 +1448,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1528,6 +1530,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1544,6 +1563,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lock-app/qpg/zap/lock.matter b/examples/lock-app/qpg/zap/lock.matter
index 04ad01e69822f9..514542a316366c 100644
--- a/examples/lock-app/qpg/zap/lock.matter
+++ b/examples/lock-app/qpg/zap/lock.matter
@@ -1508,12 +1508,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1588,6 +1590,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1604,6 +1623,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/lock-app/silabs/data_model/lock-app.matter b/examples/lock-app/silabs/data_model/lock-app.matter
index d953d92f62cb61..b046f0ff49fc14 100644
--- a/examples/lock-app/silabs/data_model/lock-app.matter
+++ b/examples/lock-app/silabs/data_model/lock-app.matter
@@ -1835,12 +1835,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1915,6 +1917,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1931,6 +1950,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/log-source-app/log-source-common/log-source-app.matter b/examples/log-source-app/log-source-common/log-source-app.matter
index 4fb8d8d3773999..72110aafcd01b4 100644
--- a/examples/log-source-app/log-source-common/log-source-app.matter
+++ b/examples/log-source-app/log-source-common/log-source-app.matter
@@ -713,12 +713,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -793,6 +795,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -809,6 +828,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
endpoint 0 {
diff --git a/examples/microwave-oven-app/microwave-oven-common/microwave-oven-app.matter b/examples/microwave-oven-app/microwave-oven-common/microwave-oven-app.matter
index d92b50f80e95f4..b8a5570d96d4ec 100644
--- a/examples/microwave-oven-app/microwave-oven-common/microwave-oven-app.matter
+++ b/examples/microwave-oven-app/microwave-oven-common/microwave-oven-app.matter
@@ -1148,12 +1148,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1228,6 +1230,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1244,6 +1263,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/network-manager-app/network-manager-common/network-manager-app.matter b/examples/network-manager-app/network-manager-common/network-manager-app.matter
index c9fbb02c983809..a1c362817b4e4d 100644
--- a/examples/network-manager-app/network-manager-common/network-manager-app.matter
+++ b/examples/network-manager-app/network-manager-common/network-manager-app.matter
@@ -1262,12 +1262,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1342,6 +1344,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1358,6 +1377,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter b/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter
index 9319ae5a28f251..4b0b2997c2b261 100644
--- a/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter
+++ b/examples/ota-provider-app/ota-provider-common/ota-provider-app.matter
@@ -1178,12 +1178,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1258,6 +1260,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1274,6 +1293,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter b/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter
index 141ec10b71317f..95a8757cf8de5b 100644
--- a/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter
+++ b/examples/ota-requestor-app/ota-requestor-common/ota-requestor-app.matter
@@ -1330,12 +1330,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1410,6 +1412,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1426,6 +1445,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/placeholder/linux/apps/app1/config.matter b/examples/placeholder/linux/apps/app1/config.matter
index 3d67d53abadfd3..7286c5fd41f83d 100644
--- a/examples/placeholder/linux/apps/app1/config.matter
+++ b/examples/placeholder/linux/apps/app1/config.matter
@@ -2906,12 +2906,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2986,6 +2988,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -3002,6 +3021,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** This cluster is used to add or remove Operational Credentials on a Commissionee or Node, as well as manage the associated Fabrics. */
@@ -3032,12 +3055,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -3112,6 +3137,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -3128,6 +3170,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/placeholder/linux/apps/app2/config.matter b/examples/placeholder/linux/apps/app2/config.matter
index 73581df42bc8b2..d06ccd4d1dfe94 100644
--- a/examples/placeholder/linux/apps/app2/config.matter
+++ b/examples/placeholder/linux/apps/app2/config.matter
@@ -2863,12 +2863,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2943,6 +2945,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2959,6 +2978,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** This cluster is used to add or remove Operational Credentials on a Commissionee or Node, as well as manage the associated Fabrics. */
@@ -2989,12 +3012,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -3069,6 +3094,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -3085,6 +3127,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/pump-app/pump-common/pump-app.matter b/examples/pump-app/pump-common/pump-app.matter
index 92b5e7d4dccac9..42714e7c00ac50 100644
--- a/examples/pump-app/pump-common/pump-app.matter
+++ b/examples/pump-app/pump-common/pump-app.matter
@@ -1565,12 +1565,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1645,6 +1647,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1661,6 +1680,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/pump-app/silabs/data_model/pump-thread-app.matter b/examples/pump-app/silabs/data_model/pump-thread-app.matter
index 503eb564a694a5..b498bc053551ee 100644
--- a/examples/pump-app/silabs/data_model/pump-thread-app.matter
+++ b/examples/pump-app/silabs/data_model/pump-thread-app.matter
@@ -1565,12 +1565,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1645,6 +1647,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1661,6 +1680,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/pump-app/silabs/data_model/pump-wifi-app.matter b/examples/pump-app/silabs/data_model/pump-wifi-app.matter
index 503eb564a694a5..b498bc053551ee 100644
--- a/examples/pump-app/silabs/data_model/pump-wifi-app.matter
+++ b/examples/pump-app/silabs/data_model/pump-wifi-app.matter
@@ -1565,12 +1565,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1645,6 +1647,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1661,6 +1680,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter b/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter
index 8434b069971ae4..b702b5e4213fec 100644
--- a/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter
+++ b/examples/pump-controller-app/pump-controller-common/pump-controller-app.matter
@@ -1440,12 +1440,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1520,6 +1522,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1536,6 +1555,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/refrigerator-app/refrigerator-common/refrigerator-app.matter b/examples/refrigerator-app/refrigerator-common/refrigerator-app.matter
index 6d09035b049de8..2f772f7f80cb89 100644
--- a/examples/refrigerator-app/refrigerator-common/refrigerator-app.matter
+++ b/examples/refrigerator-app/refrigerator-common/refrigerator-app.matter
@@ -1080,12 +1080,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1160,6 +1162,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1176,6 +1195,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/refrigerator-app/silabs/data_model/refrigerator-thread-app.matter b/examples/refrigerator-app/silabs/data_model/refrigerator-thread-app.matter
index c8fa6629d9978d..a6eeee7e8f2710 100644
--- a/examples/refrigerator-app/silabs/data_model/refrigerator-thread-app.matter
+++ b/examples/refrigerator-app/silabs/data_model/refrigerator-thread-app.matter
@@ -1419,12 +1419,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1499,6 +1501,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1515,6 +1534,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/refrigerator-app/silabs/data_model/refrigerator-wifi-app.matter b/examples/refrigerator-app/silabs/data_model/refrigerator-wifi-app.matter
index 3c871bb6d93d19..717cada95dc215 100644
--- a/examples/refrigerator-app/silabs/data_model/refrigerator-wifi-app.matter
+++ b/examples/refrigerator-app/silabs/data_model/refrigerator-wifi-app.matter
@@ -1330,12 +1330,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1410,6 +1412,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1426,6 +1445,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/rvc-app/rvc-common/rvc-app.matter b/examples/rvc-app/rvc-common/rvc-app.matter
index c826cf0b1d6fc6..45a047db96da5b 100644
--- a/examples/rvc-app/rvc-common/rvc-app.matter
+++ b/examples/rvc-app/rvc-common/rvc-app.matter
@@ -1074,12 +1074,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1154,6 +1156,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1170,6 +1189,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/smoke-co-alarm-app/smoke-co-alarm-common/smoke-co-alarm-app.matter b/examples/smoke-co-alarm-app/smoke-co-alarm-common/smoke-co-alarm-app.matter
index 0bf2d1ca1c1c61..42590b6289dd42 100644
--- a/examples/smoke-co-alarm-app/smoke-co-alarm-common/smoke-co-alarm-app.matter
+++ b/examples/smoke-co-alarm-app/smoke-co-alarm-common/smoke-co-alarm-app.matter
@@ -1767,12 +1767,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1847,6 +1849,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1863,6 +1882,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/temperature-measurement-app/temperature-measurement-common/temperature-measurement.matter b/examples/temperature-measurement-app/temperature-measurement-common/temperature-measurement.matter
index 44828bad252a76..d6a82c11b9847d 100644
--- a/examples/temperature-measurement-app/temperature-measurement-common/temperature-measurement.matter
+++ b/examples/temperature-measurement-app/temperature-measurement-common/temperature-measurement.matter
@@ -1360,12 +1360,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1440,6 +1442,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1456,6 +1475,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/terms-and-conditions-app/terms-and-conditions-common/terms-and-conditions-app.matter b/examples/terms-and-conditions-app/terms-and-conditions-common/terms-and-conditions-app.matter
index 78d60f2bc15404..b6b9da603bba47 100644
--- a/examples/terms-and-conditions-app/terms-and-conditions-common/terms-and-conditions-app.matter
+++ b/examples/terms-and-conditions-app/terms-and-conditions-common/terms-and-conditions-app.matter
@@ -1176,12 +1176,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1256,6 +1258,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1272,6 +1291,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/thermostat/nxp/zap/thermostat_matter_br.matter b/examples/thermostat/nxp/zap/thermostat_matter_br.matter
index 2facf0aae2387c..df6179a33c3813 100644
--- a/examples/thermostat/nxp/zap/thermostat_matter_br.matter
+++ b/examples/thermostat/nxp/zap/thermostat_matter_br.matter
@@ -1508,12 +1508,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1588,6 +1590,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1604,6 +1623,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/thermostat/nxp/zap/thermostat_matter_thread.matter b/examples/thermostat/nxp/zap/thermostat_matter_thread.matter
index 730ed8ffab9a33..082a05a80905c5 100644
--- a/examples/thermostat/nxp/zap/thermostat_matter_thread.matter
+++ b/examples/thermostat/nxp/zap/thermostat_matter_thread.matter
@@ -1431,12 +1431,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1511,6 +1513,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1527,6 +1546,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/thermostat/nxp/zap/thermostat_matter_wifi.matter b/examples/thermostat/nxp/zap/thermostat_matter_wifi.matter
index 50e24d2fa7303f..219be740e185b3 100644
--- a/examples/thermostat/nxp/zap/thermostat_matter_wifi.matter
+++ b/examples/thermostat/nxp/zap/thermostat_matter_wifi.matter
@@ -1342,12 +1342,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1422,6 +1424,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1438,6 +1457,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/thermostat/qpg/zap/thermostaticRadiatorValve.matter b/examples/thermostat/qpg/zap/thermostaticRadiatorValve.matter
index 1f698fd85310e2..0815e0ea559f55 100644
--- a/examples/thermostat/qpg/zap/thermostaticRadiatorValve.matter
+++ b/examples/thermostat/qpg/zap/thermostaticRadiatorValve.matter
@@ -1605,12 +1605,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1685,6 +1687,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1701,6 +1720,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/thermostat/thermostat-common/thermostat.matter b/examples/thermostat/thermostat-common/thermostat.matter
index e80ed1ee9a8f92..68cc219b8a2244 100644
--- a/examples/thermostat/thermostat-common/thermostat.matter
+++ b/examples/thermostat/thermostat-common/thermostat.matter
@@ -1785,12 +1785,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1865,6 +1867,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1881,6 +1900,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/thread-br-app/thread-br-common/thread-br-app.matter b/examples/thread-br-app/thread-br-common/thread-br-app.matter
index 06e5778747b0ea..1c692284df0d74 100644
--- a/examples/thread-br-app/thread-br-common/thread-br-app.matter
+++ b/examples/thread-br-app/thread-br-common/thread-br-app.matter
@@ -1143,12 +1143,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1223,6 +1225,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1239,6 +1258,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/tv-app/tv-common/tv-app.matter b/examples/tv-app/tv-common/tv-app.matter
index ba6b776619d7b4..94bce5db08efd6 100644
--- a/examples/tv-app/tv-common/tv-app.matter
+++ b/examples/tv-app/tv-common/tv-app.matter
@@ -2020,12 +2020,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2100,6 +2102,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2116,6 +2135,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** This cluster is used to add or remove Operational Credentials on a Commissionee or Node, as well as manage the associated Fabrics. */
@@ -2146,12 +2169,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2226,6 +2251,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2242,6 +2284,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter b/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter
index 7654b66be372db..4f96676e05997d 100644
--- a/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter
+++ b/examples/tv-casting-app/tv-casting-common/tv-casting-app.matter
@@ -1598,12 +1598,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1678,6 +1680,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1694,6 +1713,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/virtual-device-app/virtual-device-common/virtual-device-app.matter b/examples/virtual-device-app/virtual-device-common/virtual-device-app.matter
index 39ba8c628eae13..abfa1d86518787 100644
--- a/examples/virtual-device-app/virtual-device-common/virtual-device-app.matter
+++ b/examples/virtual-device-app/virtual-device-common/virtual-device-app.matter
@@ -1988,12 +1988,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -2068,6 +2070,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -2084,6 +2103,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/water-leak-detector-app/water-leak-detector-common/water-leak-detector-app.matter b/examples/water-leak-detector-app/water-leak-detector-common/water-leak-detector-app.matter
index 854d7eeace4515..655a1bb63a3bf5 100644
--- a/examples/water-leak-detector-app/water-leak-detector-common/water-leak-detector-app.matter
+++ b/examples/water-leak-detector-app/water-leak-detector-common/water-leak-detector-app.matter
@@ -1427,12 +1427,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1507,6 +1509,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1523,6 +1542,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/examples/window-app/common/window-app.matter b/examples/window-app/common/window-app.matter
index 916dfc2305fa26..3b5ec53473df8f 100644
--- a/examples/window-app/common/window-app.matter
+++ b/examples/window-app/common/window-app.matter
@@ -1865,12 +1865,14 @@ cluster OperationalCredentials = 62 {
fabric_id fabricID = 3;
node_id nodeID = 4;
char_string<32> label = 5;
+ optional octet_string<85> vidVerificationStatement = 6;
fabric_idx fabricIndex = 254;
}
fabric_scoped struct NOCStruct {
- fabric_sensitive octet_string noc = 1;
- nullable fabric_sensitive octet_string icac = 2;
+ octet_string noc = 1;
+ nullable octet_string icac = 2;
+ optional octet_string vvsc = 3;
fabric_idx fabricIndex = 254;
}
@@ -1945,6 +1947,23 @@ cluster OperationalCredentials = 62 {
octet_string rootCACertificate = 0;
}
+ request struct SetVidVerificationStatementRequest {
+ optional vendor_id vendorID = 0;
+ optional octet_string vidVerificationStatement = 1;
+ optional octet_string vvsc = 2;
+ }
+
+ request struct SignVidVerificationRequestRequest {
+ fabric_idx fabricIndex = 0;
+ octet_string<32> clientChallenge = 1;
+ }
+
+ response struct SignVidVerificationResponse = 14 {
+ fabric_idx fabricIndex = 0;
+ int8u fabricBindingVersion = 1;
+ octet_string signature = 2;
+ }
+
/** Sender is requesting attestation information from the receiver. */
command access(invoke: administer) AttestationRequest(AttestationRequestRequest): AttestationResponse = 0;
/** Sender is requesting a device attestation certificate from the receiver. */
@@ -1961,6 +1980,10 @@ cluster OperationalCredentials = 62 {
command access(invoke: administer) RemoveFabric(RemoveFabricRequest): NOCResponse = 10;
/** This command SHALL add a Trusted Root CA Certificate, provided as its CHIP Certificate representation. */
command access(invoke: administer) AddTrustedRootCertificate(AddTrustedRootCertificateRequest): DefaultSuccess = 11;
+ /** This command SHALL be used to update any of the accessing fabric's associated VendorID, VidVerificatioNStatement or VVSC (Vendor Verification Signing Certificate). */
+ fabric command access(invoke: administer) SetVidVerificationStatement(SetVidVerificationStatementRequest): DefaultSuccess = 12;
+ /** This command SHALL be used to request that the server authenticate the fabric associated with the FabricIndex given. */
+ command access(invoke: administer) SignVidVerificationRequest(SignVidVerificationRequestRequest): SignVidVerificationResponse = 13;
}
/** The Group Key Management Cluster is the mechanism by which group keys are managed. */
diff --git a/integrations/docker/images/base/chip-build/version b/integrations/docker/images/base/chip-build/version
index 84d3e578126e6b..1f9edb7f3a097e 100644
--- a/integrations/docker/images/base/chip-build/version
+++ b/integrations/docker/images/base/chip-build/version
@@ -1 +1 @@
-113 : [Android] set java 8 for java docker
+115 : [nrfconnect] Add gcc-multilib and g++-multilib
diff --git a/integrations/docker/images/stage-2/chip-build-efr32/Dockerfile b/integrations/docker/images/stage-2/chip-build-efr32/Dockerfile
index 66a036a443a223..79fd5dd187b5f9 100644
--- a/integrations/docker/images/stage-2/chip-build-efr32/Dockerfile
+++ b/integrations/docker/images/stage-2/chip-build-efr32/Dockerfile
@@ -12,9 +12,8 @@ RUN set -x \
&& rm -rf /var/lib/apt/lists/ \
&& : # last line
-
-# Download Simplicity SDK v2024.12.0 (8627f84)
-RUN wget https://github.com/SiliconLabs/simplicity_sdk/releases/download/v2024.12.0/gecko-sdk.zip -O /tmp/simplicity_sdk.zip \
+# Download Simplicity SDK v2024.12.1-0 (da66128)
+RUN wget https://github.com/SiliconLabs/simplicity_sdk/releases/download/v2024.12.1-0/simplicity-sdk.zip -O /tmp/simplicity_sdk.zip \
&& unzip /tmp/simplicity_sdk.zip -d /tmp/simplicity_sdk \
&& rm -rf /tmp/simplicity_sdk.zip \
# Deleting files that are not needed to save space
@@ -29,14 +28,14 @@ RUN wget https://github.com/SiliconLabs/simplicity_sdk/releases/download/v2024.1
&& find /tmp/simplicity_sdk/platform/Device/SiliconLabs -mindepth 1 -maxdepth 1 -type d ! \( -name 'EFR32MG24' -o -name 'EFR32MG26' -o -name 'MGM24' -o -name 'MGM26' \) -exec rm -rf {} + \
&& : # last line
-# Clone WiSeConnect Wi-Fi and Bluetooth Software 2.10.3 (b6d6cb5)
-RUN git clone --depth=1 --single-branch --branch=2.10.3 https://github.com/SiliconLabs/wiseconnect-wifi-bt-sdk.git /tmp/wiseconnect-wifi-bt-sdk && \
+# Clone WiSeConnect Wi-Fi and Bluetooth Software 2.11.2 (3dbc243)
+RUN git clone --depth=1 --single-branch --branch=2.11.2 https://github.com/SiliconLabs/wiseconnect-wifi-bt-sdk.git /tmp/wiseconnect-wifi-bt-sdk && \
cd /tmp/wiseconnect-wifi-bt-sdk && \
rm -rf .git examples \
&& : # last line
-# Clone WiSeConnect SDK v3.4.0 (9f6db89)
-RUN git clone --depth=1 --single-branch --branch=v3.4.0 https://github.com/SiliconLabs/wiseconnect.git /tmp/wifi_sdk && \
+# Clone WiSeConnect SDK v3.4.1 (f675628)
+RUN git clone --depth=1 --single-branch --branch=v3.4.1 https://github.com/SiliconLabs/wiseconnect.git /tmp/wifi_sdk && \
cd /tmp/wifi_sdk && \
rm -rf .git examples components/device/stm32 \
&& : # last line
diff --git a/integrations/docker/images/stage-2/chip-build-nrf-platform/Dockerfile b/integrations/docker/images/stage-2/chip-build-nrf-platform/Dockerfile
index 9e827c4cd57874..0dbb47a76f7785 100644
--- a/integrations/docker/images/stage-2/chip-build-nrf-platform/Dockerfile
+++ b/integrations/docker/images/stage-2/chip-build-nrf-platform/Dockerfile
@@ -47,7 +47,7 @@ FROM ghcr.io/project-chip/chip-build:${VERSION}
# Tools for building, flashing and accessing device logs
RUN set -x \
&& apt-get update \
- && apt-get install --no-install-recommends -fy device-tree-compiler \
+ && apt-get install --no-install-recommends -fy device-tree-compiler gcc-multilib g++-multilib \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/ \
&& : # last line
diff --git a/scripts/py_matter_idl/matter_idl/lint/lint_rules_parser.py b/scripts/py_matter_idl/matter_idl/lint/lint_rules_parser.py
index 3f9745850f6ca5..6723c0956d18aa 100755
--- a/scripts/py_matter_idl/matter_idl/lint/lint_rules_parser.py
+++ b/scripts/py_matter_idl/matter_idl/lint/lint_rules_parser.py
@@ -90,6 +90,9 @@ def DecodeClusterFromXml(element: xml.etree.ElementTree.Element):
if 'optional' in attr.attrib and attr.attrib['optional'] == 'true':
continue
+ if 'apiMaturity' in attr.attrib and attr.attrib['apiMaturity'] == 'provisional':
+ continue
+
# when introducing access controls, the content of attributes may either be:
# myName
# or
@@ -112,6 +115,9 @@ def DecodeClusterFromXml(element: xml.etree.ElementTree.Element):
if 'optional' in cmd.attrib and cmd.attrib['optional'] == 'true':
continue
+ if 'apiMaturity' in cmd.attrib and cmd.attrib['apiMaturity'] == 'provisional':
+ continue
+
required_commands.append(RequiredCommand(
name=cmd.attrib["name"], code=parseNumberString(cmd.attrib['code'])))
diff --git a/src/app/zap-templates/zcl/data-model/chip/matter-devices.xml b/src/app/zap-templates/zcl/data-model/chip/matter-devices.xml
index 6c72700003dd72..f954fcfc8e579f 100644
--- a/src/app/zap-templates/zcl/data-model/chip/matter-devices.xml
+++ b/src/app/zap-templates/zcl/data-model/chip/matter-devices.xml
@@ -574,6 +574,8 @@ limitations under the License.
RecallScene
GetSceneMembership
GetSceneMembershipResponse
+ CopyScene
+ CopySceneResponse
@@ -706,6 +708,8 @@ limitations under the License.
RecallScene
GetSceneMembership
GetSceneMembershipResponse
+ CopyScene
+ CopySceneResponse
@@ -799,6 +803,8 @@ limitations under the License.
RecallScene
GetSceneMembership
GetSceneMembershipResponse
+ CopyScene
+ CopySceneResponse
@@ -873,6 +879,36 @@ limitations under the License.
+
+ MA-mounted-dimmable-load-control
+ CHIP
+ Mounted Dimmable Load Control
+ 0x0103
+ 0x0110
+ Simple
+ Endpoint
+
+
+
+ TriggerEffect
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ CopyScene
+
+
+
MA-camera
CHIP
@@ -973,10 +1009,10 @@ limitations under the License.
Capacity
OperationMode
-
-
-
-
+
+
+
+
diff --git a/src/app/zap-templates/zcl/data-model/chip/operational-credentials-cluster.xml b/src/app/zap-templates/zcl/data-model/chip/operational-credentials-cluster.xml
index 61dd99e58b5d29..b2b5e1c4327e1d 100644
--- a/src/app/zap-templates/zcl/data-model/chip/operational-credentials-cluster.xml
+++ b/src/app/zap-templates/zcl/data-model/chip/operational-credentials-cluster.xml
@@ -24,6 +24,7 @@ limitations under the License.