You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: provision/README.md
+49-49
Original file line number
Diff line number
Diff line change
@@ -18,42 +18,43 @@ The provisioning script on this folder now supercedes the following tools:
18
18
19
19
## Provisioned Data
20
20
21
-
The Commissionable Data includes Serial Number, Vendor Id, Product Id, and the Setup Payload (typicallty displayed in the QR),
22
-
while the Attestation Credentials includes the Certificate Declaration (CD), the Product Attestation Intermediate (PAI) certificate,
23
-
and the DAC (Device Attestation Certificate).
21
+
The _Commissionable Data_ includes _Serial Number_, _Vendor Id_, _Product Id_, and the _Setup Payload_ (typicallty displayed in the QR code),
22
+
while the _Attestation Credentials_ include the _Certificate Declaration_ (CD), the _Product Attestation Intermediate certificate_(PAI),
23
+
and the _Device Attestation Certificate_ (DAC).
24
24
25
25
During commissioning, Matter devices perform a Password Authenticated Key Exchange using the SPAKE2+ protocol.
26
-
Calculating the SPAKE2+ verifier is computationally costly. For large iteration counts, the target device may require several minutes to compute. For this reason, the SPAKE2+ verifier is calculated on the host side by the script itself.
26
+
Calculating the SPAKE2+ verifier is computationally costly, for large iteration counts it may take several minutes to
27
+
compute on the target device. For this reason, the SPAKE2+ verifier is calculated on the host side by the script itself.
27
28
28
-
The passcode is used to derive a QR code, typically printed on the label, or displayed by the device itself.
29
+
The `passcode` is used to derive a QR code, typically printed on the label, or displayed by the device itself.
29
30
The QR code contains the pre-computed setup payload, which allows the commissioner to establish a session with the device.
30
31
The parameters required to generate and validate the session keys are static and stored in NVM3.
31
32
32
33
To protect the attestation private-key (used to generate the DAC), the asymmetric key-pair may be generated on-device, using PSA,
33
-
and in the most secure storage location available to the specific part. However, the private-key may be generated externally,
34
-
and imported using the --dac_key option.
34
+
and the most secure storage location available to the specific part. However, the private-key may be generated externally,
35
+
and imported using the `--dac_key` option.
35
36
36
-
The DAC is generated and signed by a Certification Authority (CA), which may reside on a separate host. The `modules/signing_server.py`
37
+
The DAC is generated and signed by a _Certification Authority_ (CA), which may operate from a separate host. The `modules/signing_server.py`
37
38
script simulates the role of the CA, and uses OpenSSL to to generate and sign the DAC. In a real factory environment,
38
39
this script is replaced by an actual CA.
39
40
40
41
## Generator Firmware
41
42
42
-
The Generator Firmware (GFW) is a FreeRTOS application that runs on the targeted device, and assists with the provisioning of the device.
43
+
The _Generator Firmware_ (GFW) is a FreeRTOS application that runs on the targeted device, and assists with the provisioning of the device.
43
44
The GFW performs the following tasks:
44
45
* When key-generation is used:
45
46
- Generates the key-pair on device in the most secure location available.
46
-
- Generates and returns a CSR (Certificate Signing Request). The CSR contains the device public-key, Vendor Id, Product Id, and Serial Number.
47
+
- Generates and returns a _Certificate Signing Request_ (CSR). The CSR contains the device public-key, Vendor Id, Product Id, and Serial Number.
47
48
* When key-import is used:
48
49
- Imports the key into the most secure location available.
49
-
* Calculates the Setup Payload
50
-
* Stores the Commissionable Data into NVM3 (including the Setup Payload)
50
+
* Calculates the _Setup Payload_.
51
+
* Stores the Commissionable Data into NVM3 (including the _Setup Payload_).
51
52
* Stores the Attestation Data on the main flash (CD, PAI, DAC)
52
53
* Stores the size and offsets used to store the Attestation Data, along with the KeyId used to store the private-key.
53
54
54
55
The main source code of the GFW is located under `./generator`, while the board support is located under `./support`.
55
56
Pre-compiled images for the supported chips can be found in `./images`.
56
-
Backwards-compatibility files are stored under `./modules/vX_Y` where X.Y matches the targeted version.
57
+
Backwards-compatibility script files are stored under `./modules/vX_Y` where X.Y matches the targeted version.
57
58
58
59
The directory structure is as follows:
59
60
- provision
@@ -91,8 +92,8 @@ The Provisioner Script executes the following steps:
91
92
92
93
The Provision Tool exchange information with the Provision firmware (either GFW or the PFW itself) using a proprietary protocol.
93
94
The original protocol, known as version 1.x, serves the basic purposes of CPMS and other factory environments, but is limited in scope.
94
-
To overcome these limitations, a new protocol has been developed. For backwards compatibility, users familiar to this tool should not notice
95
-
the difference between the protocols. It should only become evident when new functionality is required, which is only supported in version 2.0.
95
+
It can only transmit a pre-defined structures, and it doesn't support fragmentation. To overcome these limitations, a new protocol (version 2.x) has been developed. For backwards compatibility, users familiar to 1.x should not notice the difference between the protocols. The difference
96
+
only becomes evident when new functionality is required, which is only supported in version 2.x.
96
97
97
98
### Version 1.x
98
99
Verion 1 defines the following commands:
@@ -108,25 +109,24 @@ There are no extension capabilities on this protocol, nor any provision to read-
108
109
Version 2 of the Provision Protocol enforces a maximum package size. Data larger than the limit is fragmented in
109
110
as many packages are needed. This is done in both directions. Commands defined in this protocol are:
110
111
* Init: Used for initialization. Sends the flash size and location to the firmware.
111
-
* Finish: Sent to signal that provisioning is complete.
112
+
* Finish: Signal that provisioning is complete.
112
113
* CSR: Used for on-device key and CSR generation.
113
114
* Write: Send any number of arguments to the target device.
114
115
* Read: Returns any number of arguments from the target device.
115
-
With Write and Read, any number of arguments, of any length, may be sent in any order.
116
-
However, by default, the script uses the Write and Read commands to send the same data as version 1,
116
+
With _Write_ and _Read_, any number of arguments, of any length, may be sent in any order.
117
+
However, by default, the script uses the _Write_ and _Read_ commands to send the same data as version 1,
117
118
thus preserving the user experience of the tool.
118
119
Instead of fixed-positions, this protocol uses IDs to identify the arguments in both ends.
119
-
Custom arguments must have IDs range 0x00 to 0xff (255).
120
120
121
121
## Channels
122
122
123
123
The Provision Tool can transfer the arguments to the device in two ways:
124
124
* J-Link RTT: When the device is physically connected to the host, the GFW can communicate through the serial port using J-Link RTT.
125
-
This method can be used both in development and factory environments. This methods works with the legacy Protocol version 1.0 or
126
-
the new protocol version 2.0.
125
+
This method can be used both in development and factory environments. This method works with the legacy Protocol version 1.x or
126
+
the new protocol version 2.x.
127
127
* Bluetooth: The provision script can transmit the data directly to applications running in provision-mode. While in this mode,
128
-
Silicon Labs' example applications use Bluetooth communication to receive provisioning data. The Bluetooh channel requires
129
-
Provision Protocol v2.0.
128
+
Silicon Labs' example applications use the bluetooth communication to receive provisionning data. The Bluetooh channel requires
129
+
Provision Protocol v2.x.
130
130
131
131
### Parameters
132
132
@@ -185,6 +185,7 @@ file defines the well-known (default) parameters used by the automatic provision
185
185
| -dp, --key_pass | optional<sup>3</sup> | string | Password for the key file. |
186
186
| -dx, --pkcs12 | optional<sup>3</sup> | string | Path to the PKCS#12 attestation certificates file. Formerly --att_certs. |
187
187
| -dn, --common_name | optional<sup>4</sup> | string | Common Name to use in the Device Certificate (DAC) . |
188
+
| -ok, --ota_key | optional | string | Over The Air (OTA) update key. |
188
189
189
190
<sup>1</sup> Use xxxxxxxxx for serial, xxx.xxx.xxx.xxx[:yyyy] for TCP, or bt:XXXXXXXXXXXXXXXX for bluetooth
190
191
<sup>2</sup> If not provided (or zero), the `discriminator` is generated at random
@@ -193,8 +194,8 @@ file defines the well-known (default) parameters used by the automatic provision
193
194
<sup>5</sup> If not provided, the `unique_id` is randomly generated
194
195
<sup>6</sup> Salt and verifier must be provided as base64 string
195
196
196
-
>WARNING:
197
-
With the release of version 2.0, many shortcuts have been modified. Singlecharacters are now reserved for tool options.
197
+
WARNING:
198
+
With the release of version 2.0, many shortcuts have been modified. Single-characters are now reserved for tool options.
198
199
Most long versions have been preserved, with the exception of `--config` and `--att_certs`.
199
200
200
201
### Custom Parameters
@@ -226,7 +227,7 @@ Otherwise, the path to the parameters file may be provided with the `--params` o
226
227
Supported types are int8u, int16u, int32u, string, binary, and path. The `path` parameters must point to an existing file in the filesystem.
227
228
If such file exists, its contents are read and sent to the firmware as a binary value.
228
229
229
-
Given the previous configuration, the actual argument may be provided via command-line:
230
+
Given the previous configuration, the actual arguments may be provided as command-line:
230
231
```
231
232
python3 provision.py -x1 99 --example2 "ABC123"
232
233
```
@@ -250,14 +251,13 @@ Or, as part of an input file:
250
251
}
251
252
```
252
253
253
-
On the firmware side, custom parameters are routed to the [Custom Provision Storage](examples/platform/silabs/provision/ProvisionStorageCustom.cpp).
254
-
A sample implementation is provided, but it must be replaced with a class that matches the parameters defined in the YAML descriptor.
254
+
On the firmware side, custom parameters are sent to the [Custom Provision Storage](examples/platform/silabs/provision/ProvisionStorageCustom.cpp).
255
+
A sample implementation is provided, but it must be replaced with a class that matches with parameters defined in the YAML descriptor.
255
256
256
257
257
258
## Actions
258
259
259
-
When using version 1.x, there is only one action available. This action performs the device provisioning as automatically as possible.
260
-
260
+
When using version 1.x, there is only action available, which performs device provisioning as automatically as possible.
261
261
In contrast, version 2.x defines the following actions:
262
262
*`auto`: This is the default action, and emulates the automatic provisioning performed in version 1.
@@ -288,7 +288,7 @@ Any or all of these arguments may be overwritten though the command line.
288
288
289
289
The -i/--inputs argument reads all the required arguments from a provided JSON file. The same validation rules apply
290
290
both for command line or configuration file, but JSON does not support hexadecimal numbers. Command line arguments
291
-
override arguments read from a configuration file. For instance, with the configuration `example.json`:
291
+
take precedence over file arguments. For instance, with the configuration `example.json`:
292
292
```
293
293
{
294
294
"version": "2.0",
@@ -315,27 +315,27 @@ You may run:
315
315
```
316
316
python3 ./provision.py --inputs example.json
317
317
```
318
-
Which will set the connected device with discriminator 3840, product ID 32773, and use 15000 SPAKE2+ iterations.
319
-
320
-
However, if you run instead:
318
+
Which will set the connected device with discriminator **3840**, product ID **32773**, and use **15000** SPAKE2+ iterations. However, if you run instead:
0 commit comments