Updated CSA Official CD Signing Certificates #23027

emargolis · 2022-10-04T23:33:38Z

github-actions · 2022-10-05T00:03:07Z

PR #23027: Size comparison from 4f06a42 to f2aef2f

Increases above 0.2%:

platform	target	config	section	`4f06a42`	`f2aef2f`	change	% change
linux	thermostat-no-ble	arm64	.rodata	143772	144244	472	0.3

Increases (12 builds for bl602, bl702, cc13x2_26x2, linux, psoc6, telink)

platform	target	config	section	`4f06a42`	`f2aef2f`	change	% change
bl602	lighting-app	bl602	(read/write)	1389194	1389210	16	0.0
			.text	1068788	`1068808`	20	0.0
		bl602+rpc	(read/write)	1434414	1434430	16	0.0
			.text	`1100138`	1100156	18	0.0
bl702	lighting-app	bl702	(read/write)	1188195	1188211	16	0.0
			.debug_info	37904718	37904719	1	0.0
			.text	956760	956778	18	0.0
		bl702+rpc	(read/write)	1284115	1284131	16	0.0
			.text	`1030464`	1030480	16	0.0
cc13x2_26x2	all-clusters-minimal-app	LP_CC2652R7	(read only)	641023	641031	8	0.0
			.text	561960	561968	8	0.0
	lock-mtd	LP_CC2652R7	(read/write)	185168	185176	8	0.0
linux	chip-tool-ipv6only	arm64	(read only)	10427964	10428644	680	0.0
			.rodata	517532	518004	472	0.1
			.text	8255060	8255092	32	0.0
	thermostat-no-ble	arm64	(read only)	2388740	`2389420`	680	0.0
			.rodata	143772	144244	472	0.3
			.text	`2002256`	2002288	32	0.0
psoc6	all-clusters	cy8ckit_062s2_43012	.debug_info	26830823	26830825	2	0.0
	lock	cy8ckit_062s2_43012	.debug_info	22269916	22269917	1	0.0
telink	light-switch-app	tlsr9518adk80d	(read/write)	788960	788968	8	0.0
			text	552916	552920	4	0.0
	ota-requestor-app	tlsr9518adk80d	(read/write)	819008	819016	8	0.0
			text	577320	577322	2	0.0

Decreases (5 builds for cc13x2_26x2, esp32, linux)

platform	target	config	section	`4f06a42`	`f2aef2f`	change	% change
cc13x2_26x2	lock-mtd	LP_CC2652R7	(read only)	659215	659207	-8	-0.0
			.text	555784	555776	-8	-0.0
esp32	all-clusters-app	c3devkit	(read only)	1223144	1223140	-4	-0.0
			.flash.text	1223144	1223140	-4	-0.0
		m5stack	(read/write)	564028	564020	-8	-0.0
			.flash.rodata	314752	314744	-8	-0.0
linux	chip-tool-ipv6only	arm64	(read/write)	706433	706321	-112	-0.0
			.data	2864	2768	-96	-3.4
			.got	13904	13896	-8	-0.1
	thermostat-no-ble	arm64	(read/write)	143713	143617	-96	-0.1
			.data	1912	1816	-96	-5.0
			.got	5184	5176	-8	-0.2

Full report (37 builds for bl602, bl702, cc13x2_26x2, cyw30739, efr32, esp32, k32w, linux, mbed, nrfconnect, psoc6, qpg, telink)

platform	target	config	section	`4f06a42`	`f2aef2f`	change	% change
bl602	lighting-app	bl602	(read/write)	1389194	1389210	16	0.0
			.bss	90729	90729	0	0.0
			.data	9928	9928	0	0.0
			.text	1068788	`1068808`	20	0.0
		bl602+rpc	(read/write)	1434414	1434430	16	0.0
			.bss	98161	98161	0	0.0
			.data	10312	10312	0	0.0
			.text	`1100138`	1100156	18	0.0
bl702	lighting-app	bl702	(read only)	3262	3262	0	0.0
			(read/write)	1188195	1188211	16	0.0
			.bleromro	6296	6296	0	0.0
			.bleromrw	124	124	0	0.0
			.boot2	688	688	0	0.0
			.bss	67102	67102	0	0.0
			.bss_psram	29696	29696	0	0.0
			.comment	48	48	0	0.0
			.data	4272	4272	0	0.0
			.debug_abbrev	1506913	1506913	0	0.0
			.debug_aranges	133120	133120	0	0.0
			.debug_frame	486540	486540	0	0.0
			.debug_info	37904718	37904719	1	0.0
			.debug_line	`5256212`	`5256212`	0	0.0
			.debug_loc	`3366560`	`3366560`	0	0.0
			.debug_ranges	359264	359264	0	0.0
			.debug_str	3457718	3457718	0	0.0
			.hbn	509	509	0	0.0
			.hbn_noinit	260	260	0	0.0
			.init	342	342	0	0.0
			.init_array	144	144	0	0.0
			.psram	0	0	0	0.0
			.riscv.attributes	47	47	0	0.0
			.rodata	116552	116552	0	0.0
			.rsvd	3188	3188	0	0.0
			.shstrtab	293	293	0	0.0
			.stack	2048	2048	0	0.0
			.strtab	565037	565037	0	0.0
			.symtab	171648	171648	0	0.0
			.tcm_data	36	36	0	0.0
			.tcmcode	3262	3262	0	0.0
			.text	0	0	0	0.0
				956760	956778	18	0.0
		bl702+rpc	(read only)	3262	3262	0	0.0
			(read/write)	1284115	1284131	16	0.0
			.bleromro	6296	6296	0	0.0
			.bleromrw	124	124	0	0.0
			.boot2	688	688	0	0.0
			.bss	75150	75150	0	0.0
			.bss_psram	29936	29936	0	0.0
			.comment	48	48	0	0.0
			.data	4800	4800	0	0.0
			.debug_abbrev	1644458	1644458	0	0.0
			.debug_aranges	140624	140624	0	0.0
			.debug_frame	511916	511916	0	0.0
			.debug_info	41811330	41811330	0	0.0
			.debug_line	`5630747`	`5630747`	0	0.0
			.debug_loc	3559220	3559220	0	0.0
			.debug_ranges	381720	381720	0	0.0
			.debug_str	3853618	3853618	0	0.0
			.hbn	509	509	0	0.0
			.hbn_noinit	260	260	0	0.0
			.init	342	342	0	0.0
			.init_array	160	160	0	0.0
			.psram	0	0	0	0.0
			.riscv.attributes	47	47	0	0.0
			.rodata	129944	129944	0	0.0
			.rsvd	3188	3188	0	0.0
			.shstrtab	293	293	0	0.0
			.stack	2048	2048	0	0.0
			.strtab	624210	624210	0	0.0
			.symtab	189456	189456	0	0.0
			.tcm_data	36	36	0	0.0
			.tcmcode	3262	3262	0	0.0
			.text	0	0	0	0.0
				`1030464`	1030480	16	0.0
cc13x2_26x2	all-clusters-app	LP_CC2652R7	(read only)	676783	676783	0	0.0
			(read/write)	174760	174760	0	0.0
			.bss	81236	81236	0	0.0
			.data	3380	3380	0	0.0
			.rodata	89607	89607	0	0.0
			.text	586864	586864	0	0.0
	all-clusters-minimal-app	LP_CC2652R7	(read only)	641023	641031	8	0.0
			(read/write)	158004	158004	0	0.0
			.bss	80508	80508	0	0.0
			.data	3380	3380	0	0.0
			.rodata	78743	78743	0	0.0
			.text	561960	561968	8	0.0
	lock-ftd	LP_CC2652R7	(read only)	675467	675467	0	0.0
			(read/write)	173228	173228	0	0.0
			.bss	78476	78476	0	0.0
			.data	3304	3304	0	0.0
			.rodata	77131	77131	0	0.0
			.text	597856	597856	0	0.0
	lock-mtd	LP_CC2652R7	(read only)	659215	659207	-8	-0.0
			(read/write)	185168	185176	8	0.0
			.bss	74164	74164	0	0.0
			.data	3304	3304	0	0.0
			.rodata	102951	102951	0	0.0
			.text	555784	555776	-8	-0.0
	pump-app	LP_CC2652R7	(read only)	687519	687519	0	0.0
			(read/write)	161896	161896	0	0.0
			.bss	78428	78428	0	0.0
			.data	3296	3296	0	0.0
			.rodata	90543	90543	0	0.0
			.text	596492	596492	0	0.0
	pump-controller-app	LP_CC2652R7	(read only)	672019	672019	0	0.0
			(read/write)	177508	177508	0	0.0
			.bss	78540	78540	0	0.0
			.data	3292	3292	0	0.0
			.rodata	86099	86099	0	0.0
			.text	585440	585440	0	0.0
	shell	LP_CC2652R7	(read only)	667830	667830	0	0.0
			(read/write)	186032	186032	0	0.0
			.bss	83556	83556	0	0.0
			.data	3376	3376	0	0.0
			.rodata	86318	86318	0	0.0
			.text	581196	581196	0	0.0
cyw30739	light	cyw930739m2evb_01	(read/write)	587738	587738	0	0.0
			.app_xip_area	464348	464348	0	0.0
			.bss	65808	65808	0	0.0
			.data	760	760	0	0.0
			.rodata	0	0	0	0.0
			.text	112	112	0	0.0
	lock	cyw930739m2evb_01	(read/write)	591994	591994	0	0.0
			.app_xip_area	463284	463284	0	0.0
			.bss	71120	71120	0	0.0
			.data	768	768	0	0.0
			.rodata	0	0	0	0.0
			.text	112	112	0	0.0
	ota-requestor-no-progress-logging	cyw930739m2evb_01	(read/write)	543586	543586	0	0.0
			.app_xip_area	425252	425252	0	0.0
			.bss	60800	60800	0	0.0
			.data	716	716	0	0.0
			.rodata	0	0	0	0.0
			.text	112	112	0	0.0
efr32	lighting-app	BRD4161A+rpc	(read/write)	973768	973768	0	0.0
			.bss	152244	152244	0	0.0
			.data	2248	2248	0	0.0
			.text	819256	819256	0	0.0
		BRD4161A+rs911x	(read/write)	1031312	1031312	0	0.0
			.bss	186640	186640	0	0.0
			.data	2092	2092	0	0.0
			.text	842560	842560	0	0.0
		BRD4187C	(read/write)	1146076	1146076	0	0.0
			.bss	138624	138624	0	0.0
			.data	2596	2596	0	0.0
			.text	980260	980260	0	0.0
	lock-app	BRD4161A+wf200	(read/write)	1157232	1157232	0	0.0
			.bss	158192	158192	0	0.0
			.data	2100	2100	0	0.0
			.text	996920	996920	0	0.0
	window-app	BRD4187C	(read/write)	`1138076`	`1138076`	0	0.0
			.bss	140064	140064	0	0.0
			.data	2620	2620	0	0.0
			.text	970796	970796	0	0.0
esp32	all-clusters-app	c3devkit	(read only)	1223144	1223140	-4	-0.0
			(read/write)	1788118	1788118	0	0.0
			.dram0.bss	76944	76944	0	0.0
			.dram0.data	13840	13840	0	0.0
			.flash.rodata	257688	257688	0	0.0
			.flash.text	1223144	1223140	-4	-0.0
			.iram0.text	65204	65204	0	0.0
		m5stack	(read only)	1233183	1233183	0	0.0
			(read/write)	564028	564020	-8	-0.0
			.dram0.bss	82312	82312	0	0.0
			.dram0.data	34296	34296	0	0.0
			.flash.rodata	314752	314744	-8	-0.0
			.flash.text	1227799	1227799	0	0.0
			.iram0.text	123939	123939	0	0.0
k32w	light	k32w0+release	(read/write)	641588	641588	0	0.0
			.bss	74824	74824	0	0.0
			.data	2064	2064	0	0.0
			.text	561972	561972	0	0.0
	lock	k32w0+release	(read/write)	632916	632916	0	0.0
			.bss	75600	75600	0	0.0
			.data	2080	2080	0	0.0
			.text	552508	552508	0	0.0
linux	chip-tool-ipv6only	arm64	(read only)	10427964	10428644	680	0.0
			(read/write)	706433	706321	-112	-0.0
			.bss	33953	33953	0	0.0
			.data	2864	2768	-96	-3.4
			.data.rel.ro	650608	650608	0	0.0
			.dynamic	560	560	0	0.0
			.got	13904	13896	-8	-0.1
			.init	24	24	0	0.0
			.init_array	208	208	0	0.0
			.rodata	517532	518004	472	0.1
			.text	8255060	8255092	32	0.0
	thermostat-no-ble	arm64	(read only)	2388740	`2389420`	680	0.0
			(read/write)	143713	143617	-96	-0.1
			.bss	55377	55377	0	0.0
			.data	1912	1816	-96	-5.0
			.data.rel.ro	77232	77232	0	0.0
			.dynamic	560	560	0	0.0
			.got	5184	5176	-8	-0.2
			.init	24	24	0	0.0
			.init_array	440	440	0	0.0
			.rodata	143772	144244	472	0.3
			.text	`2002256`	2002288	32	0.0
mbed	lock-app	CY8CPROTO_062_4343W+release	(read only)	6224	6224	0	0.0
			(read/write)	2451792	2451792	0	0.0
			.bss	215028	215028	0	0.0
			.data	5872	5872	0	0.0
			.text	1414436	1414436	0	0.0
nrfconnect	all-clusters-app	nrf52840dk_nrf52840	(read/write)	`1183051`	`1183051`	0	0.0
			bss	144441	144441	0	0.0
			rodata	144220	144220	0	0.0
			text	815488	815488	0	0.0
	all-clusters-minimal-app	nrf52840dk_nrf52840	(read/write)	1161735	1161735	0	0.0
			bss	143668	143668	0	0.0
			rodata	135792	135792	0	0.0
			text	803384	803384	0	0.0
psoc6	all-clusters	cy8ckit_062s2_43012	(read only)	841968	841968	0	0.0
			(read/write)	1744748	1744748	0	0.0
			.ARM.attributes	46	46	0	0.0
			.ARM.exidx	8	8	0	0.0
			.bss	188712	188712	0	0.0
			.comment	204	204	0	0.0
			.copy.table	24	24	0	0.0
			.cy_m0p_image	6216	6216	0	0.0
			.cy_sharedmem	8	8	0	0.0
			.data	2664	2664	0	0.0
			.debug_abbrev	1229469	1229469	0	0.0
			.debug_aranges	111848	111848	0	0.0
			.debug_frame	373448	373448	0	0.0
			.debug_info	26830823	26830825	2	0.0
			.debug_line	3671570	3671570	0	0.0
			.debug_loc	3588349	3588349	0	0.0
			.debug_ranges	339632	339632	0	0.0
			.debug_str	3441121	3441121	0	0.0
			.heap	841968	841968	0	0.0
			.noinit	148	148	0	0.0
			.ramVectors	736	736	0	0.0
			.shstrtab	288	288	0	0.0
			.stab	156	156	0	0.0
			.stabstr	335	335	0	0.0
			.stack_dummy	4096	4096	0	0.0
			.strtab	569605	569605	0	0.0
			.symtab	421120	421120	0	0.0
			.text	1544984	1544984	0	0.0
			.zero.table	8	8	0	0.0
			text	0	0	0	0.0
	all-clusters-minimal	cy8ckit_062s2_43012	(read only)	842704	842704	0	0.0
			(read/write)	1687356	1687356	0	0.0
			.ARM.attributes	46	46	0	0.0
			.ARM.exidx	8	8	0	0.0
			.bss	187976	187976	0	0.0
			.comment	204	204	0	0.0
			.copy.table	24	24	0	0.0
			.cy_m0p_image	6216	6216	0	0.0
			.cy_sharedmem	8	8	0	0.0
			.data	2664	2664	0	0.0
			.debug_abbrev	`1221268`	`1221268`	0	0.0
			.debug_aranges	111320	111320	0	0.0
			.debug_frame	376528	376528	0	0.0
			.debug_info	26567605	26567605	0	0.0
			.debug_line	3692286	3692286	0	0.0
			.debug_loc	3575986	3575986	0	0.0
			.debug_ranges	338248	338248	0	0.0
			.debug_str	3430134	3430134	0	0.0
			.heap	842704	842704	0	0.0
			.noinit	148	148	0	0.0
			.ramVectors	736	736	0	0.0
			.shstrtab	288	288	0	0.0
			.stab	156	156	0	0.0
			.stabstr	335	335	0	0.0
			.stack_dummy	4096	4096	0	0.0
			.strtab	533694	533694	0	0.0
			.symtab	407552	407552	0	0.0
			.text	1488328	1488328	0	0.0
			.zero.table	0	0	0	0.0
				8	8	0	0.0
	light	cy8ckit_062s2_43012	(read only)	850896	850896	0	0.0
			(read/write)	1605884	1605884	0	0.0
			.ARM.attributes	46	46	0	0.0
			.ARM.exidx	8	8	0	0.0
			.bss	179992	179992	0	0.0
			.comment	204	204	0	0.0
			.copy.table	24	24	0	0.0
			.cy_m0p_image	6216	6216	0	0.0
			.cy_sharedmem	8	8	0	0.0
			.data	2456	2456	0	0.0
			.debug_abbrev	1055324	1055324	0	0.0
			.debug_aranges	103528	103528	0	0.0
			.debug_frame	346860	346860	0	0.0
			.debug_info	22031247	22031247	0	0.0
			.debug_line	3262191	3262191	0	0.0
			.debug_loc	`3273948`	`3273948`	0	0.0
			.debug_ranges	303552	303552	0	0.0
			.debug_str	3235666	3235666	0	0.0
			.heap	850896	850896	0	0.0
			.noinit	148	148	0	0.0
			.ramVectors	736	736	0	0.0
			.shstrtab	288	288	0	0.0
			.stab	156	156	0	0.0
			.stabstr	335	335	0	0.0
			.stack_dummy	4096	4096	0	0.0
			.strtab	470071	470071	0	0.0
			.symtab	376000	376000	0	0.0
			.text	1415048	1415048	0	0.0
			.zero.table	0	0	0	0.0
				8	8	0	0.0
	lock	cy8ckit_062s2_43012	(read only)	845880	845880	0	0.0
			(read/write)	1639804	1639804	0	0.0
			.ARM.attributes	46	46	0	0.0
			.ARM.exidx	8	8	0	0.0
			.bss	184992	184992	0	0.0
			.comment	204	204	0	0.0
			.copy.table	24	24	0	0.0
			.cy_m0p_image	6216	6216	0	0.0
			.cy_sharedmem	8	8	0	0.0
			.data	2472	2472	0	0.0
			.debug_abbrev	1057427	1057427	0	0.0
			.debug_aranges	103928	103928	0	0.0
			.debug_frame	348752	348752	0	0.0
			.debug_info	22269916	22269917	1	0.0
			.debug_line	`3260052`	`3260052`	0	0.0
			.debug_loc	3302541	3302541	0	0.0
			.debug_ranges	305496	305496	0	0.0
			.debug_str	3255180	3255180	0	0.0
			.heap	845880	845880	0	0.0
			.noinit	148	148	0	0.0
			.ramVectors	736	736	0	0.0
			.shstrtab	288	288	0	0.0
			.stab	156	156	0	0.0
			.stabstr	335	335	0	0.0
			.stack_dummy	4096	4096	0	0.0
			.strtab	472478	472478	0	0.0
			.symtab	377664	377664	0	0.0
			.text	`1443952`	`1443952`	0	0.0
			.zero.table	0	0	0	0.0
				8	8	0	0.0
qpg	lighting-app	qpg6105+debug	(read/write)	`1148256`	`1148256`	0	0.0
			.bss	110556	110556	0	0.0
			.data	832	832	0	0.0
			.text	595356	595356	0	0.0
	lock-app	qpg6105+debug	(read/write)	1113320	1113320	0	0.0
			.bss	106372	106372	0	0.0
			.data	836	836	0	0.0
			.text	560416	560416	0	0.0
telink	light-switch-app	tlsr9518adk80d	(read/write)	788960	788968	8	0.0
			bss	72480	72480	0	0.0
			noinit	43520	43520	0	0.0
			text	552916	552920	4	0.0
	lighting-app	tlsr9518adk80d	(read/write)	811072	811072	0	0.0
			bss	73328	73328	0	0.0
			noinit	43520	43520	0	0.0
			text	571140	571140	0	0.0
	ota-requestor-app	tlsr9518adk80d	(read/write)	819008	819016	8	0.0
			bss	74236	74236	0	0.0
			noinit	43520	43520	0	0.0
			text	577320	577322	2	0.0

…ntation (#23239) * Add missing pthread header (#22833) * [build] Fix #21255 - allow circular initialization of SimpleStateMachine test. (#22461) * [build] Fix #21255 - allow circular initialization of SimpleStateMachine test. * [build] Add comment per review feedback. * [Darwin][AttestationVerifier] Expose a mechanism to customise cd signing keys and use it in darwin (#22338) * Add AttestationTrustStore::GetCertificationDeclarationCert virtual method to allow controllers passing in some CD certs * Add cdCerts member to MTRControllerFactoryparams and override AttestationTrustStore::GetCertificationDeclarationCert * Implement ArrayTrustStore::GetCertificationDeclarationSigningKey and initialize the test ArrayTrustStore store with the test CD cert * Update the FileAttestationTrustStore to read a directory with der certs for certification declaration verification * Add credentials/development/cd-certs/ and update chip-tool to use it if desired * Update API to match conversation - Remove CD stuff from FileAttestationTrustStore - Refactor FileAttestationTrustStore to allow loading of any X.509 cert directory - Add a command line to chip-tool to disallow test keys (`only-allow-trusted-cd-keys`) - Add plumbing to enable CD keys lookup properly without mixing-up with PAA semantics - Add official CD verifying key and official SDK CD test key in the default CD trust store as-is * Update src/darwin to take into account the proposed changes * Add unit test for `CsaCdKeysTrustStore` Co-authored-by: Tennessee Carmel-Veilleux <tennessee.carmelveilleux@gmail.com> * [Attestation] Updated to Use CD Signed by a Valid CSA Cert (#22685) * Updated CSA Official CD Signing Certificates (#23027) * restyled. * Remove fixed versioning for git in cirque (#23257) Co-authored-by: Gene Harvey <gene.harvey@smartthings.com> Co-authored-by: Martin Turon <mturon@google.com> Co-authored-by: Vivien Nicolas <vnicolas@apple.com> Co-authored-by: Tennessee Carmel-Veilleux <tennessee.carmelveilleux@gmail.com> Co-authored-by: Andrei Litvin <andy314@gmail.com>

Updated CSA Official CD Signing Certificates

f2aef2f

github-actions bot added app tests labels Oct 4, 2022

pullapprove bot requested review from mrjerryjohns, msandstedt, rgoliver, saurabhst, selissia, tecimovic, turon, vijs, vivien-apple, wbschiller, woody-apple, xylophone21, yufengwangca and yunhanw-google October 4, 2022 23:34

pullapprove bot added the review - pending label Oct 4, 2022

tcarmelveilleux added the Cherrypick into 1.0 label Oct 5, 2022

tcarmelveilleux approved these changes Oct 5, 2022

View reviewed changes

msandstedt approved these changes Oct 5, 2022

View reviewed changes

pullapprove bot added review - approved and removed review - pending labels Oct 5, 2022

emargolis merged commit faad9e1 into project-chip:master Oct 5, 2022

emargolis added a commit to emargolis/connectedhomeip-1 that referenced this pull request Oct 5, 2022

Updated CSA Official CD Signing Certificates (project-chip#23027)

3215269

emargolis mentioned this pull request Oct 5, 2022

[v1.0 cherrypick] Updated CSA Official CD Signing Certificates #23037

Merged

andy31415 pushed a commit that referenced this pull request Oct 6, 2022

Updated CSA Official CD Signing Certificates (#23027) (#23037)

83123f8

emargolis added a commit to emargolis/connectedhomeip-1 that referenced this pull request Oct 17, 2022

Updated CSA Official CD Signing Certificates (project-chip#23027)

dbb0e60

emargolis mentioned this pull request Oct 17, 2022

[SVE2] Cherry Pick Matter Official CDs and CD Trusted Storage Implementation #23239

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Updated CSA Official CD Signing Certificates #23027

Updated CSA Official CD Signing Certificates #23027

emargolis commented Oct 4, 2022

github-actions bot commented Oct 5, 2022 •

edited

Loading

Updated CSA Official CD Signing Certificates #23027

Updated CSA Official CD Signing Certificates #23027

Conversation

emargolis commented Oct 4, 2022

github-actions bot commented Oct 5, 2022 • edited Loading

github-actions bot commented Oct 5, 2022 •

edited

Loading