From 4645aa06046c399db7ed44785e8770e197694c9e Mon Sep 17 00:00:00 2001
From: Li Ya Shuai <liyashuai@espressif.com>
Date: Tue, 11 Feb 2025 20:10:56 +0800
Subject: [PATCH] examples: add custom certification declaration example in
 light example

---
 .../esp_matter/esp_matter_providers.cpp       |   2 +-
 components/esp_matter/esp_matter_providers.h  |   2 ++
 docs/en/developing.rst                        |   8 +++++-
 examples/light/main/CMakeLists.txt            |   4 +++
 examples/light/main/app_main.cpp              |  27 ++++++++++++++++++
 .../certification_declaration.der             | Bin 0 -> 233 bytes
 6 files changed, 41 insertions(+), 2 deletions(-)
 create mode 100644 examples/light/main/certification_declaration/certification_declaration.der

diff --git a/components/esp_matter/esp_matter_providers.cpp b/components/esp_matter/esp_matter_providers.cpp
index dbbfa8286..8aabc42bb 100644
--- a/components/esp_matter/esp_matter_providers.cpp
+++ b/components/esp_matter/esp_matter_providers.cpp
@@ -71,7 +71,7 @@ void set_custom_device_info_provider(DeviceInfoProvider *provider)
 }
 #endif
 
-static DeviceAttestationCredentialsProvider *get_dac_provider(void)
+DeviceAttestationCredentialsProvider *get_dac_provider(void)
 {
 #if CONFIG_SEC_CERT_DAC_PROVIDER
     static ESP32SecureCertDACProvider instance;
diff --git a/components/esp_matter/esp_matter_providers.h b/components/esp_matter/esp_matter_providers.h
index afdda8f36..97c19becc 100644
--- a/components/esp_matter/esp_matter_providers.h
+++ b/components/esp_matter/esp_matter_providers.h
@@ -58,4 +58,6 @@ void set_custom_device_info_provider(chip::DeviceLayer::DeviceInfoProvider *prov
 #endif
 
 void setup_providers();
+
+chip::Credentials::DeviceAttestationCredentialsProvider *get_dac_provider(void);
 } // namespace esp_matter
diff --git a/docs/en/developing.rst b/docs/en/developing.rst
index 9aa230edf..e7346ebbe 100644
--- a/docs/en/developing.rst
+++ b/docs/en/developing.rst
@@ -1110,7 +1110,13 @@ For more info about the arguments, please check `here <https://github.com/espres
 2.7.3 Factory Partition
 ~~~~~~~~~~~~~~~~~~~~~~~
 
-Factory partition contains basic information like VID, PID, etc, and CD.
+Factory partition contains basic information like VID, PID, etc.
+
+By default, the CD(Certification Declaration) is stored in the factory partition and we need to add the ``-cd`` option when generating the factory partition.
+
+Alternatively, if you’d like to embed the CD in the firmware, you can enable the
+``CONFIG_ENABLE_SET_CERT_DECLARATION_API`` option and use the ``SetCertificationDeclaration()`` API to set the CD.
+You can refer to the reference implementation in :project_file: `light example <https://github.com/espressif/esp-matter/tree/main/examples/light>`__.
 
 Export the dependent tools path
 
diff --git a/examples/light/main/CMakeLists.txt b/examples/light/main/CMakeLists.txt
index 43626a795..79b9c142f 100644
--- a/examples/light/main/CMakeLists.txt
+++ b/examples/light/main/CMakeLists.txt
@@ -1,5 +1,9 @@
 idf_component_register(SRC_DIRS          "."
                        PRIV_INCLUDE_DIRS  "." "${ESP_MATTER_PATH}/examples/common/utils")
 
+if (CONFIG_ENABLE_SET_CERT_DECLARATION_API)
+    target_add_binary_data(${COMPONENT_TARGET} "certification_declaration/certification_declaration.der" BINARY)
+endif()
+
 set_property(TARGET ${COMPONENT_LIB} PROPERTY CXX_STANDARD 17)
 target_compile_options(${COMPONENT_LIB} PRIVATE "-DCHIP_HAVE_CONFIG_H")
diff --git a/examples/light/main/app_main.cpp b/examples/light/main/app_main.cpp
index eb6e135b3..7ae6878b8 100644
--- a/examples/light/main/app_main.cpp
+++ b/examples/light/main/app_main.cpp
@@ -24,6 +24,17 @@
 #include <app/server/CommissioningWindowManager.h>
 #include <app/server/Server.h>
 
+#ifdef CONFIG_ENABLE_SET_CERT_DECLARATION_API
+#include <esp_matter_providers.h>
+#include <lib/support/Span.h>
+#ifdef CONFIG_SEC_CERT_DAC_PROVIDER
+#include <platform/ESP32/ESP32SecureCertDACProvider.h>
+#elif defined(CONFIG_FACTORY_PARTITION_DAC_PROVIDER)
+#include <platform/ESP32/ESP32FactoryDataProvider.h>
+#endif
+using namespace chip::DeviceLayer;
+#endif
+
 static const char *TAG = "app_main";
 uint16_t light_endpoint_id = 0;
 
@@ -34,6 +45,13 @@ using namespace chip::app::Clusters;
 
 constexpr auto k_timeout_seconds = 300;
 
+#ifdef CONFIG_ENABLE_SET_CERT_DECLARATION_API
+extern const uint8_t cd_start[] asm("_binary_certification_declaration_der_start");
+extern const uint8_t cd_end[] asm("_binary_certification_declaration_der_end");
+
+const chip::ByteSpan cdSpan(cd_start, static_cast<size_t>(cd_end - cd_start));
+#endif // CONFIG_ENABLE_SET_CERT_DECLARATION_API
+
 #if CONFIG_ENABLE_ENCRYPTED_OTA
 extern const char decryption_key_start[] asm("_binary_esp_image_encryption_key_pem_start");
 extern const char decryption_key_end[] asm("_binary_esp_image_encryption_key_pem_end");
@@ -208,6 +226,15 @@ extern "C" void app_main()
     set_openthread_platform_config(&config);
 #endif
 
+#ifdef CONFIG_ENABLE_SET_CERT_DECLARATION_API
+    auto * dac_provider = get_dac_provider();
+#ifdef CONFIG_SEC_CERT_DAC_PROVIDER
+    static_cast<ESP32SecureCertDACProvider *>(dac_provider)->SetCertificationDeclaration(cdSpan);
+#elif defined(CONFIG_FACTORY_PARTITION_DAC_PROVIDER)
+    static_cast<ESP32FactoryDataProvider *>(dac_provider)->SetCertificationDeclaration(cdSpan);
+#endif
+#endif // CONFIG_ENABLE_SET_CERT_DECLARATION_API
+
     /* Matter start */
     err = esp_matter::start(app_event_cb);
     ABORT_APP_ON_FAILURE(err == ESP_OK, ESP_LOGE(TAG, "Failed to start Matter, err:%d", err));
diff --git a/examples/light/main/certification_declaration/certification_declaration.der b/examples/light/main/certification_declaration/certification_declaration.der
new file mode 100644
index 0000000000000000000000000000000000000000..13497daf359c25e4d8e344f388b8953df3929558
GIT binary patch
literal 233
zcmXqLe8$G9)#lOmotKfFX+h%+gT|{&jLe3-2Hb3%32h#Xsmv@)j0VmKMT`r~SWHA!
z7#LL<rG?FySePVKnRyv?ScIK}9gU0(4a|KVLre^Sw62kf3M+#O8-ofvqY4L;gkg<A
z70~Dgk$)!kQ)jxDStq`8wG<Y%@brIH+lOi$7aIrAP3LS`n3-7I3|yELR2}cQl#2e`
z5h>|+CCdMF*6a+oIgR1vZ^OTEUH1JKdXGs#RIp5a9k-H&>H7zPCw&t<nS3X!{b7m?
NJ!)K=S@%xsJpdYuK-d5P

literal 0
HcmV?d00001