Make PAA trust store configurable (#12277)

* Make PAA store configurable

PAA store used by DefaultDeviceAttestationVerifier could not be
replaced, forcing a few fixed test roots to always be used and
nothing else, unless completely forking the
DefaultDeviceAttestationVerifier.

- This PR introduces the `PaaRootStore` interface, which the
  default `DeviceAttestationVerifier` expects to get configured
  at in constructor.
- Examples were modified to use the default test PAA root store
- Unit tests updated to use the testing root store
- Refactored simple array-based Root store to self-extract
  the SKID

Testing done: added new units tests which pass, ran cert tests,
validated attestation succeeds the same as before with test keys.

Fixed #11913

* Restyled by clang-format

* Address review comments

- Rename PaaRootStore to AttestationTrustStore
- Add comments about ArrayAttestationtTrustStore lifecycle
- Remove debug print

* Fix python build

* Fix tv-app scoping issue

* Attempt to debug Darwin error

* Restyled by clang-format

* Remove debug logging used to diagnose CI

Co-authored-by: Restyled.io <commits@restyled.io>

Author: 2 people

examples/chip-tool/commands/common/CHIPCommand.cpp

@@ -45,7 +45,10 @@ CHIP_ERROR CHIPCommand::Run()
     chip::Platform::ScopedMemoryBuffer<uint8_t> rcac;
 
     chip::Credentials::SetDeviceAttestationCredentialsProvider(chip::Credentials::Examples::GetExampleDACProvider());
-    chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier());
+
+    // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+    const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+    chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier(testingRootStore));
 
     VerifyOrReturnError(noc.Alloc(chip::Controller::kMaxCHIPDERCertLength), CHIP_ERROR_NO_MEMORY);
     VerifyOrReturnError(icac.Alloc(chip::Controller::kMaxCHIPDERCertLength), CHIP_ERROR_NO_MEMORY);

examples/platform/linux/AppMain.cpp

@@ -234,7 +234,9 @@ CHIP_ERROR InitCommissioner()
     ReturnErrorOnFailure(gCommissioner.SetUdcListenPort(LinuxDeviceOptions::GetInstance().unsecuredCommissionerPort));
 
     // Initialize device attestation verifier
-    SetDeviceAttestationVerifier(GetDefaultDACVerifier());
+    // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+    const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+    SetDeviceAttestationVerifier(GetDefaultDACVerifier(testingRootStore));
 
     chip::Platform::ScopedMemoryBuffer<uint8_t> noc;
     VerifyOrReturnError(noc.Alloc(chip::Controller::kMaxCHIPDERCertLength), CHIP_ERROR_NO_MEMORY);

examples/tv-casting-app/linux/main.cpp

@@ -195,8 +195,12 @@ int main(int argc, char * argv[])
     // Initialize device attestation config
     SetDeviceAttestationCredentialsProvider(Examples::GetExampleDACProvider());
 
-    // Initialize device attestation verifier
-    SetDeviceAttestationVerifier(GetDefaultDACVerifier());
+    // Initialize device attestation verifier from a constant version
+    {
+        // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+        const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+        SetDeviceAttestationVerifier(GetDefaultDACVerifier(testingRootStore));
+    }
 
     if (!chip::ArgParser::ParseArgs(argv[0], argc, argv, allOptions))
     {

src/controller/java/AndroidDeviceControllerWrapper.cpp

@@ -204,7 +204,9 @@ AndroidDeviceControllerWrapper * AndroidDeviceControllerWrapper::AllocateNew(Jav
     wrapper->SetJavaObjectRef(vm, deviceControllerObj);
 
     // Initialize device attestation verifier
-    SetDeviceAttestationVerifier(GetDefaultDACVerifier());
+    // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+    const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+    SetDeviceAttestationVerifier(GetDefaultDACVerifier(testingRootStore));
 
     chip::Controller::FactoryInitParams initParams;
     chip::Controller::SetupParams setupParams;

src/controller/python/ChipDeviceController-ScriptBinding.cpp

@@ -182,7 +182,9 @@ ChipError::StorageType pychip_DeviceController_NewDeviceController(chip::Control
     }
 
     // Initialize device attestation verifier
-    SetDeviceAttestationVerifier(GetDefaultDACVerifier());
+    // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+    const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+    SetDeviceAttestationVerifier(GetDefaultDACVerifier(testingRootStore));
 
     CHIP_ERROR err = sOperationalCredentialsIssuer.Initialize(sStorageDelegate);
     VerifyOrReturnError(err == CHIP_NO_ERROR, err.AsInteger());

src/controller/python/chip/internal/CommissionerImpl.cpp

@@ -108,6 +108,11 @@ extern "C" chip::Controller::DeviceCommissioner * pychip_internal_Commissioner_N
         chip::Platform::ScopedMemoryBuffer<uint8_t> rcac;
         chip::Crypto::P256Keypair ephemeralKey;
 
+        // Initialize device attestation verifier
+        // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+        const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+        chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier(testingRootStore));
+
         err = gFabricStorage.Initialize(&gServerStorage);
         SuccessOrExit(err);
 
@@ -116,9 +121,6 @@ extern "C" chip::Controller::DeviceCommissioner * pychip_internal_Commissioner_N
         commissionerParams.pairingDelegate = &gPairingDelegate;
         commissionerParams.storageDelegate = &gServerStorage;
 
-        // Initialize device attestation verifier
-        chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier());
-
         err = ephemeralKey.Initialize();
         SuccessOrExit(err);
 

src/credentials/CHIPCert.h

@@ -42,7 +42,7 @@
 namespace chip {
 namespace Credentials {
 
-static constexpr uint32_t kKeyIdentifierLength                 = 20;
+static constexpr uint32_t kKeyIdentifierLength                 = static_cast<uint32_t>(Crypto::kSubjectKeyIdentifierLength);
 static constexpr uint32_t kChip32bitAttrUTF8Length             = 8;
 static constexpr uint32_t kChip64bitAttrUTF8Length             = 16;
 static constexpr uint16_t kX509NoWellDefinedExpirationDateYear = 9999;

src/credentials/DeviceAttestationVerifier.h

@@ -99,6 +99,87 @@ struct DeviceInfoForAttestation
     uint16_t paaVendorId = VendorId::NotSpecified;
 };
 
+/**
+ * @brief Helper utility to model a basic trust store usable for device attestation verifiers.
+ *
+ * API is synchronous. Real commissioner implementations may entirely
+ * hide Product Attestation Authority cert lookup behind the DeviceAttestationVerifier and
+ * never use this interface at all. It is provided as a utility to help build DeviceAttestationVerifier
+ * implementations suitable for testing or examples.
+ */
+class AttestationTrustStore
+{
+public:
+    AttestationTrustStore()          = default;
+    virtual ~AttestationTrustStore() = default;
+
+    // Not copyable
+    AttestationTrustStore(const AttestationTrustStore &) = delete;
+    AttestationTrustStore & operator=(const AttestationTrustStore &) = delete;
+
+    /**
+     * @brief Look-up a PAA cert by SKID
+     *
+     * The implementations of this interface must have access to a set of PAAs to trust.
+     *
+     * Interface is synchronous, and therefore this should not be used unless to expose a PAA
+     * store that is both fully local and quick to access.
+     *
+     * @param[in] skid Buffer containing the subject key identifier (SKID) of the PAA to look-up
+     * @param[inout] outPaaDerBuffer Buffer to receive the contents of the PAA root cert, if found.
+     *                                  Size will be updated to match actual size.
+     *
+     * @returns CHIP_NO_ERROR on success, CHIP_INVALID_ARGUMENT if `skid` or `outPaaDerBuffer` arguments
+     *          are not usable, CHIP_BUFFER_TOO_SMALL if certificate doesn't fit in `outPaaDerBuffer`
+     *          span, CHIP_ERROR_CA_CERT_NOT_FOUND if no PAA found that matches `skid.
+     *
+     */
+    virtual CHIP_ERROR GetProductAttestationAuthorityCert(const ByteSpan & skid, MutableByteSpan & outPaaDerBuffer) const = 0;
+};
+
+/**
+ * @brief Basic AttestationTrustStore that holds all data within caller-owned memory.
+ *
+ * This is useful to wrap a fixed constant array of certificates into a trust store
+ * implementation.
+ */
+
+class ArrayAttestationTrustStore : public AttestationTrustStore
+{
+public:
+    ArrayAttestationTrustStore(const ByteSpan * derCerts, size_t numCerts) : mDerCerts(derCerts), mNumCerts(numCerts) {}
+
+    CHIP_ERROR GetProductAttestationAuthorityCert(const ByteSpan & skid, MutableByteSpan & outPaaDerBuffer) const override
+    {
+        VerifyOrReturnError(!skid.empty() && (skid.data() != nullptr), CHIP_ERROR_INVALID_ARGUMENT);
+        VerifyOrReturnError(skid.size() == Crypto::kSubjectKeyIdentifierLength, CHIP_ERROR_INVALID_ARGUMENT);
+
+        size_t paaIdx;
+        ByteSpan candidate;
+
+        for (paaIdx = 0; paaIdx < mNumCerts; ++paaIdx)
+        {
+            uint8_t skidBuf[Crypto::kSubjectKeyIdentifierLength] = { 0 };
+            candidate                                            = mDerCerts[paaIdx];
+            MutableByteSpan candidateSkidSpan{ skidBuf };
+            VerifyOrReturnError(CHIP_NO_ERROR == Crypto::ExtractSKIDFromX509Cert(candidate, candidateSkidSpan),
+                                CHIP_ERROR_INTERNAL);
+
+            if (skid.data_equal(candidateSkidSpan))
+            {
+                // Found a match
+                return CopySpanToMutableSpan(candidate, outPaaDerBuffer);
+            }
+        }
+
+        return CHIP_ERROR_CA_CERT_NOT_FOUND;
+    }
+
+protected:
+    const ByteSpan * mDerCerts;
+    const size_t mNumCerts;
+};
+
 class DeviceAttestationVerifier
 {
 public:

src/credentials/examples/DefaultDeviceAttestationVerifier.cpp

@@ -21,14 +21,30 @@
 namespace chip {
 namespace Credentials {
 
+/**
+ * @brief Get implementation of a PAA root store containing a basic set of static PAA roots
+ *        sufficient for *testing* only.
+ *
+ * WARNING: The PAA list known to this PAA root store is a reduced subset that will likely
+ *          cause users of it to fail attestation procedure in some cases. This is provided
+ *          to support tests and examples, not to be used by real commissioners, as it
+ *          contains several test roots which are not trustworthy for certified product usage.
+ *
+ * @returns a singleton AttestationTrustStore that contains some well-known PAA test root certs.
+ */
+const AttestationTrustStore * GetTestAttestationTrustStore();
+
 /**
  * @brief Get implementation of a sample DAC verifier to validate device
  *        attestation procedure.
  *
- * @returns a singleton DeviceAttestationVerifier that relies on no
- *          storage abstractions.
+ * @param[in] paaRootStore Pointer to the AttestationTrustStore instance to be used by implementation
+ *                         of default DeviceAttestationVerifier. Caller must ensure storage is
+ *                         always available while the DeviceAttestationVerifier could be used.
+ *
+ * @returns a singleton DeviceAttestationVerifier that satisfies basic device attestation procedure requirements.
  */
-DeviceAttestationVerifier * GetDefaultDACVerifier();
+DeviceAttestationVerifier * GetDefaultDACVerifier(const AttestationTrustStore * paaRootStore);
 
 } // namespace Credentials
 } // namespace chip

src/credentials/examples/DefaultDeviceAttestationVerifier.h

@@ -247,7 +247,7 @@ static void TestCD_CMSSignAndVerify(nlTestSuite * inSuite, void * inContext)
 {
     ByteSpan cdContentIn(sTestCMS_CDContent01);
     ByteSpan cdContentOut;
-    uint8_t signerKeyIdBuf[kKeyIdentifierLength];
+    uint8_t signerKeyIdBuf[Crypto::kSubjectKeyIdentifierLength];
     MutableByteSpan signerKeyId(signerKeyIdBuf);
     uint8_t signedMessageBuf[kMaxCMSSignedCDMessage];
     MutableByteSpan signedMessage(signedMessageBuf);
@@ -297,7 +297,7 @@ static void TestCD_CMSVerifyAndExtract(nlTestSuite * inSuite, void * inContext)
         NL_TEST_ASSERT(inSuite, testCase.cdContent.data_equal(cdContentOut));
 
         // Test CMS_ExtractKeyId()
-        uint8_t signerKeyIdBuf[kKeyIdentifierLength];
+        uint8_t signerKeyIdBuf[Crypto::kSubjectKeyIdentifierLength];
         MutableByteSpan signerKeyId(signerKeyIdBuf);
         NL_TEST_ASSERT(inSuite, ExtractSKIDFromX509Cert(testCase.signerCert, signerKeyId) == CHIP_NO_ERROR);
 

src/credentials/tests/TestCertificationDeclaration.cpp

@@ -195,8 +195,7 @@ static void TestDACVerifierExample_AttestationInfoVerification(nlTestSuite * inS
         default_verifier->VerifyAttestationInformation(ByteSpan(), ByteSpan(), ByteSpan(), ByteSpan(), ByteSpan(), ByteSpan());
     NL_TEST_ASSERT(inSuite, attestation_result == AttestationVerificationResult::kNotImplemented);
 
-    // Replace default verifier with example verifier
-    DeviceAttestationVerifier * example_dac_verifier = GetDefaultDACVerifier();
+    DeviceAttestationVerifier * example_dac_verifier = GetDefaultDACVerifier(GetTestAttestationTrustStore());
     NL_TEST_ASSERT(inSuite, example_dac_verifier != nullptr);
     NL_TEST_ASSERT(inSuite, default_verifier != example_dac_verifier);
 
@@ -252,7 +251,7 @@ static void TestDACVerifierExample_CertDeclarationVerification(nlTestSuite * inS
     CHIP_ERROR err = CHIP_NO_ERROR;
 
     // Replace default verifier with example verifier
-    DeviceAttestationVerifier * example_dac_verifier = GetDefaultDACVerifier();
+    DeviceAttestationVerifier * example_dac_verifier = GetDefaultDACVerifier(GetTestAttestationTrustStore());
     NL_TEST_ASSERT(inSuite, example_dac_verifier != nullptr);
 
     SetDeviceAttestationVerifier(example_dac_verifier);
@@ -295,6 +294,80 @@ static void TestDACVerifierExample_CertDeclarationVerification(nlTestSuite * inS
     NL_TEST_ASSERT(inSuite, attestation_result == AttestationVerificationResult::kSuccess);
 }
 
+static void TestAttestationTrustStore(nlTestSuite * inSuite, void * inContext)
+{
+    uint8_t kPaaFff1Start[] = { 0x30, 0x82, 0x01, 0x99, 0x30, 0x82, 0x01, 0x3F, 0xA0, 0x03, 0x02, 0x01, 0x02,
+                                0x02, 0x08, 0x68, 0x38, 0x4F, 0xAB, 0xB9, 0x19, 0xFC, 0xDF, 0x30, 0x0A, 0x06,
+                                0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x1F, 0x31 };
+    uint8_t kPaaFff1Skid[]  = { 0xEF, 0x18, 0xE0, 0xEC, 0xD4, 0x66, 0x04, 0x34, 0xDF, 0x0D,
+                               0xBC, 0x91, 0x1E, 0xD4, 0x52, 0x16, 0x99, 0x66, 0x83, 0x9F };
+
+    uint8_t kPaaFff2Start[] = { 0x30, 0x82, 0x01, 0x9D, 0x30, 0x82, 0x01, 0x42, 0xA0, 0x03, 0x02, 0x01, 0x02,
+                                0x02, 0x08, 0x03, 0x92, 0xA7, 0x65, 0x5A, 0x3E, 0x6C, 0x77, 0x30, 0x0A, 0x06,
+                                0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x1F, 0x31 };
+    uint8_t kPaaFff2Skid[]  = { 0xE7, 0xEF, 0xEA, 0xC3, 0x33, 0x5C, 0x5F, 0xD0, 0xC3, 0xE6,
+                               0x34, 0x52, 0x9F, 0x16, 0x70, 0x46, 0xC4, 0xBC, 0xA5, 0x5C };
+
+    // SKID to trigger CHIP_ERROR_INVALID_ARGUMENT
+    uint8_t kPaaBadSkid1[] = { 0xE7, 0xEF, 0xEA, 0xC3, 0x33, 0x5C, 0xD0, 0xC3, 0xE6, 0x34,
+                               0x52, 0x9F, 0x16, 0x70, 0x46, 0xC4, 0xBC, 0xA5, 0x5C };
+    ByteSpan kPaaBadSkidSpan1{ kPaaBadSkid1 };
+
+    // SKID to trigger CHIP_ERROR_INVALID_ARGUMENT
+    ByteSpan kPaaBadSkidSpan2{ nullptr, sizeof(kPaaFff2Skid) };
+
+    // SKID to trigger CHIP_ERROR_CA_CERT_NOT_FOUND
+    uint8_t kPaaGoodSkidNotPresent[] = { 0xE7, 0xEF, 0xEA, 0xC3, 0x33, 0x5C, 0x5F, 0xD0, 0xC3, 0xE6,
+                                         0x34, 0x52, 0x9F, 0x16, 0x70, 0xFF, 0xFF, 0xBC, 0xA5, 0x5C };
+
+    struct TestCase
+    {
+        ByteSpan skidSpan;
+        ByteSpan startSpan;
+        CHIP_ERROR expectedResult;
+    };
+
+    const TestCase kTestCases[] = {
+        { .skidSpan = ByteSpan{ kPaaFff1Skid }, .startSpan = ByteSpan{ kPaaFff1Start }, .expectedResult = CHIP_NO_ERROR },
+        { .skidSpan = ByteSpan{ kPaaFff2Skid }, .startSpan = ByteSpan{ kPaaFff2Start }, .expectedResult = CHIP_NO_ERROR },
+        { .skidSpan       = ByteSpan{ kPaaFff2Skid },
+          .startSpan      = ByteSpan{ kPaaFff2Start },
+          .expectedResult = CHIP_ERROR_BUFFER_TOO_SMALL },
+        { .skidSpan = kPaaBadSkidSpan1, .startSpan = ByteSpan{}, .expectedResult = CHIP_ERROR_INVALID_ARGUMENT },
+        { .skidSpan = kPaaBadSkidSpan2, .startSpan = ByteSpan{}, .expectedResult = CHIP_ERROR_INVALID_ARGUMENT },
+        { .skidSpan = ByteSpan{ kPaaGoodSkidNotPresent }, .startSpan = ByteSpan{}, .expectedResult = CHIP_ERROR_CA_CERT_NOT_FOUND },
+    };
+
+    const AttestationTrustStore * testAttestationTrustStore = GetTestAttestationTrustStore();
+    NL_TEST_ASSERT(inSuite, testAttestationTrustStore != nullptr);
+
+    size_t testCaseIdx = 0;
+    for (const auto & testCase : kTestCases)
+    {
+        uint8_t buf[kMaxDERCertLength];
+        MutableByteSpan paaCertSpan{ buf };
+        if (testCase.expectedResult == CHIP_ERROR_BUFFER_TOO_SMALL)
+        {
+            // Make the output much too small if checking for size handling
+            paaCertSpan = paaCertSpan.SubSpan(0, 16);
+        }
+
+        // Try to obtain cert
+        CHIP_ERROR result = testAttestationTrustStore->GetProductAttestationAuthorityCert(testCase.skidSpan, paaCertSpan);
+        NL_TEST_ASSERT(inSuite, result == testCase.expectedResult);
+
+        // In success cases, make sure the start of the cert matches expectation. Not using full certs
+        // to avoid repeating the known constants here.
+        if (testCase.expectedResult == CHIP_NO_ERROR)
+        {
+            NL_TEST_ASSERT(inSuite, paaCertSpan.size() > testCase.startSpan.size());
+            paaCertSpan = paaCertSpan.SubSpan(0, testCase.startSpan.size());
+            NL_TEST_ASSERT(inSuite, paaCertSpan.data_equal(testCase.startSpan) == true);
+        }
+        ++testCaseIdx;
+    }
+}
+
 /**
  *  Set up the test suite.
  */
@@ -326,6 +399,7 @@ int TestDeviceAttestation_Teardown(void * inContext)
 static const nlTest sTests[] = {
     NL_TEST_DEF("Test Example Device Attestation Credentials Providers", TestDACProvidersExample_Providers),
     NL_TEST_DEF("Test Example Device Attestation Signature", TestDACProvidersExample_Signature),
+    NL_TEST_DEF("Test the 'for testing' Paa Root Store", TestAttestationTrustStore),
     NL_TEST_DEF("Test Example Device Attestation Information Verification", TestDACVerifierExample_AttestationInfoVerification),
     NL_TEST_DEF("Test Example Device Attestation Certification Declaration Verification", TestDACVerifierExample_CertDeclarationVerification),
     NL_TEST_SENTINEL()

src/credentials/tests/TestDeviceAttestationCredentials.cpp

@@ -46,6 +46,8 @@ constexpr size_t kP256_ECDSA_Signature_Length_Raw = (2 * kP256_FE_Length);
 constexpr size_t kP256_Point_Length               = (2 * kP256_FE_Length + 1);
 constexpr size_t kSHA256_Hash_Length              = 32;
 constexpr size_t kSHA1_Hash_Length                = 20;
+constexpr size_t kSubjectKeyIdentifierLength      = kSHA1_Hash_Length;
+constexpr size_t kAuthorityKeyIdentifierLength    = kSHA1_Hash_Length;
 
 constexpr size_t CHIP_CRYPTO_GROUP_SIZE_BYTES      = kP256_FE_Length;
 constexpr size_t CHIP_CRYPTO_PUBLIC_KEY_SIZE_BYTES = kP256_Point_Length;

src/crypto/CHIPCryptoPAL.h

@@ -1874,7 +1874,7 @@ static void TestSKID_x509Extraction(nlTestSuite * inSuite, void * inContext)
 
     HeapChecker heapChecker(inSuite);
     CHIP_ERROR err = CHIP_NO_ERROR;
-    uint8_t skidBuf[Credentials::kKeyIdentifierLength];
+    uint8_t skidBuf[kSubjectKeyIdentifierLength];
     MutableByteSpan skidOut(skidBuf);
 
     ByteSpan cert;
@@ -1901,7 +1901,7 @@ static void TestAKID_x509Extraction(nlTestSuite * inSuite, void * inContext)
 
     HeapChecker heapChecker(inSuite);
     CHIP_ERROR err = CHIP_NO_ERROR;
-    uint8_t akidBuf[Credentials::kKeyIdentifierLength];
+    uint8_t akidBuf[kAuthorityKeyIdentifierLength];
     MutableByteSpan akidOut(akidBuf);
 
     ByteSpan cert;

src/crypto/tests/CHIPCryptoPALTest.cpp

@@ -190,7 +190,9 @@ - (BOOL)startup:(_Nullable id<CHIPPersistentStorageDelegate>)storageDelegate
         }
 
         // Initialize device attestation verifier
-        chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier());
+        // TODO: Replace testingRootStore with a AttestationTrustStore that has the necessary official PAA roots available
+        const chip::Credentials::AttestationTrustStore * testingRootStore = chip::Credentials::GetTestAttestationTrustStore();
+        chip::Credentials::SetDeviceAttestationVerifier(chip::Credentials::GetDefaultDACVerifier(testingRootStore));
 
         params.fabricStorage = _fabricStorage;
         commissionerParams.storageDelegate = _persistentStorageDelegateBridge;

src/darwin/Framework/CHIP/CHIPDeviceController.mm

@@ -47,7 +47,7 @@
 namespace chip {
 
 constexpr uint16_t kSigmaParamRandomNumberSize = 32;
-constexpr uint16_t kTrustedRootIdSize          = Credentials::kKeyIdentifierLength;
+constexpr uint16_t kTrustedRootIdSize          = Crypto::kSubjectKeyIdentifierLength;
 constexpr uint16_t kMaxTrustedRootIds          = 5;
 
 constexpr uint16_t kIPKSize = 16;