[BUG] lighting-app commissioning fails with Home app on iOS 16.5

[bndkk]

Reproduction steps

1. Build lighting-app example
2. Run it on a raspberry: sudo ./chip-lighting-app
3. Scan QR Code using Home app on iOS 16.5 or higher and add to Home.
4. Ignore "Uncertified Accessory" warning.
5. Wait

The commissioning process never finishes and after a while the Home app shows a message that it had failed to commission. In the logs errors start to occur after the last successful command - CSRRequest. After that a Fail-safe timer expires and "Commissioning failed" is logged. Further down "Failed AddTrustedRootCertificate request" is also logged. See the attached lighting-app.log.

This bug is specific to iOS 16.5 and higher, because it just works if I test it with 16.4. All in all I tested with the following versions (also listing the version of the Apple TV I used as Home Hub):

• iOS 16.4 - Apple tvOS 16.4 - works
• iOS 16.4 - Apple tvOS 16.5 - works
• iOS 16.5 - Apple tvOS 16.4 - fails
• iOS 16.5 - Apple tvOS 16.5 - fails
• iOS 16.6 - Apple tvOS 16.6 - fails

The raspberry is running Raspberry PI OS 64-Bit.

Bug prevalence

Whenever I do this

GitHub hash of the SDK that was being used

4088a77f557e8571a39338fad51a1d8eb0131d79

Platform

darwin, raspi

Platform Version(s)

No response

Anything else?

lighting-app.log

[bzbarsky-apple]

From the log:

[1687182260.787122][1028:1028] CHIP:ZCL: OpCreds: Failed AddTrustedRootCertificate request with IM error 0xca (err = ../third_party/connectedhomeip/src/app/clusters/operational-credentials-server/operational-credentials-server.cpp:1143: CHIP Error 0x0000002F: Invalid argument)

0xCA is "FAILSAFE_REQUIRED".

@bndkk Are you able to file a Feedback Assistant ticket that would include client logs (from just the iPhone; the Apple TV logs should not be relevant for this failure), so we can investigate what's going on here? Please list the feedback assistant ticket id here if you do, or lest me know if you can't do that. Instructions for feedback assistant ticket:

• File a feedback assistant ticket. https://developer.apple.com/bug-reporting/#feedback-assistant
• Click on the link below using your account: https://feedbackassistant.apple.com/new-form-response
• Choose iOS/iPadOS to file an issue
• Choose the area as Home App and fill in the details of the type of issue and the description
• Technical Information Please provide the following a) Sysdiagnose logs for iPhone / iPad with the timestamp / timeframe of the issue b) Sysdiagnose logs for all the Home Hubs (HomePod mini / HomePod / Apple TV) with the timestamp / timeframe of the issue c) Accessory logs with the timestamp / timeframe of the issue d) mDNS network logs with timestamp / timeframe of the issue e) Video or screenshot describing the issue (optional but beneficial) Please make sure you download and install the profiles for iOS and tvOS as provided here. The instructions are also in these links.
• iOS:
• https://developer.apple.com/bug-reporting/profiles-and-logs/?platform=ios&name=homekit
  • https://developer.apple.com/bug-reporting/profiles-and-logs/?platform=ios&name=network
  • https://developer.apple.com/bug-reporting/profiles-and-logs/?platform=ios&name=mdns
• tvOS:
• https://developer.apple.com/bug-reporting/profiles-and-logs/?platform=tvos&name=homekit
• https://developer.apple.com/bug-reporting/profiles-and-logs/?platform=tvos&name=network
• https://developer.apple.com/bug-reporting/profiles-and-logs/?platform=tvos&name=mdns For installation instructions, refer to https://developer.apple.com/bug-reporting/profiles-and-logs. Note: Once you have the profile on the iPhone, it will ask you if you want to install it on other devices. Follow the prompts to install on the HomePod, Apple TV, etc., where you have the described issue and reproduce it.

[bzbarsky-apple]

Looking at the log some more, there is a CSRRequest command, then the client does not talk to the server for 30 seconds, so the fail-safe timer expires, and then right after that we get an AddTrustedRootCertificate command.

[1687182230.277012][1028:1028] CHIP:FS: GeneralCommissioning: Received ArmFailSafe (30s)
...
[1687182230.294231][1028:1028] CHIP:ZCL: OpCreds: Received a CSRRequest command
...
[1687182230.297395][1028:1028] CHIP:EM: <<< [E:63642r M:207330839 (Ack:77126170)] (S) Msg TX to 1:3BB143508D95B2FB [DE2D] --- Type 0001:09 (IM:InvokeCommandResponse)
...
[1687182230.305950][1028:1028] CHIP:EM: Rxd Ack; Removing MessageCounter:207330839 from Retrans Table on exchange 63642r
[1687182260.276991][1028:1028] CHIP:FS: Fail-safe timer expired
...
[1687182260.786570][1028:1028] CHIP:EM: >>> [E:63643r M:77126172] (S) Msg RX from 1:3BB143508D95B2FB [DE2D] --- Type 0001:08 (IM:InvokeCommandRequest)

It would be interesting to see what the server log from a success case looks like, by the way.

[bndkk]

@bzbarsky-apple I think I mixed up the version numbers. It works with 16.5 but not with 16.6 when testing both with Apple TV 16.6. I corrected that and created a feedback ticket also including a sysdiagnose from the failure and a log from a success case with iOS 16.5: FB12407416

[bzbarsky-apple]

@bndkk Thanks! So it looks like there are two things going on here:

1. The device seems to set FailSafeExpiryLengthSeconds to 30, which means the fail-safe expires quite quickly.
2. After the phone receives the CSR, it does some keychain operations each of which takes 4-5 seconds, so overall it takes 33 seconds to send the root cert to the device. By which point the fail-safe has expired.

I am looking into why the keychain bits are so slow, but I do wonder whether the difference is 16.5 vs 16.6 or whether it's different keychain contents on the two phones involved.

[bndkk]

I also tested commissioning with a phone running 17 beta and the same thing happens.

[bzbarsky-apple]

@bndkk Thank you, that is useful info....