Commit f9f3eae4 authored by apapkovskiy's avatar apapkovskiy
Browse files

Added auto-provisioning

parent 967e5aaa
...@@ -238,8 +238,8 @@ namespace awsiotsdk { ...@@ -238,8 +238,8 @@ namespace awsiotsdk {
} }
util::String client_id_tagged = ConfigCommon::base_client_id_; util::String client_id_tagged = ConfigCommon::base_client_id_;
client_id_tagged.append("_pub_sub_tester_"); // client_id_tagged.append("_pub_sub_tester_");
client_id_tagged.append(std::to_string(rand())); // client_id_tagged.append(std::to_string(rand()));
std::unique_ptr<Utf8String> client_id = Utf8String::Create(client_id_tagged); std::unique_ptr<Utf8String> client_id = Utf8String::Create(client_id_tagged);
rc = p_iot_client_->Connect(ConfigCommon::mqtt_command_timeout_, ConfigCommon::is_clean_session_, rc = p_iot_client_->Connect(ConfigCommon::mqtt_command_timeout_, ConfigCommon::is_clean_session_,
......
# a71ch-aws-client # a71ch-aws-client
## Connecting interfaces for a71ch-aws-client on Cascade-500"
```
sudo snap connect a71ch-aws-client:network-bind :network-bind
sudo snap connect a71ch-aws-client:network-control :network-control
sudo snap connect a71ch-aws-client:network-setup-control :network-setup-control
sudo snap connect a71ch-aws-client:lib-engine rigado-hsm-server:lib-engine
sudo snap connect a71ch-aws-client:lib-cert rigado-hsm-server:lib-cert
```
## Configuration the JRCP connection
Set the connection hostname (the default value is 127.0.0.1)
```
sudo snap set a71ch-aws-client jrcp-hostname=<jrcp server hostname>
```
Set the connection port (the default value is 8050)
```
sudo snap set a71ch-aws-client jrcp-port=<jrcp server port>
```
## Pre-provisioning A71CH
Set up initialize.jsch for apdu_player
```
sudo snap set a71ch-aws-client device-jcsh="$(cat initialize.jsch)"
```
## Provisioning A71CH
```
a71ch-aws-client.provisioning
```
To see the log open file $SNAP_COMMON/start-provisioning.log
## Switch on auto-provisioning
During the start the the pub-sub-sample service check whether there is or no SampleConfig.json. If there is no this file then the pub-sub-sample service runs provisioning
```
sudo snap set a71ch-aws-client a71ch-do-provisioning=AUTO_PROVISIONING
```
AUTO_PROVISIONING is the default value for a71ch-do-provisioning
## Switch on provisioning during every the pub-sub-sample service start
```
sudo snap set a71ch-aws-client a71ch-do-provisioning=DO_PROVISIONING
```
## Switch off provisioning during every the pub-sub-sample service start
```
sudo snap set a71ch-aws-client a71ch-do-provisioning=DONT_PROVISIONING
```
\ No newline at end of file
#!/bin/bash
set -x
exec >> ${SNAP_COMMON}/start-provisioning.log 2>&1
echo "$(date '+%Y-%m-%d %H:%M:%S') provisioning: Entering script"
. ${SNAP_COMMON}/.bash_profile
ls -l $SNAP/jrcp/lib
ls -l $SNAP/certs
ls -l $SNAP
cd $SNAP_COMMON
if [ -f ${SNAP_COMMON}/initialize.jcsh ]; then
echo "File initialize.jcsh was found. Try apdu_player ..."
$SNAP/jrcp/lib/apdu_player ${SNAP_COMMON}/initialize.jcsh
else
echo "File initialize.jcsh was NOT found."
fi
mkdir -p ${SNAP_COMMON}/certs
cp -rf ${SNAP}/certs/* ${SNAP_COMMON}/certs
$SNAP/jrcp/lib/nxp_iot_agent_demo
...@@ -8,19 +8,39 @@ ls -l $SNAP/jrcp/lib ...@@ -8,19 +8,39 @@ ls -l $SNAP/jrcp/lib
ls -l $SNAP/certs ls -l $SNAP/certs
ls -l $SNAP ls -l $SNAP
mkdir -p ${SNAP_COMMON}/certs
cp -rf ${SNAP}/certs/* ${SNAP_COMMON}/certs
if [ "$A71CH_CONFIG" == "A71CH_TOOL_CONFIG" ]; then if [ "$A71CH_CONFIG" == "A71CH_TOOL_CONFIG" ]; then
cd $SNAP cd $SNAP_COMMON
./bin/pub-sub-sample configs $SNAP/bin/pub-sub-sample configs
else else
cd $SNAP_COMMON cd $SNAP_COMMON
if [ "$A71CH_DO_PROVISIONING" == "DO_PROVISIONING" ]; then
$SNAP/jrcp/lib/nxp_iot_agent_demo if [ ! -f ${SNAP_COMMON}/initialize.jcsh ]; then
echo "File initialize.jcsh was found. Try apdu_player ..."
mkdir -p ${SNAP_COMMON}/certs $SNAP/jrcp/lib/apdu_player ${SNAP_COMMON}/initialize.jcsh
cp -rf ${SNAP}/certs/* ${SNAP_COMMON}/certs else
echo "File initialize.jcsh was NOT found."
$SNAP/bin/pub-sub-sample certs fi
$SNAP/jrcp/lib/nxp_iot_agent_demo
fi
if [ "$A71CH_DO_PROVISIONING" == "AUTO_PROVISIONING" ]; then
if [ ! -f $SNAP_COMMON/certs/SampleConfig.json ]; then
echo "File SampleConfig.json was NOT found. Run provisioning "
if [ -f ${SNAP_COMMON}/initialize.jcsh ]; then
echo "File initialize.jcsh was found. Try apdu_player ..."
$SNAP/jrcp/lib/apdu_player ${SNAP_COMMON}/initialize.jcsh
else
echo "File initialize.jcsh was NOT found."
fi
$SNAP/jrcp/lib/nxp_iot_agent_demo
fi
fi
cd $SNAP_COMMON/certs
$SNAP/bin/pub-sub-sample
fi fi
-----BEGIN CERTIFICATE-----
MIIB0TCCAXegAwIBAgIJALKU6f36XQnAMAoGCCqGSM49BAMCMEUxCzAJBgNVBAYT
AkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRn
aXRzIFB0eSBMdGQwHhcNMTgxMjEwMDkzOTE5WhcNMjgxMjA3MDkzOTE5WjBFMQsw
CQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJu
ZXQgV2lkZ2l0cyBQdHkgTHRkMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZ/Wf
eeYhIfhHKAbWTQfpU6oQlzqi8G/9UJcQLRhkCXmdBjQN6PyeuI16O8wBXEPBAUrC
1l0R5+/Y6ldwNkIarKNQME4wHQYDVR0OBBYEFHWZRJxOikjvif01ZFBeXbnw92VZ
MB8GA1UdIwQYMBaAFHWZRJxOikjvif01ZFBeXbnw92VZMAwGA1UdEwQFMAMBAf8w
CgYIKoZIzj0EAwIDSAAwRQIhAO+Z+hzv2XJ0uT+yiyOIcc5dNyKrjuOyeu8RrMuE
KzktAiA6/ozj0I1FLAH3Q2R9M5xIZW/UHNxTwl8TuHPxOVe7jg==
-----END CERTIFICATE-----
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEINjXlj/SeHjtm3tLPV1a+9cZQrfFA9cz5YFhZQw2SPPDoAoGCCqGSM49
AwEHoUQDQgAEZ/WfeeYhIfhHKAbWTQfpU6oQlzqi8G/9UJcQLRhkCXmdBjQN6Pye
uI16O8wBXEPBAUrC1l0R5+/Y6ldwNkIarA==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIBQjCB6gIJAK73z82N6W6bMAoGCCqGSM49BAMCMEUxCzAJBgNVBAYTAkFVMRMw
EQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0
eSBMdGQwHhcNMTgxMjEwMTEwOTEzWhcNMjgxMjA3MTEwOTEzWjAPMQ0wCwYDVQQD
DARkZXYxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE2vPYesmocPx/AjILggzB
+YfeLn0v/3n/kIrcUClb76/+2Cji/WYUNmVIhtvPV6+P9uy/Vp70dLx57Wix/rcF
eTAKBggqhkjOPQQDAgNHADBEAiAmhKAQwhn94fDsvSRCnnTzDHu6/r7qi/16FgYe
Sjy1iQIgTYMzWYazaCAjMOBK3WPD328XAYa8Svce5ByOYY0r7vY=
-----END CERTIFICATE-----
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIFUNL05x+VTiBsHusA2aMMXRbZiw7wVDF0J8XLA37yIQoAoGCCqGSM49
AwEHoUQDQgAE2vPYesmocPx/AjILggzB+YfeLn0v/3n/kIrcUClb76/+2Cji/WYU
NmVIhtvPV6+P9uy/Vp70dLx57Wix/rcFeQ==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
rqXRfboQnoZsG4q5WTP468SQvvG5
-----END CERTIFICATE-----
...@@ -19,5 +19,15 @@ conf-files: ...@@ -19,5 +19,15 @@ conf-files:
validator-type: regex validator-type: regex
validator-value: '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$' validator-value: '^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$'
default-value: 127.0.0.1 default-value: 127.0.0.1
- snap-key: a71ch-do-provisioning
config-key: A71CH_DO_PROVISIONING
validator-type: range
validator-type: regex
validator-value: '^(DO_PROVISIONING|DONT_PROVISIONING|AUTO_PROVISIONING)$'
default-value: AUTO_PROVISIONING
files:
- file-path: /var/snap/a71ch-aws-client/common/initialize.jcsh
snap-key: device-jcsh
- file-path: /var/snap/a71ch-aws-client/common/configs/SampleConfig.json
snap-key: sample-config
...@@ -4,8 +4,15 @@ set -x ...@@ -4,8 +4,15 @@ set -x
exec >> ${SNAP_COMMON}/configure-hook.log 2>&1 exec >> ${SNAP_COMMON}/configure-hook.log 2>&1
echo "$(date '+%Y-%m-%d %H:%M:%S') configure-hook: Entering hook" echo "$(date '+%Y-%m-%d %H:%M:%S') configure-hook: Entering hook"
snapctl stop ${SNAP_NAME}.pub-sub-sample
cp -rf ${SNAP}/bash_profile ${SNAP_COMMON}/.bash_profile cp -rf ${SNAP}/bash_profile ${SNAP_COMMON}/.bash_profile
cp -rf ${SNAP}/snapconf.yaml ${SNAP_DATA}/snapconf.yaml cp -rf ${SNAP}/snapconf.yaml ${SNAP_DATA}/snapconf.yaml
mkdir -p ${SNAP_COMMON}/configs
cp -rf ${SNAP}/configs/* ${SNAP_COMMON}/configs
${SNAP}/bin/configure || exit 1 ${SNAP}/bin/configure || exit 1
snapctl start ${SNAP_NAME}.pub-sub-sample
...@@ -42,7 +42,13 @@ apps: ...@@ -42,7 +42,13 @@ apps:
OPENSSL_CONF: $SNAP/certs/opensslA71CH.cnf OPENSSL_CONF: $SNAP/certs/opensslA71CH.cnf
LD_LIBRARY_PATH: $LD_LIBRARY_PATH:$SNAP/jrcp/lib LD_LIBRARY_PATH: $LD_LIBRARY_PATH:$SNAP/jrcp/lib
command: bin/start-pub-sub-sample command: bin/start-pub-sub-sample
# daemon: simple daemon: simple
# restart-condition: always restart-condition: always
plugs: &default-plugs [network-bind, network-control, network-setup-control, network, lib-cert, lib-engine] plugs: &default-plugs [network-bind, network-control, network-setup-control, network, lib-cert, lib-engine]
provisioning:
environment:
OPENSSL_CONF: $SNAP/certs/opensslA71CH.cnf
LD_LIBRARY_PATH: $LD_LIBRARY_PATH:$SNAP/jrcp/lib
command: bin/start-provisioning
plugs: *default-plugs
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment