Skip to content

Commit

Permalink
Examples: update provisioning sketch
Browse files Browse the repository at this point in the history
  • Loading branch information
@pennam
pennam committed Feb 6, 2024
1 parent b4db6bd commit 31fa0f8
Showing 1 changed file with 72 additions and 23 deletions.
95 changes: 72 additions & 23 deletions examples/utility/Provisioning/Provisioning.ino
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,31 @@
#include <ArduinoIoTCloud.h>
#include "ECCX08TLSConfig.h"

const bool DEBUG = true;

ArduinoIoTCloudCertClass Certificate;
CryptoUtil Crypto;
#include <Arduino_SecureElement.h>
#include <utility/SElementArduinoCloud.h>
#include <utility/SElementArduinoCloudCertificate.h>
#include <utility/SElementArduinoCloudDeviceId.h>
#include <utility/SElementCSR.h>

#ifdef ARDUINO_SAMD_MKR1000
#include <WiFi101.h>
#define LATEST_WIFI_FIRMWARE_VERSION WIFI_FIRMWARE_LATEST_MODEL_B
#endif
#if defined(ARDUINO_SAMD_MKRWIFI1010) || defined(ARDUINO_SAMD_NANO_33_IOT) || defined(ARDUINO_NANO_RP2040_CONNECT)
#include <WiFiNINA.h>
#define LATEST_WIFI_FIRMWARE_VERSION WIFI_FIRMWARE_LATEST_VERSION
#endif

void setup() {
Serial.begin(9600);
while (!Serial);

if (!Crypto.begin()) {
SecureElement secureElement;

if (!secureElement.begin()) {
Serial.println("No crypto present!");
while (1);
}

if (!Crypto.locked()) {
if (!secureElement.locked()) {
/* WARNING: This string is parsed from IoTCloud frontend */
String lockConfirm = promptAndReadLine("Your crypto is unlocked, would you like to lock it (y/N): ");
lockConfirm.toLowerCase();

Expand All @@ -24,12 +34,14 @@ void setup() {
while (1);
}

if (!Crypto.writeConfiguration(DEFAULT_ECCX08_TLS_CONFIG)) {
if (!secureElement.writeConfiguration()) {
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println("Writing crypto configuration failed!");
while (1);
}

if (!Crypto.lock()) {
if (!secureElement.lock()) {
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println("Locking crypto configuration failed!");
while (1);
}
Expand All @@ -38,6 +50,7 @@ void setup() {
Serial.println();
}

/* WARNING: This string is parsed from IoTCloud frontend */
String csrConfirm = promptAndReadLine("Would you like to generate a new private key and CSR (y/N): ");
csrConfirm.toLowerCase();

Expand All @@ -46,22 +59,27 @@ void setup() {
while (1);
}

ECP256Certificate Certificate;

if (!Certificate.begin()) {
Serial.println("Error starting CSR generation!");
while (1);
}

String deviceId = promptAndReadLine("Please enter the device ID: ");
/* WARNING: This string is parsed from IoTCloud frontend */
String deviceId = promptAndReadLine("Please enter the device id: ");
Certificate.setSubjectCommonName(deviceId);

if (!Crypto.buildCSR(Certificate, CryptoSlot::Key, true)) {
if (!SElementCSR::build(secureElement, Certificate, (int)SElementArduinoCloudSlot::Key, true)) {
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println("Error generating CSR!");
while (1);
}

String csr = Certificate.getCSRPEM();

if (!csr) {
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println("Error generating CSR!");
while (1);
}
Expand All @@ -79,15 +97,15 @@ void setup() {
String authorityKeyIdentifier = promptAndReadLine("Please enter the certificates authority key identifier: ");
String signature = promptAndReadLine("Please enter the certificates signature: ");

byte serialNumberBytes[CERT_SERIAL_NUMBER_LENGTH];
byte authorityKeyIdentifierBytes[CERT_AUTHORITY_KEY_ID_LENGTH];
byte signatureBytes[CERT_SIGNATURE_LENGTH];
byte serialNumberBytes[ECP256_CERT_SERIAL_NUMBER_LENGTH];
byte authorityKeyIdentifierBytes[ECP256_CERT_AUTHORITY_KEY_ID_LENGTH];
byte signatureBytes[ECP256_CERT_SIGNATURE_LENGTH];

hexStringToBytes(serialNumber, serialNumberBytes, sizeof(serialNumberBytes));
hexStringToBytes(authorityKeyIdentifier, authorityKeyIdentifierBytes, sizeof(authorityKeyIdentifierBytes));
hexStringToBytes(signature, signatureBytes, sizeof(signatureBytes));

if (!Crypto.writeDeviceId(deviceId, CryptoSlot::DeviceId)) {
if (!SElementArduinoCloudDeviceId::write(secureElement, deviceId, SElementArduinoCloudSlot::DeviceId)) {
Serial.println("Error storing device ID!");
while (1);
}
Expand All @@ -111,20 +129,16 @@ void setup() {
Certificate.setIssueHour(issueHour.toInt());
Certificate.setExpireYears(expireYears.toInt());

if (!Crypto.buildCert(Certificate, CryptoSlot::Key)) {
if (!SElementArduinoCloudCertificate::build(secureElement, Certificate, static_cast<int>(SElementArduinoCloudSlot::Key))) {
Serial.println("Error building cert!");
while (1);
}

if (!Crypto.writeCert(Certificate, CryptoSlot::CompressedCertificate)) {
if (!SElementArduinoCloudCertificate::write(secureElement, Certificate, SElementArduinoCloudSlot::CompressedCertificate)) {
Serial.println("Error storing cert!");
while (1);
}

if (!DEBUG) {
return;
}

Serial.println("Compressed cert = ");

const byte* certData = Certificate.bytes();
Expand All @@ -139,6 +153,41 @@ void setup() {
Serial.print(b, HEX);
}
Serial.println();


String cert = Certificate.getCertPEM();
if (!cert) {
Serial.println("Error generating cert!");
while (1);
}
Serial.println("Cert PEM = ");
Serial.println();
Serial.println(cert);


#ifdef LATEST_WIFI_FIRMWARE_VERSION
Serial.println("Checking firmware of WiFi module...");
Serial.println();
String fv = WiFi.firmwareVersion();
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.print("Current firmware version: ");
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println(fv);

String latestFv = LATEST_WIFI_FIRMWARE_VERSION;
if (fv >= latestFv) {
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println("Latest firmware version correctly installed.");
} else {
/* WARNING: This string is parsed from IoTCloud frontend */
String latestFvStr = "The firmware is not up to date. Latest version available: " + latestFv;
Serial.println(latestFvStr);
}
#else
Serial.println();
/* WARNING: This string is parsed from IoTCloud frontend */
Serial.println("Program finished.");
#endif
}

void loop() {
Expand Down

0 comments on commit 31fa0f8

Please sign in to comment.