Merge pull request #30 from arduino/vernemq-provisioning

Vernemq provisioning
arduino · Aug 24, 2018 · 617ba34 · 617ba34
2 parents e601a6d + 1cf0fd7
commit 617ba34
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 29 deletions.
diff --git a/src/board-configuration.js b/src/board-configuration.js
@@ -90,6 +90,10 @@ export default class BoardConfiguration {
           partialMessage = '';
           this.daemon.writeSerial(board.port, 'y\n');
         }
+        if (partialMessage.indexOf('Please enter the thing id:') !== -1) {
+          partialMessage = '';
+          this.daemon.writeSerial(board.port, `${board.deviceId}\n`);
+        }
 
         const begin = partialMessage.indexOf('-----BEGIN CERTIFICATE REQUEST-----');
         const end = partialMessage.indexOf('-----END CERTIFICATE REQUEST-----');
@@ -121,13 +125,13 @@ export default class BoardConfiguration {
       const notBefore = new Date(compressedCert.not_before);
       const notAfter = new Date(compressedCert.not_after);
       // eslint-disable-next-line prefer-template
-      const answers = board.deviceId + '\n' +
-                  notBefore.getUTCFullYear() + '\n' +
+      const answers = notBefore.getUTCFullYear() + '\n' +
                   (notBefore.getUTCMonth() + 1) + '\n' +
                   notBefore.getUTCDate() + '\n' +
                   notBefore.getUTCHours() + '\n' +
                   (notAfter.getUTCFullYear() - notBefore.getUTCFullYear()) + '\n' +
                   compressedCert.serial + '\n' +
+                  compressedCert.authority_key_identifier + '\n' +
                   compressedCert.signature + '\n';
       this.daemon.writeSerial(board.port, answers);
     });
@@ -168,7 +172,7 @@ export default class BoardConfiguration {
    * @param {Object} board contains the board data
    * @param {function} createDeviceCb used to create the device associated to the user
    */
-  configure(compiledSketch, board, createDeviceCb) {
+  configure(compiledSketch, board, createDeviceCb, generateCertificateCb) {
     this.daemon.initUpload();
     this.configuring.next({ status: this.CONFIGURE_IN_PROGRESS, msg: 'Uploading provisioning sketch...' });
     if (!this.daemon.channelOpen.getValue()) {
@@ -196,7 +200,7 @@ export default class BoardConfiguration {
     this.daemon.uploadingDone.subscribe(() => {
       this.configuring.next({
         status: this.CONFIGURE_IN_PROGRESS,
-        msg: 'Provisioning sketch uploaded successfully. Opening serial monitor...'
+        msg: 'Provisioning sketch uploaded successfully. Creating device...'
       });
       this.daemon.serialMonitorOpened.pipe(takeUntil(this.daemon.serialMonitorOpened.pipe(filter(open => open))))
         .subscribe(() => {
@@ -208,14 +212,14 @@ export default class BoardConfiguration {
             .then(csr => {
               this.configuring.next({
                 status: this.CONFIGURE_IN_PROGRESS,
-                msg: 'CSR generated. Creating device...'
+                msg: 'CSR generated. Generating certificate...'
               });
-              return createDeviceCb(csr);
+              return generateCertificateCb(csr);
             })
             .then(data => {
               this.configuring.next({
                 status: this.CONFIGURE_IN_PROGRESS,
-                msg: 'Device created. Storing certificate...'
+                msg: 'Certificate generated. Storing certificate...'
               });
               return this.storeCertificate(data.compressed, board);
             })
@@ -234,7 +238,15 @@ export default class BoardConfiguration {
             err: error.toString()
           });
         });
-      this.daemon.openSerialMonitor(board.port, BAUDRATE);
+      createDeviceCb()
+        .then(data => {
+          this.configuring.next({
+            status: this.CONFIGURE_IN_PROGRESS,
+            msg: 'Device created. Opening serial monitor...'
+          });
+          board.deviceId = data.id; // eslint-disable-line no-param-reassign
+          this.daemon.openSerialMonitor(board.port, BAUDRATE);
+        });
     });
 
     this.daemon.uploadingError.subscribe(upload => {

diff --git a/src/sketches/provisioning.ino.js b/src/sketches/provisioning.ino.js
@@ -13,10 +13,10 @@ export const provisioningSketch = {
 #include <ArduinoBearSSL.h>
 #include <ArduinoECCX08.h>
 
-const int keySlot            = 0;
-const int compressedCertSlot = 10;
-const int serialNumberSlot   = 11;
-const int thingIdSlot        = 12;
+const int keySlot                                   = 0;
+const int compressedCertSlot                        = 10;
+const int serialNumberAndAuthorityKeyIdentifierSlot = 11;
+const int thingIdSlot                               = 12;
 
 void setup() {
   Serial.begin(9600);
@@ -63,7 +63,8 @@ void setup() {
     while (1);
   }
 
-  ECCX08Cert.setSubjectCommonName(ECCX08.serialNumber());
+  String thingId = promptAndReadLine("Please enter the thing id: ");
+  ECCX08Cert.setSubjectCommonName(thingId);
 
   String csr = ECCX08Cert.endCSR();
 
@@ -76,37 +77,37 @@ void setup() {
   Serial.println();
   Serial.println(csr);
 
-  String thingId      = promptAndReadLine("Please enter the thing id: ");
-  String issueYear    = promptAndReadLine("Please enter the issue year of the certificate (2000 - 2031): ");
-  String issueMonth   = promptAndReadLine("Please enter the issue month of the certificate (1 - 12): ");
-  String issueDay     = promptAndReadLine("Please enter the issue day of the certificate (1 - 31): ");
-  String issueHour    = promptAndReadLine("Please enter the issue hour of the certificate (0 - 23): ");
-  String expireYears  = promptAndReadLine("Please enter how many years the certificate is valid for (0 - 31): ");
-  String serialNumber = promptAndReadLine("Please enter the certificates serial number: ");
-  String signature    = promptAndReadLine("Please enter the certificates signature: ");
-
-  serialNumber.toUpperCase();
-  signature.toUpperCase();
+  String issueYear              = promptAndReadLine("Please enter the issue year of the certificate (2000 - 2031): ");
+  String issueMonth             = promptAndReadLine("Please enter the issue month of the certificate (1 - 12): ");
+  String issueDay               = promptAndReadLine("Please enter the issue day of the certificate (1 - 31): ");
+  String issueHour              = promptAndReadLine("Please enter the issue hour of the certificate (0 - 23): ");
+  String expireYears            = promptAndReadLine("Please enter how many years the certificate is valid for (0 - 31): ");
+  String serialNumber           = promptAndReadLine("Please enter the certificates serial number: ");
+  String authorityKeyIdentifier = promptAndReadLine("Please enter the certificates authority key identifier: ");
+  String signature              = promptAndReadLine("Please enter the certificates signature: ");
 
   byte thingIdBytes[72];
   byte serialNumberBytes[16];
+  byte authorityKeyIdentifierBytes[20];
   byte signatureBytes[64];
 
   thingId.getBytes(thingIdBytes, sizeof(thingIdBytes));
   hexStringToBytes(serialNumber, serialNumberBytes, sizeof(serialNumberBytes));
-  hexStringToBytes(signature, signatureBytes, 64);
+  hexStringToBytes(authorityKeyIdentifier, authorityKeyIdentifierBytes, sizeof(authorityKeyIdentifierBytes));
+  hexStringToBytes(signature, signatureBytes, sizeof(signatureBytes));
 
   if (!ECCX08.writeSlot(thingIdSlot, thingIdBytes, sizeof(thingIdBytes))) {
     Serial.println("Error storing thing id!");
     while (1);
   }
 
-  if (!ECCX08Cert.beginStorage(compressedCertSlot, serialNumberSlot)) {
+  if (!ECCX08Cert.beginStorage(compressedCertSlot, serialNumberAndAuthorityKeyIdentifierSlot)) {
     Serial.println("Error starting ECCX08 storage!");
     while (1);
   }
 
   ECCX08Cert.setSignature(signatureBytes);
+  ECCX08Cert.setAuthorityKeyIdentifier(authorityKeyIdentifierBytes);
   ECCX08Cert.setSerialNumber(serialNumberBytes);
   ECCX08Cert.setIssueYear(issueYear.toInt());
   ECCX08Cert.setIssueMonth(issueMonth.toInt());
@@ -119,7 +120,7 @@ void setup() {
     while (1);
   }
 
-  if (!ECCX08Cert.beginReconstruction(keySlot, compressedCertSlot, serialNumberSlot)) {
+  if (!ECCX08Cert.beginReconstruction(keySlot, compressedCertSlot, serialNumberAndAuthorityKeyIdentifierSlot)) {
     Serial.println("Error starting ECCX08 cert reconstruction!");
     while (1);
   }
@@ -183,8 +184,9 @@ String readLine() {
   return line;
 }
 
-void hexStringToBytes(const String& in, byte out[], int length) {
+void hexStringToBytes(String& in, byte out[], int length) {
   int inLength = in.length();
+  in.toUpperCase();
   int outLength = 0;
 
   for (int i = 0; i < inLength && outLength < length; i += 2) {
@@ -194,7 +196,7 @@ void hexStringToBytes(const String& in, byte out[], int length) {
     byte highByte = (highChar <= '9') ? (highChar - '0') : (highChar + 10 - 'A');
     byte lowByte = (lowChar <= '9') ? (lowChar - '0') : (lowChar + 10 - 'A');
 
-    out[outLength++] = (highByte << 4) | lowByte;
+    out[outLength++] = (highByte << 4) | (lowByte & 0xF);
   }
 }
 `