public void SetDpsX509(string idScope, string registrationId, string identityCertPath, string identityPkPath, string trustBundle)
        {
            if (!File.Exists(identityCertPath))
            {
                throw new InvalidOperationException($"{identityCertPath} does not exist");
            }

            if (!File.Exists(identityPkPath))
            {
                throw new InvalidOperationException($"{identityPkPath} does not exist");
            }

            if (!File.Exists(trustBundle))
            {
                throw new InvalidOperationException($"{trustBundle} does not exist");
            }

            this.SetBasicDpsParam(idScope);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.method", "x509");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.registration_id", registrationId);

            string certFileName = Path.GetFileName(identityCertPath);
            string certName     = DaemonConfiguration.SanitizeName(certFileName);

            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.identity_cert", certName);
            this.config[Service.Certd].Document.ReplaceOrAdd($"preloaded_certs.{certName}", "file://" + identityCertPath);

            string keyFileName = Path.GetFileName(identityPkPath);
            string keyName     = DaemonConfiguration.SanitizeName(keyFileName);

            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.identity_pk", keyName);
            this.config[Service.Keyd].Document.ReplaceOrAdd($"preloaded_keys.{keyName}", "file://" + identityPkPath);

            this.config[Service.Certd].Document.ReplaceOrAdd("preloaded_certs.aziot-edged-trust-bundle", "file://" + trustBundle);
        }
        public void SetDeviceManualX509(string hubhostname, string deviceId, string identityCertPath, string identityPkPath)
        {
            if (!File.Exists(identityCertPath))
            {
                throw new InvalidOperationException($"{identityCertPath} does not exist");
            }

            if (!File.Exists(identityPkPath))
            {
                throw new InvalidOperationException($"{identityPkPath} does not exist");
            }

            this.config[Service.Identityd].Document.RemoveIfExists("provisioning");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.always_reprovision_on_startup", true);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.source", "manual");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.iothub_hostname", hubhostname);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.device_id", deviceId);

            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.method", "x509");

            string certFileName = Path.GetFileName(identityCertPath);
            string certName     = DaemonConfiguration.SanitizeName(certFileName);

            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.identity_cert", certName);
            this.config[Service.Certd].Document.ReplaceOrAdd($"preloaded_certs.{certName}", "file://" + identityCertPath);

            string keyFileName = Path.GetFileName(identityPkPath);
            string keyName     = DaemonConfiguration.SanitizeName(keyFileName);

            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.identity_pk", keyName);
            this.config[Service.Keyd].Document.ReplaceOrAdd($"preloaded_keys.{keyName}", "file://" + identityPkPath);
        }
        public void SetDpsSymmetricKey(string idScope, string registrationId, string deviceKey)
        {
            this.SetBasicDpsParam(idScope);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.method", "symmetric_key");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.registration_id", registrationId);

            string keyName = DaemonConfiguration.SanitizeName($"dps-symmetric-key-{registrationId}");

            this.CreatePreloadedKey(keyName, deviceKey);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.symmetric_key", keyName);
        }
Beispiel #4
0
        public void SetManualSasProvisioning(string hubHostname, string deviceId, string key)
        {
            string keyName = DaemonConfiguration.SanitizeName(deviceId);

            this.CreatePreloadedKey(keyName, key);

            this.config[Service.Identityd].Document.RemoveIfExists("provisioning");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.source", "manual");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.iothub_hostname", hubHostname);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.device_id", deviceId);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.method", "sas");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.device_id_pk", keyName);
        }
        public void SetManualSasProvisioning(string hubHostname, Option <string> parentHostname, string deviceId, string key)
        {
            string keyName = DaemonConfiguration.SanitizeName(deviceId);

            this.CreatePreloadedKey(keyName, key);

            this.config[Service.Identityd].Document.RemoveIfExists("provisioning");
            parentHostname.ForEach(
                parent_hostame =>
                this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.local_gateway_hostname", parent_hostame));
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.source", "manual");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.iothub_hostname", hubHostname);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.device_id", deviceId);
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.method", "sas");
            this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.device_id_pk", keyName);

            this.config[Service.Edged].Document.ReplaceOrAdd("auto_reprovisioning_mode", "AlwaysOnStartup");

            this.SetAuth(keyName);
        }