public void SetDpsX509(string idScope, string registrationId, string identityCertPath, string identityPkPath, string trustBundle)
{
if (!File.Exists(identityCertPath))
{
throw new InvalidOperationException($"{identityCertPath} does not exist");
}
if (!File.Exists(identityPkPath))
{
throw new InvalidOperationException($"{identityPkPath} does not exist");
}
if (!File.Exists(trustBundle))
{
throw new InvalidOperationException($"{trustBundle} does not exist");
}
this.SetBasicDpsParam(idScope);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.method", "x509");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.registration_id", registrationId);
string certFileName = Path.GetFileName(identityCertPath);
string certName = DaemonConfiguration.SanitizeName(certFileName);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.identity_cert", certName);
this.config[Service.Certd].Document.ReplaceOrAdd($"preloaded_certs.{certName}", "file://" + identityCertPath);
string keyFileName = Path.GetFileName(identityPkPath);
string keyName = DaemonConfiguration.SanitizeName(keyFileName);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.identity_pk", keyName);
this.config[Service.Keyd].Document.ReplaceOrAdd($"preloaded_keys.{keyName}", "file://" + identityPkPath);
this.config[Service.Certd].Document.ReplaceOrAdd("preloaded_certs.aziot-edged-trust-bundle", "file://" + trustBundle);
}
public void SetDeviceManualX509(string hubhostname, string deviceId, string identityCertPath, string identityPkPath)
{
if (!File.Exists(identityCertPath))
{
throw new InvalidOperationException($"{identityCertPath} does not exist");
}
if (!File.Exists(identityPkPath))
{
throw new InvalidOperationException($"{identityPkPath} does not exist");
}
this.config[Service.Identityd].Document.RemoveIfExists("provisioning");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.always_reprovision_on_startup", true);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.source", "manual");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.iothub_hostname", hubhostname);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.device_id", deviceId);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.method", "x509");
string certFileName = Path.GetFileName(identityCertPath);
string certName = DaemonConfiguration.SanitizeName(certFileName);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.identity_cert", certName);
this.config[Service.Certd].Document.ReplaceOrAdd($"preloaded_certs.{certName}", "file://" + identityCertPath);
string keyFileName = Path.GetFileName(identityPkPath);
string keyName = DaemonConfiguration.SanitizeName(keyFileName);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.identity_pk", keyName);
this.config[Service.Keyd].Document.ReplaceOrAdd($"preloaded_keys.{keyName}", "file://" + identityPkPath);
}
public void SetDpsSymmetricKey(string idScope, string registrationId, string deviceKey)
{
this.SetBasicDpsParam(idScope);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.method", "symmetric_key");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.registration_id", registrationId);
string keyName = DaemonConfiguration.SanitizeName($"dps-symmetric-key-{registrationId}");
this.CreatePreloadedKey(keyName, deviceKey);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.attestation.symmetric_key", keyName);
}
public void SetManualSasProvisioning(string hubHostname, string deviceId, string key)
{
string keyName = DaemonConfiguration.SanitizeName(deviceId);
this.CreatePreloadedKey(keyName, key);
this.config[Service.Identityd].Document.RemoveIfExists("provisioning");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.source", "manual");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.iothub_hostname", hubHostname);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.device_id", deviceId);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.method", "sas");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.device_id_pk", keyName);
}
public void SetManualSasProvisioning(string hubHostname, Option <string> parentHostname, string deviceId, string key)
{
string keyName = DaemonConfiguration.SanitizeName(deviceId);
this.CreatePreloadedKey(keyName, key);
this.config[Service.Identityd].Document.RemoveIfExists("provisioning");
parentHostname.ForEach(
parent_hostame =>
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.local_gateway_hostname", parent_hostame));
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.source", "manual");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.iothub_hostname", hubHostname);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.device_id", deviceId);
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.method", "sas");
this.config[Service.Identityd].Document.ReplaceOrAdd("provisioning.authentication.device_id_pk", keyName);
this.config[Service.Edged].Document.ReplaceOrAdd("auto_reprovisioning_mode", "AlwaysOnStartup");
this.SetAuth(keyName);
}