static void Main(string[] args) { string[] certFilePaths = Directory.GetFiles(ConfigurationManager.AppSettings["CertDirectory"], "*.pfx"); string plainTextPassword = ConfigurationManager.AppSettings["SecureString"]; foreach (string certFilePath in certFilePaths) { using (X509Certificate2 cert = new X509Certificate2(certFilePath, plainTextPassword, X509KeyStorageFlags.UserKeySet)) { using (var security = new SecurityProviderX509Certificate(cert)) using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, IdScope, security, transport); Console.WriteLine($"Registering device with RegistrationID = {security.GetRegistrationID()}"); DeviceRegistrationResult result = provClient.RegisterAsync().GetAwaiter().GetResult(); Console.WriteLine($"{result.Status}"); Console.WriteLine( $"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); } } } }
protected virtual async Task <DeviceRegistrationResult> RegisterDeviceAsync( string dpsGlobalDeviceEndpoint, string dpsIdScope) { DeviceRegistrationResult result = null; using (var security = new SecurityProviderX509Certificate( this.HardwareSecurityModel.DeviceLeafCert)) using (var transport = new ProvisioningTransportHandlerMqtt( TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create( dpsGlobalDeviceEndpoint, dpsIdScope, security, transport); result = await provClient.RegisterAsync().ConfigureAwait(false); } return(result); }
static async Task Main(string[] args) { var securityProvider = new SecurityProviderSymmetricKey("{registrationId}", "{primaryKey}", "{secondaryKey}"); var provisioningClient = ProvisioningDeviceClient.Create("global.azure-devices-provisioning.net", "{IdScope}", securityProvider, new ProvisioningTransportHandlerMqtt(Microsoft.Azure.Devices.Shared.TransportFallbackType.TcpWithWebSocketFallback)); var result = await provisioningClient.RegisterAsync(); Console.WriteLine($"HostName='{result.AssignedHub}';DeviceId='{result.DeviceId}';SharedAccessKey='{"{primaryKey}"}';"); }
// This Main method is very similar to that used in the earlier lab. // The two significant changes are the need to load the X.509 certificate // and then the change to using SecurityProviderX509Certificate as the // security provider. The remaining code is identical - you should note // that the device twin property change code is also present. public static async Task Main(string[] args) { X509Certificate2 certificate = LoadProvisioningCertificate(); using (var security = new SecurityProviderX509Certificate(certificate)) using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, dpsIdScope, security, transport); using (deviceClient = await ProvisionDevice(provClient, security)) { await deviceClient.OpenAsync().ConfigureAwait(false); // Setup device twin callbacks await deviceClient .SetDesiredPropertyUpdateCallbackAsync(OnDesiredPropertyChanged, null) .ConfigureAwait(false); var twin = await deviceClient.GetTwinAsync().ConfigureAwait(false); await OnDesiredPropertyChanged(twin.Properties.Desired, null); // Start reading and sending device telemetry Console.WriteLine("Start reading and sending device telemetry..."); await SendDeviceToCloudMessagesAsync(); await deviceClient.CloseAsync().ConfigureAwait(false); } } }
public static async Task RunSample(X509Certificate2 certificate) { using (var security = new SecurityProviderX509Certificate(certificate)) // using (var transport = new ProvisioningTransportHandlerHttp()) //using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, s_idScope, security, transport); Console.WriteLine($"RegistrationID = {security.GetRegistrationID()}"); Console.Write("ProvisioningClient RegisterAsync . . . "); DeviceRegistrationResult result = await provClient.RegisterAsync(); Console.WriteLine($"{result.Status}"); Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { return; } IAuthenticationMethod auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, certificate); iotClient = DeviceClient.Create(result.AssignedHub, auth); Console.WriteLine($"Now {deviceID} can start sending messages to assigned IoT Hub: {result.AssignedHub}"); await iotClient.OpenAsync(); SendDeviceToCloudMessagesAsync(); Console.ReadLine(); } }
public static async Task RunSample(X509Certificate2 certificate) { using (var security = new SecurityClientX509(certificate)) using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(s_idScope, security, transport); Console.Write("ProvisioningClient RegisterAsync . . . "); DeviceRegistrationResult result = await provClient.RegisterAsync(); Console.WriteLine($"{result.Status}"); Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { return; } IAuthenticationMethod auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, certificate); using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth)) { Console.WriteLine("DeviceClient OpenAsync."); await iotClient.OpenAsync(); Console.WriteLine("DeviceClient SendEventAsync."); await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage"))); Console.WriteLine("DeviceClient CloseAsync."); await iotClient.CloseAsync(); } } }
static async Task Register(SecurityProviderTpmHsm security) { Console.WriteLine("Press ENTER when ready to execute Registration."); Console.WriteLine("------------------"); Console.ReadLine(); using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { var client = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, _idScope, security, transport); try { DeviceRegistrationResult result = await client.RegisterAsync().ConfigureAwait(false); Console.ForegroundColor = ConsoleColor.Yellow; Console.Write("\tAssigned Hub: : "); Console.ForegroundColor = ConsoleColor.White; Console.Write("{0} ", result.AssignedHub); Console.WriteLine(Environment.NewLine); Console.ForegroundColor = ConsoleColor.Yellow; Console.Write("\tDeviceId: : "); Console.ForegroundColor = ConsoleColor.White; Console.Write("{0} ", result.DeviceId); Console.WriteLine(Environment.NewLine); } catch (Exception) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("The registration has failed"); Console.ForegroundColor = ConsoleColor.White; throw; } } }
// NOTE: For the purposes of this example, the certificatePassword is // hard coded. In a production device, the password will need to be stored // in a more secure manner. Additionally, the certificate file (PFX) should // be stored securely on a production device using a Hardware Security Module. public static async Task <int> Main(string[] args) { var tasks = new List <Task>(); foreach (var fileName in certificateFileNames) { X509Certificate2 certificate = LoadProvisioningCertificate(fileName); using (var security = new SecurityProviderX509Certificate(certificate)) { using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, dpsIdScope, security, transport); var container = new ContainerDeviceSimulator(provClient, security); tasks.Add(container.RunAsync()); await Task.Delay(30000); // add a device every 30 seconds } } } await Task.WhenAll(tasks); return(0); }
public static int Main(string[] args) { if (string.IsNullOrWhiteSpace(s_idScope) && (args.Length > 0)) { s_idScope = args[0]; } if (string.IsNullOrWhiteSpace(s_idScope)) { Console.WriteLine("ProvisioningDeviceClientX509 <IDScope>"); return(1); } X509Certificate2 certificate = LoadProvisioningCertificate(); using (var security = new SecurityProviderX509Certificate(certificate)) // Select one of the available transports: // To optimize for size, reference only the protocols used by your application. using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerHttp()) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.WebSocketOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, s_idScope, security, transport); var sample = new ProvisioningDeviceClientSample(provClient, security); sample.RunSampleAsync().GetAwaiter().GetResult(); } return(0); }
// INSERT Main method below here public static async Task Main(string[] args) { using (var security = new SecurityProviderSymmetricKey(registrationId, individualEnrollmentPrimaryKey, individualEnrollmentSecondaryKey)) using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, dpsIdScope, security, transport); using (deviceClient = await ProvisionDevice(provClient, security)) { await deviceClient.OpenAsync().ConfigureAwait(false); // INSERT Setup OnDesiredPropertyChanged Event Handling below here await deviceClient.SetDesiredPropertyUpdateCallbackAsync(OnDesiredPropertyChanged, null).ConfigureAwait(false); // INSERT Load Device Twin Properties below here var twin = await deviceClient.GetTwinAsync().ConfigureAwait(false); await OnDesiredPropertyChanged(twin.Properties.Desired, null); // Start reading and sending device telemetry Console.WriteLine("Start reading and sending device telemetry..."); await SendDeviceToCloudMessagesAsync(); await deviceClient.CloseAsync().ConfigureAwait(false); } } }
// https://github.com/Azure-Samples/azure-iot-samples-csharp/blob/master/provisioning/Samples/device/SymmetricKeySample/Program.cs // Azure IoT Central Client static async Task Main(string[] args) { IAuthenticationMethod auth; using (var security = new SecurityProviderSymmetricKey(registrationId, primaryKey, secondaryKey)) using (var transport = new ProvisioningTransportHandlerHttp()) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, idScope, security, transport); DeviceRegistrationResult result = await provClient.RegisterAsync(); auth = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (security as SecurityProviderSymmetricKey).GetPrimaryKey()); using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Mqtt)) { while (true) { if (_temperature.IsAvailable) { try { Console.WriteLine($"The CPU temperature is {Math.Round(_temperature.Temperature.Celsius, 2)}"); await SendMsgIotHub(iotClient, _temperature.Temperature.Celsius); } catch (Exception ex) { Console.WriteLine("exception msg: " + ex.Message); } } Thread.Sleep(10000); // sleep for 10 seconds } } } }
public bool AddDeviceProvisioningService(string deviceId) { try { Console.WriteLine("Starting TPM simulator."); using (var security = new SecurityProviderTpmSimulator(RegistrationId)) using (var transport = new ProvisioningTransportHandlerAmqp()) { Console.WriteLine("Extracting endorsement key."); string base64EK = Convert.ToBase64String(Encoding.ASCII.GetBytes(TpmEndorsementKey));//security.GetEndorsementKey()); Console.WriteLine($"\tRegistration ID: {RegistrationId}"); Console.WriteLine($"\tEndorsement key: {base64EK}"); Console.WriteLine("\tDevice ID: iothubtpmdevice1"); Console.WriteLine(); Console.WriteLine("Press ENTER when ready."); Console.ReadLine(); ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, _dpsIdScope, security, transport); var sample = new ProvisioningDeviceClientSample(provClient, security); sample.RunSampleAsync().GetAwaiter().GetResult(); return(true); } } catch (Exception ex) { Console.WriteLine(ex.Message); return(false); } }
public async Task <DeviceRegistrationResult> RegisterDeviceAsync( X509Certificate2 deviceCertificate, X509Certificate2 enrollmentCertificate) { var scopeId = Configuration["ScopeId"]; //// The cert from the enrollment group is required for group registrations //X509Certificate2 enrollmentCertificate = new X509Certificate2("dpsIntermediate1.pfx", "1234"); using (var security = new SecurityProviderX509Certificate(deviceCertificate, new X509Certificate2Collection(enrollmentCertificate))) // To optimize for size, reference only the protocols used by your application. using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerHttp()) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.WebSocketOnly)) { var client = ProvisioningDeviceClient.Create( "global.azure-devices-provisioning.net", scopeId, security, transport); var result = await client.RegisterAsync(); _logger.LogInformation($"DPS client created: {result}"); return(result); } }
public static async Task RunAsync(ProvisioningDeviceClient provisioningDeviceClient, SecurityProvider security) { Console.WriteLine($"RegistrationID = {security.GetRegistrationID()}"); Console.Write("ProvisioningClient RegisterAsync . . . "); DeviceRegistrationResult result = await provisioningDeviceClient.RegisterAsync().ConfigureAwait(false); Console.WriteLine($"{result.Status}"); Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); if (result.Status == ProvisioningRegistrationStatusType.Assigned) { X509Certificate2 certificate = (security as SecurityProviderX509).GetAuthenticationCertificate(); Console.WriteLine($"Registration certificate thumbprint: {certificate.Thumbprint}"); IAuthenticationMethod auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, certificate); using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Amqp)) { Console.WriteLine("DeviceClient OpenAsync."); await iotClient.OpenAsync().ConfigureAwait(false); Console.WriteLine("DeviceClient SendEventAsync."); await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage"))).ConfigureAwait(false); Console.WriteLine("DeviceClient CloseAsync."); await iotClient.CloseAsync().ConfigureAwait(false); } } }
public async Task ProvisioningDeviceClient_InvalidGlobalAddress_Register_Fail( string transportType, string securityType, X509EnrollmentType?x509EnrollmentType, TransportFallbackType?transportFallback) { if (!ConfigurationFound()) { _log.WriteLine("Provisioning test configuration not found. Result inconclusive."); return; } using (ProvisioningTransportHandler transport = CreateTransportHandlerFromName(transportType, transportFallback)) using (SecurityProvider security = CreateSecurityProviderFromName(securityType, x509EnrollmentType)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create( InvalidGlobalAddress, Configuration.Provisioning.IdScope, security, transport); var cts = new CancellationTokenSource(FailingTimeoutMiliseconds); _log.WriteLine("ProvisioningClient RegisterAsync . . . "); var exception = await Assert.ThrowsExceptionAsync <ProvisioningTransportException>( () => provClient.RegisterAsync(cts.Token)).ConfigureAwait(false); _log.WriteLine($"Exception: {exception}"); } }
/// <summary> /// Provisions a device to a starting hub, tries to open a connection, send telemetry, /// and (if supported by the protocol) send a twin update. Then, this method updates the enrollment /// to provision the device to a different hub. Based on the provided reprovisioning settings, this /// method then checks that the device was/was not reprovisioned as expected, and that the device /// did/did not migrate twin data as expected. /// </summary> public async Task ProvisioningDeviceClient_ReprovisioningFlow( Client.TransportType transportProtocol, AttestationMechanismType attestationType, EnrollmentType?enrollmentType, bool setCustomProxy, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iotHubsToStartAt, ICollection <string> iotHubsToReprovisionTo, string proxyServerAddress = null) { ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(s_proxyServerAddress); string groupId = _devicePrefix + AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); bool twinOperationsAllowed = transportProtocol != Client.TransportType.Http1; using ProvisioningTransportHandler transport = ProvisioningE2ETests.CreateTransportHandlerFromName(transportProtocol); using SecurityProvider security = await CreateSecurityProviderFromName( attestationType, enrollmentType, groupId, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iotHubsToStartAt) .ConfigureAwait(false); //Check basic provisioning if (ProvisioningE2ETests.ImplementsWebProxy(transportProtocol) && setCustomProxy) { transport.Proxy = (proxyServerAddress != null) ? new WebProxy(s_proxyServerAddress) : null; } ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create( s_globalDeviceEndpoint, Configuration.Provisioning.IdScope, security, transport); using var cts = new CancellationTokenSource(PassingTimeoutMiliseconds); DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false); ValidateDeviceRegistrationResult(result); Client.IAuthenticationMethod auth = CreateAuthenticationMethodFromSecurityProvider(security, result.DeviceId); await ConfirmRegisteredDeviceWorks(result, auth, transportProtocol, twinOperationsAllowed).ConfigureAwait(false); //Check reprovisioning await UpdateEnrollmentToForceReprovision(enrollmentType, provisioningServiceClient, iotHubsToReprovisionTo, security, groupId).ConfigureAwait(false); result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false); ConfirmDeviceInExpectedHub(result, reprovisionPolicy, iotHubsToStartAt, iotHubsToReprovisionTo, allocationPolicy); await ConfirmDeviceWorksAfterReprovisioning(result, auth, transportProtocol, reprovisionPolicy, twinOperationsAllowed).ConfigureAwait(false); if (attestationType != AttestationMechanismType.X509) //x509 enrollments are hardcoded, should never be deleted { await ProvisioningE2ETests.DeleteCreatedEnrollmentAsync(enrollmentType, provisioningServiceClient, security, groupId).ConfigureAwait(false); } }
public DeviceRegistrationResult RegisterDevice(string deviceId, string password) { var cert = deviceManager.ReadPrivateCertificate(deviceId, password); using (var security = new SecurityProviderX509Certificate(cert)) { using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(configuration.GetValue <string>("DeviceProvisioningEndpoint"), configuration.GetValue <string>("DeviceProvisioningScope"), security, transport); var result = provClient.RegisterAsync().GetAwaiter().GetResult(); deviceManager.SaveRegistration(new Models.RegistrationInfo { AssignedHub = result.AssignedHub, DeviceId = result.DeviceId, RegistrationId = result.RegistrationId }); deviceManager.SavePassword(deviceId, password); return(result); } } }
private static async Task RegisterDevice(string deviceRegistrationId) { // using symmetric keys using var securityProvider = new SecurityProviderSymmetricKey( registrationId: deviceRegistrationId, primaryKey: ComputeKeyHash(enrollmentGroupPrimaryKey, deviceRegistrationId), secondaryKey: ComputeKeyHash(enrollmentGroupSecondaryKey, deviceRegistrationId)); // Amqp transport using var transportHandler = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly); // set up provisioning client for given device var provisioningDeviceClient = ProvisioningDeviceClient.Create( globalDeviceEndpoint: dpsGlobalDeviceEndpoint, idScope: dpsIdScope, securityProvider: securityProvider, transport: transportHandler); // register device var deviceRegistrationResult = await provisioningDeviceClient.RegisterAsync(); Console.WriteLine($" Device registration result: {deviceRegistrationResult.Status}"); if (!string.IsNullOrEmpty(deviceRegistrationResult.AssignedHub)) { Console.WriteLine($" Assigned to hub '{deviceRegistrationResult.AssignedHub}'"); } Console.WriteLine(); }
public async Task ProvisioningDeviceClient_InvalidRegistrationId_TpmRegister_Fail(string transportType) { if (!ConfigurationFound()) { _log.WriteLine("Provisioning test configuration not found. Result inconclusive."); return; } using (ProvisioningTransportHandler transport = CreateTransportHandlerFromName(transportType, TransportFallbackType.TcpOnly)) using (SecurityProvider security = new SecurityProviderTpmSimulator("invalidregistrationid")) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create( s_globalDeviceEndpoint, Configuration.Provisioning.IdScope, security, transport); var cts = new CancellationTokenSource(FailingTimeoutMiliseconds); _log.WriteLine("ProvisioningClient RegisterAsync . . . "); DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false); _log.WriteLine($"{result.Status}"); Assert.AreEqual(ProvisioningRegistrationStatusType.Failed, result.Status); Assert.IsNull(result.AssignedHub); Assert.IsNull(result.DeviceId); Assert.AreEqual("Not Found", result.ErrorMessage); Assert.AreEqual(0x00062ae9, result.ErrorCode); } }
// This method receives the the provisioning device client and security // instances created earlier. private static async Task <DeviceClient> ProvisionDevice( ProvisioningDeviceClient provisioningDeviceClient, SecurityProviderSymmetricKey security) { // The provisioningDeviceClient.RegisterAsync() // is called, which returns a DeviceRegistrationResult instance. // This result contains a number of properties including the DeviceId, // AssignedHub and the Status. var result = await provisioningDeviceClient .RegisterAsync() .ConfigureAwait(false); Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); // The method then checks to ensure that the provisioning status has // been set and throws an exception if the device is not Assigned. // Other possible results here include Unassigned, Assigning, // Failed and Disabled. if (result.Status != ProvisioningRegistrationStatusType.Assigned) { throw new Exception($"DeviceRegistrationResult.Status is NOT 'Assigned'"); } // The DeviceAuthenticationWithRegistrySymmetricKey class simplifies // the creation of an IoT Hub connection string using the device // ID and the Primary Symmetric Key var auth = new DeviceAuthenticationWithRegistrySymmetricKey( result.DeviceId, security.GetPrimaryKey()); // Finally, a DeviceClient instance is returned that is connected // to the desired IoT Hub, using the authentication created above, // and using the AMQP protocol. return(DeviceClient.Create(result.AssignedHub, auth, TransportType.Amqp)); }
public async Task RunSampleAsync() { // When registering with a symmetric key using a group enrollment, the provided key will not // work for a specific device, rather it must be computed based on two values: the group enrollment // key and the desired device Id. if (_parameters.EnrollmentType == EnrollmentType.Group) { _parameters.PrimaryKey = ComputeDerivedSymmetricKey(_parameters.PrimaryKey, _parameters.Id); } Console.WriteLine($"Initializing the device provisioning client..."); // For individual enrollments, the first parameter must be the registration Id, where in the enrollment // the device Id is already chosen. However, for group enrollments the device Id can be requested by // the device, as long as the key has been computed using that value. // Also, the secondary could could be included, but was left out for the simplicity of this sample. using var security = new SecurityProviderSymmetricKey( _parameters.Id, _parameters.PrimaryKey, null); using var transportHandler = GetTransportHandler(); ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create( _parameters.GlobalDeviceEndpoint, _parameters.IdScope, security, transportHandler); Console.WriteLine($"Initialized for registration Id {security.GetRegistrationID()}."); Console.WriteLine("Registering with the device provisioning service..."); DeviceRegistrationResult result = await provClient.RegisterAsync(); Console.WriteLine($"Registration status: {result.Status}."); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { Console.WriteLine($"Registration status did not assign a hub, so exiting this sample."); return; } Console.WriteLine($"Device {result.DeviceId} registered to {result.AssignedHub}."); Console.WriteLine("Creating symmetric key authentication for IoT Hub..."); IAuthenticationMethod auth = new DeviceAuthenticationWithRegistrySymmetricKey( result.DeviceId, security.GetPrimaryKey()); Console.WriteLine($"Testing the provisioned device with IoT Hub..."); using DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, _parameters.TransportType); Console.WriteLine("Sending a telemetry message..."); using var message = new Message(Encoding.UTF8.GetBytes("TestMessage")); await iotClient.SendEventAsync(message); Console.WriteLine("Finished."); }
public static async Task RunTest(string scopeId, string sasToken, string deviceId, string dpsEndpoint) { Console.WriteLine("Starting DPS client tests."); int successes = 0; int failures = 0; var security = new SecurityProviderSymmetricKey(deviceId, sasToken, null); var transportHandlers = new List <(ProvisioningTransportHandler, string)>(); transportHandlers.Add((new ProvisioningTransportHandlerHttp(), "default")); foreach (var transportFallbackType in _transportFallbackTypes) { transportHandlers.Add((new ProvisioningTransportHandlerAmqp(transportFallbackType), transportFallbackType.ToString())); transportHandlers.Add((new ProvisioningTransportHandlerMqtt(transportFallbackType), transportFallbackType.ToString())); } foreach ((ProvisioningTransportHandler, string)transportHandler in transportHandlers) { try { Console.WriteLine($"Registering with {transportHandler.Item1.GetType().Name}/{transportHandler.Item2}"); var provClient = ProvisioningDeviceClient.Create( dpsEndpoint, scopeId, security, transportHandler.Item1); DeviceRegistrationResult provResult = await provClient.RegisterAsync().ConfigureAwait(false); if (provResult.Status != ProvisioningRegistrationStatusType.Assigned) { Console.WriteLine($"Failed to connect due to {provResult.ErrorCode}: {provResult.ErrorMessage}."); continue; } Console.WriteLine("Succeeded.\n"); successes++; } catch (Exception ex) { // Print all the relevant reasons for failing, without printing out the entire exception information var reason = new StringBuilder(); Exception next = ex; do { reason.AppendFormat($" - {next.GetType()}: {next.Message}\n"); next = next.InnerException; }while (next != null); Console.WriteLine($"Failed for {transportHandler} due to:\n{reason}"); failures++; } } Console.WriteLine($"DPS client tests finished with {successes} successes and {failures} failures."); }
public async Task <ResultCommand> ProvisionDevice(RequestCommandProvisionDevice requestProvisionDevice, string password) { try { DeviceCertificateModel certificateInfo = requestProvisionDevice.DeviceCertificateInformation; //Load certificate chain var(deviceCertificate, collectionCertificates) = LoadCertificateFromPfx(Convert.FromBase64String(certificateInfo.Certificate), password); //Save certificate in store if (!await SaveCertificateInStore(deviceCertificate)) { return(ResultCommand.CreateFailedCommand($"Error while saving User Certificate in Store.")); } using (var securityProvider = new SecurityProviderX509Certificate(deviceCertificate, collectionCertificates)) { using (var transport = new ProvisioningTransportHandlerHttp()) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(certificateInfo.DpsInstance, certificateInfo.DpsIdScope, securityProvider, transport); DeviceRegistrationResult result = await provClient.RegisterAsync(); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { DebugHelper.LogError($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); return(ResultCommand.CreateFailedCommand($"Error during registration: {result.Status}, {result.ErrorMessage}")); } //Test the connection if (!await TestDeviceConnection(result.DeviceId, result.AssignedHub, deviceCertificate)) { return(ResultCommand.CreateFailedCommand($"Error while testing the device connection.")); } //Persist provision in TPM/HSM SimulatedDevice.ProvisionDevice(result.AssignedHub, result.DeviceId); //Provisioned! SimulatedDevice.IsProvisioned = true; } } if (deviceCertificate != null) { deviceCertificate.Dispose(); } return(ResultCommand.CreateSuccessCommand()); } catch (Exception e) { DebugHelper.LogError($"Error ProvisionDevice: {e.Message}."); return(ResultCommand.CreateFailedCommand($"Error ProvisionDevice: {e.Message}.")); } }
public static int Main(string[] args) { if (string.IsNullOrWhiteSpace(s_idScope) && (args.Length > 0)) { s_idScope = args[0]; } if (string.IsNullOrWhiteSpace(s_idScope)) { Console.WriteLine("ProvisioningDeviceClientTpm <IDScope>"); return(1); } // Remove if a real TPM is being used. Console.WriteLine("Starting TPM simulator."); SecurityProviderTpmSimulator.StartSimulatorProcess(); // Replace the following type with SecurityProviderTpmHsm() to use a real TPM2.0 device. using (var security = new SecurityProviderTpmSimulator(s_registrationID)) // Select one of the available transports: // To optimize for size, reference only the protocols used by your application. using (var transport = new ProvisioningTransportHandlerHttp()) // using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.WebSocketOnly)) { // Note that the TPM simulator will create an NVChip file containing the simulated TPM state. Console.WriteLine("Extracting endorsement key."); string base64EK = Convert.ToBase64String(security.GetEndorsementKey()); Console.WriteLine( "In your Azure Device Provisioning Service please go to 'Manage enrollments' and select " + "'Individual Enrollments'. Select 'Add' then fill in the following:"); Console.WriteLine("\tMechanism: TPM"); Console.WriteLine($"\tEndorsement key: {base64EK}"); Console.WriteLine($"\tRegistration ID: {s_registrationID}"); Console.WriteLine($"\tDevice ID: {s_registrationID} (or any other valid DeviceID)"); Console.WriteLine(); Console.WriteLine("Press ENTER once enrollment has been created."); Console.ReadLine(); ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, s_idScope, security, transport); var sample = new ProvisioningDeviceClientSample(provClient, security); sample.RunSampleAsync().GetAwaiter().GetResult(); } // Remove if a real TPM is being used. Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("Stopping TPM simulator."); SecurityProviderTpmSimulator.StopSimulatorProcess(); return(0); }
//Provision the Device static void ProvisionDevice() { Console.WriteLine("Provisioning process starting.."); Console.WriteLine("Fetching secrets.."); var secrets = ReadSecrets(); if (secrets == null) { Console.WriteLine("No secrets found!"); return; } Console.WriteLine("Secrets found!"); string dpsServiceEndpoint = secrets.serviceEndpoint; string idScope = secrets.idScope; string registrationId = secrets.registrationId; string primaryDeviceKey = secrets.primaryDerivedKey; string secondaryDeviceKey = secrets.secondaryDerivedKey; using (var security = new SecurityProviderSymmetricKey(registrationId, primaryDeviceKey, secondaryDeviceKey)) { // Select one of the available transports: // To optimize for size, reference only the protocols used by your application. using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerHttp()) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.WebSocketOnly)) { try { Console.WriteLine("Creating provisioning client"); ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(dpsServiceEndpoint, idScope, security, transport); Console.WriteLine("Starting attestation.."); DeviceRegistrationResult registrationResult = provClient.RegisterAsync().GetAwaiter().GetResult(); Console.WriteLine("Device successfully provisioned"); Console.WriteLine("Storing primary and secondary connection strings in settings file!"); Console.WriteLine("Primary Connection string: Hostname={0};DeviceId={1};SharedAccessKey={2}", registrationResult.AssignedHub, registrationId, primaryDeviceKey); Console.WriteLine("Secondary Connection string: Hostname={0};DeviceId={1};SharedAccessKey={2}", registrationResult.AssignedHub, registrationId, secondaryDeviceKey); string primaryConnectionString = "Hostname=" + registrationResult.AssignedHub + ";DeviceId=" + registrationResult.DeviceId + ";SharedAccessKey=" + primaryDeviceKey; string secondaryConnectionString = "Hostname=" + registrationResult.AssignedHub + ";DeviceId=" + registrationResult.DeviceId + ";SharedAccessKey=" + secondaryDeviceKey; WriteSettings(primaryConnectionString, secondaryConnectionString); } catch (Exception ex) { Console.WriteLine(ex.Message + ": " + ex.InnerException.Message); } } } }
public static async Task RunSample() { // Replace the following type with SecurityClientTpm() to use a real TPM2.0 device. Console.WriteLine("Starting TPM simulator."); SecurityClientTpmSimulator.StartSimulatorProcess(); using (var security = new SecurityClientTpmSimulator(RegistrationId)) using (var transport = new ProvisioningTransportHandlerHttp()) { // Note that the TPM simulator will create a NVChip file containing the simulated TPM state. Console.WriteLine("Extracting endorsement key."); string base64EK = Convert.ToBase64String(security.GetEndorsementKey()); Console.WriteLine( "In your Azure Device Provisioning Service please go to 'Manage enrollments' and select " + "'Individual Enrollments'. Select 'Add' then fill in the following:"); Console.WriteLine("\tMechanism: TPM"); Console.WriteLine($"\tRegistration ID: {RegistrationId}"); Console.WriteLine($"\tEndorsement key: {base64EK}"); Console.WriteLine("\tDevice ID: iothubtpmdevice1 (or any other valid DeviceID)"); Console.WriteLine(); Console.WriteLine("Press ENTER when ready."); Console.ReadLine(); ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(s_idScope, security, transport); Console.Write("ProvisioningClient RegisterAsync . . . "); DeviceRegistrationResult result = await provClient.RegisterAsync(); Console.WriteLine($"{result.Status}"); Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { return; } var auth = new DeviceAuthenticationWithTpm(result.DeviceId, security); // TODO: Temporary workaround until IoTHub DeviceClient gets Token refresh support. await auth.GetTokenAsync(result.AssignedHub); using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Mqtt)) { Console.WriteLine("DeviceClient OpenAsync."); await iotClient.OpenAsync(); Console.WriteLine("DeviceClient SendEventAsync."); await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage"))); Console.WriteLine("DeviceClient CloseAsync."); await iotClient.CloseAsync(); } } }
public async Task ProvisioningDeviceClient_ValidRegistrationId_Register_Ok( string transportType, string securityType, X509EnrollmentType?x509EnrollmentType, TransportFallbackType?transportFallback, bool setCustomProxy, string proxyServerAddress = null) { using (ProvisioningTransportHandler transport = CreateTransportHandlerFromName(transportType, transportFallback)) using (SecurityProvider security = await CreateSecurityProviderFromName(securityType, x509EnrollmentType).ConfigureAwait(false)) { _verboseLog.WriteLine("Creating device"); if (ImplementsWebProxy(transportType, transportFallback) && setCustomProxy) { transport.Proxy = (proxyServerAddress != null) ? new WebProxy(proxyServerAddress) : null; } ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create( s_globalDeviceEndpoint, Configuration.Provisioning.IdScope, security, transport); var cts = new CancellationTokenSource(PassingTimeoutMiliseconds); _log.WriteLine("ProvisioningDeviceClient RegisterAsync . . . "); DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false); Assert.IsNotNull(result); _log.WriteLine($"{result.Status} (Error Code: {result.ErrorCode}; Error Message: {result.ErrorMessage})"); _log.WriteLine($"ProvisioningDeviceClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); Assert.AreEqual(ProvisioningRegistrationStatusType.Assigned, result.Status); Assert.IsNotNull(result.AssignedHub); Assert.IsNotNull(result.DeviceId); Client.IAuthenticationMethod auth = CreateAuthenticationMethodFromSecurityProvider(security, result.DeviceId); // TODO: #591 - ProvisioningClient and DeviceClient should use the same protocol. using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, Client.TransportType.Http1)) { _log.WriteLine("DeviceClient OpenAsync."); await iotClient.OpenAsync().ConfigureAwait(false); _log.WriteLine("DeviceClient SendEventAsync."); await iotClient.SendEventAsync( new Client.Message(Encoding.UTF8.GetBytes("TestMessage"))).ConfigureAwait(false); _log.WriteLine("DeviceClient CloseAsync."); await iotClient.CloseAsync().ConfigureAwait(false); } } }
private static string ProvisionDevice(string scope, string deviceId, string primaryKey) { Console.Write("Provisioning device..."); using var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly); var security = new SecurityProviderSymmetricKey(deviceId, primaryKey, null); var provClient = ProvisioningDeviceClient.Create(GlobalProvisionEndPoint, scope, security, transport); var result = provClient.RegisterAsync().GetAwaiter().GetResult(); Console.WriteLine(" successfully provisioned"); return(result.AssignedHub); }
static async Task <DeviceClient> DeviceRegistration(string applicationId, string deviceId, int port) { string deviceKey; // See if AzureIoT hub connections string has been configured string connectionString = ApplicationConfiguration.ConnectionStringResolve(applicationId, port); if (!String.IsNullOrEmpty(connectionString)) { return(DeviceClient.CreateFromConnectionString(connectionString, deviceId)); } // See if Azure DPS has been configured using (var hmac = new HMACSHA256(Convert.FromBase64String(ApplicationConfiguration.DpsEnrollmentGroupSymmetricKeyResolve(applicationId, port)))) { deviceKey = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(deviceId))); } using (var securityProvider = new SecurityProviderSymmetricKey(deviceId, deviceKey, null)) { using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(ApplicationConfiguration.DpsGlobaDeviceEndpointResolve(), ApplicationConfiguration.DpsIdScopeResolve(applicationId, port), securityProvider, transport); DeviceRegistrationResult result = await provClient.RegisterAsync(); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { throw new ApplicationException($"DevID:{deviceId} Status:{result.Status} RegisterAsync failed"); } IAuthenticationMethod authentication = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (securityProvider as SecurityProviderSymmetricKey).GetPrimaryKey()); return(DeviceClient.Create(result.AssignedHub, authentication, new ITransportSettings[] { new AmqpTransportSettings(TransportType.Amqp_Tcp_Only) { PrefetchCount = 0, AmqpConnectionPoolSettings = new AmqpConnectionPoolSettings() { Pooling = true, } } } )); } } }
public static int Main(string[] args) { if (string.IsNullOrWhiteSpace(s_idScope) && (args.Length > 0)) { s_idScope = args[0]; } if (string.IsNullOrWhiteSpace(s_idScope)) { Console.WriteLine("ProvisioningDeviceClientSymmetricKey <IDScope>"); return(1); } string primaryKey = ""; string secondaryKey = ""; if (!String.IsNullOrEmpty(registrationId) && !String.IsNullOrEmpty(enrollmentGroupPrimaryKey) && !String.IsNullOrEmpty(enrollmentGroupSecondaryKey)) { //Group enrollment flow, the primary and secondary keys are derived from the enrollment group keys and from the desired registration id primaryKey = ComputeDerivedSymmetricKey(Convert.FromBase64String(enrollmentGroupPrimaryKey), registrationId); secondaryKey = ComputeDerivedSymmetricKey(Convert.FromBase64String(enrollmentGroupSecondaryKey), registrationId); } else if (!String.IsNullOrEmpty(registrationId) && !String.IsNullOrEmpty(individualEnrollmentPrimaryKey) && !String.IsNullOrEmpty(individualEnrollmentSecondaryKey)) { //Individual enrollment flow, the primary and secondary keys are the same as the individual enrollment keys primaryKey = individualEnrollmentPrimaryKey; secondaryKey = individualEnrollmentSecondaryKey; } else { Console.WriteLine("Invalid configuration provided, must provide group enrollment keys or individual enrollment keys"); return(-1); } using (var security = new SecurityProviderSymmetricKey(registrationId, primaryKey, secondaryKey)) // Select one of the available transports: // To optimize for size, reference only the protocols used by your application. using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerHttp()) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly)) // using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.WebSocketOnly)) { ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, s_idScope, security, transport); var sample = new ProvisioningDeviceClientSample(provClient, security); sample.RunSampleAsync().GetAwaiter().GetResult(); } Console.WriteLine("Enter any key to exit"); Console.ReadLine(); return(0); }