private async Task <Client.IAuthenticationMethod> CreateAuthenticationMethodFromSecurityClient( SecurityClient provisioningSecurity, string deviceId, string iotHub) { _verboseLog.WriteLine($"{nameof(CreateAuthenticationMethodFromSecurityClient)}({deviceId})"); if (provisioningSecurity is SecurityClientHsmTpm) { var security = (SecurityClientHsmTpm)provisioningSecurity; var auth = new DeviceAuthenticationWithTpm(deviceId, security); // TODO: workaround to populate Token. await auth.GetTokenAsync(iotHub).ConfigureAwait(false); return(auth); } else if (provisioningSecurity is SecurityClientHsmX509) { var security = (SecurityClientHsmX509)provisioningSecurity; X509Certificate2 cert = security.GetAuthenticationCertificate(); return(new DeviceAuthenticationWithX509Certificate(deviceId, cert)); } throw new NotSupportedException($"Unknown provisioningSecurity type."); }
public static async Task RunSample() { // Replace the following type with SecurityClientTpm() to use a real TPM2.0 device. Console.WriteLine("Starting TPM simulator."); SecurityClientTpmSimulator.StartSimulatorProcess(); using (var security = new SecurityClientTpmSimulator(RegistrationId)) using (var transport = new ProvisioningTransportHandlerHttp()) { // Note that the TPM simulator will create a NVChip file containing the simulated TPM state. Console.WriteLine("Extracting endorsement key."); string base64EK = Convert.ToBase64String(security.GetEndorsementKey()); Console.WriteLine( "In your Azure Device Provisioning Service please go to 'Manage enrollments' and select " + "'Individual Enrollments'. Select 'Add' then fill in the following:"); Console.WriteLine("\tMechanism: TPM"); Console.WriteLine($"\tRegistration ID: {RegistrationId}"); Console.WriteLine($"\tEndorsement key: {base64EK}"); Console.WriteLine("\tDevice ID: iothubtpmdevice1 (or any other valid DeviceID)"); Console.WriteLine(); Console.WriteLine("Press ENTER when ready."); Console.ReadLine(); ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(s_idScope, security, transport); Console.Write("ProvisioningClient RegisterAsync . . . "); DeviceRegistrationResult result = await provClient.RegisterAsync(); Console.WriteLine($"{result.Status}"); Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}"); if (result.Status != ProvisioningRegistrationStatusType.Assigned) { return; } var auth = new DeviceAuthenticationWithTpm(result.DeviceId, security); // TODO: Temporary workaround until IoTHub DeviceClient gets Token refresh support. await auth.GetTokenAsync(result.AssignedHub); using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Mqtt)) { Console.WriteLine("DeviceClient OpenAsync."); await iotClient.OpenAsync(); Console.WriteLine("DeviceClient SendEventAsync."); await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage"))); Console.WriteLine("DeviceClient CloseAsync."); await iotClient.CloseAsync(); } } }